Today is an important day for the network administrator as Windows 2000 ends its extended support period. This means that security hotfixes will no longer be available for the operating system for both server and professional (workstation-class) editions of the operating system. While it is now a ten year-old operating system, many people surely have some straggling installations that are still on this popular OS.

For Windows 2000, this is effectively the end of the line for a popular era of server computing that can be looked at a number of ways. On one hand, it opened the door for sprawl of application servers throughout IT environments that was tough for administrators to deal with. Yet on the other hand, it was the first release of Active Directory and Group Policy; which in my opinion are the best products Microsoft has ever made. Windows 2000’s Lifecycle statement is listed below in Figure A:

Figure A

Click image to enlarge

The Microsoft Product Lifecycle site is an important resource to use in conjunction with operating system and application inventories. This determines a lot for infrastructure administrators in terms of when things should be removed as well as what should be implemented. Frankly speaking, I wish hardware vendors were this open about the lifecycle of products.

For administrators who have Windows 2000 systems in place and an upgrade path isn’t clearly visible, here are four accommodations you can make to protect yourself:

  • Firewall: Set up a private network for the antiquated operating system and secure the perimeter with a network firewall.
  • Turn it off: If the system is a virtual machine, have it powered on only when needed. This can easily be accommodated with VMware vSphere or Hyper-V permissions models, and the application owners can deal with the extra step.
  • Convert it to a virtual machine: If the system can be made a virtual machine, it can be a lot easier to preserve and isolate in this fashion.
  • Utilize Windows 2000 Custom Support services from Microsoft. There is an offering to have hotfixes made available on a case-by-case basis. This is available for large Microsoft accounts and is very expensive.

While the end result will usually involve upgrading to a new operating system, sometimes factors beyond the control of the administrator are involved. What are your strategies for Windows 2000 systems? Share your comments below.