While fundamentally changing the design of the operating system, the Longhorn Server team has also included several features designed to eliminate security breaches and malware infestations, as well as capabilities meant to protect corporate data from leakage and interception. Let's take a look at some of the improvements currently in Beta 2.

Operating system file protection

A new feature currently known as "operating system file protection" ensures the integrity of the boot process for your servers. Longhorn Server creates a validation key based on the kernel file in use, a specific hardware abstraction layer (HAL) for your system and drivers that start at boot time. If these files change after the key is created, the operating system will detect the changes at the next subsequent boot-up and halt the process so you can repair the problem.

Operating system file protection also extends to each binary image that resides of the disk drive. Operating system file protection in this mode consists of a file system filter driver that reads every page that is loaded into memory, checking its hashes and validating any image that attempts to load itself into a protected process, which are often the most sensitive to elevation attacks.

These hashes are stored in a specific system catalog, or in an X.509 certificate embedded within a secure file on the drive. If any of these tests result in failure, operating system file protection will halt the process to keep your machine secure. This is active protection against problematic malware.