Best Practices

Previous page
Table of content
Next page

  • Use IIS 6 to improve performance and strengthen security.

  • Thoroughly design and plan the IIS 6 environment.

  • Define the goals and objectives of the IIS 6 project.

  • Identify and review IIS application types and requirements.

  • Define security requirements to meet the goals and objectives.

  • Balance the security methodologies to be used with the associated risks and end user experience.

  • Examine and design disaster recovery plans, and monitor requirements and maintenance practices.

  • Document the current IIS infrastructure and the IIS design decisions.

  • Build fault tolerance into the Web infrastructure based on how much downtime can be afforded and existing SLAs.

  • Use IIS 5 isolation mode only to provide compatibility for applications that rely on features in earlier versions of IIS that cannot work in IIS 6 isolation mode.

  • Use IIS 6 process recycling to provide additional fault tolerance and minimize the number of server refreshes.

  • Use IIS to monitor applications such as pinging worker processes after a specified period of time, monitoring for failed applications, and disabling the application pool after a certain number of failures or a set number of failures within a given time frame.

  • Isolate FTP users so that FTP content is protected.

  • Provide search capabilities for Adobe Acrobat PDF file content on a Web site by using the iFilter driver.

  • Use NTFS on the disk subsystem, and apply the latest service pack and security patches to begin securing the IIS system.

  • Carefully review application security on the Windows Server 2003 Web server, especially if using a custom-built application.

  • Choose an authentication method carefully depending on business and technical requirements.

  • Apply auditing to Web and FTP sites to document attempts to log on (successful and unsuccessful), to gain unauthorized access to service accounts, to modify or delete files, and to execute restricted commands.

  • Use SSL to ensure confidentiality.

  • Use IPSec and L2TP to secure FTP.

  • Use local folders to share downloads, and secure them with NTFS. The folder should be located on a separate partition from Windows Server 2003 system files.

  • Monitor disk space and IIS logs to ensure that a hacker isn't attempting to gain unauthorized access.

  • Turn on the ability to edit the metabase while running.

  • Use logging not only to review IIS security but also to assist with maintenance and troubleshooting.



Previous page
Table of content
Next page
Microsoft Windows Server 2003 Unleashed(c) R2 Edition
Microsoft Windows Server 2003 Unleashed (R2 Edition)
ISBN: 0672328984
EAN: 2147483647
Year: 2006
Pages: 499
Authors: Rand Morimoto, Michael Noel, Alex Lewis
BUY ON AMAZON
The .NET Developers Guide to Directory Services Programming
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
Mapping Hacks: Tips & Tools for Electronic Cartography
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy