Sneak peek: Microsoft IIS 7.0 server
Developers have been lapping up every detail on it, including the recent beta release of Vista and the official IIS community portal.
What's so interesting about IIS 7.0? The Microsoft IIS team started working on IIS 7.0 as soon as IIS 6.0 was released back in 2003 with Windows Server 2003. In IIS 5.0, everything relied on inetinfo.exe, which was used for request routing, configuration and so on. Though you were able to isolate application, either medium or high in application protection mode (dllhost.exe), version 5.0 did not offer a complete Web application isolation.
Things improved with IIS 6 where you had more control on the types of contents that can be accessed via Web services extensions, but this was only possible at the global server level rather than individual site basic. Also, disabled DLLs installed in the machine had to be patched even if you were not using them.
IIS 7.0 not only addresses all these shortcomings, the team at Microsoft has also completely re-architected the core server design as well as built full integration with ASP.NET and IIS IMHO.
Where the jump from IIS 5.0 to 6.0 enabled the Windows IIS server to become a standard Web server, IIS 7.0 will enable a true application server that provide a seamless hosting environment for your Web applications and services.
Here are some cool features you can look forward to in IIS 7.0:
Modular Architecture
Similar to the term "Mod" in Apache world, the IIS team modularizes the entire IIS platform to individual functional parts and allows you to assemble your server by modules. This gives you full control to decide what features or functions you want to include in your IIS, whereas you would have had to deal with pre-built IIS components with previous versions. You don't have to install the module you don't need, and this eases the administrative and patching tasks. It will also reduce the areas that hackers can attack.
At the same time, the IIS binary footprint depends on the number of modules loaded, so this uses smaller memory and provides better performance throughput for incoming requests.
Extensible Design
With the new modular architecture, you can now easily transform the Web server to tailor your specific needs. For example, if you have a specific requirement to redirect client requests based on the browser type, rather than use the built-in redirect module, you can now code your own redirect module and plug it directly into the IIS request pipeline.
With IIS 7.0, you have the opportunity to develop your modules in either managed or native code. This was not possible with previous versions of IIS.
Administrative Framework
There's a brand new administration GUI with IIS 7.0 and a new command line tool called "appcmd.exe". The IIS Manager and Appcmd.exe are fully integrated, providing a round-trip configuration facility to ensure changes made in IIS Manager can be seen and done via Appcmd.exe.
IIS 7.0 also fully supports admin delegation so local administrative rights are no longer required to manage IIS.
ASP.NET Integration
IIS 7.0 takes advantages of the ASP.NET 2.0 extensible model and incorporates it to the new core module server. This provides new unified request pipeline features that allow a common server runtime foundation for all requests. Non-ASP.NET contents such as Active Server Pages and Static file, can now inherit the benefits of the ASP.NET core model including forms authentication, definition of roles, memberships control and more.
Security Improvement
Because the component-based modules allow you to custom build your IIS, you should only install components that are needed for the application. For example, if the Web application supports only anonymous access, you only need to install the AnonymousAuthModule from the set of security modules provided. This helps to minimize the surfaces available for attackers to probe, as well as reduce patches and maintenance work.
The new administrative framework also empowers you with granular level of control for administrative tasks delegation. You no longer need to grant local administrator rights to users for managing IIS, removing time you would have had to spend managing their Web sites and applications.
Simple Deployment
With the new configuration system in IIS 7.0, it makes the Xcopy application deployment a reality. "Replicating" IIS configuration from one machine to another machine is also easier as the new IIS configuration does not hold any machine-specific data. To sum, this helps tremendously when you are planning a large-scale Web farm deployment. Once the base machine is set up, you only need to "xcopy" the Web application source files and replicate the IIS configuration settings.
Customizing IIS configuration is also easier with the new managed code API (Microsoft.Web.Administration).
Bernard Cheah is an enterprise architect with Intel (Malaysia), focusing on infrastructure architecting for the manufacturing computing division. He is active in many online IIS communities and co-runs IIS-Resources.com with a few Microsoft IIS MVPs (Most Valuable Professionals).