There is a lot to like about Windows 7 for the consumer. For the enterprise, not so much. While Microsoft has added some fancy new features aimed at the enterprise (see box, below) it seems to have treated the enterprise's needs as an afterthought, contends Windows guru Paul Thurrott in an interview with Microsoft Subnet. Thurrott is editor of the SuperSite for Windows website and author of Windows Vista Secrets SP1 edition. Considering that the bulk of Microsoft's customers are businesses, its neglect here could be described as not smart.

Don't get him wrong, there are cool, eye-popping features in Windows 7 for the enterprise –- unfortunately some are randomly tied to Windows Server 2008 R2 -– which is also in beta. If you want to yank out the VPN and let Windows handle a secure connection to the server (a new feature called DirectAccess), you can. But only if all of your clients and servers are using the latest operating systems from Microsoft. That's a shame in this economy when expensive, large-scale upgrades of the entire operating system infrastructure are not going to fly. (To be fair, enterprises that have opted for Microsoft's Software Assurance deal should be covered for the license fees of an upgrade from WS2008 to R2, but that won't cover the cost of man hours).

On the other hand, the enterprise story for R2 is quite good. It is a compelling new version, despite a name that makes R2 seem as if it’s a minor upgrade when it's not. In this interview, we get Thurrott's under-the-hood view of both of these beta operating systems.

Q: In your opinion, will enterprise IT folks who are holding onto XP for their users want to adopt Windows 7 fairly quickly? Why/why not?

A: I wouldn't say that Windows 7 will drive them to upgrade. There are natural upgrade rhythms and Windows 7 should benefit from that. But there are some things about it -- that it runs well on lower-end hardware -- that make it appealing to businesses. I don’t see people doing a rip-and-replace of existing hardware for it, and Windows 7 isn't magic. It's not going to make obsolete, five-year old hardware work. But it does run on new lower-end systems and does so effectively, allowing businesses to buy lower-end hardware than they might not have otherwise considered. Vista, as we all know, unfortunately didn't do that -- hardware minimums were high.

Q: What does Microsoft need to fix in Windows 7 to make it more appealing for the enterprise than Vista ever was?

A: In all fairness Microsoft for years was criticized for not pushing the envelope and when they did –- with Vista -- they got a lot of push back. Windows XP will go down in history as the Windows version that lasted for the longest possible time. But Windows 7 runs great, as I mentioned, even on low-end hardware.

If there's one big negative to Windows 7, it's that there isn't much of an enterprise story. Microsoft is pushing the idea that Windows 7 and Windows Server 2008 are "better together" and also pushing the notion that, for the first that time since Windows Server 2000, Microsoft has co-developed the server and client code together. Now, WS2000 offered a whole lot of new, compelling features -- Active Directory, Group Policy, all kinds of new important technologies for the day. Its technologies are now mainstream –- and if we look at Windows Server 2008 through the same lens, we see it is not as huge a jump in such ways at all.

Of the new technologies it does offer, one disappointment I have is that sometimes both server and client have to be on the newest version to use them and that it seems almost arbitrary, which features require Windows 7 … I can't even say that many of them are Tier A features.

Also, Microsoft did itself a disfavor with its naming scheme. Windows 7 is really Windows 6.1, an incremental upgrade to Vista. But if you follow Microsoft's naming scheme, an R2 release shouldn't be that big a deal. But this version of R2 is a bigger update than would be apparent from its name.

Q: How much of a learning curve can IT folks expect to have to give XP users if they cut over to Windows 7?

A: There will be a learning curve but its not rocket science. Microsoft has moved forward. The leap from Windows Vista to 7 isn't much, but the leap to Windows 7 from XP is somewhat far apart. Still, we are at the point now, where many people are familiar enough with general computer OS usage that training won't be a big issue for IT departments. If people are buying new computers for home, they are likely getting Vista on them, for the most part. Plus, people use computers all the time … we're not living in a world anymore where people avoid the bank's ATM because they want to deal with a human. People "get" PCs.

Q: What administration/management features are available for W7 that you love?

A: Windows 7 includes PowerShell and a new PowerShell IDE -- so that would be the big one.

Q: What administration/management features are used in W7 that you hate -- or at least think need to be fixed?

Hate … well I wouldn't’t go that far. I feel disappointed because it seems some Windows 7 enterprise features are arbitrarily locked to WS2008 R2. That's a problem when you are asking corporations to spend a significant sum of money or a lot of effort to upgrade and they have to upgrade their server and client operating systems. It’s a tough year for that.

Q: Can you give a couple of examples of features that require WS2008 R2 and Windows 7?

A: Branch Cache is one –- it’s a WAN performance feature that caches data on a branch office server to limit the data traveling over the WAN to speed performance. Another is DirectAccess -– a VPN replacement technology.

Q: When analyzing Windows 7, what is it that Microsoft still "doesn't get" about creating appealing operating systems for the masses?

A: I own some Macs. When I think of the Mac, from a usability standpoint, it isn't friendlier or more inviting than Windows either in many ways. What it does is a nice job with is integration with other Apple consumer products like iPods. Microsoft comes at it from the reverse –- they have always considered their business customers first and treated consumers as an afterthought.

But then again, I don’t think Microsoft has ever released a successful consumer product. (There's the Xbox, which they point to as a success –- but the truth is, that business will never recuperate the R&D costs and it lost a lot of money over the years.) Windows 7 has pretty much done what consumers want. It offers prettier, flashier effects to make them say ooh-ahh.

But, you know, Apple just had keynote at Macworld and talked at great length about its new video tools and so on. I think that people don't actually do a lot of that stuff. When it comes to video editing, Apple kills Microsoft. But most people aren't running around with digital video cameras. They are taking short videos on still cameras that they want to post as is on YouTube. Most people are not doing fancy transitions, end credits, scrolling Star Wars text. Microsoft's attempt to be like Apple have not done well .. Like the Zune for example.

What I'd like to see Microsoft do is figure out a way to work with Apple –- a partnership like it does with partners like Facebook through Windows Live –- instead of competing with them. I'd like them to focus on making their stuff work better on Macs and not about being as cool as Apple.

Q: Speaking of Windows Live, how does Windows 7 (and for that matter WS2008 R2) help ease enterprises into the brave new world of cloud computing ... and do the cloud computing components work well enough for enterprises to want to use them?

A. On the client, Windows 7 has taken out a bunch of stuff and put onto Windows Live and that's smart. That makes it possible to update the software as frequently as they want, rather than tying it to the operating system, which is the high bar and can't be updated as often. It also gets people used to thinking of looking at the cloud for updates … and treating Windows as a more basic thing.

On the server, my criticism is integration.

For instance, Microsoft just launched new versions of Small Business Server and the new Essential Business Server based on Windows Server 2008. They launched these right when small businesses shouldn't be installing services on site and should be looking to the cloud to reduce costs. But I'm not seeing a lot of integration between the two. Why not ship a version of SBS where the e-mail is hosted, not local? I don't know. Hopefully we'll see Microsoft do that one day (and this is just speculation, not insider info). True, businesses will always need some traditional server products, but good integration with cloud computing services, that I don't see. I mean SBS is a great product, the best version yet, but the truth is I think the world is moving on from onsite services.

Q: Microsoft promises that its software will be identity-aware (via Active Directory) and secure (via features like BitLocker). In what ways does Windows 7 meet your expectations of identity management/inbred security? Fail to meet them?

I think identity will happen more on the application side than in the desktop OS –- like with Office 14 –- and there is a big push on the server end. What they really need to on Windows is to make it possible for more portable user stuff … that's the bugaboo that's not fixed yet, to my way of thinking. WS2008 on the high end does have features that when you logon to a new computer, your desktop comes down to you. But they need to make it more universal, more applicable on the low end -– you should be able to log in from a coffee shop and get your desktop.

Q: What new features in R2 were you most impressed with?

A: R2 has all kinds of stuff but in many ways the server version is a lot like Windows 7 in that, to be fair, the previous version was already pretty good and they really just tweaked it. With WS2008, they lacked certain administration features and in R2, they fixed them. For instance, they are now using PowerShell as their basis of admin going forward -– that's smart. WS2008 had PowerShell but you couldn't do much with it. In R2, you can script everything, or use a GUI-like interface (similar to the one added to Exchange 2007). In R2 there's also lot of tools built on PowerShell and a lot of administrative cmdlets included to automate stuff.

DirectAccess is another one. Do you remember with Exchange, when they added https access to it and took something that was otherwise so complex to do and made it easy to do? DirectAccess takes that notion and brings it to a VPN. What I'd like to see is Microsoft open up DirectAccess to more versions of its clients –- right now it requires Windows 7. They also extended BitLocker to removable devices –- that was smart.

Also, for technology enthusiasts that want to run WS2008 on workstations they are offering a version for that called Foundation Server. It's super-inexpensive and includes everything but Hyper-V, that's smart. (The server team seems to move in a much more measured fashion than the client guys.)

There's also a lot of evolution of features, but good stuff, like the Live Migration stuff. I'm not so positive myself that the migration features between WS2008 and R2 are such a big deal … it used to take seconds to move a virtual machine and now it takes milliseconds.

Q: So, was Live Migration worth the wait?

A: Users have said it is an important thing. For end users, they are working on an application running on virtual machine, but they don't know that. Then, it doesn't respond for a couple of seconds and then it's back. To me it's not a big difference but it is something VMware has and users asked for it so here it is.

Q: Which features did you find lacking in R2?

A: The biggest thing that confused me is that there is a lot going on with virtualization in both the client and the server. The client and the sever can mount virtual machines … (Windows 7 and R2) … OK, that's neat, it makes it possible to do things like copy files in/out of a virtual machine live. But then there's this feature where R2 can boot from a virtual hard drive. What's the scenario here? The way the folks at Microsoft explained it to me is, imagine you are retail shop and you need to run certain workloads virtualized so that during the holiday season you can increase capacity. The server can do that if it boots off the physical hardware. But I asked them what happens after the holidays, can users get back the capacity dedicated to the virtual hard drive? It turns out, no … so it's like a one-way switch. Maybe during the beta period, they will get feedback and fix it in next version. But for now, its just weird functionality that no one is sure what the point of it is.

Also, as I said some of Windows 7 integration stuff was on the dubious side to me and I think it would be smart if Microsoft offered Direct Access and BitLocker on Vista, which would make it more inviting for enterprises to use them. DirectAccess will be a VPN killer. It is so obvious when you see it that you ask, why didn't this happen before?

Q: What can you say about management -- particularly for shops that don't use Microsoft for everything (i.e. -- they don't use System Center)?