Windows Server Summit 2026 | Part 7: Everything you want to know about Azure Arc for Servers

14.05.2026 Last updated : 17.05.2026 Mein Avatar für die Krähe mit Hut. Man sieht eine Krähe mit einem Doktorhut.Krähe mit Hut
Lesedauer 4 Minuten

Series

Overview: Windows Server Summit 2026 - in a nutshell!
Next article: Windows Server Summit 2026 | Part 8: A tour of Virtualization Mode
Previous article: Windows Server Summit 2026 | Part 6: Evolving server management: priorities, roadmap, and tooling


Part 6 of this series has shown that Windows Server is no longer limited to traditional deployment as part of an Active Directory environment. The possibilities are vast—whether it’s used as a workgroup server, in Azure, or in another cloud.

Instead of using various management solutions and portals, it makes sense to manage everything through a single interface whenever possible. This greatly simplifies operations and knowledge acquisition. And that’s exactly what Azure Arc for Servers offers!

What is Azure Arc for Servers?

Azure Arc for Servers is a centralized management and configuration platform for servers and IoT devices. Servers can be operated in on-premises data centers as well as in multi-cloud environments. In other words, the server’s location is virtually irrelevant—management via Azure Arc is possible anywhere as long as an internet connection is available (Azure Arc is not currently available in isolated scenarios).

Azure Arc consolidates many features that previously had to be provided through multiple products and services or were not available at all. This allows for the deployment of software, policies, updates, and automation. As a result, Azure Arc can be described, in a sense, as “Intune for servers,” even though this description no longer fully captures its capabilities.

Windows Server 2016 ESU

Manufacturer support for Windows Server 2016 ends on January 12, 2027. As has become standard practice for previous operating systems and other products, Microsoft also offers extended security updates for this version through the ESU (Extended Security Updates) model. Until now, the configuration required for this has been somewhat fiddly and cumbersome.

That’s why it’s now possible to manage and deploy ESUs centrally via Azure Arc. This eliminates the need for cumbersome manual configuration and provides a centralized overview of the installation status. And even though WSUS will no longer be included in the near future, ESUs can still be deployed via WSUS.

Security & Compliance

A key aspect of server management is adherence to security and compliance policies. In traditional deployments, this can be problematic or cumbersome. While Microsoft provides up-to-date templates in the form of Group Policy settings, these cover only a fraction of the generally available recommendations. Furthermore, deploying via Group Policy does not provide a proper reporting function. This makes it difficult to trace errors during deployment.

Azure Arc enables the use of Azure Policy and the “Computer Management” feature for the centralized definition and deployment of policies. A wide range of templates are available, such as those from the CIS (Center for Internet Security). Additional providers, such as STIG (Security Technical Implementation Guides), will be added in the future.

If needed, policies can be exported to JSON format and imported into other environments.

For every server integrated into Azure Arc, Azure creates a managed identity for authentication. The private key of the managed identity will be stored in a TPM if the server uses one.

The new “quick computer recovery” feature allows a server to be quickly restored in the event of a startup error or a failed update. Azure Arc uses Azure Policy to create the Windows Recovery Environment (WinRE). This is a prerequisite for using the feature.

Machine Management

The “Machine Management” feature automatically integrates a server with various services:

  • Azure Monitor
  • Update Manager
  • Computer Configuration
  • Change Tracking and Inventory

The feature is available free of charge for virtual machines in Azure and for servers with Azure Arc, Software Assurance, and ESU. For all other servers, the feature is initially available free of charge as part of the public preview. After that, it costs $9 per server per month.

Automation at scale

The Azure Arc agent currently needs to be kept up to date using other methods; it does not update itself. In the future, this will be possible automatically.
Recurring tasks can be automated using scripts.

Warning

The script execution feature is very useful, but it can also be very dangerous. An attacker could exploit this to easily spread malicious code throughout the corporate network. Therefore, special care must be taken when granting access to this feature!

In addition, Azure Arc can be integrated with Ansible. Ansible is a well-established open-source solution for automation and orchestration and therefore offers significantly more features than Azure Arc, but it is also a platform that must be managed separately.

The Azure Arc Multicloud Connector can be used to connect to other clouds. AWS is already available, and a public preview is available for GCP.

The Windows Event Viewer - a deep dive

At the end of the session, a Microsoft product manager will provide a comprehensive overview of the Windows Event Viewer. Every administrator has surely had to deal with it many times and may even have found it frustrating at times. The session will explain how the Event Viewer is structured and where to find relevant information.


Liked this article? Share it!

Categories
Hybrid infrastructure
Tags

One thought on “Windows Server Summit 2026 | Part 7: Everything you want to know about Azure Arc for Servers

  1. Pingback: Windows Server Summit 2026 - in a nutshell! - Crow In The Cloud
Previous article
Windows Server Summit 2026 | Part 6: Evolving server management: priorities, roadmap, and toolingNew!!
14.05.2026
Next article
Windows Server Summit 2026 | Part 8: A tour of Virtualization ModeNew!!
15.05.2026