2. Proven Scale MySpace - 23 Billion Page* Views/Month Microsoft.com - 10k Req/sec & 300K Connections Match.com 30 million page view daily Proven Security No critical IIS 6 hotfixes since RTM as of 5/20/07 Proven Trust 54% of Fortune 1000 use IIS (port80software.com) A solid foundation to build on.

3. Notes MS02-011 & 012 not included: updates SMTP service only ASP.NET adds: 1 – v 2.0 2 - v 1.1 3 - v 1.0 Two security patches for IIS 6 since RTM (>3 yrs) = Critical = Rollup with X updates X IIS 6 IIS 5 2002 2003 2004 2005 IIS 4 4/15 Server2003 RTM 4/10 02-018 6/11 02-028 10/30 02-062 5/28 03-018 10/12 04-021 (WebDAV DoS) 7/13 04-021 8 8 4 4 4 4 < Critical 2006 06/11 06-034 (ASP)

4. More than a Web server, Internet Information Services 7.0 provides an accessible, extensible platform for developing and reliably hosting Web applications and services Modular Architecture Manageable Built in Request Tracing Extensible Design Integrated with.NET IIS 7.0 Enhancements Create Streamlined Servers Reduced Attack Surface Extend/Modify IIS Features Rapid Application Deployment Rapid Application Deployment Fast Diagnostics

5. Beta 3 of Windows Server 2008 since June 12 Great Compatibility 99%+ ASP and ASP.NET worked One application encountered breaking change out of 260 Classic ASP mode and AppCmd And loved New UI, death of metabase, shared config, failed request tracing etc. http://blogs.technet.com/mscom/archive/2007/09/07/the-tasty-morsels-found-in-dogfood- mscom-ops-top-10-changes-in-iis7-0.aspx

7. Send Response LogCompress NTLMBasic Determine Handler CGI Static File Authentication Anon Monolithic implementation Install all or nothing… Extend server functionality only through ISAPI… ASP.NET PHP ISAPI … …

8. Send Response LogCompress NTLMBasic Determine Handler CGI Static File ISAPI Authentication Anon SendResponse Authentication Authorization ResolveCache ExecuteHandler UpdateCache … … Server functionality is split into ~ 40 modules... Modules plug into a generic request pipeline… Modules extend server functionality through a public module API. … …

9. C:\Windows\System32\inetsrv\config

10. IIS 6IIS 7Benefits ArchitectureMonolithicModularCustomize, Extend, Streamline SetupMost Features installed (many disabled) Minimal installation for designated role Increased Security Extend Features ISAPI filters and ISAPI extensions Add modules and handlers in native or managed code Easier to develop application and administration features Customize UIPossible, but not common. Extensible, modular, based on.NET Much easier for developers to provide new admin features

11. IIS 6 IIS 6 extensibility limited to ISAPI filter and extensions UI modifications in MMC are challenging Difficult to extend IIS 6 Schema Web service activation using http only IIS 7 Native or manage code modules and handlers Easy to add your apps to UI Simple to extend IIS 7 schema Instrument apps to integrate with IIS 7 tracing Host web services using non-http protocols

13. Completely redesigned IIS Manager Task-oriented Context sensitive ‘Actions’ pane Tabs are replaced with Icons Allows IIS & and ASP.NET configuration Icons instead of tabs Provides managed extensibility Add new management and IIS features Application configuration can integrate into UI View health and diagnostics within the UI Built in remote administration over https Manage 1 or 1000’s of sites

16. Application Pool architecture based on IIS 6 Familiar settings for recycling, health monitoring, and process identity are unchanged Two pool types in IIS 7 Integrated (default) Allows use of managed code to provide pipeline services for all requests Example:.NET Forms authentication for Perl Integrated is the default for new pools Classic Works same as IIS 6 Ensures.NET compatibility

17. Simplifies security and administration Leverage the power of.NET for all content with managed global modules Forms Authentication URL Authorization.NET Caching.NET Role and Membership Providers New APIs manage both IIS 7 and.NET Enables Xcopy deployment scenarios

18. ISAPI-based Implementation Only sees ASP.NET requests Feature duplication Send Response LogCompress NTLMBasic Determine Handler CGI Static File ISAPI Authentication Anon … … Authentication Forms Windows Map Handler ASPX Trace … … …aspnet_isapi.dll

19. Two App Pool Modes Classic (IIS 6) Integrated Mode. NET modules / handlers plug directly into pipeline Process all requests Full runtime fidelity Log Compress Basic Static File ISAPI Anon SendResponse Authentication Authorization ResolveCache ExecuteHandler UpdateCache … … Authentication Forms Windows Map Handler ASPX Trace … … … aspnet_isapi.dll

22. Handler and module configuration settings have moved: system.web/httpHandlers → system.webServer\handlers system.web/httpModules → system.webServer\modules Setting the “managedHandler” precondition for a module means “execute only for ASP.NET requests”

24. Use IIS Manager from XP, Vista, Windows Server 2003/2008 No administration website required! Secure, firewall-friendly connection over HTTP/SSL Fully customizable Supports auto-deployment of new Administration features from server->client Can hide features remote user cannot edit

25. Moved from Metabase.xml (and.bin) to Applicationhost.config File based configuration improves manageability XML – integrate with XML readers and APIs Config can be copied to other servers Easier to read Facilitates backup, restore and editing You now have choices about how to manage IIS configuration Centralized Configuration Delegated Administration Shared Configuration

26. NET global settings ASP.net global settings Global settings and location tags Contoso.com \ Orders.NET Framework Global web.config Machine.config IIS 7 Applicationhost.config Site Root Web.config.NET settings.. IIS7 Delegated settings.. Contso.com root

27. Delegate control to site owners Site owners control designated settings without elevated server privileges Delegated settings written to Web.config files Site and/or application level Shared with ASP.net configuration XCopy deploy configuration and content Granular control over delegated settings allows precise locking Example: Require Windows Authentication - let site owner control turn on/off Basic.

28. All web servers can share a single applicationhost.config Eliminates configuration replication in a web farm Easily stage and rollback config changes All administration tools are redirected to a common UNC path Does not replicate content First appearance in Longhorn Beta 3

29. XML AppHost.config Staging New Config Version 2 Version 1 Easily manage multiple configuration versions for staging and rollback

31. APPCMD General purpose command line tool Query and control state, change settings, add sites and vdirs Managed Code API Microsoft.Web.Administration WMI Improved namespace for IIS7 ADSI compatibility Powershell use with Managed API and WMI

32. simple cmd-line syntax powerful mgmt objects inline help & multiple outputs

33. C:\> appcmd list sites SITE "Default Web Site" (id:1,bindings:HTTP/*:80:,state:Started) SITE "Site1" (id:2,bindings:http/*:81:,state:Started) SITE "Site2" (id:3,bindings:http/*:82:,state:Stopped ) SITE "Default Web Site" (id:1,bindings:HTTP/*:80:,state:Started) SITE "Site1" (id:2,bindings:http/*:81:,state:Started) SITE "Site2" (id:3,bindings:http/*:82:,state:Stopped) C :\> appcmd list requests REQUEST "fb0000008000000e" (url:GET /wait.aspx?time=10000,time:4276 msec,client:localhost) C:\> appcmd list requests /apppool.name:DefaultAppPool C:\> appcmd list requests /wp.name:3567 C:\> appcmd list requests /site.id:1 Filter results by application pool, worker process, or site

34. Create Site Create Virtual Directory Create Application NOT CONSISTENT Set oIIS = GetObject("winmgmts:root\MicrosoftIISv2") ' Create binding for new site Set oBinding = oIIS.Get("ServerBinding").SpawnInstance_ oBinding.IP = "" oBinding.Port = "80" oBinding.Hostname = "www.site.com" ' Create site and extract site name from return value Set oService = oIIS.Get("IIsWebService.Name='W3SVC'") strSiteName = oService. CreateNewSite ("NewSite", array(oBinding), "C:\inetpub\wwwroot") Set objPath = CreateObject("WbemScripting.SWbemObjectPath") objPath.Path = strSiteName strSitePath = objPath.Keys.Item("") Set oSite = oIIS.Get("IIsWebServer.Name='" & strSitePath & "'") oSite.Start ' Create the vdir for our application Set oVDirSetting = oIIS.Get("IIsWebVirtualDirSetting"). SpawnInstance_ oVDirSetting.Name = strSitePath & "/ROOT/bar" oVDirSetting.Path = "C:\inetpub\bar" oVDirSetting.Put_ ' Make the VDir an application Set oVDir = oIIS.Get("IIsWebVirtualDir.Name='" & strSitePath & "/ROOT/bar'") oVDir. AppCreate2

35. Set oService = GetObject("winmgmts:root\WebAdministration") ' Create binding for site Set oBinding = oService.Get("BindingElement").SpawnInstance_ oBinding.BindingInformation = "*:80:www.site.com" oBinding.Protocol = "http" ' Create site oService.Get("Site").Create _ "NewSite", array(oBinding), "C:\inetpub\wwwroot" ' Create application oService.Get("Application").Create _ "/foo", "NewSite", "C:\inetpub\wwwroot\foo" Static Create methods CONSISTENT

36. Provides compatibility for: scripts command line tools native calls into ABO Not installed by default Install IIS 6 Compatibility Can only do what IIS6 could do… Can’t read/write new IIS properties Application Pools: managedPipelineMode, managedRuntimeVersion Request Filtering Failed Request Tracing Can’t read/write ASP.NET properties Can’t read/write web.config files Can’t access new runtime data, e.g. worker processes, executing requests applicationHost.config IISADMIN ABOMapper IIS6 ADSI Script

38. View Detailed Errors in the Browser New errors provide prescriptive guidance Access Runtime State Info in Real-Time New APIs expose all runtime diagnostic information Ex. See all currently executing requests Rapidly Troubleshoot Faulty Applications Rules define ‘failures’ that triggers report of pipeline events Define by http result code and/or time taken Configurable per application or URL Quickly identify bottlenecks Developers can add custom events

40. Managed code everywhere Integrated Pipeline IIS 7 Managed module starter kit http://www.iis.net/downloads/ Add application specific UI to IIS Manager http://www.iis.net/articles/view.aspx/IIS7/Extending-IIS7/Extending-IIS-Manager/How-to- Create-a-Simple-IIS-Manager-Module Simplified deployment, server farms Xcopy of config files, shared config, appcmd Reduced surface area Manage with delegate administration Diagnose with built in / extensible tracing Provide high availability host for web services

41. Go Live License available to public Download Center – Download IIS 7 Extensions such as new FTP server TechCenter to easily find the info you need Advice and assistance in Forums Walkthroughs, examples, and code samples Online labs – test IIS7 in your browser!

42. http://www.microsoft.com/emea/itsshowtime/result_s earch.aspx?event=69

44. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

45. Deprecated NNTP IIS 5 Worker Process Isolation Mode FPSE (compatible alternative on IIS.net) Metabase.bin/Metabase.xml IUSR_ IWAM_ and IIS_WPG POP3 No administration website