CIS Hardened Image Level 1 on Microsoft Windows Server 2019

I integrated Windows Server  in my infrastructure.

We use Hyper-V  technology extensively, as it is very important for us, and it functions quite well.

Windows Server  does what we need it to do, and security settings can be configured appropriately.

Hyper-V  has affected our resource utilization and hardware costs, and we use it extensively.

The user interface of Windows Server needs improvement, especially when working with users, user accounts, and groups. There are multiple ways to accomplish tasks that do not align completely, so they need to rationalize their user interface for improvements in the future.

I have been using Windows Server for 10 years.

We have experienced problems when upgrading the firmware on this unit, which has not been as smooth as it could be. It is difficult to compare since it is an old unit. The performance we see has not been exactly what was advertised.

I have not used their technical support much at all, and it is usually difficult to reach the right personnel.

The first level support is not adequate and requires significant time.

I am looking for something else because I am not satisfied with my current solution.

I am generally satisfied, but now it is getting outdated and not suitable anymore, though it is an old model.

The pricing for the Data Center version of Windows Server is not unreasonably priced. While it is not cheap, the cost is reasonable.

I am looking for a new solution for a NAS .

I do not have experience with Dell PowerStore  or TrueNAS X-Series . I have limited experience with an old Synology. I am currently considering TrueNAS and Dell PowerScale . Pure Storage might be considered but will likely not be selected.

I am not dealing with any Dell products in my system.

I have not worked with any all-flash storage arrays before, only with Synology.

My experience with Windows Server is fairly nice.

We will stay with Microsoft solutions.

I have been working with Microsoft, specifically with Windows Server and others, more on the programming side than on the system admin side, for 20 to 30 years. Windows Server is one of the two best options in the market. Either Linux or Windows Server is used, but if your software uses Windows, there are no alternatives.

I have faced some problems with Windows Server over many years of use, but they are typically solvable.

We have been a customer and partner of Microsoft, as we have been part of the Microsoft Partner Program.

I have not used Windows containers and Kubernetes  for deploying cloud-native applications.

I would rate Windows Server 8 out of 10.

At the office, the main use case for Windows Server involves different functions, for example, file server or firewall and the IIS server, Microsoft Internet Server, Internet Information Services. Basically, we use it as a file server for other applications on the server.

The best features of Windows Server include the interface. The interface is so easy and friendly. I know the Linux environment, but I think the user interface of Windows Server is the best.

Our customers use the Active Directory integration in Windows Server, and our application connects to this Active Directory.

I don't have experience with Windows Server containers and Kubernetes for deploying cloud-native applications.

I cannot provide specific improvements for Windows Server because I don't have extensive experience with Hyper-V operations. I have only completed two tests.

I have 10 to 15 years of experience with Windows Server. I have worked with versions since 2008, 2012, 2016, and the current version 2019.

I don't use or have had any contact with Microsoft support in the last few years.

In this case, it saves money.

Regarding the amount saved, I would estimate the resource savings to be about 50 to 70%, approximately 60%.

Regarding pricing or licensing for Windows Server, there are options for CPU or core numbers. There are licensing options for on-premise and other options available in the cloud.

I think the pricing is expensive because if you know how to administer or manage Linux, a file server is cheaper to use. However, if you know how to administer Linux, then Windows Server is still the best option for its friendly interface.

I am familiar with Hyper-V technology but I tested it some years ago. I am currently using Oracle VM VirtualBox, and the other option is VMware.

I am referring to Hyper-V technology within Windows Server.

We are a Lenovo administrator and purchased a Lenovo server five or six years ago.

In the company, we have five servers with Windows Server and we are users of Microsoft 365, and we use other Microsoft Office software.

The main cloud provider for Windows Server is Nexus.

Some customers use enterprise version, while others are standard version users.

We have services for other companies in different business sectors including finance, education, and manufacturing.

We are not managing the Active Directory services; we are just users for this security. Our application connects to the customer's Active Directory and validates credentials with this service.

We have Windows Defender on laptops without needing any other tools.

We have sensitive information at our organization, and we maintain a backup on Amazon for this information.

For documentation, I find resources on the internet, YouTube, and Microsoft Docs, as there is extensive information available online.

I receive help from colleagues in the office, as some collaborators and employees manage this information and administration.

My company acts as resellers for Microsoft. For selling licenses for Windows Server or other Microsoft products, we contact Nexus, which is the big partner for Microsoft.

I would rate Windows Server eight out of ten.

The main use cases for Windows Server  involve file sharing, such as file server and network shares. We are not a big organization using Windows Server . We are in the transportation industry, and we have a data center. We have approximately 15 servers and 50 machines, some of them are virtual.

The Active Directory integration helps my organization manage permissions and maintain security policies effectively. The security groups are perfect for what I need. I can give groups of users access to specific subfolders easily through the AD security group instead of adding users individually. You simply add them to a security group and the rest of it follows. This is a good mechanism.

It definitely saves my team a lot of time. It's hard to say exactly how much time it saves, but imagine you need to add five new users to a share. Instead of going in, logging in, and finding the user, I just add the members to the group. Click okay, apply, and they have access to the network shares. I don't even need to access the server directly, which is a nice part of it.

The best features of Windows Server are that it works and gives us everything we need to share files and set security permissions. It is done effectively in terms of the NTFS permissions. I can base them on AD security groups.

I have utilized the Active Directory integration in Windows Server for identity management, and they are on a domain.

We haven't utilized Windows containers and Kubernetes  for deploying any applications. I'm trying to learn it and have started to watch YouTube content for my understanding.

I cannot tell if the security enhancements such as Windows Defender Advanced Threat Protection have contributed to protecting sensitive data.

We have not implemented the failover clustering feature in Windows Server.

I have experience with Windows Server for approximately four to five years.

In terms of stability, I would say it's good. Looking at Windows Server 2025, there are still bugs to fix, but 2019 has been there for years and is pretty stable. It's doing a very good job.

I think Windows Server does a very good job with scalability. From what I've read, it can scale out easily.

I have not dealt with Microsoft customer service or technical support directly. My colleague worked with them, and they were available and helped fix the issue. It worked.

I assess the impact of Hyper-V  technology on our resource utilization and hardware costs as very attractive after Broadcom killed VMware for small companies. That's why I'm looking at other technologies and what people say about them.

The initial setup of Windows Server is straightforward in my opinion. It comes with lots of features or things by default. It's already set up with a certain level of security and other things that require hardening based on our company policies, but it's straightforward. It's doing its job and comes ready to continue the setup.

I do not have experience with Azure  products or Citrix. I'm getting to know what other people are saying about the product.

I do not deal with any other types of products such as Cisco, Fortinet, Palo Alto, or testing tools. I just work with Windows Server.

I do not deal with other products such as Windows Server AppFabric  or WSUS , Windows Server Update Services . It's an old-style pure server, on-premises, physical.

I use patch management, such as the update services. We do have it, but it's not me who's taking care of it.

I see lots of new features that Microsoft brings into Windows Server 2025. I understand it's not ready for a general release yet. It's definitely very interesting with the new features and focused a lot on the cloud part of it, so it's something to explore.

I can't say which specific feature I'm most looking forward to seeing since I don't deal with cloud. I don't have it in my environment, but I'm trying to learn it. I'm keeping up with my reading about it, so once I have a better understanding, maybe we can try something.

I am still a system administrator with TFI International.

On a scale of 1-10, I rate Windows Server a 9.

My purpose for using Windows Server  is mostly for Microsoft workloads, which includes ERP , NAV, NAVISION, and for 365 Dynamics, as we have recently migrated to 365 Dynamics from an on-prem Microsoft Dynamics  solution. We utilize Active Directory, Windows Server  for MS SQL  Server, and SharePoint , and we are already a customer for Azure  cloud as well.

From my personal perspective, the most beneficial functions and features of Windows Server are predominantly its services for Active Directory, as well as its support for SQL Server  and any .NET or ASP.NET  applications that we have hosted using the IIS  server.

Windows Server helps with our data protection strategies through Microsoft security services. On top of Microsoft Server, we have to use certain third-party applications; while Microsoft server services provide good host-level security, external application level security often requires additional third-party solutions.

Regarding drawbacks of Windows Server, the solution can definitely be improved, as it is quite vulnerable since Windows is widely adopted in the industry, making it an easier target. We need to ensure that we have antivirus running; while Windows Defender antivirus has improved, it still lacks in areas such as behavioral analysis, and AI-based attacks are not very efficiently detected.

We use third-party applications for app controls and manage Privileged Access Management  with third-party integration, even if we use the AD topology. We also rely on third-party solutions for multi-factor authentication.

I have been working with Windows Server for quite a long time. My experience spans more than 35 years, and in this organization, I have been here for almost around 14 to 15 years.

The installation of Windows Server is quite easy, but Windows Server tends to be a little resource-hungry, and customization from a server standpoint is limited, which is my perspective.

Regarding stability, the experience can depend on housekeeping practices. If maintenance is regular, I don't encounter many day-to-day challenges. However, if maintenance is neglected for an extended period, performance issues and contention may arise, but overall, it remains pretty controllable.

In terms of scalability, Windows Server does have certain challenges; many tools are proprietary to Windows Server. For instance, it doesn't have a default load balancer, and although licensing models differ when using cluster service, scalability is not fundamentally a challenge. The cost of the operating system version can impose different challenges, though.

The technical support from Microsoft is one of the best, though there can be challenges when it comes to priority zero or critical issues, where the queue can be longer.

If I were to rate Microsoft support from one to ten, I would rate it around eight to eight plus.

Working with Windows Server does save me time and money. The return on investment is evident as having efficient resources to manage our infrastructure means we are less dependent on costly external support from Microsoft. An in-house team can manage things quite efficiently without needing additional assistance.

In terms of ROI, it saves us roughly 10 to 20% in terms of time and resources.

The cost associated with Windows Server—considering pricing, licensing, and setup—is expensive, no doubt.

Maintenance of Windows Server varies by organization, but for us, it's not very difficult as we have in-house resources managing these tasks. However, it can become a bit tricky when we want to see a collated view of our security posture.

Regarding AI integrations with Windows Server, Copilot adoption is progressing, though I have only experienced it on endpoints and not on the server side. We operate significant workloads on AI, but we consume those primarily on Linux rather than Windows Server.

I don't have much experience regarding integration capabilities in Windows Server for AI workloads, so I may not be the right person to provide insights on that.

Overall, I am quite happy with my experience using Windows Server. I don't have many constraints or concerns, so I would rate it eight out of ten.

I administer Windows Server . We have Windows 10  and are migrating to Windows 11  under my organization. The people who work with me are handling the migration right now.

We have several servers, most of them Windows Server . We have a couple of Linux servers, but most of our servers are Windows Server. We maintain the normal infrastructure, including domain controller. We still have a file server and other specific servers. We have an Exchange Server that is only for hybrid purposes as we use Exchange Online . For specific tasks, we need a server to be managed.

Several years of improvements have been made to the software itself. In the '90s, it was poorly reliable. Now it's very reliable; you can spin up a Windows Server box, and it will run without needing to reboot unless updating. It's quite secure, which wasn't the case previously. They improved security over the years. It's a standard, compatible and backwards compatible with several pieces of software, and it's a standard platform where you can find practically any server software that you need. For me, it's a standard platform right now. They gained the market over the years.

It's difficult to see improvements when using it daily. They improved compatibility with other platforms, such as Linux. One improvement I was thinking about some years ago was the ability to manage an on-premises server from Azure . Now, they have created Azure  Arc, and we are using it as a very good way of managing on-premises servers.

What can be improved is on the Azure side. With Active Directory on the server side and Entra ID on the Azure side in our hybrid environment, we find issues with data syncing to Entra ID. In Entra ID, Microsoft omitted some parameters. In Active Directory, you can put an expiring date to an account, but you cannot do that in Entra ID. We have other means of doing that, but it's common to have consultants working for six months, requiring account expiration or renewal processes.

The Entra ID Connect syncing tool could be improved. Though they moved the service to Azure and use an agent instead of having a dedicated server, it remains cumbersome to set up due to the differences between Entra ID and Active Directory.

I have used Windows Server since Windows NT 3.1 in 1993.

I would rate stability as nine. I don't tend to rate ten because nothing is perfect.

I support it myself and don't recall having any issues requiring Microsoft assistance for Windows Server. I usually solve issues myself. In the '90s, I was at Microsoft on an internship, receiving good training on the internals of Windows NT, which is the basis for the actual Windows Server. Though it has changed significantly, the inner workings remain generally the same.

It's quite scalable. I would rate it nine because it's very scalable internally, and you can use federation to connect to other systems. During company fusions, it's straightforward to connect them if you understand the process. You can use external authentication features to authenticate with Facebook, Google, or Apple. It's quite flexible, scalable, and can manage a tremendous amount of users. My current company is small with approximately 2,600 users, but I've worked in companies with 20,000 to 100,000 users, and it scales beautifully without issues.

The setup complexity depends on your training. You need to understand what you're doing. I've seen many people trying to set up Windows Server as if it were Windows desktop. They don't properly manage permissions or understand the difference between local permissions and domain permissions. If you are properly trained and understand how permissions work, then setting up Windows Server isn't problematic. The installation itself is simple, as they have improved it significantly. However, the challenge lies in knowing which services, roles, and features to add afterward. Training is essential for these aspects.

I usually support it myself.

The return on investment is very good. You get a standard platform that is very secure and stable. The return on investment is very good.

The pricing is fair. There isn't much competition apart from Linux, which has support pricing rather than product pricing. Microsoft offers product pricing with licenses per processor and CAL licenses for accessing. The complexity of licensing can be difficult to understand for inexperienced users, but regarding pricing, there is no comparison.

I would rate Windows Server at seven because while it's not overly difficult to understand, the experience level matters significantly. For me, having started in 1993 with Windows Server, I do it from memory. I know what to set up, what services need to be running, and how to harden it.

I would recommend the product. Training is very important before implementation if you don't have previous experience, or alternatively, engage a consulting company that knows what they are doing for proper implementation. The overall rating for Windows Server is nine out of ten.