Using Secure Sockets Layer

Secure Sockets Layer (SSL) is the recommended security method for running the Windows Media Administration site. SSL provides the highest level of security by encrypting data before it is sent over a network. Authentication is handled using certificates, which are digital authentication documents that allow servers and clients to authenticate each other. You can create a certificate using Microsoft Certificate Services, or you can obtain one from a mutually trusted, third-party organization called a certification authority (CA). With SSL, a password is not necessary because the certificate handles the authentication.

SSL provides a secure connection for administering the local Windows Media server. However, SSL must be used in conjunction with an authentication method that allows delegation if you want to allow the remote administration of multiple Windows Media servers. Delegation allows a service to act as a user account to access resources throughout the network. Methods that allow delegation, such as Kerberos and Basic, require that the user have an authenticated user name and password. If one of these methods is not used with SSL, a user will only be able to administer the local server by using Windows Media Services for the Web. Each of the delegation methods has associated security risks.

For more information about configuring IIS security properties, see Internet Information Services (IIS) Manager Help.