Windows Server 2019 Insider Preview Build 17623 released

Hybrid cloud scenarios:

We know that the move to the cloud is a journey and often, a hybrid approach, one that combines on-premises and cloud environments working together, is what makes sense to our customers. Extending Active Directory, synchronizing file servers, and backup in the cloud are just a few examples of what customers are already doing today to extend their datacenters to the public cloud. In addition, a hybrid approach also allows for apps running on-premises to take advantage of innovation in the cloud such as Artificial Intelligence and IoT. Hybrid cloud enables a future-proof, long-term approach – which is exactly why we see it playing a central role in cloud strategies for the foreseeable future.

At Ignite in September 2017, we announced the Technical Preview of Project Honolulu – our reimagined experience for management of Windows and Windows Server. Project Honolulu is a flexible, lightweight browser-based locally-deployed platform and a solution for management scenarios. One of our goals with Project Honolulu is to make it simpler and easier to connect existing deployments of Windows Server to Azure services. With Windows Server 2019 and Project Honolulu, customers will be able to easily integrate Azure services such as Azure Backup, Azure File Sync, disaster recovery, and much more so they will be able to leverage these Azure services without disrupting their applications and infrastructure.


Security continues to be a top priority for our customers. The number of cyber-security incidents continue to grow, and the impact of these incidents is escalating quickly. A Microsoft study shows that attackers take, on average, just 24-48 hours to penetrate an environment after infecting the first machine. In addition, attackers can stay in the penetrated environment – without being noticed – for up to 99 days on average, according to a report by FireEye/Mandiant. We continue on our journey to help our customers improve their security posture by working on features that bring together learnings from running global-scale datacenters for Microsoft Azure, Office 365, and several other online services.

Our approach to security is three-fold – Protect, Detect and Respond. We bring security features in all three areas in Windows Server 2019.
On the Protect front, we introduced Shielded VMs in Windows Server 2016, which was enthusiastically received by our customers. Shielded VMs protect virtual machines (VM) from compromised or malicious administrators in the fabric so only VM admins can access it on known, healthy, and attested guarded fabric. In Windows Server 2019, Shielded VMs will now support Linux VMs. We are also extending VMConnect to improve troubleshooting of Shielded VMs for Windows Server and Linux. We are adding Encrypted Networks that will let admins encrypt network segments, with a flip of a switch to protect the network layer between servers.

On the Detect and Respond front, in Windows Server 2019, we are embedding Windows Defender Advanced Threat Protection (ATP) that provides preventative protection, detects attacks and zero-day exploits among other capabilities, into the operating system. This gives customers access to deep kernel and memory sensors, improving performance and anti-tampering, and enabling response actions on server machines.

Application Platform:

A key guiding principle for us on the Windows Server team is a relentless focus on the developer experience. Two key aspects to call out for the developer community are improvements to Windows Server containers and Windows Subsystem on Linux (WSL).

Since the introduction of containers in Windows Server 2016, we have seen great momentum in its adoption. Tens of millions of container images have been downloaded from the Docker Hub. The team learned from feedback that a smaller container image size will significantly improve experience of developers and IT Pros who are modernizing their existing applications using containers. In Windows Server 2019, our goal is to reduce the Server Core base container image to a third of its current size of 5 GB. This will reduce download time of the image by 72%, further optimizing the development time and performance.

We are also continuing to improve the choices available when it comes to orchestrating Windows Server container deployments. Kubernetes support is currently in beta, and in Windows Server 2019, we are introducing significant improvements to compute, storage, and networking components of a Kubernetes cluster.

A feedback we constantly hear from developers is the complexity in navigating environments with Linux and Windows deployments. To address that, we previously extended Windows Subsystem on Linux (WSL) into insider builds for Windows Server, so that customers can run Linux containers side-by-side with Windows containers on a Windows Server. In Windows Server 2019, we are continuing on this journey to improve WSL, helping Linux users bring their scripts to Windows while using industry standards like OpenSSH, Curl & Tar.

Hyper-converged infrastructure (HCI): 

Hyper-converged infrastructure (HCI): HCI is one of the latest trends in the server industry today. According to IDC, the HCI market grew 64% in 2016 and Gartner says it will be a $5 billion market by 2019. This trend is primarily because customers understand the value of using x86 servers with high performant local disks to run their compute and storage needs at the same time. In addition, HCI gives the flexibility to easily scale such deployments.

Customers looking for HCI solutions can use Windows Server 2016 and the Windows Server Software Defined program today. We partnered with industry leading hardware vendors to provide an affordable and yet extremely robust HCI solution with validated design. In Windows Server 2019 we are building on this platform by adding scale, performance, and reliability. We are also adding the ability to manage HCI deployments in Project Honolulu, to simplify the management and day-to-day activities on HCI environments.

Finally, Window Server customers using System Center will be excited to know that System Center 2019 is coming and will support Windows Server 2019.

Validation for every preview: There are two major areas that we would like you to try out in each preview release and report back any issues:

  • In-place OS Upgrade (from Windows Server 2012 R2, Windows Server 2016)
  • Application compatibility – please let us know if any server roles or applications stops working or fails to function as it used to


Windows Defender Advanced Threat Protection 

Available in this preview, we provide deep platform sensors and response actions, providing visibility to memory and kernel level attacker activities and abilities to take actions on compromised machines in response to incidents such as remote collection of additional forensic data, remediating malicious files, terminating malicious processes etc.

If you’re already using Windows Defender ATP – preview these features by simply installing the latest Windows Server preview build and onboard it to Windows Defender ATP.

Windows Defender ATP Exploit Guard

Windows Defender ATP Exploit Guard is a new set of host intrusion prevention capabilities. The four components of Windows Defender Exploit Guard are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling enterprises to balance their security risk and productivity requirements.

  • Attack Surface Reduction (ASR): A set of controls that enterprises can enable to prevent malware from getting on the machine by blocking suspicious malicious files (e.g.: Office docs), scripts, lateral movement, ransomware behavior, and email-based threats
  • Network protection: Protects the endpoint against web-based threats by blocking any outbound process on the device to untrusted hosts/IP through Windows Defender SmartScreen
  • Controlled folder access: Protects sensitive data from ransomware by blocking untrusted processes from accessing your protected folders
  • Exploit protection: A set of vulnerability exploit mitigations (replacing EMET) that can be easily configured to protect your system and applications

Failover Cluster removing use of NTLM authentication

Windows Server Failover Clusters no longer use NTLM authentication by exclusively using Kerberos and certificate based authentication.  There are no changes required by the user, or deployment tools,  to take advantage of this security enhancement.  It also allows failover clusters to be deployed in environments where NTLM has been disabled.

Encrypted Network in SDN

Network traffic going out from a VM host can be snooped on and/or manipulated by anyone with access to the physical fabric. While shielded VMs protect VM data from theft and manipulation, similar protection is required for network traffic to and from a VM. While the tenant can setup protection such as IPSEC, this is difficult due to configuration complexity and heterogeneous environments.

Encrypted Networks is a feature which provides simple to configure DTLS-based encryption using the Network Controller to manage the end-to-end encryption and protect data as it travels through the wires and network devices between the hosts It is configured by the Administrator on a per-subnet basis.  This enables the VM to VM traffic within the VM subnet to be automatically encrypted as it leaves the host and prevents snooping and manipulation of traffic on the wire.  This is done without requiring any configuration changes in the VMs themselves.

Available Content

Windows Server 2019 LTSC Build 17623 is available in ISO format in 18 languages. This build and all future pre-release builds will require use of activation keys during setup. The following keys allow for unlimited activations:

Datacenter Edition  6XBNX-4JQGW-QX6QG-74P76-72V67
Standard Edition  MFY9F-XBN2F-TYFMP-CCV49-RMYVH

Windows Server vNext Semi-Annual Build 17623 The Server Core Edition is available in English only, in ISO or VHDX format. The images are pre-keyed –  no need to enter a key during setup.

Symbols are available on the public symbol server – see Update on Microsoft’s Symbol Server blog post and Using the Microsoft Symbol Server. As before, matching Windows Server container images will be available via Docker Hub. For more information about Windows Server containers and Insider builds, click here.

This build will expire July 2nd, 2018.

How to Download 

To obtain the Insider software downloads, registered Insiders may navigate directly to the Windows Server Insider Preview download page.