On exactly 10 October 2023, support for Windows Server 2012 and Windows Server 2012 R2 will end. After this date, the systems will not be updated by the manufacturer, which means that they will no longer meet security standards. How do you prepare for this change and what are the recommended alternatives for migrating workloads from an unsupported system? We suggest!
Machines that run without support and necessary updates are vulnerable to attacks by cybercriminals. Emerging security vulnerabilities are not patched and become a gateway for hackers. Criminals usually target unsupported systems with malware or viruses in order to extort a ransom. Using an out-of-date version of a system is possible, but poses a huge risk to organisations these days.
ALTERNATIVE 1: Microsoft Azure
Customers who want to continue using Windows Server 2012 and remain secure with updates can subscribe to the ESU (Extended Support Updates) service. They can also migrate their workloads to Microsoft Azure and thus receive ESU free of charge for 3 consecutive years. Moving to Pass (Platform as a Service) cloud services, such as Azure SQL or App Services, can provide companies with numerous benefits, including scalability, cost savings and access to advanced features and services. In addition, a cloud solution offers robust security measures and compliance certifications that can help mitigate the risks associated with unsupported server operating systems.
With Microsoft Azure, you can forget about the inexorable end-of-support deadlines for Microsoft products. You never have to update your systems again. By moving workloads to the cloud, you gain an always up-to-date and secure working environment, which is not affected by the end of manufacturer support and whose use and capabilities are much broader than in Windows Server 2022.
ALTERNATIVE 2: Windows Server 2022
Windows Server 2022 is the recommended successor to the 2012 version and migrating to this system provides full support, essential patches and security updates. With Windows Server 2022, companies can simplify their remote working, increase productivity and efficiency. Above all, this product has been designed with the cloud in mind and adapted to work in this model. It gives even more capabilities in terms of security, hybrid management and container performance.
Windows Server 2022 supports a number of security-enhancing features. Enhanced Windows Defender Advanced Threat Protection (ATP) prevents and detects zero-day attacks, network attacks and data breaches with appropriate operating system and memory sensors. Protected virtual machines for Windows and Linux reduce the risk of a cyber breach by extending Windows Server’s protected operating systems to those in virtual environments. Windows Defender Credential Guard, on the other hand, ensures that only authorised individuals have access to information. It allows you to manage access within your organisation and keep sensitive data fully protected.
In Windows Server 2022, control of physical and virtual machines is easier than in older versions due to an upgraded toolset. Windows Admin Center allows you to control hybrid server environments using familiar but improved solutions that make it easier to manage virtual machines, a modernised event viewer or more insightful reporting, among other things. Azure Arc, on the other hand, enables management of the entire environment through a single online interface. It collects resources from outside Azure – from other clouds and local resources on Azure Resource Manager. The insights system is responsible for predicting performance levels and events to help optimise costs.
Improved scalability, reduced container image size or a favourable support cycle build the advantage of Windows Server 2022. Thanks to the smaller image size, organisations can enjoy faster download times and better application compatibility. The new container extension in Windows Admin Center allows to monitor resource consumption, open console connections or check logs.
ALTERNATIVE 3 – additional support for outdated products
A third option for keeping your IT environment secure and up-to-date is to purchase an ESU (Extended Support Updates), which provides up to three years of security updates, with the option to renew annually.
Customers with active Software Assurance or subscription licences can purchase Extended Security Updates annually for 75 per cent of the licence cost of the latest Windows Server version in the first year, 100 per cent of the licence cost in the second year and 125 per cent of the licence cost in the third year.
Extended security updates do not include new features, customer-requested non-security patches or design change requests. However, Microsoft may include non-security related patches if it deems it necessary.
For local servers, customers can use the Azure Arc service to receive automatic/scheduled updates and ESU installations, as well as security and management features on the Azure platform.
End of support for SQL Server 2012
As with Windows Server, we have several options to choose from. One is to upgrade to the current local version of SQL Server, but here we have little risk to the existing database application due to the level of database compatibility. This path also requires a large initial investment. Another option is to purchase additional security updates (ESUs), although this option is only limited to customers with Software Assurance or subscription licences. Updates are only available for the next three years. The cost of additional security updates is approximately 75% of the cost of the local licence per year in the first year, 100% in the second year and 125% in the third year. In our opinion, this is not a cost-effective choice. Also note that this type of support is limited to critical security issues only.
From our point of view, the most attractive choice to quickly and efficiently address the EOL of SQL Server 2012 is to perform a lift-and-shift migration or move to a PaaS model. Migrating an immutable SQL Server system to an Azure platform virtual machine (IaaS) is the fastest way to migrate to the Azure platform as there are minimal or no changes required to existing applications. Ultimately, we have several benefits i.e. free additional security updates for three years after support ends. We can also reduce cloud infrastructure costs by taking advantage of the benefits of using the hybrid Azure platform, which allows us to use local licences. Migrating to the cloud in a Platform-as-a-Service model, allows us to significantly reduce costs by offloading hardware and software maintenance. This option always ensures we have access to the latest SQL features, we will save a lot of time by automating backups, updates and the ability to scale up and down without downtime. For most organisations, this will probably be the easiest option to implement, resulting in reduced costs and increased security.
If you would like to discuss which scenario to choose in the context of the end of support for Windows Server 2012 and SQL Server 2012, be sure to get in touch!
Our team of experts will be happy to answer your questions and help you choose the most favourable solution:
📞 Tel: +48 32 420 92 45
📧 Email: microsoft@senetic.com
Please also visit our website for more information on solutions. Check it out and find out more: