Not long ago, Web administrators didn't have a great deal of input into their organization's Web server platform. If they worked in a Windows shop, they ran Microsoft's Internet Information Server (IIS), while those in Linux/Unix shops were tied to Apache, and never the twain did meet. However, times have changed and the Apache HTTP Server Project has broken down the walls by releasing a Windows distribution of the Web server that traces its historic roots to the original NCSA httpd server. There are now two "big kids on the block" and Windows administrators, at least, have some flexibility. (Don't expect Microsoft to release IIS for Linux anytime soon!)

From a security perspective, the choice is debatable. Here are four factors that might sway your decision on the most secure platform for your organization:

  • Inherent server vulnerabilities. Despite the bad press Microsoft receives, the platforms are almost equally vulnerable to attacks. A recent search in the CERT Vulnerability Database yielded 28 hits for IIS vulnerabilities and 25 separate announcements of Apache vulnerabilities. That's as close as you get to a horse race in the information security world.

The link for this article located at TechTarget.com is no longer available.