Internet Information Services 5.0 has many new features to help Web administrators to create scalable, flexible Web applications.
Security
Administration
Programmability
Internet Standards
Digest Authentication: Digest authentication allows secure and robust authentication of users across proxy servers and firewalls. In addition, Anonymous, HTTP Basic, and integrated Windows authentication (formerly known as Windows NT Challenge/Response authentication and NTLM authentication) are still available.
- Secure Communications: Secure Sockets Layer (SSL) 3.0 and Transport Layer Security (TLS) provide a secure way to exchange information between clients and servers. In addition, SSL 3.0 and TLS provide a way for the server to verify who the client is before the user logs on to the server. In IIS 5.0, client certificates are exposed to both ISAPI and Active Server Pages, so that programmers can track users through their sites. Also, IIS 5.0 can map the client certificate to a Windows user account, so that administrators can control access to system resources based on the client certificate.
Server-Gated Cryptography: Server-Gated Cryptography (SGC) is an extension of SSL that allows financial institutions with export versions of IIS to use strong 128-bit encryption. Although SGC capabilities are built into IIS 5.0, a special SGC certificate is required to use SGC.
- Security Wizards: Security wizards simplify server administration tasks.
The Web Server Certificate Wizard simplifies certificate administration tasks, such as creating certificate requests and managing the certificate life cycle.
The Permissions Wizard makes it easy to configure Web site access by assigning access policies to virtual directories and files. The Permissions Wizard can also update NTFS file permissions to reflect these Web access policies.
The CTL wizard helps you configure your certificate trust lists (CTLs). A CTL is a list of trusted certification authorities (CAs) for a particular directory. CTLs are especially useful for Internet service providers (ISPs) who have several Web sites on their server and who need to have a different list of approved certification authorities for each site.
- IP and Internet Domain Restrictions: You can grant or deny Web access to individual computers, groups of computers, or entire domains.
Kerberos v5 Authentication Protocol Compliance: IIS is fully integrated with the Kerberos v5 authentication protocol implemented in Microsoft® Windows® 2000, allowing you to pass authentication credentials among connected computers running Windows.
Certificate Storage: IIS certificate storage is now integrated with the Windows CryptoAPI storage. The Windows Certificate Manager provides a single point of entry that allows you to store, back up, and configure server certificates.
Fortezza: The U.S. government security standard, commonly called Fortezza, is supported in IIS 5.0. This standard satisfies the Defense Message System security architecture with a cryptographic mechanism that provides message confidentiality, integrity, authentication, and access control to messages, components, and systems. These features can be implemented both with server and browser software and with PCMCIA card hardware.
Restarting IIS: Now you can restart your Internet services without having to reboot your computer.
- Backing Up and Restoring IIS: You can back up and save your metabase settings to make it easy to return to a safe, known state.
Process Accounting: Provides information about how individual Web sites use CPU resources on the server. This information is useful in determining which sites are using disproportionally high CPU resources or which might have malfunctioning scripts or CGI processes.
Process Throttling: You can limit the percentage of time the CPU spends processing out-of-process ASP, ISAPI, and CGI applications for individual Web sites. In addition, misbehaving processes can be stopped and restarted.
Improved Custom Error Messages: Now administrators can send informative messages to clients when HTTP errors occur on their Web sites. Also includes detailed ASP error processing capabilities through the use of the 500-100.asp custom error message. You can use the custom errors that IIS 5.0 provides, or create your own.
- Configuration Options: You can set permissions for Read, Write, Execute, Script, and FrontPage Web operations at the site, directory, or file level.
-
Remote Administration: IIS 5.0 has Web-based administration tools that allow remote management of your server from almost any browser on any platform. With IIS 5.0, you can set up administration accounts called Operators with limited administration privileges on Web sites, to help distribute administrative tasks.
Terminal Services: Terminal Services is a feature of Windows 2000 that allows you to run 32-bit Windows applications on terminals and terminal emulators running on personal computers and other computer desktops. Terminal Services allows virtually any desktop to run applications on the server. This enables you to remotely administer Windows 2000 services such as IIS as if you were at the server console, including administration from older legacy PCs, or even non-PC devices such as UNIX workstations with compatible client software. (Non-Windows-based client devices require third-party add-on software.)
- Centralized Administration: Administration tools for IIS use the Microsoft® Management Console (MMC). MMC hosts the programs, called snap-ins, that administrators use to manage their servers. You can use IIS snap-in from a computer running Windows 2000 Professional to administer a computer on your intranet running Internet Information Services on Windows 2000 Server.
- Active Server Pages: You can create dynamic content by using server-side scripting and components to create browser-independent dynamic content. Active Server Pages (ASP) provides an easy-to-use alternative to CGI and ISAPI by allowing content developers to embed any scripting language or server component into their HTML pages. ASP provides access to all of the HTTP request and response streams, as well as standards-based database connectivity and the ability to customize content for different browsers.
New ASP Features: Active Server Pages has some new and improved features for enhancing performance and streamlining your serverside scripts.
Application Protection: IIS 5.0 offers greater protection and increased reliability for your Web applications. By default, IIS will run all of your applications in a common or pooled process that is separate from core IIS processes. In addition, you can still isolate mission-critical applications that should be run outside of both core IIS and pooled processes.
ADSI 2.0: In IIS 5.0, administrators and application developers will have the ability to add custom objects, properties, and methods to the existing ADSI provider, giving administrators even more flexibility in configuring their sites.
- Standards Based: Microsoft Internet Information Services 5.0 complies with the HTTP 1.1 standard, including features such as PUT and DELETE, the ability to customize HTTP error messages, and support for custom HTTP headers.
- Multiple Sites, One IP Address: With support for host headers, you can host multiple Web sites on a single computer running Microsoft Windows 2000 Server with only one IP address. This is useful for Internet service providers and corporate intranets hosting multiple sites.
Web Distributed Authoring and Versioning (WebDAV): Enables remote authors to create, move, or delete files, file properties, directories, and directory properties on your server over an HTTP connection.
- News and Mail: You can use SMTP and NNTP Services to set up intranet mail and news services that work in conjunction with IIS.
- PICS Ratings: You can apply Platform for Internet Content Selection (PICS) ratings to sites that contain content for mature audiences.
FTP Restart: Now File Transfer Protocol file downloads can be resumed without having to download the entire file over again if an interruption occurs during data transfer.
HTTP Compression: Provides faster transmission of pages between the Web server and compression-enabled clients. Compresses and caches static files, and performs on-demand compression of dynamically generated files.
© 1997-1999 Microsoft Corporation. All rights reserved.