IIS 6.0 is the latest incarnation of
the Microsoft Internet Information Services web server.
Featuring many enhancement to improve stability &
scalability, and to support ASP.NET technology.
Internet Information
Services (IIS) 6.0 is a
powerful Web server, available in all
versions of Microsoft Windows Server
2003, which provides a highly reliable,
manageable, scalable, and secure Web
application infrastructure. IIS hosting
enables organizations of all sizes to
quickly and easily deploy Web sites and
provides a high-performance platform for
applications built using Microsoft
ASP.NET and the Microsoft .NET
Framework. This article provides an
overview of benefits, new features, and
improvements for IIS web hosting in IIS
version 6.0.
Reliability
Feature
Description
Fault-tolerant
process architecture
IIS 6.0 has
been completely redesigned with a
new fault-tolerant process
architecture that greatly boosts the
reliability of Web sites and
applications. In previous versions
of the product, the failure of a
single Web application could cause
the failure of other Web sites and
applications on the same server. IIS
web hosting isolates Web sites and
applications into self-contained
units called application pools,
which separate applications from the
other applications that are hosted
on the same server. One or more
distinct Windows processes, called
worker processes, serve each
application pool. Worker processes
operate independently, so if they
fail, they do not affect other
worker processes. Application
pooling helps protect applications
from the effects of worker processes
that support other application pools
and helps protect each application
from the other. The fault-tolerant
architecture of IIS 6.0 increases
the overall reliability of a Web
server infrastructure, increases the
availability of Web sites and
applications, and increases the
number of separate Web sites and
applications that can run on a
single server.
Application
pools
An application
pool is a grouping of URLs that is
routed to one or more worker
processes. Because application pools
define a set of Web applications
that share one or more worker
processes, they provide a convenient
way to administer a set of Web sites
and applications and their
corresponding worker processes.
Process boundaries separate each
worker process; therefore, a Web
site or application in one
application pool will not be
affected by application problems in
other application pools. Application
pools significantly increase both
the reliability and manageability of
a Web infrastructure.
Health
monitoring
Administrators
can set a ping interval to ping
running worker processes on a
regular basis to detect failures.
IIS 6.0 can detect when a Web site
or application has failed and then
automatically restart it. While a
process is being recycled, incoming
requests are queued for service
until the Web site or application
becomes available again. Health
monitoring, combined with
kernel-mode queuing and the new
fault-tolerant process architecture,
significantly increases the
availability of Web sites and
applications while reducing server
downtime.
Rapid-fail
protection
IIS hosting
can be configured so that if an
application pool fails too often
within a short amount of time, its
processes will be automatically
disabled. Rapid-fail protection
places the application pool in "out
of service" mode, and IIS 6.0
immediately returns a "503 Service
Unavailable" error message to any
new or queued requests to the Web
sites and applications that are in
the application pool. Custom
actions, such as a debugging action
or administrator notification, can
be triggered when an application
pool has been stopped automatically.
Rapid-fail protection also helps
protect a Web server against
denial-of-service attacks and
increases the overall reliability of
a Web server infrastructure.
Automatic
process recycling
To manage
application errors before they
occur, IIS web hosting 6.0 can be
configured to periodically restart
worker processes assigned to an
application pool, thus enabling
system administrators to
automatically recycle Web
applications with problems such as
memory leaks or access violations.
Recycling keeps problematic
applications running smoothly,
especially when it is not feasible
to modify the application code. IIS
hosting can be configured to recycle
processes based on a flexible set of
criteria, including the number of
requests to the application pool's
Web sites and applications, the
amount the CPU has been utilized,
the amount of physical or virtual
memory that has been consumed, and
the length of time the application
has been running. Administrators can
also recycle a process on a set
schedule or on demand. One advantage
of IIS web hosting is that if a Web
application fails, IIS 6.0 maintains
all client connection states while
the failed Web site or application
is being restarted. While a process
is being recycled, requests are
queued and will be served when the
Web site or application becomes
available again; as a result, most
users connected to the application
do not know that it has failed.
Process
orphaning
Typically, IIS
6.0 recycles a failed process by
ending it and starting a
replacement. However, if orphaning
has been turned on, IIS hosting
leaves the failed worker process
running and starts a new process up
in its place. For example, if a
worker process fails to respond to a
ping in a certain amount of time,
IIS 6.0 can orphan that process.
Because the server can be configured
to run a command, such as launching
a debugging tool, on the orphaned
worker process, this feature is
particularly useful for Web site and
application debugging and overall
system management.
Uninterrupted
TCP/IP connection
When a Web
application failure occurs, IIS 6.0
maintains a client's TCP/IP
connection while a worker process is
being recycled. This feature
isolates the client from Web
application instability and is
particularly useful for Web Services
clients, who often do not have
built-in retry logic.
CPU and
process throttling
IIS web
hosting gives administrators the
ability to limit the amount of CPU
time a Web application or site can
use to ensure that processor time
and, therefore, better performance,
is available to other Web sites or
to non-Web applications. Process
throttling lets administrators limit
the amount of CPU time a Web
application or site can use during a
predetermined period of time to
ensure that processor time is
available to other Web sites or to
non-Web applications.
Manageability
Feature
Description
XML
configuration data
The IIS 6.0
configuration metabase is a
plain-text file that stores Web
server configuration data in
Extensible Markup Language (XML).
Replacing the binary-format data
store used in IIS 4 and IIS 5 with
XML enables administrators to read
and edit configuration information
easily, using standard text-editing
tools. Existing binary metabase
information from IIS 4 and IIS 5
automatically upgrades to the new
IIS 6.0 metabase XML format. Using
XML, a widely used standard format,
to store configuration data enables
administrators to manage their Web
server infrastructure without having
to write scripts to make
configuration changes. XML
configuration data also enables
third-party applications, such as
system monitoring and management
tools, to access IIS 6.0
configuration data, thus providing
better tool integration.
Edit while
running
IIS 6.0 web
hosting gives administrators the
important capability to change the
server configuration while the
server continues running. For
example, administrators add a new
site, create virtual directories, or
change the configuration of
application pools and worker
processes—all while IIS web hosting
continues to process requests—with
no recompilation or reboot required.
The metabase can be edited manually
or programmatically. To manually
change the server configuration,
open the XML-based configuration
metabase using any text-editing tool
(Microsoft Notepad, for example) and
change the configuration information
in the file. To make server
configuration changes
programmatically, use scripts that
incorporate Windows Management
Instrumentation (WMI) or Active
Directory® Service Interface (ADSI)
constructs.
Configuration
versioning and rollback
IIS 6.0
automatically keeps track of changes
to the configuration metabase that
have been written to disk. When
changes to the configuration
metabase have been saved, IIS 6.0
marks the new "metabase.xml" file
with a unique version number and
saves a copy of the file in a
history folder. Each history folder,
each marked with a unique version
number, is then available for
configuration rollback or restore.
You can use passwords when backing
up the configuration metabase. If
IIS 6.0 has been running while
configuration changes are being
made, it automatically reverts to a
previous history file to prevent
errors in the configuration metabase
from crashing the server.
Configuration
import and export
IIS 6.0
introduces two new administration
scripting methods, Import() and
Export(), which permit the
configuration from any node level to
be exported and imported across
servers. A user-supplied password
similar to the new backup/restore
support helps to protect data. These
new methods are also available to
Active Directory Service Interface
and WMI users, and through the IIS
Manager user interface. You can use
the metabase export feature to
create a metabase template for
configuring multiple computers with
the same basic IIS 6.0 configuration
settings.
Restore to a
different machine
IIS hosting
enables administrators and
developers to create
server-independent backups. The IIS
6.0 session key is encrypted with an
optional user-supplied password
during backup of the configuration
metabase and is not based on the
machine key. During metabase backup,
the system encrypts the session key
with the password supplied by the
user. During the metabase restore
process, the supplied password
decrypts the session key, and the
session key is re-encrypted with the
current machine key. WMI and ADSI
support these new methods for use in
administration scripts.
Administration
using graphical
user interface (IIS
Manager)
Manage your
complete Web server infrastructure
with the IIS Manager, a
full-function, task-oriented, and
easy-to-use graphical user
interface.
Integration
with Microsoft Management Console (MMC)
Microsoft
Management Console (MMC), an
extensible, common presentation
service for management applications,
is included in Windows Server 2003.
The IIS Manager component of IIS 6.0
fully integrates with MMC.
Administrators and other users can
create custom management tools from
snap-ins provided by various
vendors. Administrators can then
save the tools they have created for
later use or for sharing with other
administrators and users. This model
gives the administrator the ability
to customize tools efficiently and
to create multiple tools of varying
levels of complexity for task
delegation.
Command-line
administration
IIS 6.0
administrators can use the Windows
Server 2003 command line to
accomplish many common management
tasks with a single command, for
example, managing multiple local or
remote computers.
Script-based
administration
IIS 6.0
provides a complete scripting
environment for automating common
system administration tasks from the
command line—no need for a user
interface. Scripts can be written in
any scripting language that supports
Microsoft ActiveX® script hosting,
including Visual Basic® Scripting
Edition (VBScript), Microsoft
JScript®, and PERL. IIS 6.0 ships
with a library of scripts that can
be used and modified to administer a
Web server infrastructure. IIS 6.0
scripts can use WMI or Active
Directory Service Interface
constructs.
Support for
Windows Management Instrumentation (WMI)
Windows 2000
introduced WMI as a new way to
configure servers and retrieve
important system management data,
such as performance counters and
configuration files. Now, IIS
hosting provides full support for
WMI, giving Web administrators a
rich set of programming interfaces
that offer more powerful and
flexible ways to manage an entire
Web infrastructure. The WMI
interfaces, similar in nature to the
Active Directory Service Interfaces
that are still supported, are used
in administration scripts and can be
used to modify the XML-based
configuration metabase.
Support for
Active Directory Service Interfaces
(ADSI)
Administrators
and application developers can add
custom objects, properties, and
methods to the existing Active
Directory Service Interfaces (ADSI)
provider, for more flexible site
configuration. ADSI is a COM-based
directory service model that lets
ADSI-compliant client applications
access a wide variety of distinct
directory protocols, including
Windows Directory Services and LDAP,
while using a single, standard set
of interfaces. ADSI shields the
client application from the
implementation and operational
details of the underlying data store
or protocol.
Remote
administration
Use one of these tools to manage
an IIS web hosting server from a
remote computer:
•
Use
IIS Manager to and
administer Web servers
running IIS 5.0, IIS 5.1,
and IIS 6.0.
•
Use
the Web-based Remote
Administration tool to
administer IIS 6.0 Web
servers from any intranet
Web browser.
•
Use
Terminal Services to connect
to and manage a remote
server running IIS 6.0 as if
logged on locally.
You can also manage remote
servers programmatically by using
WMI or Active Directory Service
Interfaces scripts.
Web-based
administration
The HTML-based
IIS Remote Administration Tool
enables system administrators to
administer IIS 6.0 remotely across
the Internet or intranet, through a
Web browser.
Binary and
Unicode Transformation Format-8
(UTF-8) logging
Binary logging
in IIS 6.0 enables multiple Web
servers to write binary,
non-formatted entries to a single
log file. This new logging format
offers improved performance over
current text-based logging formats,
such as W3C (World Wide Web
Consortium), NCSA (National Center
for Supercomputing Application) or
IIS, because the data does not have
to be formatted in a specific way.
In addition, IIS 6.0 now supports
writing log files in UTF-8 instead
of ASCII or the local code page.
HTTP
sub-status codes logging
IIS hosting
returns specific HTTP sub-status
codes for specific types of
problems. These codes, which are
often helpful for debugging or
troubleshooting, can be logged in
W3C and binary formats.
File Transport
Protocol (FTP)
Traditionally,
File Transfer Protocol (FTP) is used
to transfer files and to upload Web
content to service providers. The
built-in FTP service in IIS 6.0
provides includes the ability to
isolate users in their own
directory, to prevent them from
viewing or overwriting other users'
Web content. The user's top-level
directory appears as the root of the
FTP service, so access is restricted
because further navigation up the
directory tree is not permitted.
Within the user's specific site, the
user has the ability to create,
modify, or delete files and folders.
IIS 6.0 FTP can be deployed across
an arbitrary number of front-end and
back-end servers, increasing
reliability and availability, and
can be scaled using virtual
directories and servers without
affecting the end users.
Network News
Transport Protocol (NNTP) and Simple
Mail Transport Protocol (SMTP)
Administrators
can set up intranet mail and news
services that work in conjunction
with IIS. SMTP is a commonly used
protocol for sending e-mail messages
between servers; NNTP is the
protocol used to post, distribute,
and retrieve USENET messages.
Automated
patch management
As part of the greatly improved
patch management in Windows Server
2003 operating systems, the new
fault-tolerant architecture of IIS
web hosting means that the server
does not have to be shut down in
order to install hotfixes, including
security hotfixes. You do not need
to be logged on to the computer for
the installation to occur. In
addition, Auto Update version 1.0
provides three patch management
options:
•
Notify
of patch availability as
soon as it's available
•
Download the patch and
notify of patch availability
•
Scheduled install, which
enables the patch to be
downloaded and automatically
installed at a time you
choose.
Scalability
Feature
Description
Locked down by
default on installation and upgrade
To reduce the
Web infrastructure attack surface,
installing Windows Server 2003 does
not install IIS (web hosting) by
default. Instead, administrators
must explicitly select and install
it. Now, if a server is deployed to
run a mail server, Microsoft SQL
Server™, or just the operating
system itself, IIS hosting does not
have to be uninstalled after Windows
has been installed. IIS 6.0 is also
disabled when a server is being
upgraded to Windows Server 2003. In
addition, when IIS 6.0 is being
installed, it is configured in a
locked-down state by default. After
installation, IIS 6.0 accepts
requests only for static files
unless it is configured to serve
dynamic content, and all time-outs
and settings are set to aggressive
security defaults. IIS 6.0 can also
be disabled using Windows Server
2003 group policies.
Process
isolation and recycling
More and more
customers run multiple sites and
applications sites on a single
server, which imposes additional
security requirements on a Web
server. The new fault-tolerant
process architecture in IIS 6.0
completely separates the application
pools that manage Web sites and
applications. IIS 6.0 isolates sites
and applications through the
configurable worker process identity
and fault-tolerant recycling based
on such factors as an application's
memory usage.
Web Service
extensions list
The default
installation of IIS will not
compile, execute, or serve files
with dynamic extensions. To serve
these files, each acceptable file
extension must be added to the Web
Service extensions list. This
requirement prevents anyone from
calling a page with a dynamic
extension that has not been added to
the list. When a request is received
for an extension that is not
permitted, IIS 6.0 returns a "404
file not found" error message rather
than a "403 access denied" error
message in the response to the
browser, even if the file exists.
Returning this error message limits
the amount of information available
to potential hackers and prevents
them from knowing which extensions
have been restricted.
Buffer and
memory-overflow protection
IIS 6.0 now
helps protect against the most
common method of attacks on Web
servers—buffer and memory overflow
situations. An attacker can
penetrate a server by taking
advantage of the way a Web server
processes data transmissions of
unknown size. IIS 6.0 closes this
vulnerability with memory-overflow
protection, which helps ensure that
once a buffer or memory overflow has
been detected in a particular worker
process, the worker process will be
shut down so that it cannot affect
other worker processes.
Default
low-privilege account
One of the
most important principles of
security is to grant accounts the
smallest set of privileges needed
for an operation. By default, all
IIS 6.0 worker processes run as
NetworkService accounts, a new
built-in account with limited
operating system privileges, on
Windows Server 2003. Because
NetworkService has few rights on the
underlying system, rogue
applications have a lower chance to
exploit security vulnerabilities. In
addition, all ASP built-in functions
always run as a low-privileged
account (anonymous user).
Support for
Secure Sockets Layer (SSL) 3.0 and
Transport Security Layer (TSL)
IIS web
hosting includes complete built-in
support for SSL and TSL, which
provide a way to exchange
information between clients and
servers. The SSL implementation has
been tuned and streamlined for
faster performance and increased
scalability. The new remotable
certification object in IIS 6.0,
CertObject, lets administrators
manage the SSL certificates across
their entire Web server
infrastructure. In addition to the
default cryptography services,
additional cryptographic service
providers (CAPI), including hardware
accelerator cards, can be installed
for use with IIS hosting.
Command-line
tools not accessible
Malicious
attackers often take advantage of
command-line tools that are
executable through the Web server.
To help prevent Web sources from
implementing faulty code and help
protect against denial-of-service
attacks, IIS 6.0 command-line tools
are not accessible via requests to
the Web server from users or other
programs.
Content Write
protection
When attackers
get access to a server, they try to
deface Web sites. IIS 6.0 prevents
anonymous Web users from overwriting
Web content so these attacks can be
mitigated.
File
verification
IIS 6.0
verifies the existence of requested
content before passing the request
to a request handler, such as an
ISAPI extension.
TCP/IP
filtering
With IIS 6.0
and Windows Server 2003, the Network
Setting can be used to limit which
TCP/IP and UDP ports are open. Doing
so can reduce attacks against ports
that have been opened inadvertently
or maliciously.
Limitations on
data uploading
IIS 6.0
administrators can limit the amount
of data that can be uploaded to a
server.
Digest
Authentication
IIS 6.0 and
Windows Server 2003 support Digest
Authentication (see Internet
Engineering Task Force Request for
Comment standard, RFC2617). Digest
Authentication offers the same
functionality as basic
authentication but provides
additional security because a user's
credentials will not be sent across
the network as plain-text. Digest
Authentication transmits credentials
across the network as a Message
Digest 5 (MD5) hash, where the
original user name and password
cannot be deciphered from the hash.
Digest Authentication does not
require you to install additional
software on client machines.
Advanced
Digest Authentication
IIS 6.0 can be
configured to use Advanced Digest
Authentication, a new service of
Windows Server 2003, which stores
user credentials on the domain
controller as an MD5 hash. Advanced
Digest does not require credentials
to be stored using reversible
encryption; instead, it stores a few
precalculated hashes in Active
Directory. Advanced Digest
Authentication provides a better
user experience because it does not
force users who have already logged
in to Windows to provide their user
name and password again when
accessing a Web site or application.
Integrated Windows authentication
helps security, even over
unencrypted channels, because
plain-text passwords never can be
transmitted.
Support for
Kerberos version 5
IIS hosting is
fully integrated with the Kerberos
v5 authentication protocol
implemented in Windows Server 2003.
This mature, industry-standard,
network authentication protocol
provides an efficient, single
sign-on process for users, granting
access to appropriate enterprise
resources. Support for Kerberos v5
includes additional benefits, such
as mutual authentication where both
client and server must provide
authentication, and delegated
authentication, which tracks the
user's credentials end to end.
Certificate
Services
IIS web
hosting fully integrates with the
Certificate Services and certificate
management tools in Windows Server
2003. Using Certificate Services,
organizations can deploy a public
key infrastructure and set up and
manage certification authorities
that issue and revoke X.509 v3
certificates.
Microsoft
Passport authentication
IIS 6.0 and
Windows Server 2003 supports
authentication using the Microsoft
Passport service. Passport is a Web
service that is maintained by
Microsoft, and users who register
with Passport can be authenticated
anywhere on the Internet by
applications that present logon
credentials to Passport. If Passport
determines that the credentials are
valid, it returns an authentication
ticket that an IIS 6.0 application
can encode in a cookie to prevent
the user from having to log on time
after time. When used with IIS 6.0,
Passport integration provides a
single-sign-on experience for Web
users.
Constrained
delegated authentication
IIS 6.0 and
Windows Server 2003 provide new
options for limiting how
authentication credentials will be
delegated in Web applications.
Delegation is the act of allowing
server applications to act on behalf
of a user, such as a Web application
user. Domain administrators can
allow delegation to a limited set of
machines and services, controlling
the network resources for a Web
application to which a user has
access.
URL
authorization
IIS 6.0
provides URL authorization by
extending the use of the Windows
Server 2003 Authorization Manager to
make it easier for administrators to
manage access control for Web
applications in enterprise
environments. In particular, IIS 6.0
provides gatekeeper authorization to
specific URLs. When a user requests
access to a URL, IIS 6.0 validates
the user's access based on that
user's roles, which can be defined
in LDAP queries, custom user roles,
and by the Authorization Manager.
FTP user
isolation
FTP user
isolation is a solution for Internet
service providers and application
service providers who want to offer
their customers individual FTP
directories for uploading files and
Web content. FTP user isolation
prevents users from viewing or
overwriting other users' Web content
by restricting users to their own
directories. Users cannot navigate
higher up the directory tree because
the top-level directory appears as
the root of the FTP service. Within
their specific site, users have the
ability to create, modify, or delete
files and folders.
Application Support
Feature
Description
Configure Your
Server Wizard
On a computer
running Windows Server 2003, the
Configure Your Server wizard
installs or removes many services,
including using IIS 6.0 as an
application web server. A default
installation of IIS hosting by using
the Configure Your Server wizard
includes IIS, COM+, and Microsoft
ASP.NET (installed but disabled by
default). Using the wizard, you can
install also Microsoft FrontPage®
Server Extensions (FPSE) for Web
site creation and management tools.
Support for
Microsoft .NET Framework
The Microsoft
.NET Framework enables developers to
create great Web applications with
the help of ASP.NET and other
technologies. It also helps them
build the same type of applications
they design and develop today. The
.NET Framework is language-neutral;
virtually any programming language
can target it. Developers can build
.NET-based applications and services
in a number of languages, including
Visual C++®, Visual Basic® .NET,
JScript, and Visual C#™. Integrated
into the Windows Server 2003
operating systems, the .NET
Framework is the programming model
for .NET. The .NET Framework
incorporates the common language
runtime (CLR) and a unified set of
class libraries that include Windows
Forms, ADO.NET, ASP.NET, and other
capabilities. The .NET Framework
provides a fully managed application
execution environment, simplified
development and deployment, and
integration with a wide variety of
programming languages.
Support for
Windows Unicode (UTF-8)
IIS web
hosting fully supports Windows
Unicode. In the past, HTTP protocol
did not have a Unicode structure, so
developers were limited to the
system code page. URLs in IIS 6.0
are encoded by UTF-8. Now,
developers can support more complex
languages, such as Chinese. And with
new server support functions,
developers can access the Unicode
representation of a URL.
XML Web
Services
XML Web
services enable the exchange of data
in client-server or server-server
scenarios, using standards like HTTP
and XML messaging to move data
across firewalls. XML Web services
do not tie to a particular component
technology or object-calling
convention. As a result, programs
written in any language, using any
component model, and running on any
operating system can access XML Web
services.
Active Server
Pages
Microsoft
Active Server Pages (ASP) lets
developers create dynamic content by
using server-side scripting and
components to create
browser-independent dynamic content.
ASP provides an easy-to-use
alternative to Common Gateway
Interface (CGI) and Internet Server
Application Program Interface (ISAPI)
by letting content developers embed
any scripting language or server
component into their HTML pages. ASP
pages provide standards-based
database connectivity and the
ability to customize content for
different browsers. ASP also
provides error-handling capabilities
for Web-based applications.
ASP.NET
ASP.NET is a
set of technologies in the Microsoft
.NET Framework for building Web
applications and XML Web Services.
ASP.NET provides the most advanced
Web-development platform yet
created. ASP.NET pages execute on
IIS 6.0 and generate markup (such as
HTML, WML or XML) that is sent to a
desktop or mobile browser. ASP.NET
pages use a compiled, event-driven
programming model that improves
performance and enables the
separation of application logic and
user interface. ASP.NET pages and
ASP.NET XML Web Services files
contain server-side logic (as
opposed to client-side logic)
written in Visual Basic .NET, C#
.NET, or any .NET-compatible
language. Web applications and XML
Web Services take advantage of the
features of the common language
runtime, such as type safety,
inheritance, language
interoperability, versioning, and
integrated security. Because ASP.NET
integrates with the IIS 6.0 process
model and leverages support for
multiple application pools,
individual ASP.NET applications can
be isolated and talk directly to the
kernel-mode HTTP listener. The
resulting reduction in process hops
allows ASP.NET applications to
leverage kernel-mode file caching.
ASP.NET Web Forms enables developers
to build powerful forms-based Web
pages. ASP.NET server controls can
be used to create common user
interface elements and program them
for common tasks.
Persisted ASP
template cache
Before ASP
code gets executed in IIS 5.0, the
ASP engine compiles an ASP file to
an ASP template and stores the
templates in process memory. If a
site consists of numerous ASP pages,
this cache deallocates the oldest
templates from memory to free space
for new ones. With IIS 6.0, these
templates are persisted on disk. If
one of these ASP files gets
requested again, the ASP engine
loads the template instead of
loading the ASP file and spending
additional CPU time compiling it
again.
Support for
FrontPage Server Extensions (FPSE)
IIS 6.0 lets
administrators use Microsoft
FrontPage Web authoring and
management features to deploy and
manage Web sites. With FrontPage
Server Extensions (FPSE),
administrators can view and manage a
Web site in a graphical interface,
so creating Web sites with FrontPage
is as easy as clicking a check box
on a property page for the Web site.
In addition, authors can create,
edit, and post Web pages to IIS 6.0
remotely.
Support for
Internet Server Application Program
Interface (ISAPI)
IIS 6.0
supports both ISAPI extensions and
ISAPI filters. ISAPI extensions are
DLLs that handle specific requests,
and ISAPI filters are DLLs that are
registered with IIS to modify the
behavior of the server. For example,
an ISAPI filter can control which
files are mapped to a URL, modify
the response sent by the server, and
perform other actions in order to
modify the behavior of the server.
Support for
Web Distributed Authoring and
Versioning (WebDAV) and Web Folders
Web
Distributed Authoring and Versioning
(WebDAV) is an Internet standard
that lets multiple people
collaborate on a document by using
an Internet-based shared file
system. WebDAV addresses such issues
as file access permissions, offline
editing, file integrity, and
conflict resolution when competing
changes have been made to a
document. WebDAV expands an
organization's infrastructure by
using the Internet as the central
location for storing shared files.
Support for Web Folders lets users
navigate to a WebDAV-compliant
server and view the content as if it
were part of the same namespace as
the local system. Users can drag and
drop files, retrieve or modify file
property information, and perform
other file system-related tasks. Web
Folders let users maintain a
consistent look and feel between
navigating the local file system, a
networked drive, and an Internet Web
site.
Support for
IPv6
IPv6, or
Internet protocol version 6, is the
next-generation IP protocol for the
Internet. The Windows Server 2003
operating systems now implement a
production-ready IPv6 stack. On
servers where the IPv6 protocol
stack is installed, IIS 6.0
automatically handles HTTP requests
that arrive over IPv6.
Migration
Feature
Description
Migration from
Apache 1.3x and 2.0x
A tool helps
you move Web site content and
directives from Apache (versions
1.3.1 to 1.3.22 on the Redhat, SuSe,
and Mandrake distributions of Linux)
to IIS 6.0. Developed in PERL and
using a command line utility, the
source code for this tool is open
and highly modular, offering Apache
administrators the opportunity for
extensibility and customization.
Upgrade from
IIS 4.x and IIS 5.x
In-place
upgrades to IIS 6.0 from IIS 4 and
IIS 5 occur automatically with
Windows Server 2003. For moving a
Web site that is running on IIS 4 or
IIS 5 to a clean installation of
Windows Server 2003 on another
machine, use the IIS 6.0 Migration
Tool (IISMT). The IISMT is a
command-line tool that automates
many of the manual steps involved
when moving an application,
including transferring configuration
data and Web site content to the new
server and converting many of the
application's settings to their IIS
6.0 equivalents.
