Windows Managed Server is dependent on Microsoft’s lifecycle support. This document will review Microsoft’s policy and then cover Windows Managed Server’s policy.
Microsoft lifecycle support
Windows Server long-term servicing channel (LTSC) releases covered by Microsoft’s modern lifecycle policy have a mainstream support lifecycle of 5 years, 5 additional years of extended support, then eligibility to purchase 3 additional years of Extended Security Updates (ESU).
| Type of support | Mainstream Support | Extended Support | Extended Security Updates (ESU) |
|---|---|---|---|
| Length of support | Initial 5 year period | +5 years after mainstream | +3 years after extended |
| Request to change product design and features | Available | Not available | Not available |
| Security updates | Available | Available | Available via Extended Security Update Program |
| Non-security updates | Available | Not available | Not available |
| Self-help support | Available | Available | Available |
| Paid-support | Available | Available | Available |
After the mainstream support period has ended, Microsoft will provide support and security updates, but no quality updates, driver updates, or other features can be expected. When a server falls beyond Extended Support without Extended Security Updates or beyond ESU, it is in violation of UW policies, since it can no longer be kept up to date for security vulnerabilities.
More from Microsoft: detailed information on Windows Server modern lifecycle policy. Supplements to that for Windows Server versions in a fixed lifecycle policy: WS2012R2, WS2012 & WS2008R2.
Windows Managed Server lifecycle support
UW Administrative Policy Statements (APS) expect system owners & operators to keep all IT systems updated with vendor supplied security patches. So to be in alignment with UW expectations, operating systems who no longer have security updates are considered in violation of UW expectations.
Windows Managed Server uses the long-term servicing channel (LTSC). Windows Managed Server provisions servers with the latest Windows Server version to maximize the time your server will be supported. In-place operating system upgrades are not supported; OS upgrades require a requesting a new server. Windows Managed Server does not upgrade the OS on existing servers, as there is too much risk associated with such an approach, and the downtime required generally makes it unacceptable. We instead encourage customers to replace existing servers with a new server with a current OS. This approach accommodates testing, and depending on the workload and customer needs, either a phased transition or cutover reduce the downtime required.
When you do not retire a server which has gone beyond extended support and replace it with a current version, UW-IT must purchase an ESU support plan for your server. UW-IT may also need to purchase additional support packages, for example for antivirus support. Any additional costs incurred due to running a server in extended support are passed along to customers.
The Windows Managed Server service uses five categories[1] to define our support for a given version of Windows Server:
- Emerging: Newest release which we are preparing to support; we aren’t ready to support this version yet and services/support may be subject to consulting rates.
- Baseline: Fully supported and preferred for new server builds.
- Containment: Fully supported for existing servers. Customers should begin making plans to retire and replace with a server in Baseline.
- Retirement: Scheduled for end-of-life. Customers are actively executing a plan to retire and replace with a server in Baseline. Windows Managed Server will purchase ESUs for any server which requires it, but the cost will be passed along to the customer.
- Unsupported: Not supported by Windows Managed Server. Servers in this category are shut down.
When a new Windows Server version is released, it will be initially supported as Emerging. Once the Windows Managed Server team has completed its evaluation and is ready to support the new operating system, we will move the new version to Baseline.
Versions in Baseline are moved into Containment when it reaches the end of its Microsoft mainstream support.
Versions in Containment are moved into Retirement 1 year prior to the end of Microsoft extended support. Windows Managed Server will contact relevant customers when an OS is shifting from Containment to Retirement and begin the process of identifying and supporting the customer’s plan.
Versions in Retirement are moved into Unsupported when the ESU support period has ended. Windows Managed Server has open requests for each customer with servers in Retirement to facilitate the process of migration, replacement, or shut down.
Windows Server versions generally have a total WMS support lifetime of 13 years after release, from Emerging until Unsupported.
Servers running an OS in Unsupported will be turned off. The customer should have already been in active discussions with Windows Managed Server about its options for 4 years by that point in time.
| Emerging | Baseline | Containment | Retirement | Unsupported | |
| Period in category | < 6 months | 4 1/2 years | 4 years | 4 years | Indefinitely |
As of October 2023
| Emerging | Baseline | Containment | Retirement | Unsupported |
| Windows Server 2022 (moves in Oct. 2026) | Windows Server 2016 (moves in Jan. 2026) | Windows Server 2012 (moves to Unsupported October 13, 2026) | Windows Server 2008 or WS2008 R2 | |
| Windows Server 2019 (moves in Jan. 2028) | Windows Server 2012 R2 (moves to Unsupported October 13, 2026) | Windows Server 2003 or WS2003 R2 | ||
| Windows Server 2000 | ||||
| Windows Workstation (any version/edition) | ||||
Notes:
- Windows Server 2008/2008 R2 have a special exception keeping them in the Retirement lifecycle state 2 extra months
- Windows Server 2012/2012 R2 have a special exception keeping them in Containment lifecycle state 12 extra months
These exceptions reflect the flexibility required to implement a policy like this without unduly impacting customers with insufficient time to address the consequences.
An operating system’s place in the lifecycle determines what support is available from the Windows Managed Server Service, as detailed in the table below.
| Emerging | Baseline | Containment | Retirement | |
| OS build image | 1 | + | ||
| OS troubleshooting | 1 | + | + | 3 |
| Automated patching mechanism | 2 | + | + | + |
| Patch troubleshooting support | 1 | + | + | 3 |
| High risk OS security vulnerability mitigation | 1 | + | + | 2 |
| Basic data collection (sign in logs, version, etc.) | 2 | + | + | 2 |
| Access management | 2 | + | + | + |
| Anti-Virus software management | 2 | + | + | 2 |
| Firewall management | 2 | + | + | 2 |
| Incident support level can be 24×7 | 2 | + | + |
+ – Fully supported
1 – May be purchased at hourly consulting rates.
2 – Available “as-is” provided it works with our standard toolset. Troubleshooting or other support may be available at consulting rates.
3 – We will build a new server with a Baseline OS. If a rebuild can’t be done for some reason, support is available at consulting rates.
[1] The UW Enterprise Architecture (EA) program promotes using specific terms to communicate technology lifecycle states, and we use their terminology in describing our support practices and lifecycle process.