Document: Internet Information Services 7.0 Reviewer’s Guide
Working Date: Dec 10, 2007
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 1
Table of Contents
Introduction.................................................................................................................................................3
Feature Overview........................................................................................................................................4
More Secure, Reliable Hosting................................................................................................................4
Modular Architecture..........................................................................................................................4
Automatic application sandboxing......................................................................................................7
Backward Compatibility Reduces Migration Risk.................................................................................8
Request Filtering..................................................................................................................................9
URL Authorization Rules......................................................................................................................9
More Efficient Management....................................................................................................................9
New and Improved Administration Tools............................................................................................9
Delegated Administration..................................................................................................................12
Powerful diagnostic and troubleshooting tools.....................................................................................13
Simpler Deployment and Maintenance.................................................................................................16
XML-Based Configuration Model.......................................................................................................17
Application XCopy deployment.........................................................................................................17
Integrated application pipeline for services.......................................................................................18
Flexible Web server extensibility model............................................................................................19
Conclusion.................................................................................................................................................19
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 2
Introduction
Microsoft® Internet Information Services 7.0 (IIS 7.0) is part of Microsoft Windows Server® 2008, and
delivers a security-enhanced, easy-to-manage Web platform for developing and reliably hosting Web
applications and services. IIS 7.0 builds on the solid security, reliability, and scalability of Internet
Information Services 6 (IIS 6), while offering an even richer set of management and hosting capabilities
and tools, designed to address key customer needs.
Enhanced IIS 7.0 features help create a unified platform and a consistent development and
administrative model for Web solutions. The following table highlights key features and benefits for IT
staff.
Role Key Benefits
IT Professionals Minimized surface area through fully customizable installation options Efficient, feature-focused administration tool with simplified
administration tasks Shared Web farm configuration eliminates configuration replication
and synchronization Expanded detailed local server errors and automatic failed request
tracing for rapid troubleshooting and minimized downtime Automatic Application Pool isolation for new Web sites, providing
sandboxed configuration and process identity by default Powerful new command line utility to manage administration and
configuration of Web sites Fine-grained access control with URL authorization and request
filtering rules Performance improvements like powerful compression for static and
dynamic content, output caching, and SSL and Windows authentication in kernel mode.
Web Hosters Inexpensive, streamlined Windows Server Web Edition, perfect for hosting workloads
Scalable shared hosting - easily sandbox thousands of Web sites on a single server
World-class performance and reliability hosting of ASP, ASP.NET Framework, and PHP applications
Remote Web site administration tool for site owners and developers supporting Windows Vista®, Windows Server® 2003 and Windows® XP, and ability to delegation for remote administration
In-depth runtime state data providing detailed diagnostics information Modern FTP publishing support, including integrated Web publishing,
FTP/SSL, and membership-based authentication, via module download
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 3
from http://www.iis.net
Developers Extensible, modular architecture – add, remove, or replace any built-in module
Enhanced ASP.NET integration including unified configuration, HTTP runtime, and administration tools
Applications running in integrated mode can take advantage of .NET security features like forms authentication
XCopy deploys IIS 7.0 configuration in Web.config Caching support (kernel and user) for all types of dynamic content
Feature Overview
IIS 7.0 features enhance Web Administration at every stage in the application lifecycle. New and
improved features in IIS 7.0 provide:
More secure, reliable application hosting
Greater productivity with delegated management and enhanced tools
Reduced down time with powerful troubleshooting capabilities
Simpler application deployment and maintenance
More Secure, Reliable Hosting Administrators can depend on IIS 7.0 for more secure, reliable hosting. Its modular architecture allows
administrators to install a reduced set of components—or opt for the minimal installation with Server
Core—resulting in a reduced attack surface. IIS 7.0 also offers greater application isolation through
default sandboxing, further reducing security risks.
IIS 7.0 provides a feature-rich and easy-to-use hosting platform for the .NET Framework, the Windows®
Communication Foundation for XML services, Classic ASP, and the new Fast-CGI compliance module for
other application frameworks such as PHP. The integrated pipeline allows for different application
frameworks to run within a single Web server request pipeline, offering built-in ASP.NET extensibility for
all applications.
Modular ArchitectureIIS 7.0 is made up of more than 40 separate feature modules. Less than half of the modules are installed
by default, and Administrators can selectively install or remove any feature modules as needed. This
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 4
Click the Modules icon to display the Modules dialog
approach saves time by limiting the number of features requirement management and updates.
Because no unneeded software is running, the attack surface of the Web server is reduced, improving
security.
Custom modules can be used to replace existing modules or to introduce new features. Figure 2 shows
the UI for module selection.
Figure 1: Controlling Modules in IIS Manager
The modular architecture makes it easy to add, remove, and replace any built-in module (or third-party
module) by using the new IIS Manager interface, and custom Web servers can be built by customizing or
extending IIS 7.0 using native (C/C++) or managed code (C#/Visual Basic® .Net).
The following table describes the IIS 7.0 modules that will be available with the launch of Windows
Server 2008:
Module DescriptionFTP The downloadable IIS 7.0 FTP server includes secure publishing with FTP/SSL
support as well as integrated Web publishing with support for the IIS 7.0
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 5
configuration system and administration tool. Using the new FTP makes it easy to set up FTP publishing points for a Web application and to use integrated authentication.
WebDAV Web Distributed Authoring and Versioning (WebDAV) is an extension to the HTTP protocol that enables file management on remote servers. In addition to the common file system operations such as copy and delete, WebDAV adds a flexible property mechanism (based on name/value pairs) and resource locking.
FrontPage Server Extensions (FPSE)
FrontPage Server Extensions are a set of server-side applications that provide the following benefits for Web sites:
• Enables multiple users to simultaneously collaborate on the same Web site and Web Server (Multi-user Authoring).
• Allows users to write directly to the Web server using a PC or laptop computer via an Internet (Remote Authoring).
• Allows users to include forms and to specify how the results of those forms are handled.
• Enables discussion Webs and hit counters for Web sites.
• Provides full text search capability on a Web site
Media Pack The Media Pack provides dynamic per-file Bit Rate Throttling capability to allow intelligent progressive download. This feature automatically detects the encoded bit rate of each file for the first few seconds, and then the rest of the stream is downloaded, thus saving network bandwidth while preserving the fast start-up experience for the end user.
In addition, the Bit Rate Throttling module provides control over download rates for any file type, not just media files. While a number of media formats are pre-defined in the module, the module is fully extensible. This allows a developer to add support for any media file type, and allows an administrator to easily add support for any data file type.
Remote Manager This module allows for remote management of IIS 7.0 and can be used to perform almost any task that can be done locally on the server.
For more information about the feature modules, see http://www.iis.net or the Windows Server
TechCenter IIS 7.0 Modules at: http://go.microsoft.com/fwlink/?LinkId=68740.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 6
Automatic application sandboxing Hosting large numbers of Web sites on a single computer can be a big challenge, in terms of maintaining
quality of service and managing site density, security, and performance. IIS 7.0 uses automatic
application pool isolation and can sandbox thousands of Web sites on a single server. This allows each
Web site to be in its own memory space with its own credentials, which helps to prevent application
failures or security breaches in one application from affecting others. This capability enables
organizations to consolidate more Web sites onto fewer servers, and increases reliability and security
for all Web sites running on a shared host.
For example, if a company is hosting several customer Web sites on a single server, the sandboxing and
application pooling features would automatically isolate each Web site from the others, helping to
enhance security and promote an environment in which each Web server is unaffected by the operation
of other Web sites running on the same server.
IIS Runs on Server Core
With the option to install IIS 7.0 on Windows Server 2008 Server Core, Administrators can choose a
minimal installation that omits graphical services and most libraries, in favor of a stripped-down,
command-line driven system.
Server Core can be administered locally via the IIS command-line utility AppCmd, or remotely by using
WMI. Although this option limits the roles that can be performed by the server, it allows for the
installation of only what is needed, which supports better security and reliability.
Server Core does not support the .NET Framework, so IIS 7.0 Server Core installations cannot run
ASP.NET applications. IIS on Server Core is typically deployed as a dedicated Web server for static images
or for applications that do not require the .NET Framework.
Server Core offers the following key benefits to organizations:
Reduced software maintenance: Because Server Core installs only what is required to have a
manageable server running the supported server roles, the server requires less software
maintenance. With a smaller Server Core installation, the number of required updates and
patches are reduced, saving both WAN bandwidth usage by servers and administration time for
the IT staff.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 7
Reduced attack surface: Because there are fewer files installed and running on the server, there
are fewer attack vectors exposed to the network; therefore, there is less of an attack surface.
Administrators can install just the specific services needed for a given server, keeping the
exposure risk to an absolute minimum.
Fewer restarts required and reduced disk space required: With a minimal Server Core
installation, there are fewer installed components that will need to be updated or patched, and
the number of required restarts will be reduced. A Server Core installation installs the minimal
files needed to provide the required functionality, so less disk space will be used on the server.
Backward Compatibility Reduces Migration Risk IIS 7.0 was designed to be highly compatible with IIS 6 Web sites and applications to allow for migration
of applications from IIS 6 to IIS 7.0 without modification. This compatibility provides the following
benefits:
Customers can take advantage of IIS 7.0 features by simply migrating content.
For existing Active Directory® Service Interfaces and WMI scripts, IIS 7.0 provides feature parity
with previous releases, enabling them to run directly against the new configuration store.
ADSI is supported, so IIS 6 administration scripts and WMI scripts will continue to work on
IIS 7.0. For ADSI to function on IIS 7.0, the IIS Management Compatibility feature must first be
installed (it is not installed by default).
IIS 7.0 includes a new WMI provider that allows WMI developers to take advantage of the new
IIS7 features.
Existing ASP, ASP.NET 1.1 and ASP.NET 2.0 applications are expected to run on IIS 7.0 without
code changes, using the compatible ISAPI support. This allows IT Professionals to run existing
ISAPI tools, and to leverage existing investments. (Note that ISAPI filters that rely on READ RAW
DATA notification are not supported in IIS 7.0 but most typically used ISAPI extensions and filters
will operate as expected).
IIS 7.0 provides a metabase interpreter that can run against the XML, so existing scripts can be
interpreted and run in IIS 7.0.
ASP.net executes in either integrated or classic mode; classic mode ensures IIS 6-equivalent
functionality.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 8
PHP applications typically run without modification. Refer to http://www.iis.net/php for walk-
throughs about the most popular PHP applications to run on IIS 7.0.
Request FilteringThe IIS 7.0 Request Filtering module contains the URLScan security tool (provided as an add-on for
earlier versions of IIS), which allows administrators to implement URL acceptance polices both globally
and per URL. The Request Filtering module helps administrators increase Web server security by
providing multiple filtering options that can prevent malicious or incorrect URLs from being processed.
An example of using the Request Filtering module is the Hidden Segment feature, which enables
administrators to define specific URL segments that are not servable. This allows administrators have
more granular control over server content.
URL Authorization RulesWith IIS 7.0, permissions no longer need to be set at the content level in the file system. Instead,
authorization rules can be stored in an application's web.config file, so that the authorization rules
follow the content, even if the content is moved to a different server.
More Efficient ManagementUsing IIS 7.0 simplifies Web server management by providing powerful administration tools, and the
highly modular architecture allows for customizing installations and extending core functionality. New
administration features in IIS 7.0 include powerful diagnostic tools, enhanced security, support for
XCopy deployment for applications, and improved administration tools like the IIS Manager. A powerful
new feature, delegated administration, allows IT administrators to provide customers, developers or
other administrators to control some of their own tasks, resulting in lower management costs. With
support for shared configuration, IIS allows administrators to create one configuration file that controls
the configuration settings for multiple servers from a single shared location.
New and Improved Administration ToolsIIS 7.0 introduces the following updated and revised administration tools for managing IIS:
IIS Manager, with the new graphical administration interface.
Appcmd.exe, a powerful new command-line tool.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 9
A configuration system that is based on the .NET Framework 2.0 configuration store and
supports the direct editing of settings.
Microsoft.Web.Administration, a managed interface that exposes the same information
exposed by the WMI provider in an application programming interface (API).
WMI Provider, a software component that functions as mediator between the CIM Object
Manager and managed objects. It provides access to configuration and server state
information to Visual Basic Scripting Edition (VBScript) and JScript writers.
Support for the IIS 6 MMC snap-in, which enables remote administration of IIS 6 from
Windows Server 2008.
The new administration tools support IIS 7.0 distributed configuration and also allow for delegated access to site and application configuration for non-administrators.
IIS ManagerThe new administration utility in IIS 7.0, IIS Manager, is an enhanced tool for managing the Web server.
Benefits of the improved IIS Manager include:
Unified management of IIS and ASP.NET configuration settings, user data, and runtime diagnostic
information.
The ability for hosters and administrators to delegate administrative control to developers or
content owners, thus reducing cost of ownership and administrative burden
Support for remote administration over HTTPS, allowing for secure integrated local, remote,
even cross-Internet administration, without requiring DCOM or other administrative ports be
opened on the firewall
A rich extensibility framework for plugging in new UI features using the .NET Framework
The IIS Manager’s updated GUI makes server administration easy with its logically organized, task-based
interface. It allows Administrators to do familiar tasks easily while also accessing significant new
capabilities. For example, the experience of navigating the tree view for sites and directories will feel
much like earlier versions of IIS, but the context-sensitive Actions pane provides quick access to
management tasks and configuration options.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 10
Figure 2 - The New IIS Manager Interface
Consolidated Command-Line ToolA new command-line tool, AppCmd, is included for managing and administering Web servers, Web sites,
and Web applications. The command-line interface simplifies common management Web server tasks
for administrators. For example, AppCmd could be used to list Web server requests that have been
forced to wait for more than 500 milliseconds. This information could then be used to troubleshoot
applications that are performing poorly. The output of appcmd.exe can be piped into other commands
for further processing.
AppCmd also allows administrators to build advanced management tasks simply by combining multiple
commands into a single script, or by reusing the output inside another program. It allows Datacenter and
Web host administrators to automate the provisioning of new accounts completely through the
command line.
Microsoft.Web.Administration InterfaceIIS 7.0 also includes a new management API for the Web server called Microsoft.Web.Administration
that enables editing configuration settings through manipulation of the XML configuration files. It IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 11
provides objects to manage the server, server properties, and server state. This API allows for
programmatic access to read-and-write configuration properties in the IIS configuration file hierarchy,
and also to the same data that has historically been accessible by WMI scripts in the previous versions of
IIS. This can be used by hosting organizations or large datacenters that wish to build custom
management interfaces.
Windows PowerShell™ integrates the command-line shell and scripting language to allow administrators
to more efficiently complete and automate bulk system administration tasks. Windows PowerShell
improves upon the Windows Command Prompt and Windows Script Host (WSH) by providing command-
line tools, or cmdlets that have the exact syntax as the scripting language. The command that is typed in
the Windows PowerShell command prompt is the same command that would be used in a script for
automating the task across multiple servers. PowerShell can be used to write cmdlets that automate
tasks using the managed Microsoft.Web.Administration interface.
Delegated AdministrationDistributed configuration in IIS 7.0 enables those who host or administer Web sites or Windows
Communication Foundation (WCF) services to delegate varying levels of administrative control to
developers or content owners, thus helping to reduce the cost of ownership and the administration
workload. For example, the administrative control of a Web site might be delegated so that the
application developer can configure and maintain the default document or other properties used for
that Web site. Administrators can also lock specific configuration settings so that they cannot be
changed by anyone else. This feature might be used to ensure that a security policy, which prevents
script execution, is not overridden by a content developer who has been delegated administrative
access to the Web site. The delegation can be very specific, allowing an administrator to decide exactly
which functions to delegate, on a case-by-case basis.
When a system administrator delegates a feature, all site or application-level administrators are able to
configure that feature for their site or application. In addition, features can be delegated, but set to
Read-only. This setting allows a site or application administrator to view the setting for a feature, but
does not allow them to make changes to the setting for that feature.
With permission delegation, there are many options for Web hosting customers and Web site managers.
Customers and managers can directly edit their Web site’s web.config file or use a browser-based tool
developed by the Web host or use the IIS Manager tool.IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 12
With this capability, users of hosted services can run the administration tool on their own desktop
computers, connecting remotely to manage their applications on the hosted Web server. For example,
the system administrator could delegate access to the Error Pages feature. Site and application
administrators could then modify the error pages displayed on their site. Their changes would affect
only their site, not other sites or the entire server.
Additionally, IIS Manager can be used remotely to manage remote servers, sites, and applications.
Server administrator can use the remote administration feature of IIS Manager to add user accounts and
to allow those users to connect to any sites or applications for which they have permission. After the IIS
Management Service has been installed on the server, customers and managers can run IIS Manager on
their remote computers to manage their own Web sites.
Powerful diagnostic and troubleshooting toolsIIS 7.0 makes it easier to troubleshoot faulty applications through improved features, such as detailed
and prescriptive error messaging, a new Runtime Status & Control API that exposes relevant IIS 7.0
diagnostic information, and a new Failed Request Tracing feature that allows Administrators to
preconfigure IIS 7.0 to run traces on a per- URL level as needed. The following sections outline these
new diagnostic capabilities.
Runtime State and Control API
One of the most important features that helps improve IIS 7.0 troubleshooting support is the Runtime
Status and Control API (RSCA), which is designed to give detailed runtime information about the server
from within IIS 7.0. With RSCA, it is possible to inspect and manage various entities including sites,
application pools, .NET Framework application domains, and even running requests. Administrators can
also access runtime information without writing code by using the Performance and Reliability Monitor
(PerfMon). This information can be used by administrators or developers to analyze server resource
utilization and troubleshoot Web applications.
For example, with RSCA and the IIS 7.0 administration tools, administrators can know what requests are
executing in a worker process that's consuming 100% of the CPU, or which application domains are
loaded for a particular site. RSCA also surfaces currently executing requests on the server in real time.
RSCA data is available from the WMI provider and managed API (Microsoft.Web.Administration). The IIS
Manager command-line tool (appcmd.exe) also can display this data.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 13
Custom Errors Module
IIS 7.0 simplifies troubleshooting by providing error messages local to the Web server that are much
more detailed and actionable than the errors that appear for end-users. The new custom errors module
in IIS 7.0 allows for detailed error information to be sent back to the browser (to localhost only). Instead
of seeing a terse error code, administrators now can see detailed information about the request, what
potential issues may have caused the error, and also suggestions about how to fix it.
Figure 3 - IIS 7.0 Error Message Sample
Detailed Trace Events
IIS 7.0 includes detailed trace events throughout the request and response path, allowing developers
and administrators to trace a request as it travels through the IIS request processing pipeline, into any
existing page level code, and back out to the response. The pipeline is highly instrumented to provide
rich detail on request processing. These detailed trace events allow developers to understand the
request path and any error information that was raised as a result of the request, and also understand
elapsed time and other debugging information to assist in troubleshooting all types of errors.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 14
To enable the collection of these trace events, IIS 7.0 can be configured to automatically capture full
trace logs for any given request based on elapsed time or error response codes.
This feature provides the ability to report on events occurring within a worker process. Currently
executing requests can be viewed in real time from within the IIS Manager, from a command line, or
using the new management API. In addition, IIS 7.0 can be configured to create a log for any request
that meets specific conditions, such as any request that takes more than five seconds to complete. The
log will display the amount of time spent in event in the pipeline, and status information such as
whether a request was cached.
These features can be particularly important to hosting companies by enabling them to become more
proactive in serving online customers and enhancing customer service and agent effectiveness. They
help ensure that more transactions are completed successfully, promote identification and resolution of
hidden or hard-to-find-application problems, and give customers immediate visibility into issues
affecting online experiences and their business impact.
Failed Request Tracing IIS 7.0 makes it possible to troubleshoot failures without having to manually reproduce them. The Failed
Request Tracing feature enables server administrators to define error conditions that they wish to
monitor. This allows administrators to capture trace logs for a pre-configured failure condition
automatically, all while avoiding the performance penalty of saving logs for all requests. With Failed
Request Tracing, administrators can capture the valuable tracing information when errors occur, even if
they are intermittent or hard to reproduce. Error conditions can range from "slow" or "hung" requests,
to the familiar status codes that IIS sends back during error conditions like "Server 500 Error." If this
feature is configured, and IIS 7.0 detects an error condition, it can automatically log detailed trace
events for everything that led to the error.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 15
Figure 4 - Failed Request Tracing UI
This feature will be helpful to Web Hosters who manage many sites. If a Web host notices a specific
error affecting one of their sites, they could easily deploy Failed Request Tracing to all sites to monitor
for the same error. This would help to avoid failures and maintain high availability.
The underlying tracing infrastructure is exposed to IIS modules using the server extensibility model,
allowing all server components, whether they ship with IIS or are developed by third parties, to relay
detailed tracing information during request processing.
This allows developers and system administrators to create custom managed modules to take
advantage of the unified tracing model. Developers can now write tracing modules that provide new
ways to process and output traces, like a module to save IIS tracing information to a Microsoft
SQL Server® or to a text file.
Simpler Deployment and MaintenanceDeploying, migrating, and backing up a Web site can be difficult and time consuming. In IIS 7.0, the basic
file structure of a Web site has been simplified, and all content and configurations are now stored
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 16
together in a single folder. The configuration settings are stored in easy-to-manage XML files, making
applications that are much simpler to deploy and maintain.
XML-Based Configuration ModelIIS 7.0 uses an XML-based configuration model that allows for a more open and flexible Web site
infrastructure, as well as providing greatly improved manageability, portably, and server deployment. It
enables Administrators to:
Easily copy configuration from server to server
Use environment variables to abstract physical paths
Administer changes and state managed code with Windows PowerShell, WMI, or IIS Manager
XML ConfigurationIIS 7.0 is built on a hierarchy of distributed XML configuration files. This hierarchy is comprised of a global
file called applicationHost.config, which contains server-level configuration settings. There may also be a
number of distributed web.config files in the application's directory structure. These are the same
web.config files that are used by the ASP.NET application framework to store portable application
settings. This allows the side-by-side storage of IIS and ASP.NET configuration, using clean and strongly-
structured XML directives.
In the past, IIS application settings were stored in the metabase, and were keyed to a specific machine,
making them difficult to access and difficult to move to other servers. With distributed web.config files,
applications encapsulate the required server configurations within their directory structure. This
dramatically simplifies deployment, allowing self-contained applications to be simply copied to the
target server's application directory.
Application XCopy deployment Since the site and applications configuration files and data are all stored in the folder, Administrators
can easily deploy, migrate and backup the Web site by using simple tools, such as XCopy, which helps to
avoid costly and error-prone replication, manual synchronization, and additional configuration tasks.
For example, to deploy many sites quickly, IIS 7.0 provides the ability to use XCopy to rapidly move IIS
configurations along with content, to remote servers, as well as easily move a Web site from
development into production.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 17
Distributed Configuration ModelThe new XML configuration model introduces significant improvements to the way configuration data is
stored and accessed, by allowing administrators to store XML configuration settings for a Web site or
application in the same directory as the code or content. By using distributed configuration, the
configuration settings for a specific site or application can be copied from one computer to another as
the application moves from development into test, and ultimately into production.
Web Hosters will find that by using centralized, shared configurations, they can increase flexibility in
managing their customer base. They can easily move customer sites from one server to another,
implement convenient backup plans, and reduced overall downtime.
The shared, centralized, global configuration features in IIS 7.0 helps support homogeneous Web farms
where computers share the same configuration. By using a Universal Naming Convention (UNC) share
for a centralized configuration, a change in the central master configuration file will affect different
computers without extra tools or programmatic support.
Integrated application pipeline for servicesPrevious versions of IIS allowed for the development of .NET application components via the ASP.NET
platform. ASP.NET integrated with IIS via an ISAPI extension, and exposed its own application and
request processing model. This effectively exposed two separate server pipelines, one for native ISAPI
filters and extension components, and another for managed application components. ASP.NET
components would execute entirely inside the ASP.NET ISAPI extension, and only for requests mapped
to ASP.NET in the IIS script map configuration.
The IIS 7.0 Web server includes some fundamental changes from IIS 6 in the way that requests are
handled. For example, both native and managed code can be processed (and is, by default) through a
single request pipeline. The integrated pipeline allows for different application frameworks to run within
a single Web server request pipeline, offering built-in ASP.NET extensibility for all applications. IIS 7.0
allows existing ASP.NET features, such as Forms-based authentication or URL authorization, to be used
for all types of Web content requests in the integrated pipeline.
Further benefits of this integration include:
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 18
o Allowing services provided by both native and managed modules to apply to all requests,
regardless of the handler. For example, managed Forms Authentication can be used for all
content, including ASP pages, CGIs, and static files.
o Empowering ASP.NET components to provide functionality that was previously unavailable to
them due to their placement in the server pipeline. For example, a managed module providing
request rewriting functionality can rewrite the request prior to any server processing, including
authentication, takes place.
o A single place to implement, configure, monitor and support server features. For example, single
module and handler mapping configuration, single custom errors configuration, and single URL
authorization configuration.
The IIS 7.0 request processing pipeline also enables administrators to add or remove modules depending
on their needs. Developers can also write custom modules to augment or even replace functionality,
allowing a highly optimized custom solution to be created.
Flexible Web server extensibility model IIS 7.0 enables developers to extend custom functionality in new, more powerful ways. IIS 7.0
extensibility includes an all-new core server application programming interface (API) set that allows
feature modules to be developed in both native code (C/C++) and managed code—languages such as C#,
and Visual Basic® 2005, that use the .NET Framework. Much of the IIS 7.0 feature set for request and
application processing has been implemented using these same APIs. IIS 7.0 also enables extensibility for
configuration, scripting, event logging, and administration tool feature-sets, providing software
developers with a complete server platform on which to build Web server extensions.
For example, Administrators could write a module that manipulates Microsoft Office 2007 documents
every time a document is delivered, or integrates with SQL Server, Microsoft Exchange Server, or any
other device on the network. Implementing Event tracking, custom logging, and security features is
easier than ever before.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 19
Conclusion
New features in Internet Information Server (IIS) 7.0 provide easy to use, flexible tools for the technical
professional. Using IIS 7.0 simplifies Web server management with options that include a flexible
extensibility model, powerful diagnostic tools, enhanced security, true XCopy deployment for
applications, and improved administration tools. Using the delegated administration features in IIS 7.0,
Web hosters can let customers or datacenters manage their own content, which helps reduce the cost of
administration. Improved configuration features make it easy to create one configuration file and
distribute the configuration changes to multiple servers. The new modules features in IIS 7.0 can be
independently installed on the server to reduce the attack surface of the server, and reduce
administrative overhead where it is not needed. IIS 7.0 is designed to work with existing tools and
scripts. The new management and diagnostic features in IIS 7.0 free up IT staff to work on more
business-critical tasks.
For more information about IIS 7.0, visit the IIS Web site at: www.iis.net
For the most comprehensive technical information about Microsoft products, visit the main TechNet
Web site at: www.microsoft.com/technet.
IIS 7.0 Windows Server 2008 Reviewer’s Guide Page 20