On the 14th January 2020, Microsoft will end extended support for Windows Server 2008 and Windows Server 2008R2. After that date there will be no:-
- Security Updates
- Non-Security Updates
- Online/Telephone based support
- Further updates to technical content online
If you haven’t already built a contingency plan for any machines running this server operating system, then here are some of the options available to you.
Contingency Options for Windows Server 2008 & 2008R2
- Do Nothing – Leaving the environment as is, is an option, but not something we would advocate. The longer the environment is left, the bigger the risk of being compromised due as vulnerabilities are not patched. The management overhead should not be underestimated, especially if there is a problem with the underlying OS that you cant speak to Microsoft about.
- Upgrade or Rebuild to/on Windows Server 2016/2019 – Provided the workload supports it, upgrading the OS to a supported option is the obvious direction of travel. Note: – you’ll need to upgrade to Windows server 2012/2012R2 first before you can jump to 2016 and beyond.
- Migrate to Azure – Microsoft will extend support for 2008 machines up to 3 further years, applying critical and important security updates at no additional charge. This certainly buys the organisation more time to modernise if the workload in question doesn’t behave nicely on newer OS versions and potentially commences a more strategic direction involving cloud computing.
- Purchase extended support from Microsoft – Microsoft will extend support, at a cost and a significant one at that. Outside of doing nothing, it is likely to be the least appealing of the options, but viable and appropriate for some use cases.
- Harden the environment – It is possible through config and policy or by 3rd party technologies, such as Trend Micro’s Virtual Patching concept, that you can harden the 2008 sufficiently to buy you more time to make upgrade, decom or migration decisions. By hardening the servers, you reduce the risk of any new vulnerabilities being exploited.
We’ve been encouraging all our clients to take action over the course of the last year, but making changes to environments with business critical applications is easier said than done of course. For more information or if you want a sounding board for your approach, do feel free to drop one of the team a line.
More details on Microsoft’s end of support dates can be found here
Worth noting that Windows 7 goes end of support on the same date, where there will be one final patching push.