Seven Pillars: integrated, extensible, componentized, delegated, secure, compatible, supportable
IIS - a colorful past
- 1996 - v1 & 2 ships for NT 3.5 / 4.0
- 1997 - V4 part of NT4 Option Pack
- 2000 - V5 installed by default in Win2K (admittedly a mistake)
- Fall 2001 - Code Red and Nimda
- 2003 - V6
IIS today is now secure by design, secure by default and has a new process architecture for app failure (health detection, automatic recycling of apps). ZERO IIS6 critical security hotfixes since RTM.
IIS7
Configuration & Admin Tool: Metabase is dead... use applicationhost.config instead. IIS and ASP.NET settings can now be stored in the same web.config! Therefore, you can XCopy web settings along with content. This also allows you to share web settings across multiple servers.
UI: inetmgr broken/configusing, uses the crappy MMC... so kill it. New tool allows you to manage IIS and ASP.NET config; manage sites without being a machine admin; view health, diagnostics, users; extendable.
web.config can allow a site manager to modify what used to be an admin-only configuration! Multi-user hosted IIS7 here we come.
Users and roles can also be managed in the config & admin tool.
Today all core server features implemented in w3core.dll. That's now broken up into multiple modules... this allows you to customize the IIS footprint. Basically you just install what you want... per site/app.
Diagnostics: View real-time server state information, control state of sites/apps/appPools/appDomains, log detailed trace events, automatically log event traces on error conditions, extend trace logging with your own events. Demo shows that you can see which pages are causing the high cpu usage so you don't have to restart w3wp.exe.
He showed compatibility by running PHP on IIS7.
Security: reduce attack surface through componentization, configure / manage sites and apps w/o admin privileges, easily secure web sites using unified authn/authz model, filter requests using built-in module.
Summary: distributed and delegated configuration, tremendous extensibility, rich diagnostics, committed to compatibility, rock solid security.
Tags: [PDC05]
posted @ Tuesday, September 13, 2005 5:20 PM