From a systems administration standpoint, one of the main goals for managing web servers is to maintain a high standard of security. Security is an important concern in all areas of IT, but it’s especially important for information and applications that are readily accessible to large numbers of users. In this chapter, you learn how to configure security for a Windows Server 2008 R2 web server.

Lesson 1: Configuring IIS Security, focuses on securing access to Internet Information Services 7 (IIS 7) and the content it contains. You learn how to configure permissions for remote management and how to increase the security of the server by disabling or removing unneeded features and options. In Lesson 2: Controlling Access to Web Services, you learn about ways in which you use authentication and authorization. You also learn how to increase security through server certificates and IP address restrictions.