IT professionals worldwide have eagerly anticipated the arrival of the Microsoft Windows .NET Server (formerly code-named Whistler) family, which contains four server products: .NET Standard Server, .NET Enterprise Server, .NET Datacenter Server, and .NET Web Server. Ironically, the most interesting aspects of the fourth server product—.NET Web Server—are what it doesn't offer. The three other servers in the .NET Server family offer all the functionality and capabilities of .NET Web Server and more. The appeal of .NET Web Server is that Microsoft has streamlined this product's administration, cost, and functionality so that it serves solely as a Microsoft Internet Information Services (IIS) 6.0 Web server.
When you contrast .NET Web Server with other Microsoft Server products, new and old, you'll find that .NET Web Server is a unique Microsoft product. To understand why systems administrators are so enthusiastic about this standalone Web server product, you need to understand the way Microsoft is positioning .NET Web Server, as well as what the product can and can't do.
Web Server Positioning
Microsoft has received harsh criticism for its Windows 2000 licensing policies for Web servers. Historically, Microsoft OSs and servers have been relatively inexpensive, so the Web server licensing wasn't a concern—until Microsoft shipped Win2K. Just as administrators discovered that deploying massive IIS 5.0 Web farms was painless under Win2K, they received a slap in the face in the form of Win2K licensing costs involved in such deployments. Many administrators wonder why their company should pay for a full Win2K Server license if they use only IIS.
Apparently, Microsoft is listening. The company is introducing .NET Web Server as a function-focused Web server, promising simplified deployment and management that are optimized for Web serving and Web hosting. All the major software and hardware platform vendors (e.g., Sun Microsystems, IBM, Netscape) have for years offered products in this space—that is, inexpensive Web server products that are separate from OS, directory, and application-server products.
Best of all, although Microsoft hasn't yet released final pricing, you can expect this member of the .NET Server family to be affordable for companies whose sole reason for implementing .NET Server will be so that they can use IIS 6.0. IT professionals who are managing a budget and constantly fighting for money to pay for new Web servers in their Web farms will find this release particularly exciting.
At the time of this writing, I'm using .NET Web Server beta 3. I anticipated problems typically associated with beta software, but so far, I've found the product to be amazingly stable and solid. I guess I shouldn't be surprised: I've had this product's predecessor—Whistler Advanced Server beta 2—in production for more than 6 months and found it to be a solid performer. The only aspect of the beta 3 version that's lacking is the documentation. However, Microsoft typically finishes documentation only after finalizing all the functionality and features.
Hardware Requirements
The .NET Web Server installation CD-ROM contains a helpful compatibility-checking program. Read Microsoft's preliminary notes, then run the program. The Check system compatibility option—which you can access on the product's main Welcome screen, which Figure 1 shows—identifies potential problems before you start. Knowing beforehand that your installation is doomed to fail is extremely helpful.
.NET Web Server's minimum hardware requirements aren't surprising:
- You need at least a 133MHz Pentium processor, although Microsoft recommends a minimum speed of 550MHz. The system supports as many as two CPUs per computer.
- You need 128MB of RAM, although Microsoft recommends 256MB of RAM. The system supports a maximum of 2GB of RAM.
- You need a hard disk partition or volume that has sufficient free space—approximately 1.5GB (2GB for Itanium-based systems)—to accommodate the setup process. More space might be necessary, depending on several conditions. First, your OS's file system is a determining factor: The FAT file system requires 100MB to 200MB more disk space than other file systems. (Microsoft recommends NTFS, which lets you use ACLs to lock down the file system.) Second, if you're running setup.exe from a network share rather than from the CD-ROM, you must allow 100MB to 200MB more space. (Many more driver files must be available during installation across a network.) Third, the larger the paging file, the more space you need on the partition or volume.
- You need a VGA or higher-resolution monitor. Microsoft recommends an SVGA 800 * 600 or better display. You also need a keyboard and mouse (or other pointing device). As an alternative, you can choose a remote diagnostic and support processor from Microsoft's Hardware Compatibility List (HCL) and implement a headless .NET Web Server system that operates without a monitor, mouse, or keyboard.
Installation and Configuration
Putting a Win2K-based IIS 5.0 Web server into production is a major ordeal that requires extensive configuration and lockdown procedures. In contrast, installing .NET Web Server is painless. By default, a basic installation occurs; later, you can add optional components from the Install optional Windows components page, which you access from the product's Welcome screen. The OEM version of .NET Web Server, which will be bundled on custom hardware, probably won't need any significant configuration before you put it into production—it will need only Web applications and content. IIS 6.0 comes locked down by default and can automatically apply security patches.
After I performed a clean installation, I used the Install optional Windows components option to install the remote desktop Web connection, FTP, Network News Transfer Protocol (NNTP), management and monitoring tools, Message Queuing, and other features, as Figure 2 shows. (I could have performed the same installations from the Control Panel Add/Remove System Components applet.) By default, the installation provides no custom networking services. You can use the Install optional Windows components option or the Add/Remove System Components applet to install COM Internet Services Proxy, DNS, DHCP, Simple TCP/IP Services, and WINS.
Many IT professionals will be overjoyed that the other three .NET Server products don't install IIS by default. (IIS is a frequent target for intruders, particularly in Win2K, which installs IIS by default even if you intend your server to be a domain controller—DC.) Of course, .NET Web Server does install IIS 6.0 by default. Components that Microsoft has intentionally disabled in .NET Web Server don't appear in the Install optional Windows components drop-down list.
What .NET Web Server Can Do
IIS 6.0 is the heart and soul of .NET Web Server. Microsoft promises a 33 percent performance boost over IIS 5.0. If you run ASP.NET within the .NET Framework, you're looking at a minimum performance gain of 75 percent.
IIS 6.0 replaces the proprietary metabase.bin binary file with a plain-text XML-formatted file called metabase.xml, which resides in the \windows\system32\inetsrv directory. This new format doesn't mean that your old tools no longer work. IIS 6.0's XML metabase is completely API- and scripting-compatible with earlier-version tools. The benefits of a plain-text XML-formatted metabase file are
- improved backup and restore capabilities on machines that experience critical failures
- improved troubleshooting and metabase-corruption recovery capabilities
- improved performance and scalability (compared with the IIS 5.0 and Internet Information Server—IIS—4.0 binary file's inherited hierarchical structure)
- the ability to extend the metabase schema—you're no longer dependent on a software developer to write code
- the ability to use common text-editing tools (e.g., Microsoft Notepad, XML editors) to edit the metabase files
One of the best IIS 6.0 manageability features is the Edit-while-running feature, which lets you edit the metabase.xml file while IIS is running. When you save the file, changes immediately take effect without requiring you to restart the server. To test this feature, you need to enable Edit-while-running at the IIS service level. In the Microsoft Management Console (MMC) Internet Information Services snap-in (which Win2K calls the Internet Services Manager—ISM), right-click your server, then select Properties. On the Internet Information Services tab, select the Enable Direct Metabase Edit check box, as Figure 3 shows. (This option is disabled by default, probably because of the danger of an authenticated user with write privileges making a naive mistake.)
If you've endured the time-consuming burden of installing build after build of the .NET Framework for your developers, you'll be happy to know that Microsoft has built the .NET Framework into .NET Server (including .NET Web Server). Additionally, systems administrators will enjoy a wealth of new command-line tools specifically designed to automate administration.
One exciting .NET Web Server feature is that Microsoft has integrated Passport as a supported authentication mechanism in IIS 6.0, as Figure 4 shows. You can map a Windows account in Active Directory (AD) to a Passport account. By doing so, you can get closer to secure authentication inside and outside the firewall—a desperately needed capability. After Passport authentication occurs, the system maps a Passport user to a user of AD (if such a mapping exists) through his or her Passport identification. Developers and IIS administrators can also use this security model for authorization based on AD users and ACLs on servers that run IIS 6.0.
Microsoft has also included a dramatically improved Web-based administration tool that offers capabilities beyond IIS administration. Most of the administration tasks that you currently perform in MMC are now available in the Web User Interface for Microsoft Windows Server Administration, which Figure 5 shows. You might find that maintaining the security of this Web-based tool is somewhat intimidating. Although the tool comes locked down by default, you'll probably remove or disable the tool in fear of not being able to keep it secure.
What .NET Web Server Can't Do
Microsoft clearly doesn't intend .NET Web Server as a platform for running classic server applications such as database and groupware applications or directory services. Because the company has specifically designed and priced this product as a Web server, you won't be able to install most applications. In fact, .NET Web Server licensing prohibits the installation of a large group of applications—including programs from primary market-share holders in the groupware, database, and directory server markets. Application-blocking code checks a product's type key and prevents certain applications from loading. When I tried to install Microsoft SQL Server 2000 and Microsoft Exchange 2000 Server on the beta 3 version, the installation processes wouldn't even start. On the release version, expect a friendly error message that informs you that the .NET Web Server license prevents the installation of certain applications and that you need to upgrade to .NET Standard Server, Enterprise Server, or Datacenter to install them.
Although AD's gatekeeper, Dcpromo, is available on .NET Web Server, Dcpromo isn't as functional as it is on the other .NET Server products: Web servers can join domains but can't act as DCs. If you attempt to promote a .NET Web Server machine to a DC, Dcpromo displays an error message stating that Web servers aren't licensed as DCs.
On .NET Web Server, terminal services permits only remote administration—mode installation and operation. .NET Web Server prevents the installation of terminal services in application-server mode and prevents Certificate Services and clustering services. Network Load Balancing (NLB) is available and installed by default, but you must enable it if you need it.
Worth Watching
I speculate that Microsoft will sell .NET Web Server in abundance in its shrink-wrapped state, but the OEM version will be the way consumers most frequently purchase and install this product. The OEM versions that major hardware vendors offer will come with custom-tailored and inexpensive hardware (e.g., small hard disks, one or two midrange CPUs, midrange amounts of RAM) in small-profile boxes that are perfect for ISPs and corporate data centers, where space is at a premium. These stripped-down boxes will simplify the implementation of .NET Web Server and reduce the costs of hardware, licensing, installation, and configuration.
