It’s hard to find a person today who hasn’t used File
Transfer Protocol (FTP). FTP can be considered the backbone for
transferring files to and from a website. The basic premise of an FTP
server is based on placing files in directories and allowing users to
access or publish information with an FTP client or an FTP-enabled web
browser, such as Microsoft Internet Explorer
7.0. Depending on the placement of the FTP server, amateurs and
professionals alike can either upload or download data from the Internet
or intranet.
In the past few releases
of IIS, Microsoft did not place a tremendous amount of emphasis on
revamping the FTP service. As a result, the Windows FTP service has not
been heavily used by the IT community as organizations require strong
security and native encryption; however, things are about to change.
With Windows Server 2008 R2, Microsoft listened to the needs of its IT
community and accordingly reengineered the FTP service for IIS. It is
now more robust, dependable, and it supports SSL for data encryption.
Now that we know that FTP has
been revamped and enriched with many new features, here comes the
confusing stuff. Windows Server 2008 had two FTP servers. The first FTP
server was included with the installation of IIS 7.0 on Windows Server
2008. It was, however, not installed by default and could be added as an
FTP role service in Server Manager. The FTP service offered here was
“out of the box” and is essentially the exact same FTP solution included
with IIS 6.0. Essentially, this means it did not include any new
features and functionality. In addition, the Internet Information
Services IIS (6.0) Manager legacy tools were required to administer the
FTP components, service, and properties.
The second FTP server was a new
and improved secure FTP service, which included all the new bells and
whistles. Unfortunately, Microsoft ran out of time and did not have the
opportunity to finalize the new FTP service before going live with
Windows Server 2008. Therefore, the product was stripped from the
official release of Windows Server 2008 and was considered
“out-of-band,” meaning it can be obtained as a separate download from
Microsoft.
With Windows Server
2008 R2, a new version of FTP Server services is included with the
product as an optional component to be installed with IIS 7.5. It is
fully integrated and can be managed with the same IIS 7.5 administrative
interface. FTP Server Services with IIS 7.5 includes extended support
for new Internet standards, such as FTP over Secure Sockets Layer (SSL),
support for extended character sets by including UTF-8 support, and
support for IPv6.
Examining the New FTP 7.5 Server Service Features
Microsoft has made many
improvements to the FTP 7.5 Service. First, the FTP 7.5 Service has been
completely rewritten from scratch. As a result, it is more secure and
meets today’s industry standards for publishing content in a secure
fashion. The following is a list of new features for the FTP 7.5 Service
running on Windows Server 2008 R2:
There is now tight integration with IIS 7.5 websites and IIS Manager. It supports today’s demanding security needs by supporting FTP over SSL. Organizations can now host multiple FTP sites with the same IP address, as the bindings support host headers. Both web and FTP content can be hosted from the same site. UTF8, IPv6, and integration with other repositories such as SQL Server are supported. Improved logging and diagnostics are now available.
Microsoft certainly realizes FTP
is not going away and is still the preferred method for publishing
content and exchanging large pieces of data between organizations. By
rewriting the FTP service, utilizing Extensible Markup Language (XML)
configuration files, and providing secured FTP, the product now meets
today’s industry FTP requirements out of the box without the need to
purchase third-party plug-ins.
Installing the FTP Server
Similar to the previous
version of IIS, the FTP publishing service is not installed by default.
To add the FTP role service included with IIS 7.5 running on Windows
Server 2008 R2, perform the following steps in Server Manager:
1. | Assuming
the Web Server is already installed, in Server Manager, first expand the Roles node and then select
Web Server (IIS).
| 2. | Right-click the Web Server (IIS) node, and then select Add Role Services.
| 3. | Select
the following Web Server role services and subcomponents: FTP Server,
FTP Service, and FTP Extensibility, as displayed in Figure 1, and then click Next.
| 4. | On
the Confirm Installation Selections page, review the FTP roles,
services, and features selected for installation, and then click Install
to initiate the installation process.
| 5. | Ensure the installation succeeded by reviewing the messages on the Installation Results page, and then click Close.
|
Creating a Secure FTP 7.5 Site Using SSL
With IIS 7.5, it is not only
possible to create a new FTP site or add FTP publishing to an existing
website, but it is also possible to have both FTP and HTTP coexist. To
create a new FTP site, in addition to the Default FTP Site, do the
following:
1. | Select Start, All Programs, Administrative Tools, Internet Information Services (IIS) Manager.
| 2. | In the Connections pane, expand the IIS server, and then expand the Sites node within the tree.
| 3. | Right-Click Sites and select Add FTP Site.
| 4. | Enter
the FTP site name and specify the physical path for the FTP site you
will use. If needed, click the Connect As button to provide path
credentials.
| 5. | In the Binding section of the Binding and SSL Settings page, enter the IP address and port of the FTP server.
| 6. | From within the Binding and SSL Settings page, specify a certificate and select the Require SSL option in the SSL section.
| 7. | Select the Start FTP Site Automatically option, and click Next, as displayed in Figure 2.
| 8. | On
the Authentication and Authorization Information page, specify how
users will authenticate to the site by choosing Anonymous or Basic in
the Authentication section.
| 9. | In
the Authorization section, specify who has authorization to the site by
selecting from the following: All Users, Anonymous Users, Specified
Roles or Users Groups, and, finally, Specified Users.
| 10. | The
final setting on the Authentication and Authorization Information page
is the Permissions section. Specify the permissions for the FTP site.
You can choose from Read and/or Write.
| 11. | Review the settings, as illustrated in Figure 3, and then click Finish to finalize the FTP site creation.
|
|
