1 / 25

Lap Around IIS7

Roller Coaster Ride. xxx. Lap Around IIS7. Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation. s e v e n. i n t e r n e t i n f o r m at i o n s e r v i c e s. integrated. extensible. componentized. delegated. secure. compatible. supportable.

kalb
Download Presentation

Lap Around IIS7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Roller Coaster Ride xxx Lap Around IIS7 Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation

  2. s e v e n i n t e r n e t i n f o r m at i o n s e r v i c e s integrated extensible componentized delegated secure compatible supportable

  3. IIS – a colorful past • 1996 - V1 & 2 ships for Windows NT 3.5 & 4.0 • 1997 – V4 part of NT 4 Option Pack • 2000 – V5 installed by default in Windows 2000 • 2001 • March 2001, #1 in Internet Site Share • Fall 2001, Code Red and Nimda • 2003 – V6 released in Windows Server 2003

  4. IIS 6 Today • Secure by Design • Extensive design & code reviews • Penetration testing • Defense in depth • Secure by Default • IIS no longer installed by default with OS • IIS installs with “locked down” configuration • Runs with minimal permissions, secure configuration • Process architecture designed for app failure • Health detection • Automatic recycling of applications Zero critical security patches since release

  5. IIS 7 Overview • Configuration & Admin Tool • Core Server • Diagnostics • Compatibility • Security Demos

  6. The Metabase Centralized, admin-only configuration store COM-only interface Poorly schematized XML format Built using 1996 era standards Is Dead! (global web configuration is now stored in applicationHost.config)

  7. IIS 7 Configuration Enables You To... • Store IIS and ASP.NET settings in web.config • XCopy web settings along with content • Share web settings across multiple servers • Extend configuration with your own schema • … in a clean, well-schematized format

  8. The IIS Snap-in (inetmgr) Administrator only console Poorly factored UI (go where for security?) Difficult to use (one page has that many tabs?) DCOM remoting Is Dead! (the new administration tool is named webmgr)

  9. IIS 7 Admin Tool Enables You To... • Manage IIS and ASP.NET in one place • Manage individual sites and apps w/o machine admin privileges • View health, diagnostics, users, more… • Extend with your own Admin UI

  10. Delegated configure and deploy w/o admin privileges

  11. For More Information… COM431: IIS 7 Extensibility (Part 2): Building Configuration and UI Modules Friday 1pm, Room 404AB

  12. The Core Server & ISAPI All core IIS features implemented in w3core.dll ISAPI difficult to master, not very flexible ISAPI unused by IIS team Built using 1996 era standards Is Dead! (IIS7 is now completely modular, built on public APIs)

  13. IIS 7 Core Server Enables You To... • Build new IIS modules on full-fidelity APIs • Use native (C/C++) or Managed (C#, VB .NET) code • Use existing ASP.NET modules / handlers • Customize IIS footprint – per site or app

  14. IIS7 Core Web Server Modules Logging and Diagnostics AuthN/AuthZ Extensibility Publishing BasicAuthModule ManagedEngineModule DavModule HttpLoggingModule DigestAuthModule ISAPIModule CustomLoggingModule WindowsAuthModule ISAPIFilterModule RequestMonitorModule CertificateAuthModule CGIModule TracingModule AnonymousAuthModule ServerSideIncludeModule FormsAuthModule AccessCheckModule UrlAuthorizationModule Core Web Server DirectoryListingModule CustomErrorModule StaticFileModule DefaultDocumentModule HttpCacheModule DynamicCompressionModule StaticCompressionModule Http Protocol Support Configuration and Metadata Caches ValidationRangeModule TraceVerbModule ConfigurationModule UriCacheModule OptionsVerbModule ClientRedirectionModule SiteCacheModule FileCacheModule

  15. Componentized powerful, flexible building blocks for minimal footprint

  16. For More Information… COM406 IIS7 Extensibility (Part 1): Building New Core Server Modules Wednesday 11:00am, Room 406AB COM303 IIS7: Building More Powerful ASP.NET Applications with IIS7 Wednesday 1:45pm, Room 152/153

  17. IIS 7 Diagnostics Enables You To... • View real-time server state information • Control state of Sites, Apps, AppPools, AppDomains • Log detailed trace events across web platform stack • Automatically log event traces on error conditions • Extend trace logging with your own events

  18. Supportable easy to diagnose and fix problems

  19. For More Information… COM320 IIS7 Instrumenting, Diagnosing, and Debugging Web Applications Wednesday 11:30am, Room 515AB

  20. IIS 7 Compatibility Means… • Existing ISAPI filters and extensions just work • Classic ASP applications just work • ASP .NET v1.1 and v2.0 applications just work • ADSI and WMI scripts just work against new IIS config

  21. Compatible existing applications just work

  22. IIS 7 Security Enables You To... • Reduce attack surface through componentization • Configure / manage sites and apps w/o admin privileges • Easily secure web sites using unified authn/authz model • Filter requests using built-in module

  23. IIS 7 Summary • Distributed and delegated configuration • Tremendous extensibility, flexibility and customization • Rich diagnostics and troubleshooting support • Committed to compatibility • Continues to build on rock solid IIS 6.0 security

  24. IIS7

  25. © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

More Related