End of Support Guidance for Windows Server 2012 (Dos & Don’ts)

What’s Included in Extended Security Updates (ESUs)?

For customers entering unsupported software, ESUs are a temporary resolution that come with benefits and limitations. It is, therefore, imperative that businesses first plan to understand what ESUs include (and what they exclude).

The “Dos” of Extended Security Updates:

• Microsoft acknowledges that ESUs include a “provision of Security updates and Security Updates Severity Rating System”. As an alternative to an update, ESUs offer critical security coverage when customers run legacy software beyond their supported windows.
• ESUs will only be distributed on strict availability.
• Whilst technical support is not included within the scope of an ESU, other Microsoft support plans and assistance may be applicable.
• In some instances, security patching may be requested from Microsoft.

The “Don’ts” of Extended Security Updates:

• Customers on ESUs should expect to be excluded from new features.
• Even design change requests will not be included within an ESU.
• Limited technical support means customers should expect that Microsoft assistance may be narrow when they run legacy software.

A Brief Background on Microsoft Technologies

All Microsoft products that have been onboarded through various licensing and retail schemes, like their competitive counterparts, have a lifecycle.

A ‘lifecycle’ captures the timescale from the moment a product launches until its planned obsolescence. Microsoft products like Windows Server 2012 have followed the same arc, with a forecasted End of Life (or EoL) period and corresponding extended support dates, including qualifying extended security updates.

Common reasons for using unsupported or legacy Microsoft products include:

• Budgetary limitations for new software.
• Skills shortages that mean businesses cannot confidently assess and review new product versions.
• A mentality that buying net new products is unnecessary where legacy versions are still working.

Historically, there has been only one option for customers trying to qualify for Extended Support (including Extended Security Updates), which involved Software Assurance via licence enrolments. This would include either:

• a Cloud Solutions Provider (CSP);
• an Enterprise Agreement (EA);
• a Server and Cloud Enrolment (SCE);
• or an Enterprise Subscription Agreement (ESA)

If your business is planning product updates in the near future and needs ESU for Windows Servers, there are ways to remain secure.

What’s Next for Legacy Windows Server 2012 Users?

Unsupported and legacy product users have multiple options when considering their next steps. CSI’s Azure experts have identified four upgrade options that will ensure servers can continue to receive security updates from Microsoft for Windows Server.

1. Rebuild your server with the latest operating system (OS)
2.  Purchase an Extended Support option with Microsoft via a supported Microsoft Licensing program
3. Move your server to Azure and use the extended support option built into Azure
4. Use Azure Arc to manage on-premises servers and then purchase ESU SKUs via Microsoft Licensing programs

What are the Risks of Using Legacy Windows Servers?

EoS planning is critical to businesses across every vertical, where failure to plan ahead for updates and upgrades can result in expensive and risky outcomes.

The Risk of Unsupported software

When software falls outside of its supported window, vendors like Microsoft typically discontinue technical guidance, assistance and customer service. With the removal of technical support, businesses will find it challenging to resolve and troubleshoot system errors and will become frustrated by undesirable performance issues, security vulnerabilities, compliance headaches and general inefficiencies.

The role of regular patching and updates goes beyond beneficial security enhancements and includes improved functionality over time, as well as optimised system stability.

The Risk of Disruption (& Business Continuity)

It can all depend on where you run mission critical workloads, but unmanaged EoS software can result in business disruption, where everything from employee productivity stats to customer satisfaction can be negatively influenced.

Unplanned EoS increases the likelihood of unexpected system downtime and failures, including software compatibility issues. Foreboding downtime risks can mean that a business’s critical systems unexpectedly stall, causing lost revenue. Whereas proactivity in EoS planning means circumventing costly disruption, so that operations can focus on delivering high quality products and services into their markets.

The Security Problem with EoS

Ongoing, regular patching and updates are the cornerstone of effective, secure software systems. When a product becomes unsupported and is no longer eligible for crucial security patches, the risk of an emerging threat grows. Malicious threat actors prey on system vulnerabilities that are present in legacy products.

Managing EoS can be seen as a kind of security control or measure, mitigating the chances of a data breach or compromise, or even unauthorised access.

Key Dates to Remember

CSI’s Guidance for Windows Server 2012 Users

EoS planning for Windows Server 2012 can be hugely daunting with the associated security and performance risks as this legacy product becomes discontinued in the market. For Microsoft users unsure about their next step, get in touch today for no-obligation chat with one of our Azure experts.

CSI has mapped out options to ensure your systems remain secure and performant into the future.