In this chapter, every attempt has been made to identify all of the major points to be considered when installing MS Internet Information Server (IIS). The planning approach being applied in this chapter is very generic and could be applied to the installation of any server.
Special emphasis is placed on trying to identify primary goals before starting to specify detailed information. The reason for the heavy emphasis on the goals first relates to what the author has observed, which is totally uncontrolled additions of servers with no real purpose. This type of expansion only hinders the cause of information distribution and continued waste of capital dollar investments.
If users follow the basic steps oulined in this chapter, they will be able to point back to the reason this server was installed. A user will be able to also determine when a server has outlived its goals and can be reassigned to more profitable work.
One of the biggest mistakes made in the information systems business is the assumption that just because some new technology/product has arrived on the scene we must implement it. The decision to install Internet Information Server should be after careful consideration of many different perspectives of the server. No new technology/product should be implemented without asking yourself many questions.
The question of who is paying for the server may seem like a very simple question to answer. For some projects it isn't easy to ascertain who is paying the bill. The answer to this question helps to clarify the primary purposes of an Internet server.
Sometimes it is required that we look past the people who have requested a server to find the true source of the funding. If you can locate the true funding source then you will be able to develop a more complete picture of what the real needs are. Often the computer person, or group, gets a request from the marketing or sales group for a Web server. In reality the executive branch is providing the funding from a special project fund.
In this scenario the marketing/sales group desires only to put information out on the Web. The executives will be looking for ROI (Return On Investment) on the project money. It is important in the early planning stages that you understand all of the expectations for this server.
In a situation like the one mentioned, you need a more robust server to meet the needs of the sponsoring executives than what has been requested from the marketing/sales folks. To prove the Web exposure had a direct impact on sales would require you to capture some vital statistics on your server. This active data collection requires more server hardware and software to support data collection in a rapid fashion. You might even have to implement electronic commerce solutions to prove the actual ROI.
If you are installing this server for your own personal use, then determining the primary purposes should be an easy task. You should still formulate in your mind some very specific reasons for the implementation of this server prior to purchasing the software and hardware.
One of the major goals during the analysis phase of the project
should be to identify the top three purposes for this server.
You may identify more than three purposes, but the total list
must be prioritized to reflect the top three.
| TIP |
The focus of the three purposes is to have a small enough number of goals that you can accurately measure your progress and ultimate success. |
It is understood that any one Internet server project may actually accomplish more than three basic purposes. If you do not clearly define at least three primary purposes for any particular Internet server, you usually end up with a very weak server implementation. All other decisions relative to this server will be made on the basis of these three purposes.
By limiting the number to three, it is very easy to develop metrics, which enable you to measure the degree of success you have with any particular server project. Most customers, or bill payers, can easily relate to just three purposes and help you determine how to measure success. This type of concrete evidence makes all future projects go very smoothly with virtually no back seat designing/specking by the customer since you have proven your abilities.
When you narrow down the primary purposes of the server you decrease the amount of money wasted on nonessential software and hardware. With the speed of new developments in the Internet computing arena, it is easy to overspend trying to cover too many purposes with a single server installation. This is especially true when selecting Web Server software.
Information collection/distribution are common goals for Internet server implementations. What happens many times however is that users forget that someone has to maintain that information once it is on the server. The maintenance of this information can become a much bigger job than the initial effort to set up the server. Because of this fact, it is important to consider several things relative to maintenance before implementation.
To prepare for the setup, you need to reach an agreement as to who is going to maintain what information. You need to arrange the information on the server based on who will perform this maintenance. If the information is going to be maintained by more than one person, you will most likely want to separate the information by the person.
This type of separation of information makes it easier for the maintenance person to find and update the information that is relevant to them. This separation also enables you to put different security restrictions, based on the maintenance person, into place. The segmentation of the data limits the amount of information your server must look through to find the requested information from the user.
Frequency of Information Maintenance Some planning needs to be done regarding how often the static information is to be updated. One of the biggest problems on many Web sites today is out-of-date or incorrect information. There should be a commitment made by specific individuals, or departments, to update the static information on some regular basis.
Is the information going to be highly dynamic by nature? This question can be interpreted in two ways. First, is the information changing every minute, hourly, daily, weekly, and so on. Secondly, is this information in a dynamic form such as real-time video, or audio, or both? If the information falls into the highly dynamic category, then you need to evaluate the hardware specification to be sure you have a large enough server in terms of hard disk, RAM, cache, and processor speed. Some Internet server applications do not support high-speed delivery of video/audio like the Internet Information Server does. Many Internet server applications do not provide easy mechanism's for database connectivity like Microsoft's ISAPI/ODBC options. A database versus file storage approach should be utilized on any data that changes more frequently than once a day. Most people would also recommend database storage for information that changes weekly.
Backing Up the Information With greater emphasis on doing real live business on the Internet, an increasing focus must be placed on data backup. When developing the requirements for your Web server, all information that will be stored on the server should be classified regarding its importance to ongoing business operations. If any of the information is essential information to the primary operation of the business, it should be backed up on a regular schedule.
Much of the information on a Web server is already backed up somewhere else. If you are using your server to collect information from the users, however, then this information is not backed up. Sometimes, automatic backup of information as it is collected through automatic data distribution schemes can be implemented as part of the server OS.
You need to consider how much physical space is required for any particular group of information. Will this information be increasing from user addition? If this information increases from user input, then at what rate will it grow and at what point do you start archiving? What information do you archive and for how long do you maintain the archives?
Based on the answers to the questions listed above, a more accurate sizing of the server hardware can be done. The selection of your Internet server software is influenced by these answers. All Internet server application programs have different strengths and weaknesses in functional terms. Some server packages have been developed with a heavy emphasis on handling a large number of concurrent users, while other packages have been developed with a focus on large amounts of information being managed.
If this server will have a large number of people concurrently accessing the information, then special attention should be given to how the server is connected. It usually does not matter how many different people will be connecting to a server unless security is applied at the user level. In the planning stage, emphasis should be placed on trying to determine the typical number of concurrently connected users.
Consideration should be given to special events in time which
might promote spikes of concurrent connection, such as the release
of a new version of software, and so on. Planning the size of
the server should always be based on the maximum anticipated concurrent
connections.
| CAUTION |
The coverage supplied in this section on sizing your server is very brief and should not be viewed as comprehensive. When trying to assess the size of your server, you should consult with many different people to cover all aspects of the server. |
Some analysis should be done to determine if other applications will require access to the information on the Web server. In today's highly interconnected business systems, many Internet servers collect information that must be moved into other mainstream business systems. The movement of this information from the Internet server represents another point of load on the server infrastructure. Often, these kinds of connections require that several more pieces of software be up and running on the server all the time. The additional software and users require more disk space, RAM, cache, and communication capacity. These additional connections also require more planning in the security setup.
There are usually two basic purposes for an Internet server to be installed. The first, and most common, is for information presentation; the second is for information collection.
If your particular server implementation is primarily for information presentation, then you have a much simpler job of determining the appropriate server software/hardware combination. In the area of information presentation, you basically have to determine how much information is to be presented and in what delivery format it should appear. If you fall into the category of highly dynamic delivery format (real-time video/audio), then you will require a much stronger server. If you fall into the category of static file/record/page format (HTML), then you will require a normal size server.
If your particular server implementation is primarily for information gathering, then you will have a little tougher job of determining the appropriate server software/hardware. In this type of server implementation you will usually be collecting basic records of information. If this information will be collected through the use of applets running on the server versus HTML-based forms input, then you will need to pay special attention to the amount of RAM available. If this information will be stored in flat text files versus database records in an industry standard RDBMS hard disk, storage space will be a consideration. If this information will be stored in a relational database management system, then you must consider the size of the hard disk and the amount of RAM.
This whole area of information collection versus presentation should be examined very carefully since history teaches us that most of the time it will not be one or the other, but both approaches requested. Most Internet servers start out with the simple presentation approach and move into information gathering. Ask lots of questions!
This is a very simple question to ask but not simple to answer sometimes. If the intended audience is easily defined, then you can build a good user profile.
This user profile is very important for determining how to design your user interfaces on the server. There have been several books written on the subject of user interface design for computer applications. I would suggest stopping by your local bookstore and browsing through a few on the subject and pick one or two which seem appropriate.
Sometimes, however, the people requesting the server do not have a clear definition of the audience they are seeking to attract. If you find this to be the case in your implementation, I would recommend you stop all further progress on the server project until they can clearly define their audience.
Once you understand the typical user profile you can start the process of estimating how many people will really be connecting to this server. This profile also enables you to get a handle on how many people will likely be connecting concurrently. Based on this profile, you might even change the way you are connected to the network that services your audience.
To help predict how many people will be connecting at one time, ask, "Why will they be connecting?" If people are connecting randomly, just to get some information that has been made available on the server, you will probably have a lower number of people connecting at the same time. If people will be connecting to download some new version of a program, you will have a larger number of concurrent users.
It is important to understand what type of equipment the average user will be connecting with. If the audience will be using lower-end, non-multimedia computer systems, then you should not plan on the use of real-time video & audio in your server application. On the other hand, if your audience does have high-end, multimedia equipped computer systems, you should include the use of real-time video & audio.
There are many different ways to connect to a server these days,
from dial-up communications to wide area network connections across
global communication networks. The two most common ways referenced
in today's computing industry are referred to as an "intranet"
or "Internet" connection. These two types of connections
do not tell you anything about the physical connection but rather
refer to the logical side of the physical connection. For planning
purposes, however, you should be aware of not only the logical
connections but all of the physical connection possibilities to
be supported.
| NOTE |
The recommendations that follow in this section are generalized on the basis of what an average user would be willing to tolerate in terms of waiting on information to display. It is possible to deliver just about any type and amount of data over even the slowest links. It is the opinion of this author, however, that with a little planning up front you can have a server that people will enjoy using over and over. |
An intranet connection typically refers to a connection that is made on a private network. Intranet servers usually have no visibility to the Internet, and likewise, clients on the Internet cannot see intranet servers. This type of connection is preferable for highly sensitive information that is for a limited audience viewing.
Typical intranet types of servers provide corporate financial or sales information that needs to be made available quickly. An intranet server usually does not have all of the high-security measures that an "Internet" server requires. Intranet servers tend to be faster at information delivery because most users are locally attached through a local area network.
Because of the faster connections, these types of server implementations work well for high-volume information delivery, as well as more complex information collection applications. Server implementations on an intranet are often used as primary repositories for R&D information, corporate marketing, employee information, financial reports, and so on. This functions to make all this information highly accessible. One of the big advantages of using intranet servers is that information can be made available to a large number of people very rapidly.
Internet servers are made available to the worldwide Internet population, generally speaking. These server implementations usually provide a platform for public information distribution to all interested parties. Some Internet server implementations seek to limit the viewing audience through the use of advanced security measures. Most companies do not put highly sensitive information on Internet-connected servers because of the increased number of talented hackers.
As a general rule, Internet server implementations are used to promote a company, service, or product to the growing population on the Internet. Some creative uses of Internet servers today span the range of long distance telephony to online shopping for anything from cars to clothes. The big advantage Internet servers offer is the ease of access from anywhere in the world. Today there are Internet service providers throughout the world that provide for quick local access to the Internet.
This easy, worldwide, high-speed connection ability is what makes Internet servers the logical choice for a lot of the information distribution and collection needs of corporate America. Information that used to be unavailable to the road warrior is now very accessible without the cost of long distance phone calls.
Internet-connected servers are very good vehicles for delivery
of just-in-time information such as e-mail, production reports,
and customer support information, and so on. With greater strides
being made every day in security, Internet servers could become
the preferred delivery mechanism for almost all business transactions.
| NOTE |
Refer to Chapter 12, "Basic Security and Logging," and Chapter 15, "Advanced Security Concepts," for more information on Internet security. |
If people will be connected through a local area network at normal LAN speeds of 10 megabits, then pipeline constraints will not be a problem. Refer to figure 3.1 for a graphical presentation of this type of network connection. In this type of installation you should consider the physical location of the server on the network relative to the largest population of users. The server should be placed in as central a location, relative to user population, as possible.
Figure 3.1 : This is a typical LAN-connected Internet server. Notice the multiple LAN segments.
This type of central placement minimizes problems of saturated network segments and flooded routers. In some cases, where there are a large number of concurrent users, it is advisable to provide multiple physical connections to the LAN on different segments. This type of multi-porting of the network connection provides maximum availability of the server.
This type of LAN connection provides tremendous freedom and allows the use of high bandwidth technologies, such as real-time video or audio, for information presentation without requiring the download of the files. Anytime this type of connection is available it should be the preferred method of connection.
This type of connection can involve a number of different configurations. The first configuration utilizes a relatively high-speed connection between two remote sites. Please refer to figure 3.2 for a drawing of this configuration. This connection would be a T-1 or 1.54 megabits speed to DS4 or 274.17 megabits speed. Over this type of high-speed WAN (Wide Area Network) connection, you can usually utilize more complex graphical presentations. You would want, however, to limit the use of any type of real-time video or audio without requiring the files to be downloaded. These types of connections can become saturated very quickly during peak times and cause major problems for all users. Once again, some thought should be given to location of server in relation to the largest group of users in order to better manage traffic over these WAN links.
The second most common configuration is the use of slow-speed connections. These connections range in speed from 64 kilobits per second to 9,600 bits per second. Refer to figure 3.3 for a drawing of this type of connection. On these types of connections you should limit the use of any graphics to only basic 16-bit color, or smaller. You should only use graphics if it adds a high value. In this type of slow connection environment, it is important to pay special attention to how much data could potentially be pulled across these links. Just a small number of users connecting to a graphic-intensive page at the same time could saturate these slower links. This assumes no other types of data/voice traffic would be traveling along these same lines.
This type of connection is the kind of connection most people endure from home to their local Internet service provider or favorite online service. There are basically two types of connection involved in this category. The first type is where the server is connected directly to the LAN that the user connects to with his or her modem. The second type is where the server is connected to a LAN that is WAN-connected to the LAN that the user connects to with his or her modem. Refer to figure 3.4 for a drawing of this type of connection.
Figure 3.4 : This drawing reflects a dial-up modem connection using a WAN and not using a WAN.
On the first type of connection you must plan for all communications to run at the speed of the slowest modem being supported. If this is a slow modem connection such as 2,400 or 4,800, then you should never present any kind of graphics; stick with the text-only approach for all information presentation. If the slowest modem speed is around 14,400, then you can use some limited graphics, but once again, only when they add great value. If any graphics are used, they should be in the smallest form in numbers of colors and physical size.
The second type of connection, which involves a WAN link from modem LAN to server LAN, the same rules apply as for the first type. The only additional thing to consider is whether the WAN link is slower than the dial-up modem link, in which case you should base your decision on the speed of the WAN link.
The final type of connection to discuss is the wireless connection. Today, this is a very rare type of connection for Internet servers, however; it is becoming a common connection medium for users. These types of connections are usually functional equivalents of the standard remote dial-up connection in terms of speed, and the same rules should be applied.
One type of wireless connection should be considered differently than the usual wireless modem type of connection. There is a whole category of wireless network devices that provide a range of connection speeds from 300 kilobits per second to 5 megabits per second throughput. You should plan for these types of devices the same way you would for the direct LAN connections. Most of these devices attempt to match copper LAN speeds and will only see a slightly reduced speed from their copper counterparts.
Often, we move straight from idea to development with no reality check. If you take the time to do this planning and collect some basic information about your server installation, you should stop and do a reality check. To test the design is the equivalent of doing a reality check on your plan for implementing your server.
Some of the reasons you need to test your design are:
One of the first things you can do to test your design is to visit the actual user community and physical site. While at this site, you should connect to the network with the same connection the user will use to access the server. Pay close attention to the responsiveness of the system. If other Internet servers happen to be available on that connection, then connect to them to examine the real-world response time. This type of simple test will save many hours of re-work on a server implementation.
While at this user community, ask questions regarding the information you are planning on making available on the server:
Do they even want this information?
How often do they want this information?
In what format would they prefer to see this information?
What is their estimate of the amount of information that is available?
Is there other information they consider more important?
After gaining more insight to the user community, carefully consider how this information might impact the way this group of users will perform their daily routines. Try to assess whether changes will occur in standard business processes. If you feel like there will be major changes that might impact other business processes, then point this out to the appropriate parties. Many times critical business systems have been disrupted as a result of these kinds of business process changes that seemed insignificant at the time.
The final testing step for your design is to draw a logical map of information flow, both into your server and out of your server, to the user. This map should clearly identify where, when, and from whom the information will come. The map should clearly identify where, when, and to whom the information will go. The map should identify what communication paths will be utilized to deliver the information in both directions. This map can help you identify any critical pieces you might have overlooked in the infrastructure.
If the project schedule permits, you should do a quick mock up of the server information on an existing server to validate some of the basic purposes for your server implementation. This quick-and-dirty prototype is only to validate the basic layout and uncover any hidden bugs in the design relative to technology that might not work as planned.
Some particular areas to pay attention to in the prototype are:
Prototyping for a server implementation can be a waste of time if you are doing a very simple server implementation, so good judgment should be applied.
Very often it is easy to get caught up in the newest, whiz-bang technology and lose sight of the ultimate goal. Internet Information Server from Microsoft is a very good product, but it can be misused just like any other new product. There are many other ways to distribute information to people besides the use of Internet servers. Consider all of the great groupware products, e-mail systems, bulletin board systems, simple file servers, and Client/Server applications that could be alternatives to Microsoft Internet Information Server.
There are different reasons to use different technologies, depending on the need for your specific information distribution requirements. Internet Information Server is not a good technology to apply to some very volatile data, which has a high number of transactions each day or each hour. We are always looking for a silver bullet in the computing industry, but this is not a silver bullet.
Some basic questions to be asked prior to moving forward with an Internet server implementation are:
Some very bad reasons to implement an Internet server are:
This section is not presented to downplay the technology of Internet servers but only to try and introduce some reality back into the thought process. We must never forget lessons learned in our industry. Consider the fact that most major corporations still have a mainframe running in the glass room performing many mission critical tasks. Much in the same way today, we have many client/server systems that are performing valuable business tasks. Before introducing any new technology, such as an Internet server, into the mix, be sure one of the existing technologies would not work better. There are many very solid business reasons to implement Internet servers; just be sure you clearly identify your reasons.
This is one of the toughest parts of the planning process. Determining the basis for objective evaluation of success is just as critical as determining who your audience will be. One often-used measure of success is whether or not you can connect to the server. This is a crude measurement, at best, but it is very objective.
In today's environment of cost justification and cost cutting, it is usually better to identify some form of cost savings that can be measured. In some companies this might be as simple as reducing the number of technical support calls received on a daily basis. No matter what the measuring stick, the important thing to remember is that someone has to be able to read the measurements. To be able to read the measurements you have to be able to make the measurements with only a minimum of extra effort. If at all possible, try to identify some measurement that can be automated as a normal part of the business process using the server.
In the planning stage, reach an agreement as to what "complete" means for this first part of the project. This definition is important when it's time to stop and read the measurements to determine if this has been a successful implementation. "Complete" appears to be a simple thing to define, but in reality the tweaking can go on forever. Some objective level of information availability is probably the safest measure of completeness. Once you have full agreement on what complete means and how you will measure success, then do it. If the project is successful, publicize it to the whole world. Some projects do not meet all of your expectations. If this happens, then take what you have learned and apply it to your next project.
You should now have a very solid idea of how to start your planning process for the installation of your MS Internet Information Server. If careful attention is given to each of the items mentioned in this chapter-from identifying the bill payer to the type of client connection-your installation will be much easier.
A small amount of focused planning will help reduce the high risk of failure we all face on these technology projects. This chapter shows you that most of the planning is very straightforward but required for a successful implementation.