Windows Server 2008 R2 File System Overview/Technologies

As data storage needs and computer services have evolved in the past 20 or so years, many different methods have become available to present, access, secure, and manage data. As an example, data can be accessed through a web browser; by accessing data stored on external storage media, such as USB drives, floppy disks, CDs, and DVDs; and by accessing data stored on any of the different types of media for the many different operating systems, network storage devices, and file systems available.

Windows Server 2008 R2 File System Overview/Technologies

Windows Server 2008 R2 provides many services that can be leveraged to deploy a highly reliable, manageable, and fault-tolerant file system infrastructure.

Windows Volume and Partition Formats

When a new disk is added to a Windows Server 2008 R2 system, it must be configured by choosing what type of disk, type of volume, and volume format type will be used. To introduce some of the file system services available in Windows Server 2008 R2, you must understand a disk’s volume partition format types.

Windows Server 2008 R2 enables administrators to format Windows disk volumes by choosing either the file allocation table (FAT) format, FAT32 format, or NT File System (NTFS) format. FAT-formatted partitions are legacy-type partitions used by older operating systems and floppy disk drives and are limited to 2GB in size. FAT32 is an enhanced version of FAT that can accommodate partitions up to 2TB and is more resilient to disk corruption. Data stored on FAT or FAT32 partitions is not secure and does not provide many features. NTFS-formatted partitions have been available since Windows NT 3.51 and provide administrators with the ability to secure files and folders, as well as the ability to leverage many of the services provided with Windows Server 2008 R2.

NTFS-Formatted Partition Features

NTFS enables many features that can be leveraged to provide a highly reliable, scalable, secure, and manageable file system. Base features of NTFS-formatted partitions include support for large volumes, configuring permissions or restricting access to sets of data, compressing or encrypting data, configuring per-user storage quotas on entire partitions and/or specific folders, and file classification tagging.

Several Windows services require NTFS volumes; as a best practice, we recommend that all partitions created on Windows Server 2008 R2 systems are formatted using NT File System (NTFS).

File System Quotas

File system quotas enable administrators to configure storage thresholds on particular sets of data stored on server NTFS volumes. This can be handy in preventing users from inadvertently filling up a server drive or taking up more space than is designated for them. Also, quotas can be used in hosting scenarios where a single storage system is shared between departments or organizations and storage space is allocated based on subscription or company standards.

The Windows Server 2008 R2 file system quota service provides more functionality than was included in versions older that Windows Server 2008. Introduced in Windows 2000 Server as an included service, quotas could be enabled and managed at the volume level only. This did not provide granular control; furthermore, because it was at the volume level, to deploy a functional quota-managed file system, administrators were required to create several volumes with different quota settings. Windows Server 2003 also included the volume-managed quota system, and some limitations or issues with this system included the fact that data size was not calculated in real time. This resulted in users exceeding their quota threshold after a large copy was completed.

Windows Server 2008 and Windows Server 2008 R2 include the volume-level quota management feature but also can be configured to enable and/or enforce quotas at the folder level on any particular NTFS volume using the File Server Resource Manager service. Included with this service is the ability to screen out certain file types, as well as real-time calculation of file copies to stop operations that would exceed quotas thresholds. Reporting and notifications regarding quotas can also be configured to inform end users and administrators during scheduled intervals, when nearing a quota threshold, or when the threshold is actually reached.

Data Compression

NTFS volumes support data compression, and administrators can enable this functionality at the volume level, allowing users to compress data at the folder and file level. Data compression reduces the required storage space for data. Data compression, however, does have some limitations, as follows:

• Additional load is placed on the system during read, write, and compression and decompression operations.

• Compressed data cannot be encrypted.

Data Encryption

NTFS volumes support the ability for users and administrators to encrypt the entire volume, a folder, or a single file. This provides a higher level of security for data. If the disk, workstation, or server the encrypted data is stored on is stolen or lost, the encrypted data cannot be accessed. Enabling, supporting, and using data encryption on Windows volumes and Active Directory domains needs to be considered carefully as there are administrative functions and basic user issues that can cause the inability to access previously encrypted data.

File Screening

File screening enables administrators to define the types of files that can be saved within a Windows volume and folder. With a file screen template enabled, all file write or save operations are intercepted and screened and only files that pass the file screen policy are allowed to be saved to that particular volume or folder. The one implication with the file screening functionality is that if a new file screening template is applied to an existing volume, files that would normally not be allowed on the volume would not be removed if they are already stored on it. 

File Classification Infrastructure

Windows Server 2008 R2 includes a new feature called the File Classification Infrastructure (FCI). The FCI enables administrators to create classification policies that can be used to identify files and tag or classify files according to properties and policies defined by the file server administrators. FCI can be managed by using the File Server Resource Manager console and allows for file server administrators to identify files and classify these files by setting specific FCI property values to these files based on the folder they are stored in and/or based on the content stored within the file itself. When a file is classified by FCI, if the file is a Microsoft Office file, the FCI information is stored within the file itself and follows the file wherever it is copied or moved to. If the file is a different type of file, the FCI information is stored within the NTFS volume itself, but the FCI information follows the file to any location it is copied or moved to, provided that the destination is an NTFS volume hosted on a Windows Server 2008 R2 system.

Volume Shadow Copy Service (VSS)

Windows Server 2003 introduced a file system service called the Volume Shadow Copy Service (VSS). The VSS enables administrators and third-party independent software vendors to take snapshots of the file system to allow for faster backups and, in some cases, point-in-time recovery without the need to access backup media. VSS copies of a volume can also be mounted and accessed just like another Windows volume if that should become necessary.

Shadow Copies of Shared Folders

Volume shadow copies of shared folders can be enabled on Windows volumes to allow administrators and end users to recover data deleted from a network share without having to restore from backup. The shadow copy runs on a scheduled basis and takes a snapshot copy of the data currently stored in the volume. In previous versions of Windows prior to Windows Server 2003, if a user mistakenly deleted data in a network shared folder, it was immediately deleted from the server and the data had to be restored from backup. A Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2 NTFS volume that has shadow copies enabled allows a user with the correct permissions to restore deleted or overwritten data from a previously stored shadow copy backup. It is important to note that shadow copies are stored on local volumes and if the volume hosting the shadow copy becomes inaccessible or corrupted, so does the shadow copy. Shadow copies are not a replacement for backups and should not be considered a disaster recovery tool.

Volume Shadow Copy Service Backup

The Volume Shadow Copy Service in Windows Server 2008 R2 also provides the ability for Windows Backup and third-party software vendors to utilize this technology to improve backup performance and integrity. A VSS-compatible backup program can call on the Volume Shadow Copy Service to create a shadow copy of a particular volume or database, and then the backup can be created using that shadow copy. A benefit of utilizing VSS-aware backups is that the reliability and performance of the backup is increased as the backup window will be shorter and the load on the system disk will be reduced during the backup.

Remote Storage Service (RSS)

The Remote Storage Service was included with Windows 2000 Server and Windows Server 2003. The Remote Storage Service enables administrators to migrate or archive data to lower-cost, slower disks or tape media to reduce the required storage space on file servers.

This service, however, has been discontinued in Windows Server 2008 and is not included in Windows Server 2008 R2 either. Many organizations that required this sort of functionality have turned to third-party vendors to provide this type of hierarchical storage management. However, the New File Management Tasks node within the File Server Resource Manager console provides a function that allows administrators to schedule processes that will report on files that might be candidates for moving to alternate storage through a function called file expiration. This can be configured to notify both administrators and end-user file owners of upcoming files that will be expired and moved to alternate volumes. One main difference, however, is that file expiration does not leave a link in the original file location as the Remote Storage Service previously did. 

Distributed File System (DFS)

As the file services needs of an organization change, it can be a challenging task for administrators to design a migration plan to support the new requirements. In many cases when file servers need additional space or need to be replaced, extensive migration time frames, scheduled outages, and, sometimes, heavy user impact results.

In an effort to create highly available file services that reduce end-user impact and simplify file server management, Windows Server 2008 R2 includes the Distributed File System (DFS) service. DFS provides access to file data from a single namespace that can be used to represent a single server or a number of servers that store different sets or replicated sets of the same data. For example, when using DFS in an Active Directory domain, a DFS namespace named \\companyabc.com\UserShares could redirect users to \\Server10\UserShares or to a replicated copy of the data stored at \\Server20\UserShares.

Users and administrators both can benefit from DFS because they only need to remember a single server or domain name to locate all the necessary file shares.

Distributed File System Replication (DFSR)

With the release of Windows 2003 R2 and continuing with Windows Server 2008 and Windows Server 2008 R2, DFS has now been upgraded. In previous versions, DFS Replication was performed by the File Replication Service (FRS). Starting with Windows Server 2003 R2, DFS Replication is now performed by the Distributed File System Replication service, or DFSR. DFSR uses the Remote Differential Compression (RDC) protocol to replicate data. The RDC protocol improves upon FRS with better replication stability, more granular administrative control, and additional replication and access options. Also, starting with Windows Server 2008 R2, RDC improves replication by only replicating the portions of files that have changed, as opposed to replicating the entire file, and replication can now be secured in transmission. 

File System Management Tools

Windows Server 2008 R2 provides several tools administrators can leverage to manage Windows Server 2008 R2 file servers. Administrators can install these tools on Windows Server 2008 R2 systems by adding the File Services tools feature to the system. The File Services tools can be added by invoking the Add Features applet located in Server Manager. The tools are located in the Add Features, Remote Server Administration Tools, Role Administration Tools hierarchy. The File Services tools installed in this group include the following:

• Distributed File System tools

• File Server Resource Manager tools

• Services for Network File System tools

File System Monitoring and Reporting

Windows Server 2008 R2 includes the ability for administrators to enable automated monitoring and reporting of the file system. This includes reporting on storage and quota usage, file screening, file group by types as well as owners, and file properties. Also, new to Windows Server 2008 R2 is the ability to produce reports on file classification and file expiration file management tasks.