Internet Information Service 2

INTERNET INFORMATION SERVICE 2

Version 7.5

IIS 7.5 is the latest update to the IIS 7.0 server. This release comes with Windows Server 2008 R2 and Windows 7. This integrates many separate downloads available from Microsoft into the release.

Highlights include:

* Integration of the new FTP with the OS
* Integration of Admin Pack Extension with the OS
* IIS Powershell provider
* Rich Application Hosting
* Improvements to FastCGI
* IIS Core changes and improvements
* IIS Best Practice Analyzer

IIS Media Pack

The IIS Media Pack is a set of free add-on modules for delivering digital audio and video files from an Internet Information Services 7.0 (IIS7) Web server. Download delivery from a Web server to media player software is often as a progressive download, which allows the end user's media player to quickly start rendering the media file even as the download is still in progress. Examples of media player software that will work with the IIS Media Pack include Adobe Flash Player, Apple QuickTime Player, RealNetworks RealPlayer, Microsoft Windows Media Player, and Microsoft Silverlight. The IIS Media Pack provides some of the cost savings and content control benefits of streaming media servers to Web server delivery of media files.


The first module, Bit Rate Throttling, was released to the general public on March 14, 2008. For media files, Bit Rate Throttling uploads the first few seconds of the file as fast as possible, allowing playback to begin very quickly, and then automatically detects the encoded bit rate of the file and meters out the rest of the download at that bit rate. If an end user stops playback before the end of the file, the server has only uploaded a few more seconds of file than were actually consumed, reducing bandwidth costs when compared to traditional send-and-forget HTTP downloads. Metering the delivery of media files also reduces overall bandwidth and CPU usage on the IIS server, freeing resources to serve a higher number of concurrent users. The following eleven media file formats are supported by default in the Bit Rate Throttling module: ASF, AVI, FLV, M4V, MOV, MP3, MP4, RM, RMVB, WMA, WMV. Additional media file formats can be added using the IIS configuration system. Non-media files may also be throttled at a server-administrator-specified delivery rate.


The second module is called Web Playlists, and is now in its second Customer Technology Preview (CTP) release. This feature allows an IIS server administrator to specify a sequenced playback order for a set of media files without exposing the source URLs. Playback order and the ability to limit whether an end user can seek within or skip a file are controlled on the IIS server. The Web Playlists feature can also be used to dynamically generate personalized playlists for users.

Internet Information Services

Internet Information Services

History

Sale Kutte The first Microsoft webserver was a research project by the European Microsoft Windows NT Academic Centre (EMWAC), part of the University of Edinburgh in Scotland, and was distributed as freeware. However since the EMWAC server was unable to scale sufficiently to handle the volume of traffic going to microsoft.com, Microsoft was forced to develop its own webserver, IIS.


IIS was initially released as an additional set of Internet-based services for Windows NT 3.51. IIS 2.0 followed, adding support for the Windows NT 4.0 operating system; and IIS 3.0 introduced the Active Server Pages dynamic scripting environment.


IIS 4.0 dropped support for the Gopher protocol and was bundled with Windows NT as a separate "Option Pack".[citation needed]


The current shipping version of IIS is 7.5 for Windows 7 and Windows Server 2008 R2, 7.0 for Windows Vista and Windows Server 2008, 6.0 for Windows Server 2003 and Windows XP Professional x64 Edition, and IIS 5.1 for Windows XP Professional. Windows XP has a restricted version of IIS 5.1 that supports only 10 simultaneous connections and a single web site. IIS 6.0 added support for IPv6. A FastCGI module is also available for IIS5.1, IIS6 and IIS7.


IIS 7.0 is not installed by Windows Vista by default but it can be selected from the list of optional components. It is available in all editions of Windows Vista including Home Basic. IIS 7 on Vista does not limit the number of allowed connections as IIS on XP did but limits concurrent requests to 10 (Windows Vista Ultimate, Business, and Enterprise Editions) or 3 (Vista Home Premium). Additional requests are queued which hampers performance but they are not rejected as with XP.


IIS 7.0 (Windows Vista/2008) is much faster than IIS 5.1 (Windows XP) because it relies on the HTTP.SYS kernel driver.

Microsoft Web Platform Installer

Microsoft Web Platform Installer (WPI) is a simple, free tool that automates the installation of Microsoft's Web Platform technologies (such as IIS, ASP.NET, and PHP) and certain 3rd-party software.

Security

Earlier versions of IIS were hit with a number of vulnerabilities, chief among them CA-2001-19 which led to the infamous Code Red worm; however, both versions 6.0 and 7.0 currently have no reported issues with this specific vulnerability. In IIS 6.0 Microsoft opted to change the behaviour of pre-installed ISAPI handlers, many of which were culprits in the vulnerabilities of 4.0 and 5.0, thus reducing the attack surface of IIS. In addition, IIS 6.0 added a feature called "Web Service Extensions" that prevents IIS from launching any program without explicit permission by an administrator. With the current release IIS 7.0 the components are modularised so that only the required components have to be installed, thus further reducing the attack surface. In addition, security features are added such as URLFiltering which rejects suspicious URLs based on a user-defined rule set.


By default IIS 5.1 and lower run websites in-process under the SYSTEM account,a default Windows account with 'superuser' rights. Under 6.0 all request handling processes have been brought under a Network Services account with significantly fewer privileges so that should there be a vulnerability in a feature or in custom code it won't necessarily compromise the entire system given the sandboxed environment these worker processes run in. IIS 6.0 also contained a new kernel HTTP stack (http.sys) with a stricter HTTP request parser and response cache for both static and dynamic content.


There are various built-in security features from Microsoft. Many companies offer third-party security tools and features, also known as "Web App Firewalls, or Web Application Firewalls." The advantage of such tools is that they offer much more comprehensive elements (such as easy-to-use GUI, etc.) that aid in protecting an IIS installation with an additional layer of protection at a higher level.

Authentication Mechanisms

IIS 5.0 and higher support the following authentication mechanisms:


* Basic access authentication
* Digest access authentication
* Integrated Windows Authentication
* .NET Passport Authentication (not supported in Windows Server 2008 and above)


IIS 6.0 Technet reference


IIS 7 Config reference


Authentication changed slightly between IIS6 and IIS7, most notably in that the anonymous user which was named "IUSR_{machinename}" is a built-in account in Vista and future operating systems and named "IUSR". Other changes in authentication are noted on the iis.net website


Notably, in IIS 7, each authentication mechanism is isolated into its own module and can be installed or uninstalled independently. See the Native Modules list in this article on IIS.net

Version 7.0

Debuting with Windows Vista, and included in Windows Server 2008, IIS 7.0 features a modular architecture, much like Apache. Instead of a monolithic server which features all services, IIS 7 has a core web server engine. Modules offering specific functionality can be added to the engine to enable its features. The advantage of having this architecture is that only the features required can be enabled and that the functionalities can be extended by using custom modules.


IIS 7 will ship with a handful of modules, but Microsoft will make other modules available online. The following sets of modules are slated to ship with the server:


1. HTTP Modules
2. Security Modules
3. Content Modules
4. Compression Modules
5. Caching Modules
6. Logging and Diagnostics Modules


Running IIS 7 with the extension component Ape by Helicon Tech allows emulating Apache's runtime environment including more than a dozen Apache modules (mod_rewrite, mod_proxy, mod_auth, mod_cache, etc.), as well as direct .htaccess support, inside IIS.


Writing extensions to IIS 7 using ISAPI has been deprecated in favor of the module API, which allows modules to be plugged in anywhere within the request processing pipeline. Much of IIS's own functionality is built on this API, and as such, developers will have much more control over a request process than was possible in prior versions. Modules can be written using C++, or using the IHttpModule interface from a .NET Framework language. Modules can be loaded globally where the services provided by the module can affect all sites, or loaded on a per-site basis. IIS 7 has an integrated mode application pool where .NET modules are loaded into the pipeline using the module API, rather than ISAPI. As a result ASP.NET code can be used with all requests to the server. For applications requiring strict IIS 6.0 compatibility, the Classic application pool mode loads asp.NET as an ISAPI.


A significant change from previous versions of IIS is that all Web server configuration information is stored solely in XML configuration files, instead of in the metabase. The server has a global configuration file that provides defaults, and each virtual web's document root (and any subdirectory thereof) may contain a web.config containing settings that augment or override the defaults. Changes to these files take effect immediately. This marks a significant departure from previous versions whereby web interfaces, or machine administrator access, were required to change simple settings such as default document, active modules and security/authentication. It also eliminates the need to perform metabase synchronization between multiple servers in a farm of web servers.


IIS 7 also features a completely rewritten administration interface that takes advantage of modern MMC features such as task panes and asynchronous operation. Configuration of ASP.NET is more fully integrated into the administrative interface.

Other changes:

* PICS content ratings, support for Microsoft Passport, and server-side image maps are no longer included.
* Executing commands via server-side includes is no longer permitted.
* IISRESET -reboot has been removed.
* The CONVLOG tool, which converts IIS log files into NCSA format, has been removed.
* Support for enabling a folder for "Web Sharing" via the Windows Explorer interface has been removed.
* IIS Media Pack (see below), which allows IIS to be used as a bare-bones media server, without using Windows Media Services.
* New FTP module, that integrates with the new configuration store, as well as the new management environment.

CLIENT - SERVER information

Client - Server - Networking (Network Range)

Client-server computing or networking is a distributed application architecture that partitions tasks or work loads between service providers (servers) and service requesters, called clients. Often clients and servers operate over a computer network on separate hardware. A server machine is a high-performance host that is running one or more server programs which share its resources with clients. A client does not share any of its resources, but requests a server's content or service function. Clients therefore initiate communication sessions with servers which await (listen to) incoming requests.

Description

The client-server characteristic describes the relationship of cooperating programs in an application. The server component provides a function or service to one or many clients, which initiate requests for such services.

Functions such as email exchange, web access and database access, are built on the client-server model. For example, a web browser is a client program running on a user's computer that may access information stored on a web server on the Internet. Users accessing banking services from their computer use a web browser client to send a request to a web server at a bank. That program may in turn forward the request to its own database client program that sends a request to a database server at another bank computer to retrieve the account information. The balance is returned to the bank database client, which in turn serves it back to the web browser client displaying the results to the user.

The client-server model has become one of the central ideas of network computing. Many business applications being written today use the client-server model. So do the Internet's main application protocols, such as HTTP, SMTP, Telnet, DNS. In marketing, the term has been used to distinguish distributed computing by smaller dispersed computers from the "monolithic" centralized computing of mainframe computers. But this distinction has largely disappeared as mainframes and their applications have also turned to the client-server model and become part of network computing.

Each instance of the client software can send data requests to one or more connected servers. In turn, the servers can accept these requests, process them, and return the requested information to the client. Although this concept can be applied for a variety of reasons to many different kinds of applications, the architecture remains fundamentally the same.

The most basic type of client-server architecture employs only two types of hosts: clients and servers. This type of architecture is sometimes referred to as two-tier. It allows devices to share files and resources. The two tier architecture means that the client acts as one tier and application in combination with server acts as another tier.

The interaction between client and server is often described using sequence diagrams. Sequence diagrams are standardized in the Unified Modeling Language.

Specific types of clients include web browsers, email clients, and online chat clients.

Specific types of servers include web servers, ftp servers, application servers, database servers, name servers, mail servers, file servers, print servers, and terminal servers. Most web services are also types of servers.

Comparison to peer-to-peer architecture

In peer-to-peer architectures, each host or instance of the program can simultaneously act as both a client and a server, and each has equivalent responsibilities and status.

Both client-server and peer-to-peer architectures are in wide usage today. Details may be found in Comparison of Centralized (Client-Server) and Decentralized (Peer-to-Peer) Networking

Comparison to client-queue-client architecture

While classic client-server architecture requires one of the communication endpoints to act as a server, which is much harder to implement,[citation needed] Client-Queue-Client allows all endpoints to be simple clients, while the server consists of some external software, which also acts as passive queue (one software instance passes its query to another instance to queue, e.g. database, and then this other instance pulls it from a database, makes a response, passes it to database etc.). This architecture allows greatly simplified software implementation. Peer-to-peer architecture was originally based on the Client-Queue-Client concept.

Advantages

* In most cases, a client-server architecture enables the roles and responsibilities of a computing system to be distributed among several independent computers that are known to each other only through a network. This creates an additional advantage to this architecture: greater ease of maintenance. For example, it is possible to replace, repair, upgrade, or even relocate a server while its clients remain both unaware and unaffected by that change.

* All data is stored on the servers, which generally have far greater security controls than most clients.[citation needed] Servers can better control access and resources, to guarantee that only those clients with the appropriate permissions may access and change data.

* Since data storage is centralized, updates to that data are far easier to administer than what would be possible under a P2P paradigm. Under a P2P architecture, data updates may need to be distributed and applied to each peer in the network, which is both time-consuming and error-prone,[citation needed] as there can be thousands or even millions of peers.

* Many mature client-server technologies are already available which were designed to ensure security, friendliness of the user interface, and ease of use.[citation needed]

* It functions with multiple different clients of different capabilities.

Disadvantages

* Traffic congestion on the network has been an issue since the inception of the client-server paradigm.[citation needed] As the number of simultaneous client requests to a given server increases, the server can become overloaded. Contrast that to a P2P network, where its aggregated bandwidth actually increases as nodes are added, since the P2P network's overall bandwidth can be roughly computed as the sum of the bandwidths of every node in that network.

* The client-server paradigm lacks the robustness of a good P2P network.[citation needed] Under client-server, should a critical server fail, clients’ requests cannot be fulfilled. In P2P networks, resources are usually distributed among many nodes. Even if one or more nodes depart and abandon a downloading file, for example, the remaining nodes should still have the data needed to complete the download.

Email : xtechnologies@gmx.com

Web : xtechnologies.blogspot.com