A lot of the value built into Windows Admin Center has to do with it being a remote-management tool that can have a lot of upside in a modern IT shop, including implementing best practices by not logging directly into servers, bringing flexibility to the management architecture, and performing admin tasks from high-DPI or touchscreen devices.\nConsidered a complement to System Center, Admin Center is a free app, downloadable here, that runs in a browser and can manage Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Azure Stack HCI through Windows Admin Center Gateway, software installed on Windows Server or domain-joined Windows 10.\n\nSince it\u2019s free, trying it out costs nothing more than some time, and you might find that some of these benefits make it worth the investment.\nImprove administration architecture\nWindows Admin Center can be installed on a local Windows 10 client, a gateway server in order to provide centralized management, on individual servers, or in a failover cluster for situations where high-availability is required. Opting for the gateway server or the failover cluster means you could have Windows Admin Center installed in your network DMZ, and limit administrative traffic coming into your corporate network to specific management servers.\nAdminister via browser\nIf you\u2019ve been in the business of administering Windows for any length of time you\u2019re familiar with the Microsoft Management Console (MMC) and MMC snap-ins. If you aren\u2019t familiar with the name, think about all of the admin tools you\u2019ve used in Windows such as Computer Management, Services, DHCP, DNS, etc. All of these are based on MMC.\nMMC is great at offering a way to manage servers or services without logging onto the server console, but it\u2019s also showing it\u2019s age in a number of ways. Ever try using MMC on a high-DPI monitor or a touch screen display? How about on a device that isn\u2019t running Windows? Each of these scenarios highlights something MMC cannot do but Admin Center can. That doesn\u2019t mean Admin Center is a full replacement for MMC. It\u2019s not quite there yet, but it does replace the functionality most admins will need on a regular basis, and it does so with a web-based interface that works great on high-DPI and touch screen devices regardless of platform.\nIn terms of browser support, only Microsoft Edge and Google Chrome are officially supported, though there\u2019s a chance you\u2019ll have success with other browsers. According to Microsoft\u2019s Windows Admin Center documentation: \u201cOther modern web browsers or other platforms are not currently part of our test matrix and are therefore not officially supported.\u201d Microsoft also states, \u201cWindows Admin Center is not tested with Mozila Firefox, but most functionality should work.\u201d\nUse modern authentication\nThe ability to authenticate to Windows Admin Center with a local user account or Active Directory credentials is a given, but Windows Admin Center can also leverage Azure AD accounts and the flexibility they bring to the equation such as conditional access and multi-factor authentication. There is a bit of a process to get Azure AD authentication working, but it\u2019s well worth the effort.\nSet role-based permissions\nAssigning administrative users more access than they really need is a simple fact of life in many IT shops. There are numerous for this violation of the rule of least privilege including convenience, lack of manpower to manage and maintain permissions appropriately, or simply a limited understanding of the right way to manage levels of permission. Windows Admin Center won\u2019t enforce the rule of least privilege all by itself, but it can be an additional tool to provide access without granting each administrator full permissions to every server.\nAccess to the Windows Admin Center gateway is configured in the Admin Center settings under Access. A gateway administrator can define Active Directory groups that should have access to Admin Center as either a gateway administrator or a simple user.\nRole-based access control (RBAC) in Admin Center is configured per-server, meaning you can define more fine-grained levels of access to users based on their need to manage individual resources. RBAC in Windows Admin Center supports three levels of access through membership in the corresponding local computer groups: Windows Admin Center Administrators, Windows Admin Center Hyper-V Administrators, and Windows Admin Center Readers.\nLeverage default auditing\nIt\u2019s no secret that auditing changes to Windows Servers can be a major pain point. Identifying all the audit events that need to be enabled and getting it done consistently is half the battle, but then you have to track down where those events get logged and set up tools to monitor and correlate them.\nAuditing in Windows Admin Center is turned on by default, which means all events are logged to a single event log on the server being managed and have the same event ID. Most of the information regarding the event being logged ends up in the event data in object notation, meaning you\u2019ll still need to parse out all the details at some point, but getting all events consolidated into a single stream is a major step in the right direction.\nSimplify performance monitoring\nWindows Admin Center offers a modern take on performance monitoring, with the ability to design performance dashboards with multiple counters in individual, correlated graphs that can include line charts, heat maps, and other views. These dashboards, called workspaces, can be saved for later use or even exported to be shared with other users. Individual counters also support exporting log data as a CSV file to perform more detailed analysis with more sophisticated tools.\nManage modern server types\nWindows Admin Center installed on an on-premises server can not only manage standard Windows servers (2012 and later) but also Hyper-V Servers (2012 R2 and later), Windows Server Core, Hyper-Converged systems, or even Azure VMs.\nReplace Event Viewer\nSure, Event Viewer isn\u2019t the most exciting feature, but it is a must-have for any sort of system troubleshooting or auditing. If you\u2019ve ever tried to view event logs on a system where they weren\u2019t properly maintained, you know how hard it can be to actually get anything useful out of them. Admin Center offers a similar set of tools for event logs as with performance monitoring, including the ability to add multiple logs to a single workspace, save your workspaces, or even export event logs once you\u2019ve filtered the view down to the information you need.\nRemote access without exposing firewall ports\nThere will always be some tasks that require access to the server console, and for that Windows Admin Center includes a Remote Desktop capability right from your browser. It\u2019s not as full-featured as the Remote Desktop clients you\u2019re used to, but it allows you to access the console of any managed server without having to leave open extra ports in your firewall. All traffic is routed and encrypted through the HTTPS connection to Windows Admin Center, which is critical as RDP ports are a popular target for malicious users.\nMigrate and replicate storage\nWindows Admin Center offers some cool functionality regarding storage, but first the basics.\nAccessing the file system from Windows Admin Center is trivial, and you can perform all of the common tasks you would expect: creating new folders, renaming or deleting items, uploading\/downloading, cut\/copy\/paste, and even extracting archives. You can also view, create, and manage file shares, including share permissions. Admin Center even lets you manage Disks and Volumes like you would in disk management, including formatting and resizing, creating and attaching VHD files, and managing disk quotas.\nWhere things get really interesting are the support for the Storage Migration Service and Storage Replica. Storage Migration Service will not only help you migrate data to a new server (either hosted on-premises or in Azure), but it will help with the process of maintaining user access to that data, both in terms of security and addressing. Storage Replica helps you configure volume replication between servers or clusters, and in certain scenarios can even support replication between hosts in separate sites.