As part of its commitment to reliability security and dependable computing, Microsoft has reviewed every line of code underlying its Windows Server family as part of its enhanced effort to identify possible fail points and exploitable weaknesses.

Increased Web Server Security
The new basic security features of IIS 6.0 have already been discussed, but there are also some advanced security features in IIS 6.0 that include: selectable cryptographic services, advanced digest authentication, and configurable access control of processes.

SSL Client Authentication Improvements
In Windows Server 2003 the SSL session cache can be shared by multiple processes. This reduces the number of times a user has to re-authenticate with applications, and reduces CPU cycles on the application server. This leads to a performance improvement of over 35 percent when using the secure sockets layer (SSL).

Active Directory Application Mode (ADAM)
ADAM is an independent mode of Active Directory that provides dedicated directory services for applications. Although ADAM independently provides directory storage and access for applications, ADAM uses the same standard application programming interfaces (APIs) as Active Directory to manage and access the application data. The resulting conceptual and programming compatibility makes ADAM ideal for applications that require directory services, but do not require the complete infrastructure features of Active Directory. ADAM does not ship with Windows Server 2003 but it is available as a free download from Microsoft.


-- James