IIS 6.0 is a ground up rewrite of the previous incarnation of IIS, version 5.0. IIS has been redesigned to improve aspects of all the main feature areas: reliability, availability, manageability, scalability and performance.

Fault-tolerant process architecture
The IIS 6.0 fault-tolerant process architecture isolates Web sites and applications into self-contained units called application pools. Application pools provide a convenient way to administer a set of Web sites and applications and increase reliability, because errors in one application pool cannot cause another application pool, or the server itself, to fail.

Health monitoring
IIS 6.0 periodically checks the status of an application pool with automatic restart on failure of the Web sites and applications within that application pool, increasing application availability. IIS 6.0 protects the server, and other applications, by automatically disabling Web sites and applications that fail too often within a short amount of time.

Automatic process recycling
IIS 6.0 automatically stops and restarts faulty Web sites and applications based on a flexible set of criteria, including CPU utilization and memory consumption, while queuing requests. IIS 6.0 also maintains the client TCP/IP connection when a worker process is being recycled, isolating Web services client applications from back-end Web application instability.

Rapid-fail protection
If an application fails too often within a short amount of time, IIS 6.0 will automatically disable it and return a "503 Service Unavailable" error message to any new or queued requests to the application. Custom actions, for example, a debugging action or administrator notification, can also be triggered. Rapid-fail protection can protect a Web server against denial of service attacks.

XML-based configuration file
The XML-formatted, plain text metabase in IIS 6.0 provides improved backup and restore capabilities for servers that experience critical failures. It also provides improved troubleshooting and metabase corruption recovery. Direct editing, using common text editing tools, provides greater manageability.

IIS 6.0 gives administrators the important capability to change the server configuration while the server continues running. For example, this feature can be used to add a new site, create virtual directories, or change the configuration of application pools and worker processes—all while IIS 6.0 continues to process requests—with no recompilation or restart required.

Command-line and script-based administration
IIS 6.0 administrators can use the Windows Server 2003 command-line to accomplish many common management tasks. With a single command, administrators can manage multiple local or remote computers. IIS 6.0 also features a complete scripting environment for automating common system administration tasks from the command-line without having to use a graphical user interface.

Support for WMI
IIS 6.0 provides full support for Windows Management Instrumentation (WMI), giving Web administrators access to important system management data, such as performance counters and configuration files. The WMI interfaces, similar in nature to the Active Directory Service Interfaces (ADSI) that are still supported, are used in administration scripts and can also be used to modify the XML-based configuration metabase.

Server Consolidation
IIS 6.0 performance has increased dramatically over previous versions of the server, with a single server able to host many more sites and applications.

Site scalability
IIS 6.0 has improved the way the operating system uses internal resources. For example, IIS 6.0 does not pre-allocate resources at initialization time. Many more sites can be hosted on a single server running IIS 6.0, and a larger number of worker processes can be concurrently active. Starting up and shutting down a server is faster, compared with earlier versions of IIS. All of these improvements contribute to increased site scalability with IIS 6.0.

New kernel-mode driver, HTTP.sys
Windows Server 2003 introduces a new kernel-mode driver, HTTP protocol stack (HTTP.sys), for HTTP parsing and caching, providing increased scalability and performance. IIS 6.0 is built on top of HTTP.sys and is specifically tuned to increase Web server throughput.

Web gardens
IIS 6.0 worker process isolation mode also enables multiple worker processes to be configured to service requests for a given application pool, a configuration known as a Web garden.

Processor affinity
Processor affinity, when set, enables IIS 6.0 worker processes to run on specific microprocessors or CPUs. Processor affinity can also be used with Web gardens that run on multiprocessor computers where clusters of CPUs have been dedicated to specific application pools.

Increased Security
IIS 6.0 is far more secure than IIS 4x or IIS 5x, with many new features designed to increase the security of the Web infrastructure. IIS 6.0 is also "locked down" out of the box with the strongest time-outs and content limits set by default.

Locked-down server
IIS 6.0 provides significantly improved security. To reduce the attack surface of systems, IIS 6.0 is not installed by default on Windows Server 2003—administrators must explicitly select and install it. IIS 6.0 ships in a locked-down state, serving only static content. Using the Web service extension node, Web site administrators can enable or disable IIS functionality based on the individual needs of the organization.

Web service extensions list
The default installation of IIS will not compile, execute, nor serve files with dynamic extensions. In order to have them served, each acceptable file extension must be added to the Web service extensions list. This requirement prevents anyone from calling a page with a dynamic extension that has not been secured.

Default low-privilege account
All IIS 6.0 worker processes—by default—run as Network Service user accounts, a new, built-in account type with limited operating system privileges, on Windows Server 2003. All ASP built-in functions always run as low-privileged accounts (anonymous user).


-- James