Our team of technical specialists fields questions about Windows® Server every day. These conversations are usually with a sysadmin or Director of IT who is trying to determine if our cloud directory service can replace all their existing Windows Server infrastructure.
Replacing a physical server with a cloud one is relatively simple. So the real question here is one of software. Inevitably, what it takes to replace your on-prem server depends on what essential functions you’re using your existing Windows Server(s) for. There are about nine core “roles” that a Windows Server may play, from domain name services (DNS server) to Network Policy Access Services.
This post will list nine of the most commonly used Windows Server Roles, define them, and then offer an alternative for each. But first, let’s touch on why IT is looking for alternatives to their Windows Server in the first place.
Why Replace Your Servers?
There’s a long list of reasons IT organizations are looking to replace Windows Server roles. Here are the five reasons we hear most often:
The organization has resources that don’t integrate well with Windows Server (e.g. SaaS, IaaS, macOS®, Linux®).
Going All Cloud:
The migration to the cloud is becoming a directive for many IT teams. Primary drivers are cost savings, efficiency, and security benefits. Azure Services are not always enough to get it done.
The organization no longer really needs its existing on-prem server(s) and doesn’t want to continue maintenance and paying for CALs.
Their current server is due to be replaced or is no longer supported (e.g. Windows Server 2003 or 2008). The cost of updating or replacing an on-prem server is a significant upfront expense.
Preference for Linux:
You can get Linux servers much cheaper compared to Windows Server. The open source software available for Linux can eliminate the licensing costs of CALs.
Now, without further explanation…
Top 9 Windows Server Roles and their Alternatives
(1) Active Directory Domain Services (AD DS)
AD DS acts as the core directory service for an organization, managing hierarchical relationships between network objects (users, systems, servers, applications etc.). With AD DS, IT admins can manage users’ domain identities and their access to Windows resources. As such, AD DS is integral to organizational security, as it is the core source of truth for authentication and authorization. Additionally, administrators leverage AD DS to apply system setting policies through Group Policy Objects (GPOs).
AD DS Cloud Alternative:
(2) Active Directory Federation Services (AD FS)
AD FS connects on-prem AD DS identities to web-based applications outside of the domain using Federated Trust in order to authenticate user access. As such, AD FS is considered a single sign-on (SSO) solution, centralizing web app access under AD DS domain credentials.
AD FS Cloud Alternative:
Azure® Active Directory, web application SSO solutions, Directory-as-a-Service
(3) Network Policy Access Services (NPAS)
NPAS enables admins to connect users to the internal network, as well as the external internet. It features several specific roles: Network Policy Server (NPS), Health Registration Authority (HRA), and Host Credential Authorization Protocol (HCAP). With these, admins secure network connections similarly to the RADIUS protocol.
Network Policy Access Services Alternative:
(4) Web & Application Servers
Web & Application servers allow organizations to create and host websites and other web-based applications using on-prem server infrastructure. Specifically, the web server handles the HTTP requests/responses of a standard web page. The application server provides a development environment and hosting infrastructure for applications usable through the internet.
Web & Application Servers Alternative:
Infrastructure-as-a-Service (IaaS) providers such as AWS, Azure, or GCP™, any number of PaaS vendors
(5) Printer and Document Services
Printer and Document Services manages organizational printing operations, providing access to both print servers and network printers. Admins utilize Printer and Document Services to monitor printing queues and control which print jobs are permitted. Additionally, Printer and Document Services contain Distributed Scan Server, which routes scanned documents to individual workstations as necessary.
Printer Services Alternatives:
Google Cloud Print, PrinterLogic, Samba
(6) Domain Name System (DNS) Server
DNS Server associates the domain names people use to access web pages with their respective Internet Protocol (IP) addresses. In essence, it is both a translator and a phone book, routing users through the internet to the web pages they need to access without needing to speak directly to the servers.
Domain Name System Alternatives:
OpenDNS, Cloudflare, Google Public DNS, etc.
(7) Dynamic Host Configuration Protocol (DHCP) Server
DHCP Server assigns IP addresses and other network configurations to systems and servers so that they may communicate with other IP networks. This functionality shoulders the burden of managing system IP addresses, creating new ones as needed.
Open DHCP Server, Linux DHCP Server, FreeRADIUS
(8) File Services Server
File Services Server provides shared data storage, authorizing access to files based on domain permissions. It also encrypts data as needed and enables remote network storage access through VPN.
File Services Server Alternatives:
G Drive™, SharePoint™, DropBox™, Synology, QNAP, Samba
(9) Windows Server Update Services (WSUS) Server
WSUS Server allows IT admins to control how and when their Windows systems update. The server downloads patches, hotfixes, and other updates from Microsoft Update, distributing them across a system fleet as IT organizations deem necessary.
Windows Server Update Services (WSUS) Alternative:
SolarWinds, ManageEngine, Automox, Directory-as-a-Service
So, Can The Cloud Replace My Windows Server?
The answer depends on what roles you are using it for.
If you’re only using your Windows Server as a file server, then yes, there are no shortage of cloud-based file storage solutions for you to evaluate.
In the case of Active Directory Domain Services, AD FS, and Network Policy Access Services, you may be a good candidate to try out JumpCloud.
But every IT organization is unique. The only way to evaluate how you can replace your Windows Server is to go through the roles you’re using it for one at a time and find a better solution for each. This evaluation process is well worth it for the potential gains in efficiency, compatibility, and cost (e.g. eliminating CALs).
If you’re looking for alternatives to more than just Windows Server roles, then consider our five part series on How to Eliminate Microsoft:
- Part 1: Windows
- Part 2: Microsoft Office
- Part 3: Exchange
- Part 4: Windows Server
- Part 5: Active Directory
If you’re wondering about JumpCloud as a Windows Server alternative, you can start by getting a demo. You also get the complete product for free for up to ten users when you sign up.