Help: How to defend against IIS bashing

TheMSsForum.com: The Microsoft Software Forum

Hi,
We're selling an IIS based web app and are met with an increasing (so it
seems) anti-IIS "attitude" in the marketplace, especially in Germany.
Potential customers back away when they hear we only support IIS. Example
comments:
"IIS open the door for virus"
"We are not ready to install IIS"
"It is strictly forbidden to use IIS"

The alternative they mention is always Apache. We've tried to come up with
effective counter-arguments, but have failed so far. So any help would be
appreciated!

- Tormod
Top

Re: How to defend against IIS bashing by Bernard

Bernard
Tue Aug 12 03:29:25 CDT 2003

Wow.. actually it's not all IIS issue, some is related to OS.
like the latest 026 alert...

You should get yourself a copy of IIS6.0, read the product
improvement... -
Read the changes
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/standard/gs_whatschanged.asp

and with the correct security measurement.. you are safe!
e.g. Firewall, Antivirus, IDS, Physical security and etc.

refer www.microsoft.com/security/
www.microsoft.com/iis/ for more info on IIS and security.

next, try read this test report.
http://www.veritest.com/clients/reports/microsoft/


--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...


"Tormod Hystad" <thyATkomplett.no> wrote in message
news:ewEiZeKYDHA.2236@TK2MSFTNGP10.phx.gbl...
> Hi,
> We're selling an IIS based web app and are met with an increasing (so it
> seems) anti-IIS "attitude" in the marketplace, especially in Germany.
> Potential customers back away when they hear we only support IIS. Example
> comments:
> "IIS open the door for virus"
> "We are not ready to install IIS"
> "It is strictly forbidden to use IIS"
>
> The alternative they mention is always Apache. We've tried to come up with
> effective counter-arguments, but have failed so far. So any help would be
> appreciated!
>
> - Tormod
>
>
>


Top

Re: How to defend against IIS bashing by Tormod

Tormod
Tue Aug 12 06:55:40 CDT 2003

Thanks!

Yes, *I* know how much of an improvement Win2003 and IIS 6.0 is over past
windows/IIS versions, with the new "secure by default" mindset and the
code/features improvements, but I am having a hard time convincing
potential customers. They're very aware of the amount of negative press
about security/reliability in Windows/IIS.

The VeriTest report focused on the good performance, that's not what our
customers are worried about, they worry about security and reliability.
Independent, objective studies/comparisons of IIS6 vs Apache1/2 would be
great.

You have a great product (Win2003/IIS6), get the message out, so we can make
a living adding value to it!

- Tormod


"Bernard" <qbernard@hotmail.com> wrote in message
news:#DYcYvKYDHA.3232@tk2msftngp13.phx.gbl...
> Wow.. actually it's not all IIS issue, some is related to OS.
> like the latest 026 alert...
>
> You should get yourself a copy of IIS6.0, read the product
> improvement... -
> Read the changes
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/standard/gs_whatschanged.asp
>
> and with the correct security measurement.. you are safe!
> e.g. Firewall, Antivirus, IDS, Physical security and etc.
>
> refer www.microsoft.com/security/
> www.microsoft.com/iis/ for more info on IIS and security.
>
> next, try read this test report.
> http://www.veritest.com/clients/reports/microsoft/
>
>
> --
> Regards,
> Bernard Cheah
> http://support.microsoft.com/
> Please respond to newsgroups only ...
>
>
> "Tormod Hystad" <thyATkomplett.no> wrote in message
> news:ewEiZeKYDHA.2236@TK2MSFTNGP10.phx.gbl...
> > Hi,
> > We're selling an IIS based web app and are met with an increasing (so it
> > seems) anti-IIS "attitude" in the marketplace, especially in Germany.
> > Potential customers back away when they hear we only support IIS.
Example
> > comments:
> > "IIS open the door for virus"
> > "We are not ready to install IIS"
> > "It is strictly forbidden to use IIS"
> >
> > The alternative they mention is always Apache. We've tried to come up
with
> > effective counter-arguments, but have failed so far. So any help would
be
> > appreciated!
> >
> > - Tormod
> >
> >
> >
>
>


Top

Re: Help: How to defend against IIS bashing by jcochran

jcochran
Tue Aug 12 08:25:38 CDT 2003

On Tue, 12 Aug 2003 09:59:02 +0200, "Tormod Hystad" <thyATkomplett.no>
wrote:

>Hi,
>We're selling an IIS based web app and are met with an increasing (so it
>seems) anti-IIS "attitude" in the marketplace, especially in Germany.
>Potential customers back away when they hear we only support IIS. Example
>comments:
>"IIS open the door for virus"
>"We are not ready to install IIS"
>"It is strictly forbidden to use IIS"
>
>The alternative they mention is always Apache. We've tried to come up with
>effective counter-arguments, but have failed so far. So any help would be
>appreciated!

The third argument is impossible for you to overcome directly. The
other two are only slightly less impossible. My advice would be to
either support other non-IIS options, or to make a product so
indispensible they run IIS just to run your product. (Or just sell to
IIS shops)

There are millions of shops that run IIS without the virus/security
concerns getting in the way. But that doesn't make the concerns
invalid, and if you have Linux/Apache admins that can't secure a
Windows/IIS box correctly, then IIS should not be an option for your
organization until the skill set changes.

Jeff
Top

Re: How to defend against IIS bashing by Chris

Chris
Tue Aug 12 19:44:00 CDT 2003

Hey ~

Contact me offline... chrisad@microsoft.com

Thanks,

--
~Chris (MSFT)
IIS Supportability Lead

This posting is provided "AS IS" with no warranties, and confers no rights


"Tormod Hystad" <thyATkomplett.no> wrote in message
news:ewKXoiMYDHA.4020@tk2msftngp13.phx.gbl...
> Thanks!
>
> Yes, *I* know how much of an improvement Win2003 and IIS 6.0 is over past
> windows/IIS versions, with the new "secure by default" mindset and the
> code/features improvements, but I am having a hard time convincing
> potential customers. They're very aware of the amount of negative press
> about security/reliability in Windows/IIS.
>
> The VeriTest report focused on the good performance, that's not what our
> customers are worried about, they worry about security and reliability.
> Independent, objective studies/comparisons of IIS6 vs Apache1/2 would be
> great.
>
> You have a great product (Win2003/IIS6), get the message out, so we can
make
> a living adding value to it!
>
> - Tormod
>
>
> "Bernard" <qbernard@hotmail.com> wrote in message
> news:#DYcYvKYDHA.3232@tk2msftngp13.phx.gbl...
> > Wow.. actually it's not all IIS issue, some is related to OS.
> > like the latest 026 alert...
> >
> > You should get yourself a copy of IIS6.0, read the product
> > improvement... -
> > Read the changes
> >
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/standard/gs_whatschanged.asp
> >
> > and with the correct security measurement.. you are safe!
> > e.g. Firewall, Antivirus, IDS, Physical security and etc.
> >
> > refer www.microsoft.com/security/
> > www.microsoft.com/iis/ for more info on IIS and security.
> >
> > next, try read this test report.
> > http://www.veritest.com/clients/reports/microsoft/
> >
> >
> > --
> > Regards,
> > Bernard Cheah
> > http://support.microsoft.com/
> > Please respond to newsgroups only ...
> >
> >
> > "Tormod Hystad" <thyATkomplett.no> wrote in message
> > news:ewEiZeKYDHA.2236@TK2MSFTNGP10.phx.gbl...
> > > Hi,
> > > We're selling an IIS based web app and are met with an increasing (so
it
> > > seems) anti-IIS "attitude" in the marketplace, especially in Germany.
> > > Potential customers back away when they hear we only support IIS.
> Example
> > > comments:
> > > "IIS open the door for virus"
> > > "We are not ready to install IIS"
> > > "It is strictly forbidden to use IIS"
> > >
> > > The alternative they mention is always Apache. We've tried to come up
> with
> > > effective counter-arguments, but have failed so far. So any help would
> be
> > > appreciated!
> > >
> > > - Tormod
> > >
> > >
> > >
> >
> >
>
>


Top

Re: Help: How to defend against IIS bashing by Tormod

Tormod
Wed Aug 13 01:40:59 CDT 2003

GREAT!
Exactly what I wanted.

Thanks for the interest, everyone that replied.

-Tormod


"Paul Lynch" <paul.lynch@nospam.com> wrote in message
news:cudijvospnbbuq5tehji6uuqnrgukdfc7t@4ax.com...
> Hello,
>
> Show them this :
>
> http://www.port80software.com/surveys/top1000webservers/
>
> If its good enough for 57% of the Fortune 1000 companies then surely
> its good enough for them.
>
> <RANT>
> IIS has got a bad name because its quite easy to set up which is why
> so many people like to 'have a go' at running their own web server.
> Then when it gets whacked they spit their dummies out and start
> blaming Microsoft for their own shortcomings.
> </RANT>
>
>
> Regards,
>
> Paul Lynch
> MCSE


Top

Re: How to defend against IIS bashing by Bernard

Bernard
Wed Aug 13 04:02:05 CDT 2003

I'm not from MS - contact Chris offline :)

ping me if you have any good info.

--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...


"Tormod Hystad" <thyATkomplett.no> wrote in message
news:ewKXoiMYDHA.4020@tk2msftngp13.phx.gbl...
> Thanks!
>
> Yes, *I* know how much of an improvement Win2003 and IIS 6.0 is over past
> windows/IIS versions, with the new "secure by default" mindset and the
> code/features improvements, but I am having a hard time convincing
> potential customers. They're very aware of the amount of negative press
> about security/reliability in Windows/IIS.
>
> The VeriTest report focused on the good performance, that's not what our
> customers are worried about, they worry about security and reliability.
> Independent, objective studies/comparisons of IIS6 vs Apache1/2 would be
> great.
>
> You have a great product (Win2003/IIS6), get the message out, so we can
make
> a living adding value to it!
>
> - Tormod
>
>
> "Bernard" <qbernard@hotmail.com> wrote in message
> news:#DYcYvKYDHA.3232@tk2msftngp13.phx.gbl...
> > Wow.. actually it's not all IIS issue, some is related to OS.
> > like the latest 026 alert...
> >
> > You should get yourself a copy of IIS6.0, read the product
> > improvement... -
> > Read the changes
> >
>
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs/standard/gs_whatschanged.asp
> >
> > and with the correct security measurement.. you are safe!
> > e.g. Firewall, Antivirus, IDS, Physical security and etc.
> >
> > refer www.microsoft.com/security/
> > www.microsoft.com/iis/ for more info on IIS and security.
> >
> > next, try read this test report.
> > http://www.veritest.com/clients/reports/microsoft/
> >
> >
> > --
> > Regards,
> > Bernard Cheah
> > http://support.microsoft.com/
> > Please respond to newsgroups only ...
> >
> >
> > "Tormod Hystad" <thyATkomplett.no> wrote in message
> > news:ewEiZeKYDHA.2236@TK2MSFTNGP10.phx.gbl...
> > > Hi,
> > > We're selling an IIS based web app and are met with an increasing (so
it
> > > seems) anti-IIS "attitude" in the marketplace, especially in Germany.
> > > Potential customers back away when they hear we only support IIS.
> Example
> > > comments:
> > > "IIS open the door for virus"
> > > "We are not ready to install IIS"
> > > "It is strictly forbidden to use IIS"
> > >
> > > The alternative they mention is always Apache. We've tried to come up
> with
> > > effective counter-arguments, but have failed so far. So any help would
> be
> > > appreciated!
> > >
> > > - Tormod
> > >
> > >
> > >
> >
> >
>
>


Top