Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.

Published byJason Parrill Modified over 9 years ago

Similar presentations

Presentation on theme: "Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance."— Presentation transcript:

1 Internet Information Server 6.0

2 IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance Performance Manageability Manageability Security Security

3 IIS 6.0 Reliability & Availability

4 INETINFO.EXE Metabase ISAPI Filters and Extensions INETINFO.EXE Metabase ISAPI Filters and Extensions Review of IIS 5 Architecture TCP/IP kernel user WinSock 2.0 DLLHost.EXE ISAPI Extensions DLLHost.EXE ISAPI Extensions DLLHost.EXE ISAPI Extensions

5 IIS 6 Architecture Web Admin Service Worker Process W3 Core web app HTTP.SYS kernel user

6 HTTP.SYS  What is it? Kernel-mode HTTP stack/listener Kernel-mode HTTP stack/listener Always running Always running  What does it do? HTTP Listener and Parser HTTP Listener and Parser Process routing based on URL namespace Process routing based on URL namespace Request queues: kernel-mode queuing Request queues: kernel-mode queuing Response cache for static requests Response cache for static requests

7 Web Admin Service - WAS  What is it? Configuration, Application and Process Manager Configuration, Application and Process Manager  What does it do? Configures HTTP.SYS for listening and routing Configures HTTP.SYS for listening and routing Periodic Recycling Periodic Recycling Time, Hit, Memory, Schedule-based, and on- demand Time, Hit, Memory, Schedule-based, and on- demand Health Monitoring Health Monitoring Pinging, Crash detection Pinging, Crash detection Rapid fail protection Rapid fail protection Better debugging support Better debugging support Orphan Web Processing Core Host Processes Orphan Web Processing Core Host Processes

8 Web Processing Core W3WP.exe  What is it? Main web processing core responsible for handling web requests Main web processing core responsible for handling web requests  Self–contained web server Contains all web request processing functionality Contains all web request processing functionality Loads ISAPI’s – filters and extensions Loads ISAPI’s – filters and extensions ASP, ASP.NET, FrontPage® Server Extensions ASP, ASP.NET, FrontPage® Server Extensions  Delivers complete isolation from system components and other web apps

9 IIS 6.0 Availability: Applications Isolating Applications From Each Other  Applications grouped into Application Pools Applications defined by URL namespace Applications defined by URL namespace One or many applications per Application Pool One or many applications per Application Pool Configure Processing features by Application Pool Configure Processing features by Application Pool One or many Worker Processes per Application Pool One or many Worker Processes per Application Pool Service Level Support Service Level Support CPU accounting CPU accounting Bandwidth throttling Bandwidth throttling

10 Worker Process Web app W3 Core Recycl e time! Worker Process Web app W3 Core IIS 6 Architecture: Managing worker processes kernel user HTTP.SYS Worker Process Web app W3 Core Worker Process Web app W3 Core Web Admin Service Worker Process Web app W3 Core

11 Working with Application Pools

12 Recycling  Recycle periodically to ensure reliability  Recycle based on: Uptime Uptime # of requests # of requests Schedule Schedule Virtual memory consumption Virtual memory consumption On-Demand On-Demand

13 Application Pool Performance  Goal = Support 2000 pools concurrently. IIS5 Isolated OOP total was 80. IIS5 Isolated OOP total was 80.  Scaling Features of Pools Idle Timeout Idle Timeout CPU Accounting CPU Accounting Demand Start Demand Start

14 Web Gardens  Multiple Processes serving an application pool Reliability and fault-tolerance Reliability and fault-tolerance Allows another already initialized worker process to take over the current load Allows another already initialized worker process to take over the current load Can affinitize worker processes to a set of processors Can affinitize worker processes to a set of processors Some throughput gains for applications that rely on process global resources Some throughput gains for applications that rely on process global resources

15 App Pool Health & Debugging Features  Worker process health monitoring/gating Process pinging Process pinging Startup/Shutdown limits Startup/Shutdown limits Kernel Mode Request Queuing Kernel Mode Request Queuing  Rapid Fail Protection  “Orphan” worker processes in failure

16 Configurable Worker Process ID  Worker process can be started as: Network Service (default) Network Service (default) Local System Local System Local Service Local Service Configured ID Configured ID

17 ** ASP.NET  If ASP.NET runs on IIS 4.0, IIS 5.0, or IIS 6.0 in IIS 5.0 isolation mode, it uses its own process model and configuration settings in the Machine.config file  If IIS is running in worker process isolation mode, ASP.NET disables its own process model and utilizes the worker process architecture of IIS 6.0.

18 DEMO: IIS Recycle

19 IIS 6.0 Performance

20 Designed for high throughput  Kernel mode cache for static, unauthenticated content No transition to user mode for cache hits No transition to user mode for cache hits  User-mode worker processes No user mode to user mode process hop No user mode to user mode process hop Talk directly to HTTP.SYS to get requests Talk directly to HTTP.SYS to get requests Ability to affinitize worker processes to CPUs Ability to affinitize worker processes to CPUs  Support for 64-Bit

21 IIS 6.0 Scalability Scale up, out and in  SSL up to 900% faster  ISAPI up to 800% faster  CGI up to 100% faster  Support 20,000 sites and more per system Improved Startup/Shutdown times (<2min) Improved Startup/Shutdown times (<2min) Improved Scalability of Application Isolation (2000 Isolated Application Pools) Improved Scalability of Application Isolation (2000 Isolated Application Pools)  Improved Processor Scalability 3x on a 4-processor box, 5x on an 8-way 3x on a 4-processor box, 5x on an 8-way

22 IIS 6.0 Management

23 Installation

24 Management Enhancements  XML Metabase  WMI Provider  Command-Line Interface  New Web-based Administration Console

25 IIS Commands  Create web and FTP Sites c:\>iisweb /create c:\webroot “My Site” /b 169.254.36.174 c:\>iisweb /create c:\webroot “My Site” /b 169.254.36.174  Create web and FTP V-Dirs  Backup/Restore  Export/Import Configuration c:\>iiscnfg /import /f MySiteConfig.xml c:\>iiscnfg /import /f MySiteConfig.xml /sp /lm/w3svc/1 /sp /lm/w3svc/1 /dp /lm/w3svc/4 /dp /lm/w3svc/4

26 IIS 6.0 Security

27 IIS 5.0 Security Issues  Code Red, Nimda, etc., etc.  Weaknesses Windows 2000 Installed As An Application Server – Huge attack surface Windows 2000 Installed As An Application Server – Huge attack surface Soft Defaults Soft Defaults High Privilege Accounts High Privilege Accounts No automated way to install patches No automated way to install patches Result: Fixes out for months but not uniformly applied Result: Fixes out for months but not uniformly applied Many companies survived Code Red & Nimda Many companies survived Code Red & Nimda  IIS Lockdown Wizard & URLSCAN for IIS 4/5  Improved Patch Management

28 IIS 6.0 Security Secure Out of the Box  Change in approach: Clean up code, improved tools for defect detection Clean up code, improved tools for defect detection Secure defaults, minimize attack surface (static files only by default) Secure defaults, minimize attack surface (static files only by default) Customer ‘enables’ server features after setup Customer ‘enables’ server features after setup An infrastructure that by default installs security hot fixes (customer opts out, not in) An infrastructure that by default installs security hot fixes (customer opts out, not in)  Educate the Customer

29 IIS 6.0 Security Reduced Attack Surface  IIS is not installed by default As well as 20+ other services As well as 20+ other services  Server Lockdown: Serve HTM files only Only Web service gets installed Only Web service gets installed IsapiRestrictionList IsapiRestrictionList CGIRestrictionList CGIRestrictionList Template-based feature activation Template-based feature activation  Web service disabled on upgrade for benefit of non-IIS users  Prevent IIS6 install with group policy

30 Managing Web Service Extensions

31 Support or no support ASP

32 Web Server Security Enhancements  URLscan implemented by default  Clean code  Architectural changes Process isolation Process isolation Configurable identity Configurable identity Application pool management Application pool management  General OS hardening  New tools AutoUpdate, SUS, Qchain, MBSA AutoUpdate, SUS, Qchain, MBSA

33 Passport Authentication  Integrated with Windows server 2003  Can ACL resources with passport accounts  Map passport credentials with AD accounts  Must register with Passport.com  Use Passport Manager Administration Utility to configure

34 URL Authorization

35 FTP User Isolation  FTP server 6.0 included in Windows Server 2003  Isolation levels Compatibility / no isolation Compatibility / no isolation Small business / stand alone isolation Small business / stand alone isolation Enterprise isolation using AD integration Enterprise isolation using AD integration

36 Questions ?

Download ppt "Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance."

Similar presentations

Internet Information Services 7.0 and Internet Information Services 7.5 Infrastructure Planning and Design Published: June 2008 Updated: November 2011.

Internet Information Services 7.0 and Internet Information Services 7.5 Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Securing and Tuning IIS7 Microsoft® Hosting Deployment Accelerator.

Securing and Tuning IIS7 Microsoft® Hosting Deployment Accelerator.
IIS 6.0 SECURITY ARCHITECTURE Its a Whole New World Michael Muckin Security Architect Microsoft Consulting Services.

IIS 6.0 SECURITY ARCHITECTURE Its a Whole New World Michael Muckin Security Architect Microsoft Consulting Services.
Faith Allington Program Manager Microsoft Corporation WSV322.

Faith Allington Program Manager Microsoft Corporation WSV322.
SSRS 2008 Architecture Improvements Scale-out SSRS 2008 Report Engine Scalability Improvements.

SSRS 2008 Architecture Improvements Scale-out SSRS 2008 Report Engine Scalability Improvements.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
Running PHP on Windows Server 2008 and IIS 7 Rob Cameron Developer Evangelist, Communications Sector Microsoft.

Running PHP on Windows Server 2008 and IIS 7 Rob Cameron Developer Evangelist, Communications Sector Microsoft.
Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.

Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.
Лектор: Борислава Палева. Agenda What’s new in IIS7? IIS7 for IT Pros Demos –Explore new tools –Tracing enhancements –View live requests.

Лектор: Борислава Палева. Agenda What’s new in IIS7? IIS7 for IT Pros Demos –Explore new tools –Tracing enhancements –View live requests.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
Lap Around IIS7 Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation xxx Roller Coaster Ride.

Lap Around IIS7 Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation xxx Roller Coaster Ride.
IIS6 Web Services. Overview Application Platform Features Reliability Features Manageability Features Performance and Scalability Features Security Features.

IIS6 Web Services. Overview Application Platform Features Reliability Features Manageability Features Performance and Scalability Features Security Features.
Satisfy Your Technical Curiosity Internet Information Services (IIS) 7.0 End-to-End Overview of Microsoft's New Web Application Server Bart De Smet MVP,

Satisfy Your Technical Curiosity Internet Information Services (IIS) 7.0 End-to-End Overview of Microsoft's New Web Application Server Bart De Smet MVP,
Internet Information Server (IIS)

Internet Information Server (IIS)
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
Reliability and Performance Application protection IIS Reliable Restart Socket pooling Multisite hosting Process throttling Bandwidth throttling.

Reliability and Performance Application protection IIS Reliable Restart Socket pooling Multisite hosting Process throttling Bandwidth throttling.
Internet Information Server Team Members: Hung Duong Hak Gauv Eric Luc David Nguyen Larry Tan.

Internet Information Server Team Members: Hung Duong Hak Gauv Eric Luc David Nguyen Larry Tan.
Building Scalable and Reliable Web Applications Vineet Gupta Technology Evangelist Microsoft Corporation

Building Scalable and Reliable Web Applications Vineet Gupta Technology Evangelist Microsoft Corporation

Similar presentations

Ads by Google