The IBM Internet Connection Secure Server provides the foundation for building your company's presence on the Internet. Your business can use the Internet Connection Secure Server on the World Wide Web to reach customers and suppliers around the world. Or you can use the Internet Connection Secure Server within your business to communicate with employees.
With the IBM Internet Connection Secure Server, your business can implement Secure Sockets Layer (SSL) to ensure that your business transactions are secure.
This chapter describes some of the key features of the server.
You can easily install the server using the Windows installation tool, InstallShield**. For more information, see Chapter 4. "Installing your server".
After you install the server, you can start it using the configuration values you specified during installation. Default values are supplied for all the other configuration values. Using a Web browser, you can then connect to the server.
Once you connect to your server, you'll see the Front Page, which it uses as its home page. The Front Page provides a valuable assortment of tools and information, including links to:
You can install and run your server as an NT service. An NT service can be set to start automatically when Windows NT starts. Thus the service can serve requests without you being logged on. Normally NT services run without a Graphical User Interface (GUI). As a result, users do not need to know about the service, and the service doesn't get in the way of anything else they might be doing. Some of the advantages of using this feature are:
The server supports the Common Gateway Interface (CGI), which allows you to create external programs (CGI programs) that interface with your server and perform tasks such as searching and forwarding e-mail messages.
To assist you in writing CGI programs, the server includes utilities for extracting forms data, writing document headers, and processing image maps.
The server also supports the Internet Connection Application Programming Interface (ICAPI). This interface is designed specifically for the server's threaded processing and allows you to easily extend the server's base functions. Using the ICAPI you can write extensions to perform site-specific processing, such as publishing customized pages based on client's code level, enhancing the basic authentication, and adding error routines to track problems or alert you about serious conditions.
For more information, see the Web Programming Guide and the Webmaster's Guide.
The Simple Network Management Protocol (SNMP) subagent built into Internet Connection Secure Server maintains server information and performance data in an SNMP Management Information Base (MIB). The MIB data describes the server being managed, reflects current and recent server status, and provides server performance data. From any SNMP-capable network manager, you can display, monitor, and adjust thresholds for your server's performance to proactively tune or fix server problems before they become server outages.
For more information, see the Webmaster's Guide.
Most likely, you will not want everyone to be able to access all the information on your server. For example, you probably would not want everyone to be able to access your CGI programs.
You can restrict access based on user name and password, or the address of the requester. Access authorization is controlled using the configuration file and possibly one or more other files, including:
You can create a virtual hierarchy of Web resources. As part of the server's configuration, you can specify resource mapping rules, which associate a request template with the actual path to a document or resource. Each request that comes to the server is checked against these rules to determine if the request should be accepted and where the requested resource is actually located.
For more information, see the Webmaster's Guide.
To help you determine whether or not your Internet message is reaching the intended audience, you can keep access logs that show who is accessing your server and when. To see internal server errors, you can check your server's error logs. If your server is a caching proxy, you can keep logs of requests for cached files in a cache access log.
In addition, your server creates agent logs, referer logs, and CGI error logs. Agent logs indicate which Web browser was used to access a Web page. Referer logs indicate the page that linked to or referred to the page. CGI error logs contain standard error output (stderr) from CGI programs.
You can control what gets logged by filtering out entries that match a particular pattern. Your server automatically creates a report for each log, so you can view the contents of the log. You can modify these default report templates so that you include and/or exclude log entries contained in the report.
Because the logs are written in a format that is common to most Web servers, you can use any of several generic statistical programs to analyze the log contents.
You can compress log data, archive reports, and include old log data in reports.
For more information, see the Webmaster's Guide.
When you configure your server as a caching proxy server, you can improve performance, as well as allow users of your internal network to access documents on the Internet.
You can specify many configuration options for a caching proxy, including:
For more information, see the Webmaster's Guide.
You can configure your server to serve different files based on the IP address of the network connection a request comes in on or the host for whom a request is made. This is particularly valuable to Internet service providers who want to use one server to provide Web sites for multiple customers. The server allows you to configure:
For more information, see the Webmaster's Guide.
Server-side includes enable the server to do some processing of Web pages before the page is sent to the client. The current date, the size of the file, the last change of a file are examples of the kind of information that can be sent to the client.
For more information, see the Webmaster's Guide.
The Internet Connection Secure Server design is based on the work at CERN. You can customize basic CERN messages that your server sends back to the client when error conditions are encountered. For example, you can change a message to include more information about the cause of the problem and suggest possible solutions to fix it. For internal networks, you might provide a contact person for your users to call.
For more information, see the Webmaster's Guide.
For more information, see the Webmaster's Guide.