 Hi everybody, welcome to the latest episode from Rock to the Cloud. As always, I'm Tom Hall and we're going to talk to you today about, well, and actually I've got to correct something because on the last episode, Oren was asking me, he's like, what is Rock and it's reseller option kit, right? Okay, just for those people that don't sell servers to people through the channels, it's a reseller option kit and it's the best way to buy Windows licensing for server in my humble opinion. So anyway, yeah, if you need to buy a pre-configured, Rock is the way to go. So we talk from the Rock to the Cloud, all things that you need to know about Windows Server and all the exciting new technologies happening. Now we've just launched Server 2022, as you know, and some exciting new features are in there. And to talk about these things, we need an expert. So the expert we've got today is, well, pretty special. It's none other than Mr Ned Park. So Ned, I don't feel like I need to do an introduction, but we will ask you to just do a quick intro to everybody, just to remind them of who you are and why it's so amazing to talk to you today. You absolutely need to do an introduction. I am not that well-known. I'm Ned Pyle. I'm a program manager at Microsoft. I work in Windows Server. I make a lot of stuff and I've been here for a long time, but I mostly am known for making file services, things like an SMB protocol and DFS. And I worked on Active Directory for a long time, storage replica, storage migration service, and a lot of things I can't talk about yet that are coming. That is exciting. But one of the things you actually mentioned, that in fact actually you mentioned two of the things there that we're going to talk about today, we're going to talk about SMS and SMB. And we're going to talk about why they're exciting and how they've evolved a little bit, maybe with Windows Server 2022 or though they're older than that, actually, their features. But they've just been, I suppose, tweaked a little bit and brought into the wrapper and they're adding some new exciting things. So let's talk about that. Let's jump into today's subjects and talk about that. So what new file service scenarios and features are in Windows Server 2022 and Windows 11? Is that a good starting point? Yeah, I mean, we have a lot. We did a lot of, we were very busy over the last couple of years. We made some big fundamental sort of radical new feature work, some state of the art, some modernization features in SMB. And then we also got back to business on security on some new things. So this is, if you think about SMB, there was starting in 2012 and Windows 8, there was SMB 3. And that's where we really kind of like radically started adding a lot of heavy-duty commercial and enterprise and large-scale features, like multi-channel and encryption and RDMA support and all that kind of stuff. Big fundamental shift. This, the 22 release and the Windows 11 release is a sort of a similar shift where we're starting to make some really radical state-of-the-art scenarios. One is SMB compression. And the SMB compression is where you can now compress files on the fly just over the network. And so I can compress, I can set a share to compress. I can set a server to compress. I can see the clients always compress and a map drive. I can use the Robocopy tool or Xcopy if you are, I have a gray beard like me. And really radically change when I'm copying larger files, how long it takes and how much bandwidth I consume. And you can set the clients and servers just to, just to do it so your end user doesn't have to care, right? Like, yeah, if you're mapping drives for them or if you're configuring their clients for them, it'll just suddenly be like, wow, my file copies are a lot faster. I don't know what happened. I guess Windows 11 is really great. And really it's not Windows 11's help, it's compression's help. So that's built in the 22, server 22, and it's built into Windows 11. And you can use it right now. It just works right now. There's an article on it at aka.ms-forge-slash-smb-compression. I'm always very managed with my names. And what we actually do with the covers is we are using Express compression, XPR yet as compression, which is a fairly light on the CPU. It's not the most compressing, like greatest compressor of all time. It's sort of a balance we took. We actually support five of these things, but we used one that we wanted to give a good mix of performance. And I use it all the time. Like, I deal with dump files and memory files and VHD files and stuff, which all are just horrendously inefficient file files there, mostly air. And so when I copy them around, I'm doing it from home, right? I mean, I'm still working in a lockdown scenario here in Seattle. So my fantastic Seattle is the cutting edge of technology in the United States, West Coast Technology Center, rivaled only by San Francisco. And so my cable motor gives me a whopping 18 megabits per second upload speed. Yeah, it's fantastic. And so what I use that I'm shaving off hours of copying files. If I take three hours, I might go down to, say, 20, 25 minutes. Like, it's making a gigantic difference in my life to use that as somebody who needs to copy big files all the time. That's one thing that everybody gets. It's completely in every version of Windows 11, every edition of Server 22. It's totally ubiquitous. I wanted to have at least one good, big, modern feature that was for everybody because I'm a believer in technology democracy. And then we have another really big radical change, which is SMB Overquick. And that is us giving you the option to not use TCP anymore. And instead use the QUIC protocol. QUIC is a UDP-based, always encrypted with TLS 1.3 and AS protocol that it was originally invented by some folks at Google, and that it became an actual standardized protocol. About the last year, it's IETF, registered protocol. It's no longer Google's. And we make a version of it called MS QUIC. They make a version. It's the basis of HTTP 3, if you want to go for a comment. They wanted a way to have, to get around TCP's sort of performance issues with UDP, but they wanted to get around UDP's reliability issues with TCP. And they sort of matched together the parts they liked best from both. And then had the good idea of saying you can't have an unencrypted version. So instead of, TCP has sort of reached its limit now after 50 years of what anybody's willing to do to improve it. And QUIC is from a web world and an untrusted internet world. It is probably the real successor to it. And so we were like, hey, cool, QUIC. We got into this view of it early on. That it might be sort of a fundamental change. We did a hop-a-board. And so we made SMB over QUIC where we used the QUIC protocol, just like HTTP would or DNS or any other features would, and just encapsulate SMB inside of it. So SMB works normally. No experience for SMB changes for the user. They can't really tell. And under the covers, it's all around the wire using UDP 443 and doing encryption. So it's adding the encryption and the speed sort of together. Yeah, it all matches it together. I don't like to talk about it being a great speed thing right now. SMB on TCP is way faster than SMB on QUIC. But QUIC itself is trying to work out their own sort of performance issues. And it's still a pretty new protocol. And so it's like SMB with encryption on TCP or RDMA, versus SMB over QUIC will stomp it, but they will not work. If so, if you've got a mobile user, a hybrid user, a pandemic working from their house user, or somebody at the coffee shop user, they actually get to their files unlike the other person. It's a built-in VPN without the VPN sort of tiresomeness. And so it gives you that compatibility. So that's kind of, so it's the best of encryption, security, speed, and compatibility. So that was why that decision was made. Yeah, okay. It's going to be a really interesting scenario. Yeah, it's, and that's the one where it's less democratic. So that is in Windows 11 as a client, and it's in Windows Server 22 Azure Edition as a server. And so you can run an Azure Edition server at the edge of your Azure compute cloud. You can run it eventually here once we get out of preview on Azure Stack, the Azure files team is going to have SMB over quick as well. So we'll just be a sort of a gamut. And we have a really cool announcement coming at Ignite where we're talking about partners providing it as well for not Windows. Oh. Yeah, so like when you think about mobile, you don't think about, when you think about mobile phone, you no longer think about Windows anymore. No. You think about Android. No, we had our shot. We took our shot. We blew it. Yeah. Yeah, let's not talk about that. So would you have any advice on securing SMB beyond the new security options that we've just discussed, or is there any other things that people should think about? Yeah, I mean, that's another thing we did. So in Windows 11 and in 22, we added a bunch of security features. So there is AES-256 for the truly paranoid. There is a signing acceleration where we switched to a much faster performing signing cryptographic suite so that your performance with AES signing is greatly accelerated. If you're an administrator of servers and deep into, say for example, clustering and stuff, we made it so that for again, the true tinfoil hat. East-west encryption knobs and signing knobs inside of the cluster where you could say like these nodes, talking to these nodes in the cluster can use encryption. They could use it for CSV. They can use it for storage bus link. Like all the various instances that use SMB under the covers as a fabric got their own knobs. And then we added encryption and signing for RDMA, which again is typically an east-west conversation. You make it so that you can actually encrypt inside the cluster at specific layers of the cluster. And those are all available today. That's all 22. That's Windows 11. I don't care about which edition you run. Quick is the only one that has a particular business plan of around we have a whole new flavor of azury things. I mean, sort of limit you to azurness with those things. This is broad. Anybody can use it. And then I've written a couple of articles in the last year or so really around securing SMB both in an inbound, outbound sort of way of client interception attacks, how to prevent those, ways to make sure that your users aren't having their SMB abused for phishing purposes, for example, to get access to credentials and things. And then east-west as a lateral movement thing so that SMB is not being used as a way to just run around your network once some machine gets compromised. And I posted this up on the itops talk blog. Okay. And we'll get you some links here. Maybe we can show up on the screen. Absolutely. Get me the links and then we'll make sure that we pass them on to our tens and hundreds of viewers. And we make sure that we get those. So you mentioned and talked about obviously SMB compression. How do you think that's actually going to improve IT Pro user experience? What would you say that's going to look like? I mean, the really important thing, the reason why I did the feature originally was to improve Hyper-V live migrations. So that you could when you were doing a live migration, which is you're copying a VHD really through the network. Again, a VHD file, if you've done a fixed disk especially, but even if you've just done a regularly provisioned one and time has come and gone, it fills up with zeros that are utterly pointless, but wish your network has to consume. And this compression feature, I mean, I have a little blog post coming out maybe in a few weeks. I keep pushing off and stuff, but I routinely get 70, 80, 90 percent time savings and like, I mean, when it gets into the, into a like snong area of highly compressible data, I go from maxing the network to not using the network really at all. I mean, like my savings and bandwidth becomes almost total when I get into those good spots. But I mean, if I'm, I usually get like a significant like 50, 60, 70 percent bandwidth drop over the course of a copy or transfer, it really is life changing. You know, when you think about working with large files as an administrator, which you often do and with your broadband as well. So yeah, with my so-called broadband, I mean, we don't have truth and advertising laws here like you do in the UK or never be able to call this broadband. No, that's fair enough. I just changed, I just managed to get like a gig up and a gig down. So that was like, and sorry, I know I feel like I'm Thomas Moyer right here because he's like, I'm in Switzerland and I've got 10 gigs and I'm like, oh, great. Yeah, I just got one gig and like, thanks. You just made me feel, I feel special. So sorry for you, man. That's like, like Seattle, somebody needs to come over to Seattle and sort that out. I'm a mile away from, you know, the Amazon campus and I can't get Fiverr at my house. Yeah, that absolutely. In terms of, so digressing complete. In terms of SAP EverQuick and, you know, it's finally available. You know, people are talking through new protocols, how it works, how it changes the game. Surely there's a demo of that. There is a demo of that. Can I try and present it right now? We'll sort of see what happens. Never can tell. I have a demo that no one has ever seen before. Fresh demo alert. Fresh demo. So we'll see. This is a, yeah, don't work with animals, kids and do live demos. All right, can you see that? It's coming through. All right, here we go. All right, let's see if this works. All right, so I'm sitting here on a, my Windows 11 quasi laptop and I've mapped a drive to the server. I'm inside the office. My persona here is an editor at a publishing house. And that's where I go to look at, you know, books that I'm working on, editing stuff like that. I'm going to open up this book. And this is, I mean, just a normal experience for anybody. I mapped drive using SMB. And here's my book. It's a book about my dogs. Coffee table book. It's very nice. So now in the world of me being able to leave the office and go across the street with my coffee table book to go to a coffee shop, I'm going to find the, trying to open up this same file is not going to work anymore, right? Unless I have a VPN working today, that day, my experience will be actually waiting a long time for this to give me an error, which I'm going to not wait the minute for it to give me an error or opening up a Word document, waiting a minute for it to give me an error. Which here I'm going to just do a little cooking show action and make it poof, have an error much faster than it actually would. Here's one I prepared out here. Yes. So that's life today. So here I am in Windows 11 Center. I'm an administrator now of a file server that I've got on the network edge running Server 22 Azure Edition. And if you haven't seen Windows 11 Center, I added all this file sharing stuff over the last year. So it's really got a huge new experience for doing file services, if you weren't aware. But in the global server settings, I have a new option to enable SMB Overquick, which I'm going to do. And all I have to do is pick a certificate that I've already issued to the machine with some requirements and stuff. And at that point, it has a list of names in the cert that are allowed to be used by the server. And you'll notice here, this is all hot off the presses. I can actually configure KDC proxy and do all that stuff for you. So you don't have to go through and configure it. You have to configure the client, but you don't need to do anything on the server. And I'm now configuring SMB Overquick. So I picked a cert and I basically picked a name and I clicked OK. And that's it. I have set up SMB Overquick now. That's all I had to do. Obviously, I have to do getting a cert and putting the machine at the edge of the network. Those are all external tasks. But the actual configuration part is as easy as I can make it. And here I'm as this user again. I have not rebooted. I have not done anything to this client. And that drive is back to working again. Even though I have blocked the port, I couldn't get to it over SMB TCP 445 anymore. I automatically will try quick now if TCP is not working. So the user doesn't get extra prompts. There's no like, oh, I don't know what happened. Let me try. You know, there's no experience like that, but I hate those experiences. You can't teach users that stuff and there's no point to it. And now I can get a year and open up my terrific coffee table book again. And as far as I could tell, nothing really changed as a user experience, except now it works in a way that it never did before. Yeah, it's just more efficient. Yeah, so that is like, I mean, that's the user experience demo. There's not a whole lot to it, right? It's a life before and life after it doesn't work and does work. Well, we get to see your dogs and they're pretty cute. So that's like win-win for everybody. They see the demo and they see the dogs. So you broke two of those policies. So that was good. Right, okay. So you're the governor of storage migration services. Sorry, you own it. I would say I'm very being very British. You're the governor of storage migration services. What new options are there for people when they're trying to get stuff off of older computers like that? I mean, because this is something that people, everyone's going to want to try and do, right? Yes, we've had SMS came out in 2019 server and we haven't stopped. We kept integrating on it in 2019. And now with 22, we've kept going there and have a number of new features. One is migration from NetApp. So from a NetApp array, a FAZ with on tap nine later, you can point your SMS towards a NetApp. We understand the NetApp configuration. We can actually talk to it in its own native way with their own PowerShell. And we can inventory the machine like you would with a 2008 server you're trying to migrate. You can do a transfer, you can do a cutover, you can take over the identities, the NetApp SVMs, the storage virtual machines and SIFs instances will become Windows servers or Windows cluster instances. And the experience, the difference between that and migrating from say 2008 or 2012 or 2003 sources is you get an extra set of credentials to put in and a list of instances to choose from and the rest of the experience is identical. That's one, that's a really nice one. The other big thing that we've done in the meantime is we added support for Azure FileSync. So Azure FileSync is a rapidly growing in popularity hybrid cloud service from the Azure Files team of which I'm like a dotted line PM, I'm sort of like a consultant PM over there. And it, as you know, syncs data up to Azure from a file server on your own network, sort of the internal edge. So the user just sees Windows file server, share, install normal, and then the data is actually being synced up and they have a cool feature called cloud tiering, which says, cold data, or if you want all your data, but especially cold data, syncs and hot status days locally, and then you can have much less storage on-prem because you're not really using most of it all the time because it's all up in the cloud. Well, to do that, you have to understand Azure FileSync's way of working. And if you used were to go to explore and copy a terabyte of data onto a one gigabyte drive, it will say, hey, I'm out of space because it's still syncing data. Like it's operating, it really is full at that point. But cloud tiering has the ability to tell a copy engine, I'm not out of space. I'm just, I'm replicating, I'm syncing, I'm dehydrating. So just hold your horses and let me catch up. And we plumbed a storage migration service both in the UI and in the service itself to understand that. So you can point to an Azure FileSync server and say I'm using AFS. And when we start transferring data, we can transfer data way faster inside the network even for some old 2003 garbage server onto your new 22 server than Azure FileSync can probably go over the internet, which is itself garbage. So Azure FileSync is going as fast as it can. We're going as fast as we can. But as soon as Azure FileSync says, hey, I'm running out of space, just hold on a second. We'll pause our transfer and just wait. And we even changed the UI around and stuff to say like, yeah, the transfer's not broken. Just hold on, Azure FileSync's got to catch up because this couple is the worst internet in the world. So it's kind of almost like, I suppose, intelligent buffering. It's how I want to call it. That's a great way of explaining it. That's an absolutely perfect analogy. Cool. Hey, it's amazing. Like the more I talk to clever people like you, I feel like the cleverer I'm getting, which is... Well, I might actually steal that one, hopefully it's not copyrighted. No, no, no, well, you know what? I wouldn't charge you. So that's... No, definitely. Well, I think we've talked about a few cool things today and I think it's been great to get you first time on the show. And we definitely would love to have you again when you've got more time, which I appreciate you're busy. You'll PM on like a million things and you're doing a lot of other stuff and you've still got to write your blog. So, yeah, we probably won't get you any time soon, but again, we'll hopefully have you again in the future. And before we go, we always try and do a fun bit of the show. Obviously, we've talked about SMB and we've talked about SMS, all good, but now we're going to talk about memes. And this is... Yeah, it's a little bit silly, but what we do is we show a couple of memes and then we kind of get the reaction. And obviously, me being basically a sales guy and then you being a technical guy, and although Orin complained, he said, these are like dad jokes, Tom. And I was like, oh, thanks. Okay, great. I love dad jokes, so that's great. Sort of the point, really. Anyway, so I'm just going to share my screen and we're trying to get this to work. This is the problem when you have three screens. Make sure you pick the right screen. So the first meme is here. I don't know if you can see that. Let me know when you can see. Can you see that? Yes. Okay, so from what I can tell, we've got a snake in and around some networking. Guys, I need a network specialist with some Python experience. It's urgent. No, I know Python is a coding language. So I'm not completely enough, but that's the joke, right? Yeah, I mean, that's got to have been speaking of Orin. That's got to be Australia. Yeah, this is going to have Python showing up inside your data center. Yeah, I mean, that's it's pretty scary down there. That's quite funny. So right, so that's the first meme. Second meme, and by the way, Ned, if you've got any memes and you think, oh, that's quite funny. I'll send that to Tom and just send it on over. Right. So second meme is. Oh, you're the right network admin. So you're the right new network admin. Let me make it bigger. I'm making it bigger. Oh, you're the new admin. We have a small project in our server room for you. I have been like not in that room, but I've been in that room. I have, when I was in the late 90s and early 2000s, one of my jobs was to unscramble those things. So that's actually kind of traumatic to see that meme. But the thing is that there are actually, and there are still server rooms where there are servers like with a kettle on top. Like that. Yeah, probably most. It's probably the majority. Yeah. I mean, as long as you get a good, and this is how British are, as long as you get a good cup of tea, then it's okay. It's so true. Ned, it's been wonderful talking to you today and thank you for making the time. And if I just summarize quickly, certainly I'll do my summary, but we'll get the proper Ned summary. SMB over quick is the best of compression, compatibility, and speed together built into the new OSes. That's kind of what I've understood from our chat today. And then the other one is SMS means you can stop using RoboCopy and all that other stuff, and you can actually just do a proper good copy within the software that's provided by Microsoft. You don't have to mess around anymore using other. Other third party stuff. That's kind of what I learned today. I think is there a better Ned way of saying those things or? No, you've nailed it. That's precisely what I would say myself if I only had one sentence to give. Intelligent buffering. You can have that for free, Ned. No problem at all. It's been a pleasure talking to Ned. If you guys have got anything you want to know about, if there's a subject matter that you're desperate to find out about, and you want to talk to somebody who makes the stuff like Ned, we will go out there. We will find people, and we will annoy people until they come on this show, and we will ask them the questions that you want asked. So thank you very much for joining us on The Rock to the Cloudy. We've got the name of my show. And I'm Tom, and this has been Tom Hall, and we've also had Ned. So thanks, Ned. Bye, Ned. Bye-bye.