CAFfe Zeit

A lot of topics around the Microsoft Cloud Adoption Framework
de en

Extended Security Updates Windows Server 2012

2023-10-13 Niels Ophey

The blog post “Secure Windows Server 2012/R2 workloads with options from Azure” shows the most important ways to continue to provide security updates to a workload based on Windows Server 2012 even though the end of support has already been reached.

At its core, there are the following main options related to Microsoft Azure if you are not able to modernize your workload and migrate to a new server version in the short term.

Migrating the workload to Azure and three years of additional security updates

The obvious way to continue running Windows Server 2012/2012R2-based workloads is to lift and shift migration to Azure.

This blog post goes into detail about this approach.

Azure Migrate helps you make the migration happen. This screenshot shows the assessment of what can be done with Azure Migrate to prepare for the migration:

Azure Migrate Assessment

Inclusion of Windows Server 2012 in hybrid management with Microsoft Azure Arc

For organizations that are unable to modernize or migrate instances of Windows Server 2012/R2 before the end of the support date, they can protect workloads with Extended Security Updates (ESUs) enabled through Microsoft Azure Arc.

Assign ESU in the Azure Portal

Here are the key benefits:

  • Monthly payment: The ESUs can be obtained from the Azure portal or from a cloud solution provider and assigned to the hosted servers via Microsoft Azure Arc.
  • Seamless delivery: The assignment of ESU licenses to the Azure Arc managed servers is done directly in the Azure portal and there is no need to import a license key or similar to the server.
  • Organize your assets: Azure Arc can improve visibility, monitoring, and reporting on ingested servers. All servers ingested with Azure Arc will be visible in Azure as resources.
  • Security and compliance: Extend with Azure security and governance services such as Microsoft Defender for Cloud and Microsoft Sentinel to further secure the entire infrastructure from cloud to on-premises. ESUs enabled by Azure Arc also gives free access to Azure Update Manager, Machine Configuration, and Change Tracking and Inventory for further automation and easier patch deployment.

If you want to learn more about these options, you can go directly to this Techcommunity Blog or click here Microsoft Dokumentation.

CAF Govern Manage
de
© 2023 by Niels Ophey
Thanks to the Bilberry Hugo Theme