Internet Information Services 5.0

Features
Internet Information Services 5.0 has many new features to help Web administrators to create scalable, flexible Web applications.

• Security
• Administration
• Programmability
• Internet Standards

Security
Digest Authentication: Digest authentication allows secure and robust authentication of users across proxy servers and firewalls. In addition, Anonymous, HTTP Basic, and integrated Windows authentication (formerly known as Windows NT Challenge/Response authentication and NTLM authentication) are still available.

Secure Communications: Secure Sockets Layer (SSL) 3.0 and Transport Layer Security (TLS) provide a secure way to exchange information between clients and servers. In addition, SSL 3.0 and TLS provide a way for the server to verify who the client is before the user logs on to the server. In IIS 5.0, client certificates are exposed to both ISAPI and Active Server Pages, so that programmers can track users through their sites. Also, IIS 5.0 can map the client certificate to a Windows user account, so that administrators can control access to system resources based on the client certificate.

Server-Gated Cryptography: Server-Gated Cryptography (SGC) is an extension of SSL that allows financial institutions with export versions of IIS to use strong 128-bit encryption. Although SGC capabilities are built into IIS 5.0, a special SGC certificate is required to use SGC.

Security Wizards: Security wizards simplify server administration tasks.

IP and Internet Domain Restrictions: You can grant or deny Web access to individual computers, groups of computers, or entire domains.

Kerberos v5 Authentication Protocol Compliance: IIS is fully integrated with the Kerberos v5 authentication protocol implemented in Microsoft® Windows® 2000, allowing you to pass authentication credentials among connected computers running Windows.

Certificate Storage: IIS certificate storage is now integrated with the Windows CryptoAPI storage. The Windows Certificate Manager provides a single point of entry that allows you to store, back up, and configure server certificates.

Administration Restarting IIS: Now Internet services can be restarted without having to reboot your computer.

Backing Up and Restoring IIS: You can back up and save your metabase settings to make it easy to return to a safe, known state.

Process Accounting: Provides information about how individual Web sites use CPU resources on the server. This information is useful in determining which sites are using disproportionally high CPU resources or which might have malfunctioning scripts or CGI processes. Process Throttling: You can limit the percentage of time the CPU spends processing out-of-process ASP, ISAPI, and CGI applications for individual Web sites. In addition, misbehaving processes can be stopped and restarted.

Improved Custom Error Messages: Now administrators can send informative messages to clients when HTTP errors occur on their Web sites. Also includes detailed ASP error processing capabilities through the use of the 500-100.asp custom error message. You can use the custom errors that IIS 5.0 provides, or create your own.

Centralized Administration: Administration tools for IIS use the Microsoft® Management Console (MMC). MMC hosts the programs, called snap-ins, that administrators use to manage their servers. You can use IIS snap-in from a computer running Windows 2000 Professional to administer a computer on your intranet running Internet Information Services on Windows 2000 Server.

Programmability
Active Server Pages: You can create dynamic content by using server-side scripting and components to create browser-independent dynamic content. Active Server Pages (ASP) provides an easy-to-use alternative to CGI and ISAPI by allowing content developers to embed any scripting language or server component into their HTML pages. ASP provides access to all of the HTTP request and response streams, as well as standards-based database connectivity and the ability to customize content for different browsers.

New ASP Features: Active Server Pages has some new and improved features for enhancing performance and streamlining your server–side scripts.

Application Protection: IIS 5.0 offers greater protection and increased reliability for your Web applications. By default, IIS will run all of your applications in a common or pooled process that is separate from core IIS processes. In addition, you can still isolate mission-critical applications that should be run outside of both core IIS and pooled processes.

Internet Standards
Standards Based: Microsoft Internet Information Services 5.0 complies with the HTTP 1.1 standard, including features such as PUT and DELETE, the ability to customize HTTP error messages, and support for custom HTTP headers.

Multiple Sites, One IP Address: With support for host headers, you can host multiple Web sites on a single computer running Microsoft Windows 2000 Server with only one IP address. This is useful for Internet service providers and corporate intranets hosting multiple sites.

Web Distributed Authoring and Versioning (WebDAV): Enables remote authors to create, move, or delete files, file properties, directories, and directory properties on your server over an HTTP connection.

FTP Restart: Now File Transfer Protocol file downloads can be resumed without having to download the entire file over again if an interruption occurs during data transfer.

HTTP Compression: Provides faster transmission of pages between the Web server and compression-enabled clients. Compresses and caches static files, and performs on-demand compression of dynamically generated files.