Designing a Content Update and Management Strategy

 < Day Day Up > 



Almost any web content will need to change at some point in its lifetime, whether you need to just update the look of the site or fix a bug in some of the ASP.NET code. Therefore, you will need to decide on a method to update the content on the website. The best method for updating content on your server will vary from website to website depending on the following:

  • Applications used to create the website

  • Firewall configuration

  • Location of the web server on the network

  • Security requirements of the company

  • Ease-of-use requirements

You have basically four different options to choose from for updating your website’s content when you devise a strategy:

  • File share

  • FTP

  • WebDAV

  • FrontPage 2002 Server Extensions

Using File Share

The file share option is probably the most familiar to Windows administrators and users alike. You would share the directory in which the content is located on the web server or a staging directory where the content will first be tested and then moved into production. This would allow users to map a drive to the share and is supported by any application that is running on Windows (all versions of Windows). You simply copy the new content to the share to update the server. The administrator can control who can update the server through share-level and NTFS permissions.

This option is appropriate when you do not understand the other methods and need a simple solution to update the server. You will generally limit your users to using Windows-based workstations to update the site; that way, you won’t need to install complicated clients like SAMBA or File and Print Services for Macintosh. It also uses the Server Message Block (SMB) protocol on ports 138 and 139. This protocol is usually filtered by firewalls, so this option usually will not be available to IIS servers in perimeter networks.

Using FTP

File Transfer Protocol (FTP) is an Internet standard protocol for moving files between a server and client. It requires that the FTP service be installed on the server to accept requests from a client. It will then communicate with the server through port 21. You can choose to allow anonymous FTP, which means the user will not authenticate, or to authenticate the user through the underlying operating system. The credentials are generally passed as clear text. On Windows, you can use IIS permissions and NTFS permissions to control access to the underlying files.

FTP has widespread support because it is a standard. In fact, it is so popular for updating web content that you find an FTP client integrated in many web content authoring tools. If your tool does not contain an FTP client, you can find FTP clients for almost any platform in existence, so it will be easy for content to be updated from various platforms. Most FTP clients pass user credentials in the clear, so you will need to enable a form of encryption, like IPSec, to protect the confidential information. You will also need to consider whether the firewall allows FTP traffic; although it is allowed more often than SMB traffic, it is still often restricted.

Using WebDAV

WebDAV is a W3C standard for updating the contents of a web server. WebDAV extends HTTP by adding commands (verbs) that allow you retrieve, delete, list the properties of, search for, update, and keep a version history of content uploaded and changed on the web server. It supports a simple checkin and check-out strategy for allowing group development on a website. Because it is an extension of HTTP, it uses the exact same transport mechanisms (HTTP or HTTPS), making it much easier to route through firewalls. It is a standard protocol, so many tools support it for updating websites.

WebDAV is a good choice for updating the server. It uses the same authentication and encryption mechanism that you already have in place for the web server, so you can use basic, digest, certificate, or integrated Windows authentication. You can use SSL to provide encryption. Because it uses the same ports HTTP uses, it will generally pass through the firewall with ease, except for filtering firewalls, which may be searching HTTP headers for WebDAV requests and drop them.

Using FrontPage Server Extensions

FrontPage 2002 Server Extensions are proprietary mechanisms that Microsoft introduced with its FrontPage web authoring product. They allow for the administration of a website, including updating permissions, deleting web site content, and updating the website. They also allow for the authoring of web content much as WebDAV does, except they are not a standard. FrontPage 2002 Server Extensions are supported only by Microsoft products like Microsoft Visual InterDev, Microsoft FrontPage, and Microsoft Visual Studio .NET, so you are limited in your authoring tools if you choose to use them.

FrontPage 2002 Server Extensions use HTTP as the transport protocol, so they are firewall friendly. However, due to some major security issues with them early on, they are greatly mistrusted by administrators and they may be filtering them. You can use standard mechanisms, like SSL, to provide encryption for the content that is sent to the server.

In the Design Scenario “Designing a Content Update Strategy,” you will design a strategy for updating the content of the IIS server.

Design Scenario: Designing a Content Update Strategy

start example

Wonder, Inc. needs a strategy to update its web server. Internal staff and the web design company need access to update the server. The web server has been installed in the perimeter network, and the firewall has been configured to allow users to access the web server from the Internet through only ports 80 and 443. Additionally, the internal staff uses FrontPage 2003 and the design company is using Dreamweaver MX.

  1. Question: What content update strategy should you recommend and why? Answer: You should use WebDAV because it is supported by the software products being used. It can pass through the firewall because it operates on the same ports HTTP operates on. It can be secured by using SSL if security should be required. You should then mak e sure to authenticate the user through one of the authentication strategies discussed earlier.

end example



 < Day Day Up > 



MCSE. Windows Server 2003 Network Security Design Study Guide Exam 70-298
MCSE: Windows(r) Server 2003 Network Security Design Study Guide (70-298)
ISBN: 0782143296
EAN: 2147483647
Year: 2004
Pages: 168

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net