Understanding IIS Components and Options
The
IIS platform has been designed with a modular, component-based
architecture. In its simplest configuration, the Web server component
provides basic HTTP functionality. IIS includes many components and
features that can be used to support different types of content and
applications. Most deployments will need only a subset of these
features. Therefore, administrators can choose to enable only those
components that their Web applications require.
Although
the modular approach requires systems administrators to enable
explicitly the features that they require, this architecture provides
numerous advantages:
Enhanced security
Each enabled service or feature potentially can increase the security
attack surface on an IIS server. This is a significant concern for
publicly accessible servers that might be the targets of malicious
attacks of unauthorized access attempts. For
example, a defect or vulnerability in a specific type of IIS extension
might be used to perform unauthorized actions on the server.
Administrators can reduce these risks greatly by enabling only those
features and services that are required by their content and
applications.
Improved performance
Installing and enabling unnecessary components can use up system
resources on the server that is running IIS. By enabling only those
features that are required specifically, server resources can be
retained for use by other applications. The end result is better
performance and scalability.
Ability to customize server configurations
As mentioned earlier in this lesson, organizations tend to use IIS in a
variety of deployment scenarios. The security and functionality
requirements can vary significantly, and a modular architecture enables
systems administrators to customize each deployment based on its
specific needs. For example, the authentication and security
requirements of internal Web servers and Internet-accessible servers
often differ. Administrators can enable the required features for each
type of server independently.
In this section, you’ll learn about components and options that are related to the IIS platform.
More Info: Information from the IIS team
The
IIS team at Microsoft has created a Web site that includes tutorials,
technical articles, and other details about working with the IIS
platform. This is a great resource for in-depth information about the
many available features and components. The site includes links to
downloads and information about products that work with (or on) the IIS
platform. Team members have their own blogs, too, which focus on their
specific areas of expertise. The main page is located at http://www.iis.net.
Understanding the Application Server Role
One
of the primary strengths of the Windows platform is its ability to
support a range of application development technologies. Modern
applications often rely on extensive communications features. For
example, a distributed application might need to create and manage
transactions across several different sites and services using a
distributed network. Building this type of functionality can be
difficult and complicated. Applications developers can save significant
time and effort by taking advantage of the features that are already
available on their operating system platform.
Windows
Server 2008 includes the Application Server role to provide support for
a variety of different application development technologies. The
Application Server role is based on .NET Framework 3.0 technology and
includes support for other communications and presentation features.
Although the Application Server role is not specifically dependent on
the Web Server (IIS)
role, distributed applications that are built using ASP.NET or Windows
Communication Foundation (WCF) will require both roles.
Tip
The
Application Server role provides additional functionality on top of
ASP.NET support and other services that are available for the Web
Server (IIS) role. In general, you should not need to install the
Application Server role unless a specific Web application or Web
service requires it. Basic ASP.NET applications, for example, will run
without the Application Server role enabled on the server.
You
can install the Application Server role by using the Add Roles Wizard
in Server Manager. When you add the role, you will be given the option
of determining which additional role services you plan to enable. The
specific features include:
Application Server Foundation
This is a required feature of the Application Server role. It includes
support for technology in the .NET Framework 3.0 platform. The primary
technology components are the WCF, Windows Presentation Foundation
(WPF), and Windows Workflow Foundation (WF).
Web Server (IIS) Support
The Application Server role can be integrated with the Web Server (IIS)
role to enable Web applications to access advanced features. When you
select this option, the Add Roles Wizard will prompt you to install IIS
automatically if it is not already installed.
COM+ Network Access
The Component Object Model (COM) standard provides applications
developers with a method for accessing different pieces of application
code. COM+ provides the ability to invoke (or access) application code
remotely across a network. Distributed applications, such as those that
require multiple tiers of functionality, might require this feature.
TCP Port Sharing
A potential management challenge of working in distributed environments
is that of supporting many server applications on a single computer.
Generally, each application requires its own TCP port for responding to
inbound requests. The TCP Port Sharing feature enables multiple
applications to share the same port to simplify server and firewall
configuration.
Windows Process Activation Service Support
The Windows Process Activation Service (WAS) provides the ability to
access application services over the network by using different types
of protocols and services. This feature can be used by IIS itself to
support additional protocols and communications methods.
Distributed Transactions
Applications that involve distributed transactions require multiple
servers and applications to coordinate their activities before changes
are made permanent. By using this section, you enable incoming and
outgoing remote transactions and support the WS-Atomic Transactions
standard for Web Services.
Generally,
you should verify requirements with Web application developers to
determine which Application Server components (if any) are required.
When
done correctly, collecting and communicating Web server requirements
can help ensure that systems administrators are aligned with the
developers and users that they support. From an IT standpoint, IIS is
one of those technology areas that can benefit from input and expertise
from all areas of your organization. Be sure to do your homework before
diving into the configuration process and you’re much more likely to
end up with the right IIS configuration.