The product has been redesigned for Longhorn with security in mind, can now run server-side applications with the help of Microsoft's .Net programming languages, and has transitioned from a boutique-style Internet server into a world-class set of code that can run even the most intense Internet-facing applications.
So what improvements will IIS 7, included in the upcoming Longhorn Server, bring to the table? Let's take a look at five major enhancements to IIS and what they mean for you.
IIS is completely modular.
If you're familiar with the popular Apache Web server software, you know that perhaps its biggest strength is that Apache can run on a bare-bones installation. You can configure it to serve just static HTML and nothing else, or you can dynamically load modules that allow different types of content to be processed and served. You can compile a custom Apache installation that does only what you want it to.
IIS has never really been able to pick and choose from its features and abilities, which had two significant drawbacks. For one, its performance somewhat suffered because the code was busy hosting features and supporting content that you may have never intended to use. Two, security was a problem in that the surface area of the product was made larger by default, even if you had no use for some features.
In IIS 7, however, features operate modularly. You can load them in any combination and with no dependencies and really create a lean, mean server that does what you want it to do very well -- and it does nothing else. You also gain the benefit of IIS 7's extensibility: It's easier than ever to write a custom module that plugs directly into the IIS core to enable special functionality for your operation.
IIS 7 can be configured from a text file.
Taking another page from Apache's playbook, each setting in any site configured within IIS can be edited directly from the web.config file. Aside from the obvious convenience, this is a boon for companies that host large numbers of Web sites. It's now trivial to deploy an identical configuration across thousands of sites in seconds; you can just copy web.config to each site and you are finished.
You can also delegate administration of certain sections of web.config to other people, so that a bit of control is available for, say, individual site owners while not necessarily requiring everyone to contact the IIS administrator for any changes to be made. Version control is equally simple -- just make several different versions of a text file, store them in some organized fashion and retrieve when necessary. Very cool.
The management interface for IIS 7 has been completely designed and is now more task-oriented.
IIS throws away the sometimes confusing, cluttered interface that plagued IIS 4, 5 and 6 and offers a brand new console look. It's now designed to expose more features in a sensible manner to the user while making rapid, large-scale administration across hundreds or thousands of sites quite simple. As with most everything else about IIS 7, the new interface is extensible as well, so you can create custom plug-ins that work directly within the IIS 7 Management Console.
Security has been improved in IIS 7.
It's even over and above that in IIS 6. And compared to IIS 5, which came with Windows 2000, IIS 6 was light-years ahead in the security area. (In fact, for years I called IIS 5 Swiss cheese.)
As Web applications proliferate and the popularity of .Net-based Web sites continues to increase, you'll find IIS taking an even more prominent role in corporate networks. Security is more important than ever given that many of these applications process and store sensitive information.
In IIS 7, .Net applications are run directly within the IIS core itself and are not sent to the Internet Server Application Programming Interface extension; this is more secure and results in faster performance. Essentially, the .Net runtime environment becomes one as the distinction between ASP, .Net code and IIS blurs. You also get the benefit of forms authentication for any type of content, so you can authenticate against a database for just about any page or piece of Web content, not just .Net code.
The Windows PowerShell administration environment can administer IIS 7.
While PowerShell can also administer Windows Server 2003 machines running IIS 6, IIS 7 was designed to be managed from the command line with PowerShell. Also included is the new APPCMD utility, which runs from the standard command line and allows you to create and configure sites, settings and more. APPCMD can be especially useful if you have scripts to programmatically manage your environment.
Jonathan Hassell is an author, consultant and speaker on a variety of IT topics. His published works include RADIUS, Hardening Windows, Using Windows Small Business Server 2003 and Learning Windows Server 2003. His work appears regularly in such periodicals as Windows IT Pro magazine, PC Pro and TechNet Magazine. He also speaks worldwide on topics, ranging from networking and security to Windows administration. He is currently an editor at Apress Inc., a publishing company specializing in books for programmers and IT professionals.