by Azam A. Mirza
The Microsoft BackOffice suite of products provides a rich collection of built-in functionality for Internet connectivity as part of its core feature set. Windows NT Server has built-in support for the TCP/IP protocol suite and applications. With the release of the Internet Information Server (IIS) as an integrated Windows NT Server product, Microsoft has added support for a World Wide Web server, File Transfer Protocol (FTP) server, and Gopher server to the core set of features provided by the Windows NT Server.
The tight integration of the BackOffice products allows for the use of features previously not available as a single package. Windows NT Server enables the hosting of Web servers and Internet-enabled application servers that can be accessed using the Internet Information Server and its set of client browsing tools.
Windows NT Server comes Internet-enabled right out of the box. The TCP/IP protocol suite included with Windows NT Server makes it very easy to get up and running on the Internet. The core TCP/IP protocol suite included with Windows NT Server is as follows:
In addition, Microsoft BackOffice includes a wide set of server components for implementing a comprehensive Internet solution. Server products are available for a wide variety of functions and needs. The following sections discuss the role and feature sets of these Internet server components.
Microsoft Internet Information Server (IIS) is the first in a series of products released by Microsoft as part of the BackOffice suite that enable corporations to take advantage of the enormous potential of the Internet and intranet. IIS is the centerpiece of the Microsoft Internet strategy. It is the glue that brings together the power of the Internet and enables corporations to develop a presence in the Internet community.
TIP: Internet Information Server can be downloaded at no charge from the Microsoft Web site at http://www.microsoft.com. In addition, IIS is now included on the Windows NT Server 4.0 CD.
IIS provides the basic services necessary to implement a Web site for your corporation. The following are some of the features that IIS supports (which are explained in detail in the following sections):
Microsoft Internet Information Server supports three of the most common services on the Internet, which form the basis for creating a functional Web site:
The strongest feature of IIS might be its unparalleled integration with the Microsoft BackOffice products. IIS runs as a service installed under Windows NT Server and uses the various built in NT Server tools and services to its advantage.
NOTE: Internet Information Server 2.0 requires Windows NT Server 4.0 operating system.
Security under IIS is provided through integration with the Windows NT Server security model. IIS uses the built-in security to provide user authentication and password validation.
Performance monitoring and optimization tuning services are integrated with Windows NT Server and are provided by the Performance Monitor tool. Web administrators can use the Performance Monitor to analyze disk usage, client connections, server load, and other performance criteria, and handle optimization issues and clear up performance bottlenecks.
See "Monitoring Server Performance," [Ch. 7]
IIS uses the NT Server Event Logging service to log events to the application log. Web administrators can consult the event log for errors, warnings, or for keeping track or unauthorized access attempts.
See "Viewing Event Logs," [Ch. 7]
In addition, IIS also leverages the power of other BackOffice products to provide a tight integrated environment for hosting Web sites. IIS includes a connectivity tool for accessing Microsoft SQL Server databases called the Internet Database Connector (IDC). IDC enables IIS servers to connect to ODBC databases and access the stored data.
NOTE: IDC can be used to connect to other databases that have ODBC drivers available, such as Oracle and Microsoft Access.
See "Using Internet Database Connector and ODBC," [Ch. 19]
See "Dynamic Content With IIS Using dbWeb and IDC," [ See Ch. 26 in Special Edition Using Microsoft BackOffice, Volume 2 ]
The Exchange Server Connector enables IIS to connect to the Microsoft enterprise mail system. Users can send and receive mail from the Internet and within their corporate intranets using their Web browsers and an SMTP/POP3 mail client. The tight integration of the BackOffice products is one of the reasons that IIS is a very powerful Web hosting solution for organizations trying to develop an Internet presence.
See "Using A Web With Internet Information Server (IIS)," [Ch. 19]
IIS provides administration capabilities through the Internet Service Manager. Internet Service Manager is a one-stop solution for managing all IIS services and other Microsoft Internet products, such as the Proxy Server.
See "Using the Internet Service Manager," [Ch. 19]
Internet Service Manager provides a single point of administration for one to many IIS servers. All IIS servers within an organization can be administrated from a single computer running the Internet Service Manager software. IIS even includes an HTML version of the Internet Service Manager, which enables remote administration of IIS servers from sites across the Internet.
See "Administering Internet Information Servers Remotely," [Ch. 19]
As previously mentioned, IIS leverages the power of the Windows NT Server security mechanism. However, IIS provides Web administrators with the flexibility to set up security based on their needs. Web administrators can set up security using one of three security methods, as follows:
In addition, IIS also supports the industry standard Secure Sockets Layer (SSL) security scheme for secure transfer of information between client and server. However, the most important security feature added to IIS has been the introduction of the Proxy Server component. The server provides mechanisms for securing the bi-directional flow of information between an organization and the Internet.
See "Proxy Server Features," [Ch. 23]
IIS also uses the built-in Windows NT Server Point-to-Point Tunneling Protocol (PPTP) to enable organizations to create secure, private intranets across wide-area links using public data networks.
See "Using the Point to Point Tunneling Protocol (PPTP)," [Ch. 9]
Microsoft's Internet architecture is built around the Windows NT Server and the Internet Information Server. Microsoft is releasing a group of Internet server products for the BackOffice family that sits on top of the Windows NT Server and IIS tandem to provide the full set of features required by corporations to implement their Internet strategy initiatives. Figure 16.1 presents an outline of Microsoft's Internet server components strategy designed to make the Internet plan a reality.
FIG. 16.1
Microsoft Internet strategy includes a wide range of server products for implementing
various Internet functions.
The additions to the Microsoft Internet Server components include the following:
See "Using ActiveX Controls," [Ch. 20]
See "UsenetñNetwork Newsgroups," [Ch. 18]
See "Electronic Mail," [Ch. 18]
See "New Features in Exchange Server 5.0," [ See Ch. 28 in Special Edition Using Microsoft BackOffice, Volume 2 ]
The main concept of this Internet architecture is to enable corporations to build custom Internet solutions. Building on the basic blocks of Windows NT Server and IIS, organizations can pick and choose components that best suit their needs for the kind of Web site they are deploying. To achieve these goals, Microsoft has set guidelines for its products that include the following:
See "Using ActiveX Controls," [Ch. 20]
See "Internet Server API (ISAPI)," [Ch. 18]
See "Using ISAPI," [Ch. 19]
See "Using the Internet Service Manager," [Ch. 19]
Not all of the products of Microsoft's Internet architecture are as yet released. The following sections describe the two components that are currently available and that provide part of the functionality promised by the Microsoft Internet architecture: Microsoft Index Server and Microsoft Proxy Server.
Microsoft Index Server is the same as the Information Retrieval Server previously described, and enables Web administrators to index and catalog a Web site for search capabilities. Users can search the Web site using keywords, phrases, and sentences for the information they are looking for.
TIP: Microsoft Index Server is available at the Microsoft Web site at http://www.microsoft.com on the BackOffice home page.
Index Server provides automatic indexing and cataloging of files, HTML documents, Microsoft Office documents, and other file formats. It provides powerful search mechanisms, so users can query the Web site for data. Index Server supports the following features (which are described in detail in this section):
See "Implementing Index Server and Content Replication System," [Ch. 22]
Indexing
Index Server is an add-on component to the Internet Information Server. It enables Web administrators to index and catalog the entire content of their Web servers. Implemented in conjunction with Windows NT Server and Internet Information Server, Index Server can index and catalog anything from HTML documents to Microsoft Word files, Excel spreadsheets, and PowerPoint presentations.
NOTE: Index Server 1.1 requires Internet Information Server 3.0 running on Windows NT Server 4.0.
Users can query indexes or the text within the documents for the information they are looking for. For example, users can look for text strings within a Microsoft Word document. This is a powerful feature that prevents Web administrators from having to convert existing documents to HTML format for indexing and cataloging. They can just publish the actual documents and enable users to find a file or information within a file. Indexing features of the Index Server include the following:
Custom Queries
Index Server enables Web administrators to create HTML forms that can be used by users to execute queries against the IIS server. The queries can be customized by selecting various options on the query form to suit the user's needs. The user enters the information into the fields on the screen; then, the Index Server processes the query form through the query engine and finds the information and presents it to the user in the form of HTML documents.
The query forms are special HTML pages that have input controls on them for the user to enter information. The forms are easily created and can be customized to meet the needs of the local Web site content. The form can be created to provide users such options as full site search, restricted search, search through specially formatted documents (e.g., a Microsoft Excel spreadsheet), or search for particular files. Queries can be performed using a variety of criteria, including the following:
Multiple Language Support
Index Server has built-in support for seven languages. It is not necessary to run the system in a particular language to be able to use the language support. Web administrators can mix and match different languages in their Web site content, and the Index Server can capably index and catalog the information. Documents created using any of the seven languages can be searched simultaneously. The following languages are supported:
Extensibility
Index Server provides extensibility through a programmatic mechanism called content filters. Content filters are a special ActiveX interface that enable programmers to expose the contents of their program files. For example, Index Server uses the exposed content filters to obtain the text contained within a Microsoft Word document. Index Server can thus index and catalog a Microsoft Word file for search and retrieval by users.
Security
Index Server provides a high level of security by leveraging the security features of IIS and Windows NT Server. Index server implements security at various levels to protect its catalogs and indexed Web pages, and it also provides user authentication facilities before providing search results. The following three security measures ensure a secure and robust search server mechanism:
CAUTION: Care should be taken to set the appropriate permissions on catalog directories that are created manually by Web administrators. The catalog directory should allow access privileges for administrators and system accounts only.
TIP: Windows NT auditing mechanism can be used to monitor access control and possible unauthorized access attempts.
Microsoft Proxy Server is the latest in a series of BackOffice components being released by Microsoft as part of its Internet architecture. It is a product that enables corporations to provide secure connectivity to the Internet for its corporate users. Proxy Server is a service that runs on the Windows NT server. It supports all Internet protocols, including the following:
See "I-Net Tools and Protocols," [Ch. 18]
Users utilizing client tools that support any of these protocols can gain access to the Internet through the Proxy Server. In addition, Proxy Server is platform-independent: It can provide Internet access to clients running any operating system and using any tool that employs one of the supported protocols.
Another advantage of Proxy Server is its capability to service TCP/IP requests from non-TCP/IP networks. It provides support for IPX/SPX and NetBIOS protocols. Corporations running IPX/SPX or NetBIOS do not need to convert to the TCP/IP protocol to gain access to the Internet. For example, a someone using the Internet Explorer browser on a Novell NetWare network client running IPX/SPX can connect to the Internet through Proxy Server. It will handle passing requests from the client system to the remote server and vice versa. The features supported by Proxy Server include the following:
See "Proxy Server Features," [Ch. 23]
Services and Protocols
Proxy Server uses the Web Proxy Service and the Windows Sockets Service to monitor Internet requests and connectivity to the Internet. These two services enable Proxy Server to act as a gateway between the corporate network and the Internet and to process requests between the two.
NOTE: Web Proxy Service and Windows Sockets Service enable Proxy Server to act on behalf of a local workstation when connecting to the Internet. The local workstation is kept hidden from the outside world and it seems as though all communication is occurring with only Proxy Server. By isolating corporate machines from the Internet, it becomes very difficult for intruders to obtain the address of a local workstation and gain access to its resources.
Integration
Proxy Server is tightly integrated with Windows NT Server and IIS. The Internet Service Manager, which ships with IIS, is also the administration tool used for managing Proxy servers. In addition, the Performance Monitor tool and the Event Logging service can be used to optimize Proxy Server performance and monitor user activity.
See "Monitoring Server Performance," [Ch. 7]
See "Viewing Event Logs," [Ch. 7]
Security
Proxy Server's main function is to provide secure access to the Internet from corporate networks. First and foremost, Proxy Server leverages the security features built into Windows NT to provide a secure environment and then builds upon them. The security features offered by Proxy Server enable administrators to control access by the following criteria:
See "Administering Proxy Server," [Ch. 23]
In addition to the server-based Internet tools provided by BackOffice, Microsoft offers a full array of tools for the client-side requirements of the Internet. The Microsoft Internet tools strategy includes tools for WWW browsing, WWW authoring, WWW site maintenance, the extension of Microsoft Office products to support the creation of Web-based applications, and the Visual Basic scripting language for creating Internet-enabled applications. These tools include the following:
The following is a brief description of each of these tools for enabling client access to the Internet and the WWW.
Internet Explorer
Internet Explorer 3.0 is the latest Microsoft Web browser (see Figure 16.2). Internet Explorer supports the HTML version 3.5 specification. With the VRML add-on, Internet Explorer enables users to explore virtual reality sites. The Internet Explorer feature set includes the following
FIG. 16.2Microsoft Internet Explorer 3.0 can be used to browse WWW sites anywhere on the Internet or on an intranet.
Microsoft FrontPage
Microsoft FrontPage is a component of the suite of Microsoft tools for doing Web-based publishing and creating HTML documents. FrontPage contains a sophisticated set of Web publishing tools that require no programming to create attractive and fully functional HTML-based Web pages. This is in contrast to other HTML development tools that require extensive knowledge of HTML syntax to create Web pages. Figure 16.3 shows the main screen for building Web pages using Microsoft FrontPage.
FIG. 16.3Microsoft FrontPage enables the creation of Web pages using a graphical interface. Menus and toolbars are consistent with other Microsoft products.
FrontPage supports a full range of WWW authoring, scripting, and site management tools, and has the following features:
Internet Studio
Internet Studio is Microsoft's high-end Web publishing tool that provides sophisticated Web document authoring and content development capability for commercial and professional WWW developers. Internet Studio offers such features as frame-based layouts, interactive Web pages, and other HTML version 3.0 extensions for creating sophisticated WWW content. Frames are used in desktop publishing for organizing text around figures and pictures, and in multiple column layouts.
Internet Assistant for Word, Excel, and PowerPoint
The Internet Assistant for Microsoft Word, Excel, and PowerPoint is an add-on product that enables users to create and edit WWW documents directly from within the Microsoft Office applications. With Internet Assistant, users can author documents for the WWW with no HTML or Internet experience.
NOTE: Internet Assistant for Word, Excel and PowerPoint are incorporated into the respective products as part of the new Microsoft Office 97 suite of applications. The add-on products are avilable for earlier versions of Microsoft Office products.
Internet Assistant converts Word documents, Excel spreadsheets, and PowerPoint presentations automatically to HTML, preserving standard formatting elements, such as lists, headings, and bold and italic styles. It also provides a special template for adding hyperlinks, definitions, forms, pre-formatted text, and other HTML elements. If you want to include HTML elements not directly supported by the Internet Assistant template, you can use the HTML Markup command, which enables you to place native HTML codes in your document.
Internet Assistant is a cost-effective solution for creating Web pages because it is available free of charge from Microsoft. It provides the following features:
Microsoft Viewer for Word, Excel, and PowerPoint
Microsoft Viewer for Microsoft Word, Excel, and PowerPoint enables Internet users to view and print Word documents, Excel spreadsheets, and PowerPoint presentations without having the products installed. This makes it possible to have access to Microsoft Office-based documents that are posted on the WWW, in newsgroups, or downloaded from FTP sites.
For example, a user might access the Microsoft Web site and download a product description document that is in Microsoft Word format. If the user does not have Word installed, the user can still view the document using the Microsoft Viewer for Microsoft Word.
If you want to preserve multiple columns, text-wrapping features, embedded objects, and other Word features that HTML does not support, you can publish your document with Microsoft Viewer, which preserves the native format of the document.
In addition to Microsoft, other vendors are moving fast to develop products for Internet and intranet deployment. This section describes World Wide Web server products from Netscape and O'Reilly.
Netscape Communications Corporation develops a wide range of server products for implementing Internet and intranet solutions. Netscape's vision of the ideal Internet architecture is quite similar to Microsoft's, as evidenced by the server products it supports.
Netscape server products are available for a wide range of operating system platforms, including Windows NT, UNIX, IBM AIX, and DEC UNIX. All Netscape products are fully based on open industry standards. The Netscape server family includes the following products:
TIP: Evaluation copies of Netscape's server products can be downloaded from the Netscape Web site at http://www.netscape.com.
Netscape markets a collection of its server products under the trade name SuiteSpot, which is an integrated suite of server products that provides a wide range of functionality for developing Internet and intranet solutions. SuiteSpot includes Enterprise Server, Mail Server, News Server, Catalog Server, and Proxy Server. In addition, it includes LiveWirePro and AppFoundry, which are development tools for creating Web content.
O'Reilly and Associates Inc. (http://www.oreilly.com) offers WebSite, a World Wide Web server for the Windows NT and Windows 95 platforms. WebSite is a multithreaded, 32-bit Web server that is known for its ease of use and flexibility. It is probably the server that supports the widest variety of standards: CGI, ActiveX, Java, and Perl scripting. WebSite supports the following features:
There are several different ways to connect to the Internet using Windows NT and Remote Access Service (RAS). RAS provides connection speeds anywhere from 2,400 bits per second (bps) to 128 kilobits per second (Kbps), with full support for modems, ISDN, and X.25 connectivity. Using dial-up networking client software, the user can remotely connect to an Internet host (perhaps even a computer running UNIX) that supports SLIP or PPP connections using a modem, for example. Once connected, the user can use graphical tools, such as a Web browser, or the traditional command-line tools, such as FTP and Telnet. For a complete discussion of Windows NT Server RAS capabilities, see Chapter 12, "Implementing Remote Access Service (RAS)."
Another method of using Windows NT and RASñthe one that is most commonly usedñis to set up a RAS server on a LAN with a direct connection to the Internet. Mobile and home users can then dial in to the RAS server and connect to the Internet. Some corporate sites set up a RAS server isolated from the rest of the corporate LAN to provide a degree of security. Users can then dial in to two different RAS servers: one for Internet access and one to get to the corporate LAN.
The RAS client and server products provide support for the most popular protocols (NetBEUI, IPX/SPX, and TCP/IP using SLIP or PPP). The breadth of features and the simplicity of configuration and administration make the RAS solution ideal for providing remote connectivity for mobile and home-based corporate users. In addition, RAS has full support for Windows NT security and other dial-up security schemes, such as the Challenge Handshake Authentication Protocol (CHAP) and the Password Authentication Protocol (PAP), for connecting to Internet hosts running a multitude of operating systems.
This chapter presented some of the server-based products available as part of Microsoft BackOffice for corporations to use when implementing an Internet or intranet connectivity plan. For more information on some of the topics addressed in this chapter, see the following chapters:
© Copyright, Macmillan Computer Publishing. All rights reserved.