Best Practices for IIS Architecture:

Web farm-> load balancing

Multiple types of clusters are there

1. Windows cluster: where we see the node A and node B sharing the storage area network(SAN)

Only active node is working at a time and another one is passive

Copy of SAN is placed in 2 machined, if one server is down another one is pointed to this

We have nodes that have SAN and for these nodes requests are coming using NLB mgr

we have environment like

las Vegas

a,b,c,d nodes with ip address 1 and NLB,

new York

e,f,g,h, nodes with ip address 2 and NLB ,then in dns, these 2 IP address register for the http://www.nuggetlab.com

so some people will go to las Vegas network and some people will go to new York network

this is the large sites will build

Firewalls will block the traffic that comes through the ports

IIS is behind the firewall, so attacking on iis will be reduced as the firewall is there

Another way to reduce attacks on iis is don’t install the roles what you don’t need

Go to iis thru server manager, check the best practice analyzer

Scan that role every time and check what you missed some roles

if any malware is there, we can find it through IIS SEO toolkit

regards,

Chaitanya