What’s New In Windows Server 2012 R2 Networking

Speakers: CJ Williams and Gabriel Silva

What was done in Windows Server 2012:


Learning’s from data centres

MSFT has some massive scale data centres:

  • Cutting costs: maximal utilization of existing resources, no specialized equipment
  • Choice and flexibility: no vendor locking, any tenant VM deployed in the cloud
  • Agility and automation are key: automation for the hoster and tenant networks, including core infrastructure services

3  areas of focus


Virtual RSS (vRSS)

RSS = Receive Side Scaling.  VMs restricted to 1 CPU for network traffic processing in WS2012.

  • WS2012 R2 takes RSS and enables it in the VM.  vRSS maximises resource utilization by spreading network traffic among multiple VM processors.
  • Now possible to virtualize traditionally network intensive physical workloads.
  • Requires no hardware upgrade and works with any NICs that support VMQ.

Example usage: network intensive guest apps that need to scale out from just a single vCPU processing interrupts.

DVMQ on the host NICs (for the virtual switch) allows us to use vRSS.

NIC Teaming

There is a new Dynamic Mode in WS2012 R2.  This balances based on flowlets.  Optimized utilisation of a team on existing hardware.

You can spread your traffic inbound and outbound.  In WS2012, can only balance on outbound.  EG, 1 VM would be pinned to one pNIC.  Now “flowlets” give the OS much finer grained load balancing, across all the NICs, regardless of what workload you are running.

Extended ACLs

In WS2012 you can block/allow/measure based on source and destination address (IP or MAC).

In WS2012 R2, you can allow or block for specific worklaods:

  • Network address
  • Application port
  • Protocol type

There is now stateful packet inspection, understanding a transaction.

Remote Live Monitoring

Remote monitoring of WS2012 traffic can be done, but it is difficult.  In WS2012 R2, you can mirror and capture traffic for remote and local viewing.  GUI experience with Message Analyzer (the new NetMon).  Supports remote offline traffic captures.  Filtering based on IP addresses and VMs.



Configured using WMI, and truncated network traffic redirected ETW events.

Gabe comes up to demo.


Dynamic Mode LBFO will be first.  We see traditional WS2012 NIC teaming.  Dynamic is enabled, and we see all NICs being roughly balanced in PerfMon.

Enabling it in the demo sees throughput go up for the VM – yes, CPU utilisation goes up in the VM, but that’s why the VM was given more vCPUs to allow more networking resources – otherwise the traffic is limited by being pinned to a single vCPU.


The goal was to make Ping better.  It’s a new PowerShell cmdlet.  It pings, but it returns back a lot of information: Soutce IP, remote IP latency, test a port, get more detailed info, route information, etc.

IMO, it’s about damned time Smile  This is a very nice tool, and a nice hook to get people into looking at some basic PowerShell scripting, to extend what the cmdlet can already do by itself.

Software Defined Networking (Hyper-V Network Virtualization)

3 promises that the network should provide:

  • Flexibility: HNV and Virtual Switch
  • Automation: VMM – SMI-S, OMI (network devices) and Datacenter Abstraction Layer Putting it all together in VMM)
  • Control: Partner extensions, e.g. Cisco Nexus 1000V

SDN should be

  • Open (DMTF standard for appliance deployment and configuration – OMI), extensible (virtual switch), and standards based (NVGRE industry standard to encapsulate virtualisation traffic).
  • Built in and production ready
  • Innovation in software and hardware (pSwitches for example).


HNV uses a 24-bit identifier meaning the thing is extremely scalable, when compared to the very limited 4096 possible VLANs.

Dynamic Learning of Customer Addresses

HNV can dynamically learn Consumer Addresses being used in the VM Network.  Allows for guest DHCP and guest clusters to be used in HNV VM Networks.


NIC teaming is supported on the host.  NVGRE Task Offload Enable NICs will be able to offload the processing associated with NVGRE.  Emulex and Mellanox are early suppliers.

Enhanced diagnostics

A host admin/operator can use a PoSH cmdlet to test connectivity to a VM, and validate that the VMs can communicate without having access to the VM (network-wise).

Hyper-V Extensible Switch

One layer is the forwarding switch.  The Cisco Nexus 100V is out.  NEC has an OpenFlow extension.  In WS2012 R2, the HNV filter is moved into the virtual switch.  3rd party extensions can now work on the Consumer Address and the Provider Address (both VM and physical addresses). 


Example, a virtual firewall extension might want to filter based on CA and/or PA.

A effect of this is that 3rd parties can bring their own network virtualization and implement it in Hyper-V.  Examples: Cisco CXLan or Open Flow network virtualization.

Standards Based Switch Management

Using PowerShell, you can manage physical switches.  Done via Open Management Infrastructure (OMI).  VMM provides automation for this.  Common management infrastructure across vendors.  Automate common network tasks.  Logo program to make switches “just work”.

Built-In Software Gateways

A WS2012 R2 gateway has 3 features:

  • Site to site multi-tenant aware VPN gateway
  • Multi-tenant aware NAT for Internet access
  • Forwarding gateway for in-datacentre physical machine access


Demo with Gabe

Site-Site g/w.

2 clients in HNV. Both using different VPN protocols, SSTP and IKEv2.  No access without VPN tunnels.  Connects the VPNs of Red.  Now Red can connect to Red VMs and Blue cannot to anything.  Connects Blue’s VPN and Blue can now connect to Blue VMs.

IP Address Management (IPAM)

Added in WS2012, primarily for auditing IP usage and planning.

In WS2012 R2, you can manage IPs in the physical and virtual spaces.  It integrates with SCVMM 2012 R2, and allows you to deploy IP pools, etc.


Improvements Summary

In my words, WS2012 innovated, and WS2012 R2 has smoothed the corners, making the huge strides in 2012 more achievable and easier to manage.  And a bunch of new features too.


Do I Use Public Cloud -OR- Private Cloud? Why Does It Have To Be One Or The Other?

In his session at TechEd NA 2013 yesterday, Ben Armstrong brought up an important point with cloud computing.  People today, ask themselves if they should deploy a private cloud or subscribe to a particular public cloud.  This is a “one or the other” decision in their minds. And the public cloud in their minds is usually just one public cloud.  Ask Netflix what they think of limiting themselves to just one public cloud (Amazon in VA, USA with the uptime of a …. you catch my drift).

On the Microsoft stack, it can be a different question: do I deploy this VM/service on a public cloud or do I place it on my private cloud. And if it’s a public cloud, which one?  Do I use the elasticity and scale of Azure, or do I use the local hosting company that can offer engineering time?

Here is the usual marketing slide at the start of any recent Microsoft presentation on cloud or virtualisation.  Does it mean anything to you?  Fluff, right?


Maybe this cloud stuff isn’t so fluffy!  I presented the following at E2EVC in Copenhagen last week.  This diagram is based on what you can do right now with Azure, Windows Server 2012, and System Center 2012 (with an NVGRE gateway in the hosting company).


The hosting company has a multi-tenant cloud, using Hyper-V Network Virtualization (HNV) to simplify the physical networks, and provide tenant isolation.  VMM manages the cloud(s).  SPF resides in-front of a HA VMM installation, and provides a hosting API. 

Coca Cola *ahem* is running a private cloud.  That’s also managed by VMM.  Users of this cloud use the portal provided by App Controller and can deploy services on this private cloud, availing of the security, SLAs, custom engineering, etc that they expect from IT. 

The cloud admins have created a contract with the hosting company, enabling App Controller to interact with SPF in the hosting company.  Now the users in Coca Cola can deploy services on-premise or in the hosting company.  It’s no longer an exclusive-or (XOR) decision when placing services, it has become an and/or decision.  Look at the diagram; Pepsi and Lidl *ahem* are also in this hosting company’s public cloud, completely isolated from Coca Cola thanks to HNV.

Coca Cola’s cloud admins have also created a contract with Azure, and App Controller can reach into there too.  Now the self-service users have a choice when deploying a service:

  • Use the highly secured and managed on premise cloud
  • Deploy services into the more scalable but local hosting company with a customised services contract
  • Or use the instantly scalable and elastic Azure IaaS service

And it’s not just a placement decision.  You can re-evaluate placement and move virtual machines (offline) from one cloud to another.  There is no migration, no OVF to mess with, etc.

This is the benefit of having 1 consistent platform, with Windows Server and System Center running in all three environments. 

For the hosting company, they aren’t left in the cold against Azure.  Windows Azure Services for Windows Server (aka “Katal” and vNext is called Windows Azure Pack) provides the exact same portal for their own use.  It can be skinned and customized.  Now the hosting company can provide the very same services as Azure, using the very same Hyper-V and HNV as is used in the Microsoft public cloud.

Now look at that slide again.  It’s not marketing fluff anymore.  It’s one stack, designed from the ground for this purpose, in many clouds that empowers you with the ability to choose.


Event Notes – What’s New In Windows Server 2012 R2?

Speaker Jeff Woolsey

The Cloud OS Vision

The Private Cloud is Windows Server & System Center.  Virtualisation is not cloud.  P2V didn’t’ change management.  Look at the traits of a cloud in the NIST definition.  Cloud-centric management layers change virtualisation into a cloud.  That’s what SysCtr 2012 and later do to virtualization layers: create clouds.

Microsoft’s public cloud is Azure, powered by Hyper-V, a huge stress (performance and scalability) on a hypervisor.

Hosting companies can also use Windows Azure Pack on Windows Server & System Center to create a cloud.  That closes the loop … creating 1 consistent platform across public and private, on premise, in Microsoft, and in hosting partners.  The customer can run their workload everywhere.


The absolute best way to deploy MSFT biz apps is on Hyper-V: test, support, validation, optimization, test, test, test.  They test everything on Hyper-V and Azure, every single day.  25,000 VMs are created every day to do automated unit tests of Windows Server.

In stress tests, Exchange (beyond recommended scale) tested well within Exchange requirements on Hyper-V.  Over 1,000,000 IOPS from a Hyper-V VM in a stress test.


If you own a SAN, running WS2012 or newer is a no brainer: TRIM, UNMAP, ODX. 

Datacenter without Boundaries

Goal number 1.

They wanted integrated high performance virtualization platform.  Reduce complexity, cost, and downtime.  Ease deployment.  Flexible.

Automatic VM activation.  Live VM export/cloning.  Remote Access via VMBus.  Online VHDX resize.  Live Migration compression.  Live Migration over RDMA.  More robust Linux support.

Ben Armstrong on demo patrol:

Storage QoS.  You can cap the storage IOPS of a VM, on a per hard disk basis.

Linux has full dynamic memory support on WS2012 R2.  Now we can do file system consistent backup of Linux VMs without pausing them.  Don’t confuse it with VSS – Linux does not have VSS.  It’s done using a file system freeze. 

You can do shared VHDX to create 100% virtual production ready guest clusters.  The shared VHDX appears as a SAS connected disk in the guest OSs.  Great for cloud service providers to enable 100% self service.  Store the VHDX on shared storage, e.g. CSV or SMB 3.0 to support Live Migration … best practice is that the guest cluster nodes be on different hosts Smile

End of Ben in this session.

Demystifying Storage Spaces and SOFS

I‘ll recommend you watch the session.  Jeff uses a storage appliance to explain a file server with Storage Spaces.  He’ll probably do the same with classic SAN and scale-out file server. 

Matt McSpirit comes up.

He’s using VMM to deploy a new file server cluster.  He’s not using Failover Clustering or Server Manager.  He can provision bare metal cluster members.  Like the process of deploying bare metal hosts.  The shares can be provisioned and managed through VMM, as in 2012 SP1.  You can add new bare-metal hosts.  There is a configurable thin provisioning alert in the GUI – OpsMgr with the MP for VMM will alert on this too.

Back to Jeff.

Changes of Guest Clustering

It’s a problem for service providers because you have previously needed to provide a LUN to the customer.  Hoster’s just can’t do it because of customisation.  Hoster can’t pierce the hosting boundary, and customer is unhappy.  With shared VHDX, the shared storage resides outside the hoster boundary is the tenant domain.  It’s completely virtualised and perfect for self-service.


The real question should be: Why deploy software defined networking (Hyper-V Network Virtualization).  The primary answer is “you’re a hosting company that wants multi-tenancy with abstracted networking for seamless network convergence for hybrid clouds”.  Should be a rare deployment in the private cloud – unless you’re friggin huge or in the acquisition business.

WS2012 R2 will feature a built-in multi-tenant NVGRE (Hyper-V Network Virtualisation or Software Defined Newtorking) gateway.  Now you don’t need F5’s vapourware or the Iron Networks appliance to route between VM Networks and physical networks.  You choose the gateway when creating your VM Network (create VM Network Wizard, Connectivity).  VPN, BGP and NAT are supported.

You can deploy the gateway using a VMM Service Template. 

You can use OMI based rack switches, eg. Arista, to allow VMM to configure your Top Of Rack (TOR) switches.

Hyper-V Replica

HVR broadens your replication … maybe you keep your synchronous replication for some stuff if you made the investment.  But you can use HVR for everything else – hardware agnostic (both ends).  Customers love it.  Service providers should offer it as a service.  But service providers also want to replicate.

Hyper-V Recovery Manager gives you automation and orchestration of VMM-managed HVR.  You install a provider in the VMM servers in site A and site B.  Then enable replication in VMM console.  Replication goes direct from site A to B.  Hyper-V Recovery Manager gives you the tools to create, implement, and monitor the failover plans.

You can now choose your replica interval which defaults to every 5 minutes. Alternatives as 30 seconds and 15 minutes.

Scenario 1: customer replicates from primary hosts (a) to hosts (b) across the campus.  Lots of pipe in the campus so  do 30 seconds replica intervals.  Then replicates from primary DR (b) site to secondary and remote DR site (c).  Lots of latency and bandwidth issues, so go for every 15 minutes.

Scenario 2: SME replicates to hosting company every 5 minutes.  Then the hosting company replicates to another location that is far away.

Michael Leworthy comes up to demo HRM. We get a demo of the new HVR wizards.  Then HRM is shown.  HRM workflows allow you to add manual tasks, e.g. turn on the generator. 

TechEd NA 2013: Keynote – The Post VMware Era

I am love blogging this session so please hit refresh to get the latest notes.

Pre-show, everything is running nice and smoothly.  I got in at 7am and check-in was running nicely (lots of desks) but I was even luckier by being able to register at the media desk.  One breakfast later and we were let into the keynote hall after just a few minutes’ wait, and I went into the press reserved area up to the left of the front.  We had lots of handlers there … handy when my ultrabook refused to see the TechEd network and I had to find other means to connect.

Rock music was playing, and then came out a classic New Orleans brass band to liven things up.  All we needed was some beer Smile


Lots of well known media types start appearing in the press section as the band plays “The Saints Come Marching In” (at least until the 49ers D crushes them). 

TechEd 2014 is in Houston next year.  Hopefully there is a route that does not include Dallas Fort Worth airport.

Brad Anderson

A pre-video where “the bits have been stolen” and Brad goes all James Bond to get them back, chasing the baddies in an Aston Martin while wearing a tux.  The Windows USB key is being unsuccessfully uploaded (BitLocker to go)?  And he recovers his shades Smile  And he drives out onto the stage with the Aston Martin.  Best keynote entrance ever.


All new versions of datacenter products:

-Services to light up devices and enable users (BYOD)
-Azure and Visual Stuid to create great apps
-SQL Server to unlock insights into data
-The cloud platform: what enables the entire stack

Iain McDonald (Windows Core)
Makes the kernel, virtualisation, ID, security, and file system for all the products using Windows Core (Azure, Windows 8, Phone, XBoxOne, etc).  Windows is our core business, he says.  In other words, Windows lets you get your stuff.  Windows 8 is out for 8 months and sold 100,000,000 copies in that time.


A Windows 8 blurb video, and during that a table full of Windows 8 devices comes out.  Confirms that Windows 8.1 will be compatible, out this year, and free.  Preview bits out on June 26th.    Personalized background on the Start Screen.  Some biz features will be shown:

  • Start Screen control: We can lock down tile customization.  You can set up specific apps and setup.  Set up a template machine.  It’s an XML file export-startlayout.  Set a GPO: Start Screen Layout.  Paste a UNC path to the XML file. GPO refresh on the user machine, and the start screen is locked out.  Windows 8.1 Industry line (embedded) does a lot of lock down and customization stuff for hard appliances.
  • Mirrorcast: a powerpoint display technology.  He pairs a machine with a streamless wiring device.  Now he presents from a tablet.  I want this now.  I need this now.  Much better than VGA over Wifi – which just flat out doesn’t work with animated systems like Windows 8 Start Screen. 
  • Wifi Printer with NFC.  Tab the tablet and it pairs with the printer, and adds the device/printer.  The demo gods are unkind Smile  Eventually he goes into Mail and can open an attachment side-by-side (50/50 split).  And he sends the attachment to a printer.  This is why wifi in big demo rooms does not work: the air is flooded – the print doesn’t appear as expected.
  • Surface Pro is up next.  Can build VPN into apps in 8.1.  Can work with virtual smart card for multi-factor authentication.

On the security front:

  • Moving from a defensive posture to an offensive posture in the security space. 
  • 8” Atom powered Acer tablet (see below).
  • Toshiba super hi-res Kira ultrabook


Back to Brad

1.2 billion consumer devices sold since last TechEd.  50% of companies told to support them.  20-somethings think BYOD is a right not a privilege.  IT budgets are not expanding to support these changes.

Identity: Windows Server AD syncs with and blends with Windows Azure Active Directory (WAAD).  Windows Intune connects to on-premise ConfigMgr (System Center).  Manage your devices where they live, with a single user ID.  Don’t try to manage BYOD or mobile devices using on-premise systems – that just flat-out doesn’t work.

Aston Martin has lots of widely distributed and small branch offices (retail).  Windows Intune is perfect to manage this, and they use it for BYOD. 

Windows Server and System Center 2012 R2 are announced, as is a new release of Windows Intune (wave E).  Get used to the name of Windows Server and System Center.  Microsoft has designed for the cloud, and brought it on-premises.  Scalability, flexibility, and dependability.

Out comes Molly Brown, Principal Development Lead.

Workplace Join: She is going to show some new solutions in 2012 R2.  Users can work on the devices they want while you remain in control  She has a Windows 8.1 tablet and logs into a TemShare site.  Her access is deined.  She can “join her workplace”.  This is like joining a domain.  Policy is applied to her identity rather than to the device.  Think of this as a modern domain join – Anderson.  She joins the workplace in Settings -Network – Workplace.  She enters her corporate email address and password, and then she has to prove herself, via multifactor authentication, e.g. a phone call.  All she has to do is press the # key when prompted.  Now she can view the Sharepoint site.

To get IT apps, she can enrol her device for management via Workplace (into Intune).  Now she can (if the demo works – wifi) access IT published apps through Intune.

Work Folders: A new feature of WS2012 R2.  Users have access to all their files across all their devices. Files replicated to file servers in the datacenter and out to all devices owned by the user.  Relies on the device being enrolled. 

You can easily leave the workplace and turn off management with 2 taps.  All your personal stuff is left untouched.  BYOD is made much easier.

Remote wipe is selective, only removing corporate assets from personal devices.

App and device management is Intune.  You brand your service to the business, and manage cross-platform devices including Apple and Android (I found IOS device management to actually the be easier than Windows!).

So you empower end users, unify the environment, and secure the business.

Back to Brad

Apps.  Devs want rapid lifecycles and flexibility.  Need support for cross-platform deployment.  And data, any size.  And make it secure while being highly available.

On to the public cloud and Azure sales pitch.  A dude from Easyjet comes out. I hope everyone has paid to use the priority lane to exit the hall.  He talks about cloud scalability. 

Scott Guthrie

Corp VP for Windows Azure.  Cloud great for dev/test because of agility without waiting on someone to do something for you.  Same hypervisor on premise in Hyper-V as in Azure, so you can choose where your app is deployed (hybrid cloud).

No charge for stopped VMs in Windows Azure from now on.  You can stop it and start it, knowing that you’ve saved money by shutting it down.  Now there is pro-rated per-minute billing.  Great for elastic workload.  You can use MSDN licenses on Azure for no charge.  Or you can deploy pre-created images in the portal.  A new rate for MSDN subscribers to run any number of VMs in Azure at up to 97% discount.  MSDN subscribers get monthly credits ($50 pro, $100 premium, $150 ultimate), and you can use these VMs for free for dev/test purposes.  The portal has been updated today to see what your remaining credit balance is.  I might finally fire up an Azure VM.

http://aka.ms/azurecontest .. MSDN competition for subscribers that deploy an Azure app.  Could win an Aston Martin.

Brian Harry

Technical Fellow – Appliance lifecycle management

Next version of Visual Studio and TFS 2013 later this year.  Preview on June 26th in line with Build.  How to help devs to get from idea-implementation-into customer hands-feedback and all over again.  New cloud load test service from the cloud.  Create the test in VS/TFS, upload it to the cloud, and it runs from there.

SQL Server 2014 is announced.  Hybrid scenarios for Azure.  Lots of memory work – transaction processing in RAM.  Edgenet is an early adopter.  They need reliable stock tracking, without human verification.  This feature has moved away from once/day stock inventory batch jobs to realtime.

PixelSense monster touch TV comes out.  And they start doing touch-driven analytics on the attendees.  A cool 3D map of the globe allows them to visualize attendees based on regions. 

Back to Brad

Windows Server 2012 R2 and System Center 2012 R2 out at the end of the year, and the previews out in June.  These are based on the learnings from Azure for you to use on-premise or to build your own public cloud.  Same Hyper-V as in Azure.  This gives us consistency across clouds – ID, data, services across all clouds with no conversion. 

Windows Azure Pack for Windows Server.  This layers on top of System Center and System Center.  This is the new name for Katal by the looks of it.  Same portal as Azure.  Get density and Service Bus on top of WSSC 2012 R2.  Users deploy services on the cloud of choice.

Clare Henry, Director of Product Management comes out.  You get a stack to build your clouds.  Demo: and we see the Katal portal, renamed to Windows Azure Pack.  Creates a VM from a gallery as a self-service user.  Can deploy different versions of a VM template.  All the usual number/scalability and network configuration options. 

The self-service empowers the end user, builds on top of WSSC for automation, and allows the admin hands-off total control.

On to the fabric and the infrastructure.  Here’s the cool stuff. 

Jeff Woolsey

WSSC 2012 R2 is about agility.  Storage Spaces.  Automated storage tiering is coming to Storage Spaces using SSD and HDD.  Bye bye EMC.  That gave 16x performance improvement from 7K to 124K IOPS. 

Deduplication.  Enabling Dedup will actually improve the performance of VDI.  We now have a special VDI mode for Hyper-V VDI.  It is NOT FOR SERVER VMs.  Dedup will actually 2x the performance of those VDI VMs.

Live Migration just got unreal.  WS2012 R2 Live Migration can use resources of the host to do compression (for 10 GbE or less).  It’ll use some resources if available … it won’t compress if there’s resource contention – to prioritise VMs.

Now LM can use SMB Direct over RDMA.  And SMB Multichannel.  You get even faster LMs over 10 GbE or faster networks using RDMA.

Hyper-V Replica now supports: Site A – Site B – Site C replication, e.g. replicate to local DR, and from local DR to remote DR.

I wonder how VMware’s Eric Gray will try to tap dance and spin that faster Live Migration isn’t needed.  They don’t have anything close to this.

Hyper-V Recovery Manager gives you orchestration via the cloud.  DR was never this easy.

Brad is back

Blue led a new development cadence.  What they’ve accomplished in 9 months is simply amazing. 

We can reduce the cost of infrastructure again, increase flexibility, and be heroes.


Post Event Press Conference

Hybrid cloud was the core design principal from day 1 – Brad Anderson.  Organizations should demand consistency – it gives flexibility to move workloads anywhere.  It’s not just virtualization – storage, Identity, networks, the whole stack.

Scott Guthrie: private cloud will probably continue forever.  But don’t make forks in the road that limit your flexibility. 

Windows Azure Pack is confirmed as the renamed next generation version of Katal.  A new feature is the ability to use Service Bus on Windows Server, with a common management portal for private and public.  No preview release date.

Thanks to Didier Van Hoye for this one.  Stockholders not too confident in VMware this morning.  Is it a coincidence that Microsoft stole their lunch money this morning?


To quote Thomas Maurer: we are entering the post-VMware era.

What is in Windows 8.1 for the enterprise?  It is the "next vision of Windows 8".  "No compromises to corporate IT". 

Making your PC a hotspot is a new feature.  BYOD is huge in the 8.1 release, enabled by Windows Intune.  The Workplace join and selective resets are great.  And the file sync feature controlled by the biz is also a nice one.  XP End of Life: what is the guidance… the official line will be “the easiest path to Windows 8.1 is Windows 8”.  Actually they are being realistic about Windows 7 deployment being the norm.  Mobility and touch scenarios should be future proofed with the right devices.  Windows 8 is the natural OS choice for this. 

On System Center, it is now WSSC, Windows Server and System Center as a combined solution, designed to work at data center scale.  It’s one holistic set of capabilities.  Watch for networking and storage being lit up at scale via System Center.  The new version of Orchestrator is entire based on PowerShell.