Introduction - download.microsoft.comdownload.microsoft.com/.../WEB-IIS7_2/IIS7_Reviewers_G… ·...

Document: Internet Information Services 7.0 Reviewer’s Guide

Working Date: Dec 10, 2007

IIS 7.0 Windows Server 2008 Reviewer’s Guide

Table of Contents

Introduction.................................................................................................................................................3

Feature Overview........................................................................................................................................4

More Secure, Reliable Hosting................................................................................................................4

Modular Architecture..........................................................................................................................4

Automatic application sandboxing......................................................................................................7

Backward Compatibility Reduces Migration Risk.................................................................................8

Request Filtering..................................................................................................................................9

URL Authorization Rules......................................................................................................................9

More Efficient Management....................................................................................................................9

New and Improved Administration Tools............................................................................................9

Delegated Administration..................................................................................................................12

Powerful diagnostic and troubleshooting tools.....................................................................................13

Simpler Deployment and Maintenance.................................................................................................16

XML-Based Configuration Model.......................................................................................................17

Application XCopy deployment.........................................................................................................17

Integrated application pipeline for services.......................................................................................18

Flexible Web server extensibility model............................................................................................19

Conclusion.................................................................................................................................................19


Introduction

Microsoft® Internet Information Services 7.0 (IIS 7.0) is part of Microsoft Windows Server® 2008, and

delivers a security-enhanced, easy-to-manage Web platform for developing and reliably hosting Web

applications and services. IIS 7.0 builds on the solid security, reliability, and scalability of Internet

Information Services 6 (IIS 6), while offering an even richer set of management and hosting capabilities

and tools, designed to address key customer needs.

Enhanced IIS 7.0 features help create a unified platform and a consistent development and

administrative model for Web solutions. The following table highlights key features and benefits for IT

staff.

Role Key Benefits

IT Professionals Minimized surface area through fully customizable installation options Efficient, feature-focused administration tool with simplified

administration tasks Shared Web farm configuration eliminates configuration replication

and synchronization Expanded detailed local server errors and automatic failed request

tracing for rapid troubleshooting and minimized downtime Automatic Application Pool isolation for new Web sites, providing

sandboxed configuration and process identity by default Powerful new command line utility to manage administration and

configuration of Web sites Fine-grained access control with URL authorization and request

filtering rules Performance improvements like powerful compression for static and

dynamic content, output caching, and SSL and Windows authentication in kernel mode.

Web Hosters Inexpensive, streamlined Windows Server Web Edition, perfect for hosting workloads

Scalable shared hosting - easily sandbox thousands of Web sites on a single server

World-class performance and reliability hosting of ASP, ASP.NET Framework, and PHP applications

Remote Web site administration tool for site owners and developers supporting Windows Vista®, Windows Server® 2003 and Windows® XP, and ability to delegation for remote administration

In-depth runtime state data providing detailed diagnostics information Modern FTP publishing support, including integrated Web publishing,

FTP/SSL, and membership-based authentication, via module download


from http://www.iis.net

Developers Extensible, modular architecture – add, remove, or replace any built-in module

Enhanced ASP.NET integration including unified configuration, HTTP runtime, and administration tools

Applications running in integrated mode can take advantage of .NET security features like forms authentication

XCopy deploys IIS 7.0 configuration in Web.config Caching support (kernel and user) for all types of dynamic content

Feature Overview

IIS 7.0 features enhance Web Administration at every stage in the application lifecycle. New and

improved features in IIS 7.0 provide:

More secure, reliable application hosting

Greater productivity with delegated management and enhanced tools

Reduced down time with powerful troubleshooting capabilities

Simpler application deployment and maintenance

More Secure, Reliable Hosting Administrators can depend on IIS 7.0 for more secure, reliable hosting. Its modular architecture allows

administrators to install a reduced set of components—or opt for the minimal installation with Server

Core—resulting in a reduced attack surface. IIS 7.0 also offers greater application isolation through

default sandboxing, further reducing security risks.

IIS 7.0 provides a feature-rich and easy-to-use hosting platform for the .NET Framework, the Windows®

Communication Foundation for XML services, Classic ASP, and the new Fast-CGI compliance module for

other application frameworks such as PHP. The integrated pipeline allows for different application

frameworks to run within a single Web server request pipeline, offering built-in ASP.NET extensibility for

all applications.

Modular ArchitectureIIS 7.0 is made up of more than 40 separate feature modules. Less than half of the modules are installed

by default, and Administrators can selectively install or remove any feature modules as needed. This


http://www.iis.net/

Click the Modules icon to display the Modules dialog

approach saves time by limiting the number of features requirement management and updates.

Because no unneeded software is running, the attack surface of the Web server is reduced, improving

security.

Custom modules can be used to replace existing modules or to introduce new features. Figure 2 shows

the UI for module selection.

Figure 1: Controlling Modules in IIS Manager

The modular architecture makes it easy to add, remove, and replace any built-in module (or third-party

module) by using the new IIS Manager interface, and custom Web servers can be built by customizing or

extending IIS 7.0 using native (C/C++) or managed code (C#/Visual Basic® .Net).

The following table describes the IIS 7.0 modules that will be available with the launch of Windows

Server 2008:

Module DescriptionFTP The downloadable IIS 7.0 FTP server includes secure publishing with FTP/SSL

support as well as integrated Web publishing with support for the IIS 7.0


configuration system and administration tool. Using the new FTP makes it easy to set up FTP publishing points for a Web application and to use integrated authentication.

WebDAV Web Distributed Authoring and Versioning (WebDAV) is an extension to the HTTP protocol that enables file management on remote servers. In addition to the common file system operations such as copy and delete, WebDAV adds a flexible property mechanism (based on name/value pairs) and resource locking.

FrontPage Server Extensions (FPSE)

FrontPage Server Extensions are a set of server-side applications that provide the following benefits for Web sites:

• Enables multiple users to simultaneously collaborate on the same Web site and Web Server (Multi-user Authoring).

• Allows users to write directly to the Web server using a PC or laptop computer via an Internet (Remote Authoring).

• Allows users to include forms and to specify how the results of those forms are handled.

• Enables discussion Webs and hit counters for Web sites.

• Provides full text search capability on a Web site

Media Pack The Media Pack provides dynamic per-file Bit Rate Throttling capability to allow intelligent progressive download. This feature automatically detects the encoded bit rate of each file for the first few seconds, and then the rest of the stream is downloaded, thus saving network bandwidth while preserving the fast start-up experience for the end user.

In addition, the Bit Rate Throttling module provides control over download rates for any file type, not just media files. While a number of media formats are pre-defined in the module, the module is fully extensible. This allows a developer to add support for any media file type, and allows an administrator to easily add support for any data file type.

Remote Manager This module allows for remote management of IIS 7.0 and can be used to perform almost any task that can be done locally on the server.

For more information about the feature modules, see http://www.iis.net or the Windows Server

TechCenter IIS 7.0 Modules at: http://go.microsoft.com/fwlink/?LinkId=68740.


http://go.microsoft.com/fwlink/?LinkId=68740

http://www.iis.net/

Automatic application sandboxing Hosting large numbers of Web sites on a single computer can be a big challenge, in terms of maintaining

quality of service and managing site density, security, and performance. IIS 7.0 uses automatic

application pool isolation and can sandbox thousands of Web sites on a single server. This allows each

Web site to be in its own memory space with its own credentials, which helps to prevent application

failures or security breaches in one application from affecting others. This capability enables

organizations to consolidate more Web sites onto fewer servers, and increases reliability and security

for all Web sites running on a shared host.

For example, if a company is hosting several customer Web sites on a single server, the sandboxing and

application pooling features would automatically isolate each Web site from the others, helping to

enhance security and promote an environment in which each Web server is unaffected by the operation

of other Web sites running on the same server.

IIS Runs on Server Core

With the option to install IIS 7.0 on Windows Server 2008 Server Core, Administrators can choose a

minimal installation that omits graphical services and most libraries, in favor of a stripped-down,

command-line driven system.

Server Core can be administered locally via the IIS command-line utility AppCmd, or remotely by using

WMI. Although this option limits the roles that can be performed by the server, it allows for the

installation of only what is needed, which supports better security and reliability.

Server Core does not support the .NET Framework, so IIS 7.0 Server Core installations cannot run

ASP.NET applications. IIS on Server Core is typically deployed as a dedicated Web server for static images

or for applications that do not require the .NET Framework.

Server Core offers the following key benefits to organizations:

Reduced software maintenance: Because Server Core installs only what is required to have a

manageable server running the supported server roles, the server requires less software

maintenance. With a smaller Server Core installation, the number of required updates and

patches are reduced, saving both WAN bandwidth usage by servers and administration time for

the IT staff.


Reduced attack surface: Because there are fewer files installed and running on the server, there

are fewer attack vectors exposed to the network; therefore, there is less of an attack surface.

Administrators can install just the specific services needed for a given server, keeping the

exposure risk to an absolute minimum.

Fewer restarts required and reduced disk space required: With a minimal Server Core

installation, there are fewer installed components that will need to be updated or patched, and

the number of required restarts will be reduced. A Server Core installation installs the minimal

files needed to provide the required functionality, so less disk space will be used on the server.

Backward Compatibility Reduces Migration Risk IIS 7.0 was designed to be highly compatible with IIS 6 Web sites and applications to allow for migration

of applications from IIS 6 to IIS 7.0 without modification. This compatibility provides the following

benefits:

Customers can take advantage of IIS 7.0 features by simply migrating content.

For existing Active Directory® Service Interfaces and WMI scripts, IIS 7.0 provides feature parity

with previous releases, enabling them to run directly against the new configuration store.

ADSI is supported, so IIS 6 administration scripts and WMI scripts will continue to work on

IIS 7.0. For ADSI to function on IIS 7.0, the IIS Management Compatibility feature must first be

installed (it is not installed by default).

IIS 7.0 includes a new WMI provider that allows WMI developers to take advantage of the new

IIS7 features.

Existing ASP, ASP.NET 1.1 and ASP.NET 2.0 applications are expected to run on IIS 7.0 without

code changes, using the compatible ISAPI support. This allows IT Professionals to run existing

ISAPI tools, and to leverage existing investments. (Note that ISAPI filters that rely on READ RAW

DATA notification are not supported in IIS 7.0 but most typically used ISAPI extensions and filters

will operate as expected).

IIS 7.0 provides a metabase interpreter that can run against the XML, so existing scripts can be

interpreted and run in IIS 7.0.

ASP.net executes in either integrated or classic mode; classic mode ensures IIS 6-equivalent

functionality.


PHP applications typically run without modification. Refer to http://www.iis.net/php for walk-

throughs about the most popular PHP applications to run on IIS 7.0.

Request FilteringThe IIS 7.0 Request Filtering module contains the URLScan security tool (provided as an add-on for

earlier versions of IIS), which allows administrators to implement URL acceptance polices both globally

and per URL. The Request Filtering module helps administrators increase Web server security by

providing multiple filtering options that can prevent malicious or incorrect URLs from being processed.

An example of using the Request Filtering module is the Hidden Segment feature, which enables

administrators to define specific URL segments that are not servable. This allows administrators have

more granular control over server content.

URL Authorization RulesWith IIS 7.0, permissions no longer need to be set at the content level in the file system. Instead,

authorization rules can be stored in an application's web.config file, so that the authorization rules

follow the content, even if the content is moved to a different server.

More Efficient ManagementUsing IIS 7.0 simplifies Web server management by providing powerful administration tools, and the

highly modular architecture allows for customizing installations and extending core functionality. New

administration features in IIS 7.0 include powerful diagnostic tools, enhanced security, support for

XCopy deployment for applications, and improved administration tools like the IIS Manager. A powerful

new feature, delegated administration, allows IT administrators to provide customers, developers or

other administrators to control some of their own tasks, resulting in lower management costs. With

support for shared configuration, IIS allows administrators to create one configuration file that controls

the configuration settings for multiple servers from a single shared location.

New and Improved Administration ToolsIIS 7.0 introduces the following updated and revised administration tools for managing IIS:

IIS Manager, with the new graphical administration interface.

Appcmd.exe, a powerful new command-line tool.


http://www.iis.net/php

A configuration system that is based on the .NET Framework 2.0 configuration store and

supports the direct editing of settings.

Microsoft.Web.Administration, a managed interface that exposes the same information

exposed by the WMI provider in an application programming interface (API).

WMI Provider, a software component that functions as mediator between the CIM Object

Manager and managed objects. It provides access to configuration and server state

information to Visual Basic Scripting Edition (VBScript) and JScript writers.

Support for the IIS 6 MMC snap-in, which enables remote administration of IIS 6 from

Windows Server 2008.

The new administration tools support IIS 7.0 distributed configuration and also allow for delegated access to site and application configuration for non-administrators.

IIS ManagerThe new administration utility in IIS 7.0, IIS Manager, is an enhanced tool for managing the Web server.

Benefits of the improved IIS Manager include:

Unified management of IIS and ASP.NET configuration settings, user data, and runtime diagnostic

information.

The ability for hosters and administrators to delegate administrative control to developers or

content owners, thus reducing cost of ownership and administrative burden

Support for remote administration over HTTPS, allowing for secure integrated local, remote,

even cross-Internet administration, without requiring DCOM or other administrative ports be

opened on the firewall

A rich extensibility framework for plugging in new UI features using the .NET Framework

The IIS Manager’s updated GUI makes server administration easy with its logically organized, task-based

interface. It allows Administrators to do familiar tasks easily while also accessing significant new

capabilities. For example, the experience of navigating the tree view for sites and directories will feel

much like earlier versions of IIS, but the context-sensitive Actions pane provides quick access to

management tasks and configuration options.


Figure 2 - The New IIS Manager Interface

Consolidated Command-Line ToolA new command-line tool, AppCmd, is included for managing and administering Web servers, Web sites,

and Web applications. The command-line interface simplifies common management Web server tasks

for administrators. For example, AppCmd could be used to list Web server requests that have been

forced to wait for more than 500 milliseconds. This information could then be used to troubleshoot

applications that are performing poorly. The output of appcmd.exe can be piped into other commands

for further processing.

AppCmd also allows administrators to build advanced management tasks simply by combining multiple

commands into a single script, or by reusing the output inside another program. It allows Datacenter and

Web host administrators to automate the provisioning of new accounts completely through the

command line.

Microsoft.Web.Administration InterfaceIIS 7.0 also includes a new management API for the Web server called Microsoft.Web.Administration

that enables editing configuration settings through manipulation of the XML configuration files. It IIS 7.0 Windows Server 2008 Reviewer’s Guide

provides objects to manage the server, server properties, and server state. This API allows for

programmatic access to read-and-write configuration properties in the IIS configuration file hierarchy,

and also to the same data that has historically been accessible by WMI scripts in the previous versions of

IIS. This can be used by hosting organizations or large datacenters that wish to build custom

management interfaces.

Windows PowerShell™ integrates the command-line shell and scripting language to allow administrators

to more efficiently complete and automate bulk system administration tasks. Windows PowerShell

improves upon the Windows Command Prompt and Windows Script Host (WSH) by providing command-

line tools, or cmdlets that have the exact syntax as the scripting language. The command that is typed in

the Windows PowerShell command prompt is the same command that would be used in a script for

automating the task across multiple servers. PowerShell can be used to write cmdlets that automate

tasks using the managed Microsoft.Web.Administration interface.

Delegated AdministrationDistributed configuration in IIS 7.0 enables those who host or administer Web sites or Windows

Communication Foundation (WCF) services to delegate varying levels of administrative control to

developers or content owners, thus helping to reduce the cost of ownership and the administration

workload. For example, the administrative control of a Web site might be delegated so that the

application developer can configure and maintain the default document or other properties used for

that Web site. Administrators can also lock specific configuration settings so that they cannot be

changed by anyone else. This feature might be used to ensure that a security policy, which prevents

script execution, is not overridden by a content developer who has been delegated administrative

access to the Web site. The delegation can be very specific, allowing an administrator to decide exactly

which functions to delegate, on a case-by-case basis.

When a system administrator delegates a feature, all site or application-level administrators are able to

configure that feature for their site or application. In addition, features can be delegated, but set to

Read-only. This setting allows a site or application administrator to view the setting for a feature, but

does not allow them to make changes to the setting for that feature.

With permission delegation, there are many options for Web hosting customers and Web site managers.

Customers and managers can directly edit their Web site’s web.config file or use a browser-based tool

developed by the Web host or use the IIS Manager tool.IIS 7.0 Windows Server 2008 Reviewer’s Guide

With this capability, users of hosted services can run the administration tool on their own desktop

computers, connecting remotely to manage their applications on the hosted Web server. For example,

the system administrator could delegate access to the Error Pages feature. Site and application

administrators could then modify the error pages displayed on their site. Their changes would affect

only their site, not other sites or the entire server.

Additionally, IIS Manager can be used remotely to manage remote servers, sites, and applications.

Server administrator can use the remote administration feature of IIS Manager to add user accounts and

to allow those users to connect to any sites or applications for which they have permission. After the IIS

Management Service has been installed on the server, customers and managers can run IIS Manager on

their remote computers to manage their own Web sites.

Powerful diagnostic and troubleshooting toolsIIS 7.0 makes it easier to troubleshoot faulty applications through improved features, such as detailed

and prescriptive error messaging, a new Runtime Status & Control API that exposes relevant IIS 7.0

diagnostic information, and a new Failed Request Tracing feature that allows Administrators to

preconfigure IIS 7.0 to run traces on a per- URL level as needed. The following sections outline these

new diagnostic capabilities.

Runtime State and Control API

One of the most important features that helps improve IIS 7.0 troubleshooting support is the Runtime

Status and Control API (RSCA), which is designed to give detailed runtime information about the server

from within IIS 7.0. With RSCA, it is possible to inspect and manage various entities including sites,

application pools, .NET Framework application domains, and even running requests. Administrators can

also access runtime information without writing code by using the Performance and Reliability Monitor

(PerfMon). This information can be used by administrators or developers to analyze server resource

utilization and troubleshoot Web applications.

For example, with RSCA and the IIS 7.0 administration tools, administrators can know what requests are

executing in a worker process that's consuming 100% of the CPU, or which application domains are

loaded for a particular site. RSCA also surfaces currently executing requests on the server in real time.

RSCA data is available from the WMI provider and managed API (Microsoft.Web.Administration). The IIS

Manager command-line tool (appcmd.exe) also can display this data.


Custom Errors Module

IIS 7.0 simplifies troubleshooting by providing error messages local to the Web server that are much

more detailed and actionable than the errors that appear for end-users. The new custom errors module

in IIS 7.0 allows for detailed error information to be sent back to the browser (to localhost only). Instead

of seeing a terse error code, administrators now can see detailed information about the request, what

potential issues may have caused the error, and also suggestions about how to fix it.

Figure 3 - IIS 7.0 Error Message Sample

Detailed Trace Events

IIS 7.0 includes detailed trace events throughout the request and response path, allowing developers

and administrators to trace a request as it travels through the IIS request processing pipeline, into any

existing page level code, and back out to the response. The pipeline is highly instrumented to provide

rich detail on request processing. These detailed trace events allow developers to understand the

request path and any error information that was raised as a result of the request, and also understand

elapsed time and other debugging information to assist in troubleshooting all types of errors.


To enable the collection of these trace events, IIS 7.0 can be configured to automatically capture full

trace logs for any given request based on elapsed time or error response codes.

This feature provides the ability to report on events occurring within a worker process. Currently

executing requests can be viewed in real time from within the IIS Manager, from a command line, or

using the new management API. In addition, IIS 7.0 can be configured to create a log for any request

that meets specific conditions, such as any request that takes more than five seconds to complete. The

log will display the amount of time spent in event in the pipeline, and status information such as

whether a request was cached.

These features can be particularly important to hosting companies by enabling them to become more

proactive in serving online customers and enhancing customer service and agent effectiveness. They

help ensure that more transactions are completed successfully, promote identification and resolution of

hidden or hard-to-find-application problems, and give customers immediate visibility into issues

affecting online experiences and their business impact.

Failed Request Tracing IIS 7.0 makes it possible to troubleshoot failures without having to manually reproduce them. The Failed

Request Tracing feature enables server administrators to define error conditions that they wish to

monitor. This allows administrators to capture trace logs for a pre-configured failure condition

automatically, all while avoiding the performance penalty of saving logs for all requests. With Failed

Request Tracing, administrators can capture the valuable tracing information when errors occur, even if

they are intermittent or hard to reproduce. Error conditions can range from "slow" or "hung" requests,

to the familiar status codes that IIS sends back during error conditions like "Server 500 Error." If this

feature is configured, and IIS 7.0 detects an error condition, it can automatically log detailed trace

events for everything that led to the error.


Figure 4 - Failed Request Tracing UI

This feature will be helpful to Web Hosters who manage many sites. If a Web host notices a specific

error affecting one of their sites, they could easily deploy Failed Request Tracing to all sites to monitor

for the same error. This would help to avoid failures and maintain high availability.

The underlying tracing infrastructure is exposed to IIS modules using the server extensibility model,

allowing all server components, whether they ship with IIS or are developed by third parties, to relay

detailed tracing information during request processing.

This allows developers and system administrators to create custom managed modules to take

advantage of the unified tracing model. Developers can now write tracing modules that provide new

ways to process and output traces, like a module to save IIS tracing information to a Microsoft

SQL Server® or to a text file.

Simpler Deployment and MaintenanceDeploying, migrating, and backing up a Web site can be difficult and time consuming. In IIS 7.0, the basic

file structure of a Web site has been simplified, and all content and configurations are now stored


together in a single folder. The configuration settings are stored in easy-to-manage XML files, making

applications that are much simpler to deploy and maintain.

XML-Based Configuration ModelIIS 7.0 uses an XML-based configuration model that allows for a more open and flexible Web site

infrastructure, as well as providing greatly improved manageability, portably, and server deployment. It

enables Administrators to:

Easily copy configuration from server to server

Use environment variables to abstract physical paths

Administer changes and state managed code with Windows PowerShell, WMI, or IIS Manager

XML ConfigurationIIS 7.0 is built on a hierarchy of distributed XML configuration files. This hierarchy is comprised of a global

file called applicationHost.config, which contains server-level configuration settings. There may also be a

number of distributed web.config files in the application's directory structure. These are the same

web.config files that are used by the ASP.NET application framework to store portable application

settings. This allows the side-by-side storage of IIS and ASP.NET configuration, using clean and strongly-

structured XML directives.

In the past, IIS application settings were stored in the metabase, and were keyed to a specific machine,

making them difficult to access and difficult to move to other servers. With distributed web.config files,

applications encapsulate the required server configurations within their directory structure. This

dramatically simplifies deployment, allowing self-contained applications to be simply copied to the

target server's application directory.

Application XCopy deployment Since the site and applications configuration files and data are all stored in the folder, Administrators

can easily deploy, migrate and backup the Web site by using simple tools, such as XCopy, which helps to

avoid costly and error-prone replication, manual synchronization, and additional configuration tasks.

For example, to deploy many sites quickly, IIS 7.0 provides the ability to use XCopy to rapidly move IIS

configurations along with content, to remote servers, as well as easily move a Web site from

development into production.


Distributed Configuration ModelThe new XML configuration model introduces significant improvements to the way configuration data is

stored and accessed, by allowing administrators to store XML configuration settings for a Web site or

application in the same directory as the code or content. By using distributed configuration, the

configuration settings for a specific site or application can be copied from one computer to another as

the application moves from development into test, and ultimately into production.

Web Hosters will find that by using centralized, shared configurations, they can increase flexibility in

managing their customer base. They can easily move customer sites from one server to another,

implement convenient backup plans, and reduced overall downtime.

The shared, centralized, global configuration features in IIS 7.0 helps support homogeneous Web farms

where computers share the same configuration. By using a Universal Naming Convention (UNC) share

for a centralized configuration, a change in the central master configuration file will affect different

computers without extra tools or programmatic support.

Integrated application pipeline for servicesPrevious versions of IIS allowed for the development of .NET application components via the ASP.NET

platform. ASP.NET integrated with IIS via an ISAPI extension, and exposed its own application and

request processing model. This effectively exposed two separate server pipelines, one for native ISAPI

filters and extension components, and another for managed application components. ASP.NET

components would execute entirely inside the ASP.NET ISAPI extension, and only for requests mapped

to ASP.NET in the IIS script map configuration.

The IIS 7.0 Web server includes some fundamental changes from IIS 6 in the way that requests are

handled. For example, both native and managed code can be processed (and is, by default) through a

single request pipeline. The integrated pipeline allows for different application frameworks to run within

a single Web server request pipeline, offering built-in ASP.NET extensibility for all applications. IIS 7.0

allows existing ASP.NET features, such as Forms-based authentication or URL authorization, to be used

for all types of Web content requests in the integrated pipeline.

Further benefits of this integration include:


o Allowing services provided by both native and managed modules to apply to all requests,

regardless of the handler. For example, managed Forms Authentication can be used for all

content, including ASP pages, CGIs, and static files.

o Empowering ASP.NET components to provide functionality that was previously unavailable to

them due to their placement in the server pipeline. For example, a managed module providing

request rewriting functionality can rewrite the request prior to any server processing, including

authentication, takes place.

o A single place to implement, configure, monitor and support server features. For example, single

module and handler mapping configuration, single custom errors configuration, and single URL

authorization configuration.

The IIS 7.0 request processing pipeline also enables administrators to add or remove modules depending

on their needs. Developers can also write custom modules to augment or even replace functionality,

allowing a highly optimized custom solution to be created.

Flexible Web server extensibility model IIS 7.0 enables developers to extend custom functionality in new, more powerful ways. IIS 7.0

extensibility includes an all-new core server application programming interface (API) set that allows

feature modules to be developed in both native code (C/C++) and managed code—languages such as C#,

and Visual Basic® 2005, that use the .NET Framework. Much of the IIS 7.0 feature set for request and

application processing has been implemented using these same APIs. IIS 7.0 also enables extensibility for

configuration, scripting, event logging, and administration tool feature-sets, providing software

developers with a complete server platform on which to build Web server extensions.

For example, Administrators could write a module that manipulates Microsoft Office 2007 documents

every time a document is delivered, or integrates with SQL Server, Microsoft Exchange Server, or any

other device on the network. Implementing Event tracking, custom logging, and security features is

easier than ever before.


Conclusion

New features in Internet Information Server (IIS) 7.0 provide easy to use, flexible tools for the technical

professional. Using IIS 7.0 simplifies Web server management with options that include a flexible

extensibility model, powerful diagnostic tools, enhanced security, true XCopy deployment for

applications, and improved administration tools. Using the delegated administration features in IIS 7.0,

Web hosters can let customers or datacenters manage their own content, which helps reduce the cost of

administration. Improved configuration features make it easy to create one configuration file and

distribute the configuration changes to multiple servers. The new modules features in IIS 7.0 can be

independently installed on the server to reduce the attack surface of the server, and reduce

administrative overhead where it is not needed. IIS 7.0 is designed to work with existing tools and

scripts. The new management and diagnostic features in IIS 7.0 free up IT staff to work on more

business-critical tasks.

For more information about IIS 7.0, visit the IIS Web site at: www.iis.net

For the most comprehensive technical information about Microsoft products, visit the main TechNet

Web site at: www.microsoft.com/technet.


http://www.iis.net/

Introduction - download.microsoft.comdownload.microsoft.com/.../WEB-IIS7_2/IIS7_Reviewers_G… ·...

Documents

Transcript of Introduction - download.microsoft.comdownload.microsoft.com/.../WEB-IIS7_2/IIS7_Reviewers_G… ·...