Much has been made of Windows 7's new taskba and the more friendly User Account Control. But what about the less 'sexy' enterprise features of Windows 7?

Recently, Microsoft has taken some criticism for neglecting enterprise needs with Windows 7. Popular blogger and editor of Supersite for Windows Paul Thurrott said recently that Microsoft is treating businesses as an afterthought and "arbitrarily locking Windows enterprise features to Windows Server 2008 R2 and asking corporations to spend a significant sum of money".

To that, Gavriella Schuster, Microsoft's senior director of Windows product management, admits that Windows 7 features that need Windows Server 2008 R2 are not going to be deployed overnight. "Some of these features are part of a longer-term strategy," Schuster says.

Nevertheless, Microsoft continues to spread the word about how Windows 7 can help enterprises. In a recent interview, Schuster drilled down into what Microsoft believes are the key features.

DirectAccess

The DirectAccess feature, which requires both Windows 7 and Windows Server 2008 R2, lets mobile workers connect to corporate networks without the use of a VPN, giving business users more flexibility and easing the burden on IT.

Schuster says that with DirectAccess, users only need an internet connection to have access to everything on the corporate network; they will never have to stop what they're doing and log on to a VPN. This will reduce the use of corporate bandwidth as remote users will mostly be using their own local broadband, she says.

The benefit of DirectAccess runs deeper for IT managers, she says. "For IT, the biggest challenge is managing remote laptops, knowing how long they've been off network, when they came back on and when they got patched. With DirectAccess, as long as a machine is on and connected to the internet, it can be managed."

As for security concerns over there being no official VPN, Schuster says that DirectAccess is used with Windows Server 2008 R2 in the background, which will use the most secure protocol, IPv6, to encrypt data transmitted across the internet. "It's not as if you don't have a VPN or firewall; we've just integrated that into DirectAccess," she says. "There is no longer a separate step to get to that secured tunnel."

NEXT PAGE: BranchCache

  1. We look at the features available
  2. BranchCache
  3. BitLocker to go

Windows 7 video guide

Windows 7 video guide

Microsoft Windows 7 review

Microsoft Windows 7 forum

When it comes to Windows 7, much has been made of the new consumer features such as the rejigged taskbar with its jumplists and the mouse-hover function, but what about the less 'sexy' enterprise features of Windows 7? We talk to Microsoft to get the inside track.

BranchCache

BranchCache, which also requires the use of both Windows 7 and Windows Server 2008 R2, is a feature designed to speed up networks in remote offices that are away from corporate headquarters. Basically, BranchCache will speed the accessing of large remote files stored on the corporate network, says Schuster.

For example, a copy of a file server is downloaded from the corporate network and cached locally on Windows Server 2008 R2 at the branch office. When another user at the branch office requests the file, it is downloaded immediately from the local cache rather than over a limited bandwidth connection back to headquarters.

Users don't have to go back to the corporate network and use up bandwidth to download it again, Schuster says.

"And what IT can do with BranchCache is set the amount of partition on desktops in branch offices that can be used for caching, set how current documents need to be before forcing users to go back to the corporate network to get them again, and check what level of permissions users need to have," she says.

Desktop Search

Windows 7 has bolstered enterprise search functionality from the desktop.

Although Windows Vista enhanced desktop search, and Microsoft has invested in SharePoint portal search and internet search, the problem, according to Schuster, is that those are three different searches and you need to go to three different places.

Windows Vista review

"With Windows 7 we have federated that search," Schuster says. "So right from your desktop you can expand search from the desktop to SharePoint sites to the internet and then go find a document wherever it may be: on your computer, on your network or on the internet."

With the 'federated' search in Windows 7, users can select which intranet and SharePoint sites are available for searching or IT can pre-populate a user's start menu with links to specific Windows portal sites. Search results are presented in Windows Explorer the same way that users of Windows XP and Vista are used to.

See our Laptop Advisor website for expert reviews of today's best laptops, plus read our essential advice to make sure you choose the right specs

Visit Business Advisor for the latest business IT news, reviews, tips and tricks - plus sign up for our unique and FREE business IT newsletter

NEXT PAGE: BitLocker to go

  1. We look at the features available
  2. BranchCache
  3. BitLocker to go

When it comes to Windows 7, much has been made of the new consumer features such as the rejigged taskbar with its jumplists and the mouse-hover function, but what about the less 'sexy' enterprise features of Windows 7? We talk to Microsoft to get the inside track.

BitLocker to Go

The BitLocker hard-drive encryption feature was introduced in Windows Vista to protect data on lost or stolen laptops. In Windows 7, the feature has been extended to protect storage devices such as external hard drives and USB sticks.

Called 'BitLocker To Go' in Windows 7, the feature allows external storage devices to be restricted with a passphrase set by IT before users have permission to copy data to them.

This will give enterprises the same confidence in USB external drives that they have in multi-volume drive encryption, says Schuster, adding that this has become a necessity with the growing amount of USB devices.

"It's so easy to lose external devices without even noticing, so BitLocker to Go gives businesses extra confidence that no one can get that data."

AppLocker

Like BitLocker, AppLocker is in the security and control camp of Windows 7, and aims to protect users from running unauthorised software that could lead to malware infections.

For safety, Microsoft recommends that big businesses run in standard user, meaning there are no administrative rights to users at all. But if IT does give administrative rights to users, AppLocker can safeguard against running suspicious types of software. It allows IT to specify which applications can run on employees' desktops, blocking potentially harmful software and allowing the applications and programs that users need.

"AppLocker allows IT to say, 'users can only install these types of applications'," Schuster says. "And they can specify by software publisher or by version. For instance, users can only install Adobe Acrobat 8.1 or later."

See our Laptop Advisor website for expert reviews of today's best laptops, plus read our essential advice to make sure you choose the right specs

Visit Business Advisor for the latest business IT news, reviews, tips and tricks - plus sign up for our unique and FREE business IT newsletter

See also: Post-beta Windows 7 hits file-sharing site

  1. We look at the features available
  2. BranchCache
  3. BitLocker to go