Introduction to Running an Application Server
Updated: August 22, 2005
Applies To: Windows Server 2003, Windows Server 2003 with SP1
Establishing an application server begins with configuring the application server role, which includes deciding what Web-related technologies you want to use and then enabling those technologies on your server. Attackers often target unused or unmonitored services; so if you enable only what you need, your IIS 6.0 application server provides a reduced attack surface when it is connected to the Internet.
In IIS 6.0, deciding which request processing model to use is your next decision. Helping you make this decision is IIS 6.0 Architecture, the section that introduces the two IIS 6.0 request processing models, known as application isolation modes. Where the earlier section provides architectural diagrams and descriptions of the two application isolation modes, this section offers guidelines for deciding where and when to use each mode and provides procedures for configuring the isolation modes and their features. For information about choosing and configuring an application isolation mode, see Configuring an Application Isolation Mode.
Your application server runs in one of two mutually exclusive application isolation modes: worker process isolation mode or IIS 5.0 isolation mode. Worker process isolation mode, which is the default request processing model, supports new features such as application pools, health monitoring, worker process recycling, and rapid-fail protection. These new features help provide more robust performance. For example, you can recycle faulty applications to prevent service disruption and can use application pools to isolate one application from another without incurring a performance penalty. For more information about using these new features, see Creating Application Pools and Ensuring Application Health in Worker Process Isolation Mode.
Worker process isolation mode also provides better default security for your Web applications — in particular, better balance between security and functionality. To help you evaluate the security differences between the two application isolation modes, see Security Considerations When Choosing an Application Isolation Mode.
Worker process isolation mode provides several features to help you manage system resources, including Web gardens, idle timeout, CPU monitoring, processor affinity, and startup and shutdown limits. For information about configuring these features, see Managing Resources in Worker Process Isolation Mode.
To help you migrate from earlier versions of IIS, IIS 6.0 provides IIS 5.0 isolation mode, which is a processing model that offers compatibility for applications that depend on certain request processing characteristics of IIS 5.0. For example, if an application must run within Inetinfo.exe, it can only run in IIS 5.0 isolation mode unless you modify the application, making it compatible with worker process isolation mode. For information about which applications might require a processing model like IIS 5.0 isolation mode, see Evaluating Application Requirements.
You can configure most IIS 6.0 features either by using a graphical user interface (GUI) or by using a programmatic interface. For the procedures included here, the method that uses the GUI (usually implemented through IIS Manager) appears first, and an optional method for configuring metabase properties programmatically (by using the administrative utility Adsutil.vbs) appears second.