logging in or signing up COM209 Staples Dora Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 532 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: February 20, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Lap Around IIS7: Lap Around IIS7 Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation xxx Roller Coaster Rides e v e n: s e v e n supportable i n t e r n e t i n f o r m at i o n s e r v i c e s integrated extensible componentized compatible secure delegatedIIS – a colorful past: IIS – a colorful past 1996 - V1 & 2 ships for Windows NT 3.5 & 4.0 1997 – V4 part of NT 4 Option Pack 2000 – V5 installed by default in Windows 2000 2001 March 2001, #1 in Internet Site Share Fall 2001, Code Red and Nimda 2003 – V6 released in Windows Server 2003IIS 6 Today: IIS 6 Today Secure by Design Extensive design & code reviews Penetration testing Defense in depth Secure by Default IIS no longer installed by default with OS IIS installs with “locked down” configuration Runs with minimal permissions, secure configuration Process architecture designed for app failure Health detection Automatic recycling of applications Zero critical security patches since releaseSlide5: IIS 7 Overview Configuration & Admin Tool Core Server Diagnostics Compatibility Security DemosThe Metabase: The Metabase Is Dead! (global web configuration is now stored in applicationHost.config) Centralized, admin-only configuration store COM-only interface Poorly schematized XML format Built using 1996 era standardsSlide7: IIS 7 Configuration Enables You To... Store IIS and ASP.NET settings in web.config XCopy web settings along with content Share web settings across multiple servers Extend configuration with your own schema … in a clean, well-schematized formatThe IIS Snap-in (inetmgr): The IIS Snap-in (inetmgr) Is Dead! (the new administration tool is named webmgr) Administrator only console Poorly factored UI (go where for security?) Difficult to use (one page has that many tabs?) DCOM remotingSlide9: IIS 7 Admin Tool Enables You To... Manage IIS and ASP.NET in one place Manage individual sites and apps w/o machine admin privileges View health, diagnostics, users, more… Extend with your own Admin UIDelegated: Delegated configure and deploy w/o admin privilegesSlide11: For More Information… COM431: IIS 7 Extensibility (Part 2): Building Configuration and UI Modules Friday 1pm, Room 404ABThe Core Server & ISAPI: The Core Server & ISAPI Is Dead! (IIS7 is now completely modular, built on public APIs) All core IIS features implemented in w3core.dll ISAPI difficult to master, not very flexible ISAPI unused by IIS team Built using 1996 era standardsSlide13: IIS 7 Core Server Enables You To... Build new IIS modules on full-fidelity APIs Use native (C/C++) or Managed (C#, VB .NET) code Use existing ASP.NET modules / handlers Customize IIS footprint – per site or appIIS7 Core Web Server Modules: IIS7 Core Web Server Modules Http Protocol Support ValidationRangeModule TraceVerbModule OptionsVerbModule ClientRedirectionModule Logging and Diagnostics HttpLoggingModule CustomLoggingModule Configuration and Metadata Caches ConfigurationModule UriCacheModule SiteCacheModule FileCacheModule Core Web Server DirectoryListingModule CustomErrorModule DynamicCompressionModule StaticCompressionModule StaticFileModule DefaultDocumentModule HttpCacheModule RequestMonitorModule TracingModule AuthN/AuthZ BasicAuthModule DigestAuthModule WindowsAuthModule CertificateAuthModule AnonymousAuthModule FormsAuthModule AccessCheckModule UrlAuthorizationModule Extensibility ISAPIModule ISAPIFilterModule CGIModule ServerSideIncludeModule ManagedEngineModule Publishing DavModuleComponentized: Componentized powerful, flexible building blocks for minimal footprintSlide16: For More Information… COM303 IIS7: Building More Powerful ASP.NET Applications with IIS7 Wednesday 1:45pm, Room 152/153 COM406 IIS7 Extensibility (Part 1): Building New Core Server Modules Wednesday 11:00am, Room 406ABSlide17: IIS 7 Diagnostics Enables You To... View real-time server state information Control state of Sites, Apps, AppPools, AppDomains Log detailed trace events across web platform stack Automatically log event traces on error conditions Extend trace logging with your own eventsSupportable: Supportable easy to diagnose and fix problemsSlide19: For More Information… COM320 IIS7 Instrumenting, Diagnosing, and Debugging Web Applications Wednesday 11:30am, Room 515ABSlide20: IIS 7 Compatibility Means… Existing ISAPI filters and extensions just work Classic ASP applications just work ASP .NET v1.1 and v2.0 applications just work ADSI and WMI scripts just work against new IIS configCompatible: Compatible existing applications just workSlide22: IIS 7 Security Enables You To... Reduce attack surface through componentization Configure / manage sites and apps w/o admin privileges Easily secure web sites using unified authn/authz model Filter requests using built-in moduleSlide23: IIS 7 Summary Distributed and delegated configuration Tremendous extensibility, flexibility and customization Rich diagnostics and troubleshooting support Committed to compatibility Continues to build on rock solid IIS 6.0 securityIIS7: IIS7Slide25: © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
COM209 Staples Dora Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 532 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: February 20, 2008 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Lap Around IIS7: Lap Around IIS7 Bill Staples Product Unit Manager, IIS COM014 – A Lap Around IIS7 Microsoft Corporation xxx Roller Coaster Rides e v e n: s e v e n supportable i n t e r n e t i n f o r m at i o n s e r v i c e s integrated extensible componentized compatible secure delegatedIIS – a colorful past: IIS – a colorful past 1996 - V1 & 2 ships for Windows NT 3.5 & 4.0 1997 – V4 part of NT 4 Option Pack 2000 – V5 installed by default in Windows 2000 2001 March 2001, #1 in Internet Site Share Fall 2001, Code Red and Nimda 2003 – V6 released in Windows Server 2003IIS 6 Today: IIS 6 Today Secure by Design Extensive design & code reviews Penetration testing Defense in depth Secure by Default IIS no longer installed by default with OS IIS installs with “locked down” configuration Runs with minimal permissions, secure configuration Process architecture designed for app failure Health detection Automatic recycling of applications Zero critical security patches since releaseSlide5: IIS 7 Overview Configuration & Admin Tool Core Server Diagnostics Compatibility Security DemosThe Metabase: The Metabase Is Dead! (global web configuration is now stored in applicationHost.config) Centralized, admin-only configuration store COM-only interface Poorly schematized XML format Built using 1996 era standardsSlide7: IIS 7 Configuration Enables You To... Store IIS and ASP.NET settings in web.config XCopy web settings along with content Share web settings across multiple servers Extend configuration with your own schema … in a clean, well-schematized formatThe IIS Snap-in (inetmgr): The IIS Snap-in (inetmgr) Is Dead! (the new administration tool is named webmgr) Administrator only console Poorly factored UI (go where for security?) Difficult to use (one page has that many tabs?) DCOM remotingSlide9: IIS 7 Admin Tool Enables You To... Manage IIS and ASP.NET in one place Manage individual sites and apps w/o machine admin privileges View health, diagnostics, users, more… Extend with your own Admin UIDelegated: Delegated configure and deploy w/o admin privilegesSlide11: For More Information… COM431: IIS 7 Extensibility (Part 2): Building Configuration and UI Modules Friday 1pm, Room 404ABThe Core Server & ISAPI: The Core Server & ISAPI Is Dead! (IIS7 is now completely modular, built on public APIs) All core IIS features implemented in w3core.dll ISAPI difficult to master, not very flexible ISAPI unused by IIS team Built using 1996 era standardsSlide13: IIS 7 Core Server Enables You To... Build new IIS modules on full-fidelity APIs Use native (C/C++) or Managed (C#, VB .NET) code Use existing ASP.NET modules / handlers Customize IIS footprint – per site or appIIS7 Core Web Server Modules: IIS7 Core Web Server Modules Http Protocol Support ValidationRangeModule TraceVerbModule OptionsVerbModule ClientRedirectionModule Logging and Diagnostics HttpLoggingModule CustomLoggingModule Configuration and Metadata Caches ConfigurationModule UriCacheModule SiteCacheModule FileCacheModule Core Web Server DirectoryListingModule CustomErrorModule DynamicCompressionModule StaticCompressionModule StaticFileModule DefaultDocumentModule HttpCacheModule RequestMonitorModule TracingModule AuthN/AuthZ BasicAuthModule DigestAuthModule WindowsAuthModule CertificateAuthModule AnonymousAuthModule FormsAuthModule AccessCheckModule UrlAuthorizationModule Extensibility ISAPIModule ISAPIFilterModule CGIModule ServerSideIncludeModule ManagedEngineModule Publishing DavModuleComponentized: Componentized powerful, flexible building blocks for minimal footprintSlide16: For More Information… COM303 IIS7: Building More Powerful ASP.NET Applications with IIS7 Wednesday 1:45pm, Room 152/153 COM406 IIS7 Extensibility (Part 1): Building New Core Server Modules Wednesday 11:00am, Room 406ABSlide17: IIS 7 Diagnostics Enables You To... View real-time server state information Control state of Sites, Apps, AppPools, AppDomains Log detailed trace events across web platform stack Automatically log event traces on error conditions Extend trace logging with your own eventsSupportable: Supportable easy to diagnose and fix problemsSlide19: For More Information… COM320 IIS7 Instrumenting, Diagnosing, and Debugging Web Applications Wednesday 11:30am, Room 515ABSlide20: IIS 7 Compatibility Means… Existing ISAPI filters and extensions just work Classic ASP applications just work ASP .NET v1.1 and v2.0 applications just work ADSI and WMI scripts just work against new IIS configCompatible: Compatible existing applications just workSlide22: IIS 7 Security Enables You To... Reduce attack surface through componentization Configure / manage sites and apps w/o admin privileges Easily secure web sites using unified authn/authz model Filter requests using built-in moduleSlide23: IIS 7 Summary Distributed and delegated configuration Tremendous extensibility, flexibility and customization Rich diagnostics and troubleshooting support Committed to compatibility Continues to build on rock solid IIS 6.0 securityIIS7: IIS7Slide25: © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.