advertisement
Premier Club Log In/Registration
  Include Code  Search Tips
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   SKILLBUILDING  |   TIP BANK  |   SOURCEBANK  |   FORUMS  |   NEWSLETTERS
Browse DevX
What's new in IIS 6.0 and ASPs on Windows 2003 Server?
Implementing an IIS Application Filter
Set Your Pages' Content Ratings in IIS
DevX: Web Development Zone
DevX: .NET Zone
Get Help with Web Development (Other)
Are the new IIS 6.0 features described in this article sufficient to meet your needs? Are these the features you wanted to see implemented or would you rather Microsoft implemented them in a different way? What other information do you need about IIS 6.0? Let us know in the web.server.general discussion group.
Partners & Affiliates
advertisement
advertisement
Average Rating: 4.6/5 | Rate this item | 5 users have rated this item.
Print Print
 
What's New In IIS 6.0? (Part 1 of 2)
Windows Server 2003 ships with the latest version of Internet Information Server (IIS), version 6.0, redesigned to provide better reliability and more flexibility in configuring application environments. The new version includes improvements to the core functionality and services, administration, security, and performance. 

by Chris Peiris
August 20, 2003  
advertisement
icrosoft's Internet Information Services (IIS) is one of the most popular Web servers in use on the Internet and in intranets throughout the world. A Web server is a common point of vulnerability to hackers because—by necessity—it exposes itself to the Web,. Previous Microsoft server OS versions installed IIS by default, and hackers used these installations to run "rogue" Web services without the knowledge of administrators. Microsoft has fixed that vulnerability; IIS 6.0 is no longer installed by default on Windows Server 2003 servers (with the exception of the Web Server Edition). When administrators do install IIS, it's initially configured in a high security ("locked") mode. Security is a priority in this new version. Consequently, administrators must explicitly enable a number of important Web services features which worked automatically in previous versions. This new focus on security means administrators must familiarize themselves with the changes to provide the Web server services needed on their networks.

Acknowledgements
The information contained in this article is based on Chris Peiris' new book MCSA/ MCSE Exam 70-290 Study Guide : .NET Server 2003. The book provides sample exam questions for all the Windows 2003 server topics. Thanks to Mr. Jon Babcock for his help with this publication.

IIS 6.0 Installation Best Practices
To ensure the optimum scalability and performance of IIS 6.0, you should follow these steps:

  • Make sure you install IIS onto a partition that uses the NTFS file system, not the FAT32 file system. If the partition is not already formatted as NTFS, upgrade the FAT32 file system to NTFS prior to installation or during the upgrade process.
  • Make sure the Internet Connection Firewall (ICF) is enabled and configured properly unless you plan to rely on a separate firewall product.
  • Use unattended setup to install IIS on multiple machines. You can create a setup script to configure a common IIS installation for multiple computers. The setup file is called an "Answer file" and eliminates the need for manual intervention while installing IIS 6.0.
Internet Connection Firewall
Windows 2003 comes with a very basic internal software firewall called the Internet Connection Firewall (ICF). This facility is disabled by default. If you enable it, you can configure the firewall to enable or disable HTTP, HTTPS, FTP, and SMTP protocol access through IIS. IIS 6.0 will not function correctly if the Internet Connection Firewall is enabled and the relevant protocols are disabled. For example, the IIS 6.0 Web server will not function if the HTTP and HTTPS protocols are disabled. You have two basic options for the Internet Connection Firewall.

  1. Disable the firewall. (Warning: That leaves your IIS installation at at the mercy of the corporate firewall!)
  2. Enable the firewall and filter for the correct protocols.
Microsoft recommends that you use the ICF for small to medium size Web project developments unless you have a more sophisticated firewall solution such as Internet Security and Acceleration Server (ISA) deployed. The ICF is adequate to protect Internet traffic on most Web sites; however, large organizations should consider ISA or another heavy-duty firewall product. You do not need to enable the Internet Connection Firewall if you have a corporate firewall to protect your Web servers.

Organizations often place Web servers accessible from the Internet in a "DMZ" or perimeter network (also sometimes called a screened subnet). To do that, you can configure a "tri-homed DMZ" in which you have a firewall server (such as ISA) with three interfaces (an internal network interface to the LAN, a public interface with a public IP address, and a DMZ interface with a public address). Alternatively, you can configure a "back to back DMZ," where you have two firewall servers, an external one and an internal one.

The most cost effective method is to use the second option and maximize Windows 2003's built-in functionality. Follow these steps to configure the protocols:

  1. Open Start | Control Panel | Network Connections | Local Area Connection
  2. Navigate to the Advanced tab and select the Protect my computer and network by limiting or preventing access to this computer from the internet checkbox. (see Figure 1)
 
Figure 1. Enabling Internet Connection Firewall
  1. Click the "Settings" button and navigate to the Services tab. This will bring up a window to select or deselect the access protocols to your server. This is the list of protocols the IIS server will understand to process user requests. Select the correct checkbox next to the protocol name to enable requests using the particular protocol. You can disable the protocol access by clearing the checkbox. Your screen should be similar to Figure 2.
 
Figure 2. Available protocol configuration window
  1. Select the appropriate protocols for your organization. Most organizations will enable HTTP, HTTPS SMTP and FTP access through the firewall. Each time you select a protocol, a small window will appear, prompting you to enter the machine name or IP address of the server that hosts the service. Figure 3 shows the entry to enable HTTPS access to a machine called "home-net".
 
Figure 3. Entering machine name or IP address to configure the firewall
  1. Click OK and repeat the process for all other protocols.
When you complete these steps, you have enabled the correct access to your organization through the Internet Connection Firewall.

These are some of the pre-requisites for your IIS 6.0 installation. Application of IIS security templates and operating system hardening are some of the other prerequisites.

Page 1 of 4
advertisement
  Next Page: What's New In IIS 6.0?
Page 1: IntroductionPage 3: New Reliability Features
Page 2: What's New In IIS 6.0?Page 4: Other New Features
advertisement
Advertising Info  |   Member Services  |   Permissions  |   Contact Us  |   Help  |   Feedback  |   Site Map  |   Network Map  |   About


JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
 Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES