SlideShare a Scribd company logo

Planning and Configuring Extranets in SharePoint 2010

Geoff Varosky, profile picture
Geoff Varosky

This document discusses planning and configuring extranets in SharePoint 2010. It covers what an extranet is, primary design considerations including topology, authentication methods, and user identity storage. It evaluates requirements and SharePoint 2010 considerations. It demonstrates configuration and managing users, and provides resources for additional information. The overall message is to plan your design thoroughly before implementing an extranet in SharePoint.

Technology
1 of 41
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
Thinking SharePoint? Think Jornata. Planning and Configuring Extranets in SharePoint 2010 Geoff Varosky Prepared for Architect, Director of Evangelism Prepared by Jornata gvarosky@jornata.com Jornata 61-63 Chatham Street Follow me on Twitter @gvaro Fourth Floor Boston, MA 02109 Submitted on May 1, 2012
About Me • Geoff Varosky – Jornata • Architect, Director of Evangelism • BASPUG Co-Founder • SPS Boston Co-Organizer – Blog : www.sharepointyankee.com – Email: gvarosky@jornata.com – Twitter: @gvaro – LinkedIn & Facebook Thinking SharePoint? Think Jornata.
About Jornata • Boston based • SharePoint focused • MVP, MCM, and MCA on staff • SharePoint, Office 365 • Hundreds of successful projects • Microsoft’s go-to partner • Community focused • We’re hiring! Thinking SharePoint? Think Jornata.
Agenda • Thinking – What is an Extranet? – Design • Topology • Authentication Mechanism • User Identity Storage Location – Evaluating Your Requirements – SharePoint 2010 Considerations • Doing – Configuration – User and Role Management 4 Thinking SharePoint? Think Jornata.
What is an extranet? 5 Thinking SharePoint? Think Jornata.
What is an extranet? 6 Thinking SharePoint? Think Jornata.
What is an extranet? Controlled access from external networks 7 Thinking SharePoint? Think Jornata.
What is an extranet? Controlled access from EXTeRnAl NETworks 8 Thinking SharePoint? Think Jornata.
Design 9 Thinking SharePoint? Think Jornata.
Primary Design Considerations • Topology • Authentication Method • User Identity Storage Location 10 Thinking SharePoint? Think Jornata.
Topology 11 Thinking SharePoint? Think Jornata.
Very Simple Extranet Example 12 Thinking SharePoint? Think Jornata.
Edge Firewall Corporate network a/k/a where you access Internets Perimeter network Facebook from every morning External Firewall/UAG Server Farm Internal Users Users 13 Thinking SharePoint? Think Jornata.
Back to Back Perimeter Internets Perimeter network Corporate network External Firewall Router A Router B Firewall Internal Users /UAG /UAG Users LAYER 1 LAYER 2 LAYER 3 Web Servers APP & SQL DNS, Active Directory, Servers LOB Systems 14 Thinking SharePoint? Think Jornata.
Back to Back Perimeter with Cross-Cross Farm Services Internets Perimeter network Corporate network External Firewall Firewall Internal Users /UAG /UAG Users CONSUMING FARM SERVICES FARM 15 Thinking SharePoint? Think Jornata.
Split Back-to-Back Corporate network Internets Perimeter network YAY! FACEBOOKS! LOLS! External Firewall Firewall Internal Users /UAG /UAG Users Web Servers, SQL Servers, Application Servers, Application Servers, DNS, Active DNS, Active Directory Directory 16 Thinking SharePoint? Think Jornata.
Authentication 17 Thinking SharePoint? Think Jornata.
Authentication Methods • Windows – NTLM – Kerberos – Basic • Forms-Based Authentication (FBA)* – *Claims needs to be enabled for FBA • Claims-Based Authentication – SAML tokens 18 Thinking SharePoint? Think Jornata.
User Identity Storage 19 Thinking SharePoint? Think Jornata.
User Identity Storage • Active Directory • LDAP • SQL Server • Other 20 Thinking SharePoint? Think Jornata.
Your Requirements 21 Thinking SharePoint? Think Jornata.
Evaluating Your Requirements • What do you REALLY need? – Who needs access? – How sensitive is the data? – How sensitive is your network? – Budget?** 22 Thinking SharePoint? Think Jornata.
**Budget 23 Thinking SharePoint? Think Jornata.
Plan Your Requirements • Who needs access? – Internal employees only • Active Directory – Internal employees and external users • Active Directory – Additional domain with restricted access • Active Directory & Forms Based Authentication – Claims Authentication – External only (rare) • Clients, partners, consultants – Active Directory or LDAP or SQL? – Forms Based Authentication or Windows auth? – Separate or together? – Hosting – Mobile Clients 24 Thinking SharePoint? Think Jornata.
Remember this… You are giving a key to access your company’s data in some form or another. 25 Thinking SharePoint? Think Jornata.
Requirements • How sensitive is the data & internal network? – Network & SharePoint • DMZ • Same farm, separate web application • Separate farm • Multiple Farms – Cross-farm services, publishing 26 Thinking SharePoint? Think Jornata.
Requirements • How sensitive is the data & internal network? – Security • Secure Certificates (SSL) • Encryption • Firewall – Both hardware and software? – Content Filtering – ACLs • Virtual Private Network • Anti-Virus and Anti-Malware • Client-based certificates • One-time passwords (RSA tokens) • Phone verification • Biometrics – Retina, fingerprint, facial structure, hair and blood samples Thinking SharePoint? Think Jornata. 27
SharePoint 2010 28 Thinking SharePoint? Think Jornata.
SharePoint 2010 • Supported version? – All Versions: Foundation up through Enterprise Server 2010 – Office 365 • Can be used as an extranet (since that’s basically what it is!) 29 Thinking SharePoint? Think Jornata.
DEMO! Assumptions: Any Topology; Multi-mode (Windows & FBA Auth); SQL Users: 1. Create ASP.NET Membership Database 2. Configure SharePoint 3. Configure IIS 4. Create and Manage Users 30 Thinking SharePoint? Think Jornata.
Managing Users • IIS – Must change default role manager and membership providers each time = DOWNTIME. – Separate IIS Virtual Web Application • BCS – Great way to manage users (passwords, emails, etc.) – No ability to create users without another layer of logic • Codeplex – SharePoint 2010 FBA Pack • http://sharepoint2010fba.codeplex.com • 3rd Party… 31 Thinking SharePoint? Think Jornata.
Remember this too… • Test the configuration • Review security regularly 32 Thinking SharePoint? Think Jornata.
Resources • My blog series – Part 1 : http://go.gvaro.net/ExtranetsP1 – Part 2 : http://go.gvaro.net/ExtranetsP2 – Part 3 : http://go.gvaro.net/ExtranetsP3 33 Thinking SharePoint? Think Jornata.
Resources • Phone Factor – Phone Verification – http://www.phonefactor.com • Plan Security Hardening (TechNet) – http://go.gvaro.net/uSyY1Z • SharePoint 2007 & 2010 Farm Ports (Firewall Config) – http://go.gvaro.net/uWQZzU • SharePoint Ports, Proxies, and Protocols (Firewall Config) – http://go.gvaro.net/tblxCn • Harden SQL Server for SharePoint – http://go.gvaro.net/viVQuN 34 Thinking SharePoint? Think Jornata.
Resources • Visual FBA configuration by Donal Conlon – http://go.gvaro.net/oPnAYx • Extranet tested topologies for SP 2010 Model – http://go.gvaro.net/SP2010ExtTopMod • ASP.NET 2.0 Membership Database Reference – Create, Add Users, etc. – http://go.gvaro.net/AN2Mbr • FBA Configuration in SharePoint 2010 – LDAP: http://go.gvaro.net/FBALDAP – ASP.NET Membership DB: http://go.gvaro.net/FBAANMDB 35 Thinking SharePoint? Think Jornata.
Resources • PeoplePicker Wildcard Search – http://go.gvaro.net/FBAWildCard • Helpful Resources for Troubleshooting Membership Providers – http://go.gvaro.net/TSMemProv • “Sign me in automatically” in FBA – http://go.gvaro.net/pAkDQP • Configuring SSL in a Development Environment – http://go.gvaro.net/uOTTlJ 36 Thinking SharePoint? Think Jornata.
Summary • Plan Your Design – Topology • Same Farm? Dedicated Farm? Back-to-Back? Etc… – Authentication Mechanism – User Identity Storage Location • Evaluate Your Requirements – Map to Technology • Do – Test! – Easy Configuration – User and Role Management 37 Thinking SharePoint? Think Jornata.
Planning and Configuring Extranets in SharePoint 2010
Q&A 39 Thinking SharePoint? Think Jornata.
• Meets 2nd Wednesday/Month • 6P – 8PM • Microsoft N.E.R.D. Center • http://www.bostonsharepointug.org • Twitter: @BASPUG / #BASPUG Thinking SharePoint? Think Jornata.
About Me • Geoff Varosky – Jornata • Architect, Director of Evangelism • BASPUG Co-Founder • SPS Boston Co-Organizer – Blog : www.sharepointyankee.com – Email: gvarosky@jornata.com – Twitter: @gvaro – LinkedIn & Facebook Thinking SharePoint? Think Jornata.

More Related Content

PDF
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PDF
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
Spsnh geoff varosky - jornata - planning and configuring extranets in share...
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Spsnh geoff varosky - jornata - planning and configuring extranets in share...
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 

What's hot (20)

PPT
Part 1 - Everything You Need To Know About SharePoint's Social Capabilities -...
Richard Harbridge
 
PDF
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Richard Harbridge
 
PPTX
SPTechCon Boston 2012 - SharePoint In The Cloud
Richard Harbridge
 
PDF
Metavis Webinar 2012 - Everything You Need To Know About SharePoints Social C...
Richard Harbridge
 
PPTX
SPSNY 2012 - SharePoint In The Cloud
Richard Harbridge
 
PDF
Northridge Presentation Share Point Portal User Experience
leewmartin
 
PDF
Northridge Webinar Share Point 2010 Public Web
jfarq
 
PDF
KMA webinar on SharePoint: Go Beyond the Firewall
Knowledge Management Associates, LLC
 
PPTX
SharePoint My Sites: Aligning Business Needs, Corporate Culture & SharePoint ...
Perficient, Inc.
 
PPTX
Social Features of SharePoint 2013: Enhancing Productivity
Becky Bertram
 
PPT
Social In SharePoint 2010
Richard Harbridge
 
PDF
KMA webinar: Creating a Social Enterprise with SharePoint 2010
Knowledge Management Associates, LLC
 
PDF
SharePoint Portal Ux
jfarq
 
PPTX
The SharePoint Maturity Model - as presented 9 April 2011 at SharePoint Satur...
Sadalit Van Buren
 
PDF
Kma 04 22-10 office sneak peek presentation
Knowledge Management Associates, LLC
 
PPTX
Catapult k2 partner event oct 12 2011
David Broussard
 
PPT
SPLive Orlando - Beyond the Search Center - Application or Solution?
Agnes Molnar
 
PPTX
Sharpen SharePoint Adoption in SharePoint 2013 with Gamification
Joel Oleson
 
PPTX
Another attempt to demystify SharePoint Governance - SP Saturday Boston
Ilia Sotnikov
 
PPTX
SPSCincinnati - Effective requirements gathering workshops spscinci- octobe...
Ruven Gotz
 
Part 1 - Everything You Need To Know About SharePoint's Social Capabilities -...
Richard Harbridge
 
Enterprise 2.0 - Everything You Need To Know About SharePoint 2010 Social Cap...
Richard Harbridge
 
SPTechCon Boston 2012 - SharePoint In The Cloud
Richard Harbridge
 
Metavis Webinar 2012 - Everything You Need To Know About SharePoints Social C...
Richard Harbridge
 
SPSNY 2012 - SharePoint In The Cloud
Richard Harbridge
 
Northridge Presentation Share Point Portal User Experience
leewmartin
 
Northridge Webinar Share Point 2010 Public Web
jfarq
 
KMA webinar on SharePoint: Go Beyond the Firewall
Knowledge Management Associates, LLC
 
SharePoint My Sites: Aligning Business Needs, Corporate Culture & SharePoint ...
Perficient, Inc.
 
Social Features of SharePoint 2013: Enhancing Productivity
Becky Bertram
 
Social In SharePoint 2010
Richard Harbridge
 
KMA webinar: Creating a Social Enterprise with SharePoint 2010
Knowledge Management Associates, LLC
 
SharePoint Portal Ux
jfarq
 
The SharePoint Maturity Model - as presented 9 April 2011 at SharePoint Satur...
Sadalit Van Buren
 
Kma 04 22-10 office sneak peek presentation
Knowledge Management Associates, LLC
 
Catapult k2 partner event oct 12 2011
David Broussard
 
SPLive Orlando - Beyond the Search Center - Application or Solution?
Agnes Molnar
 
Sharpen SharePoint Adoption in SharePoint 2013 with Gamification
Joel Oleson
 
Another attempt to demystify SharePoint Governance - SP Saturday Boston
Ilia Sotnikov
 
SPSCincinnati - Effective requirements gathering workshops spscinci- octobe...
Ruven Gotz
 
Ad

Similar to Planning and Configuring Extranets in SharePoint 2010 (20)

PPTX
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
SPTechCon
 
PPTX
KMWorld SharePoint 2010-Admin 101
Chris McNulty
 
PPTX
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Michael Noel
 
PPTX
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
PDF
Oit2010 model extranet_topologies
Ard van Someren
 
PDF
Extranet topologies forsp 2010
Chad Solomonson
 
PDF
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
Brian Culver
 
PPTX
HAD05: Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
PDF
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
SAP Portal
 
PDF
SURFnetRelatiedagen Microsoft Online Strategie 15 5 2008 V1.0
Peter de Haas
 
PPT
2018 jk
Nitin Gaur
 
PDF
Putting the "Share" and "Point" back in SharePoint 2013
C/D/H Technology Consultants
 
PPTX
Baltimore SharePoint User's Group - 21 May 2009
Dan Usher
 
PDF
IT Governance Portals
Continuum, Business Consulting
 
PPTX
Vfm palo alto next generation firewall
vfmindia
 
PPTX
Palo alto networks_customer_overview_november2011-short
Ten Sistemas e Redes
 
PPTX
Understanding SharePoint Online
Baltimore SharePoint (BSPUG)
 
PPTX
Why Permissions Drive your Governance Strategy
Christian Buckley
 
PDF
SharePoint 2010 Administrator Course Content
SharePoint Experts
 
PPTX
Planning and Configuring Extranets in SharePoint 2010 @ SharePoint Saturday N...
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010 by Geoff Varosky - SPTe...
SPTechCon
 
KMWorld SharePoint 2010-Admin 101
Chris McNulty
 
Collaborating with Extranet Partners on SharePoint 2010 - SharePoint Connecti...
Michael Noel
 
SEASPC 2011 - Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
Oit2010 model extranet_topologies
Ard van Someren
 
Extranet topologies forsp 2010
Chad Solomonson
 
SharePoint Saturday The Conference 2011 - Extranets & Claims Authentication
Brian Culver
 
HAD05: Collaborating with Extranet Partners on SharePoint 2010
Michael Noel
 
Top Five Reasons to Upgrade to SAP NetWeaver Portal 7.3
SAP Portal
 
SURFnetRelatiedagen Microsoft Online Strategie 15 5 2008 V1.0
Peter de Haas
 
2018 jk
Nitin Gaur
 
Putting the "Share" and "Point" back in SharePoint 2013
C/D/H Technology Consultants
 
Baltimore SharePoint User's Group - 21 May 2009
Dan Usher
 
IT Governance Portals
Continuum, Business Consulting
 
Vfm palo alto next generation firewall
vfmindia
 
Palo alto networks_customer_overview_november2011-short
Ten Sistemas e Redes
 
Understanding SharePoint Online
Baltimore SharePoint (BSPUG)
 
Why Permissions Drive your Governance Strategy
Christian Buckley
 
SharePoint 2010 Administrator Course Content
SharePoint Experts
 
Planning and Configuring Extranets in SharePoint 2010 @ SharePoint Saturday N...
Geoff Varosky
 
Ad

More from Geoff Varosky (20)

PPTX
Using Azure Runbooks and Microsoft Flow to Automate SharePoint Tasks
Geoff Varosky
 
PPTX
Automating Enterprise Application Deployments with PowerShell
Geoff Varosky
 
PDF
Automating Your Enterprise Application Deployments with PowerShell
Geoff Varosky
 
PDF
The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
PPTX
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
PPTX
The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
PPTX
Best Practices in SharePoint Development - Just Freakin Work! Overcoming Hurd...
Geoff Varosky
 
PPTX
Who? What? Where? Searching in SharePoint
Geoff Varosky
 
PPTX
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
PPTX
SharePoint Saturday Hartford - 01/29/11 - Creating Custom Actions in SharePoi...
Geoff Varosky
 
PPTX
SharePoint Saturday EMEA - The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
PDF
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
PDF
Just Freakin' Work - Overcoming Hurdles and Avoiding Pain
Geoff Varosky
 
PPTX
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
PPTX
From SharePoint Designer to Visual Studio - Prototyping and Deploying Solutio...
Geoff Varosky
 
PPTX
What's New for Developers in SharePoint 2010
Geoff Varosky
 
PPTX
Creating Custom Actions within SharePoint
Geoff Varosky
 
PPTX
SharePoint Saturday Boston 2/27/10 - Whats New For Developers In SharePoint 2010
Geoff Varosky
 
PPTX
SharePoint Saturday NYC 1/30/10 - Whats New For Developers In Share Point 2010
Geoff Varosky
 
PPTX
Global SharePoint Users Group 1/5/10 - Creating Custom Actions Within SharePoint
Geoff Varosky
 
Using Azure Runbooks and Microsoft Flow to Automate SharePoint Tasks
Geoff Varosky
 
Automating Enterprise Application Deployments with PowerShell
Geoff Varosky
 
Automating Your Enterprise Application Deployments with PowerShell
Geoff Varosky
 
The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
Best Practices in SharePoint Development - Just Freakin Work! Overcoming Hurd...
Geoff Varosky
 
Who? What? Where? Searching in SharePoint
Geoff Varosky
 
Planning and Configuring Extranets in SharePoint 2010
Geoff Varosky
 
SharePoint Saturday Hartford - 01/29/11 - Creating Custom Actions in SharePoi...
Geoff Varosky
 
SharePoint Saturday EMEA - The Ribbon UI and Custom Actions in SharePoint 2010
Geoff Varosky
 
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
Just Freakin' Work - Overcoming Hurdles and Avoiding Pain
Geoff Varosky
 
Creating Custom Actions in SharePoint 2010
Geoff Varosky
 
From SharePoint Designer to Visual Studio - Prototyping and Deploying Solutio...
Geoff Varosky
 
What's New for Developers in SharePoint 2010
Geoff Varosky
 
Creating Custom Actions within SharePoint
Geoff Varosky
 
SharePoint Saturday Boston 2/27/10 - Whats New For Developers In SharePoint 2010
Geoff Varosky
 
SharePoint Saturday NYC 1/30/10 - Whats New For Developers In Share Point 2010
Geoff Varosky
 
Global SharePoint Users Group 1/5/10 - Creating Custom Actions Within SharePoint
Geoff Varosky
 

Recently uploaded (20)

PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 

Planning and Configuring Extranets in SharePoint 2010

  • 1. Thinking SharePoint? Think Jornata. Planning and Configuring Extranets in SharePoint 2010 Geoff Varosky Prepared for Architect, Director of Evangelism Prepared by Jornata gvarosky@jornata.com Jornata 61-63 Chatham Street Follow me on Twitter @gvaro Fourth Floor Boston, MA 02109 Submitted on May 1, 2012
  • 2. About Me • Geoff Varosky – Jornata • Architect, Director of Evangelism • BASPUG Co-Founder • SPS Boston Co-Organizer – Blog : www.sharepointyankee.com – Email: gvarosky@jornata.com – Twitter: @gvaro – LinkedIn & Facebook Thinking SharePoint? Think Jornata.
  • 3. About Jornata • Boston based • SharePoint focused • MVP, MCM, and MCA on staff • SharePoint, Office 365 • Hundreds of successful projects • Microsoft’s go-to partner • Community focused • We’re hiring! Thinking SharePoint? Think Jornata.
  • 4. Agenda • Thinking – What is an Extranet? – Design • Topology • Authentication Mechanism • User Identity Storage Location – Evaluating Your Requirements – SharePoint 2010 Considerations • Doing – Configuration – User and Role Management 4 Thinking SharePoint? Think Jornata.
  • 5. What is an extranet? 5 Thinking SharePoint? Think Jornata.
  • 6. What is an extranet? 6 Thinking SharePoint? Think Jornata.
  • 7. What is an extranet? Controlled access from external networks 7 Thinking SharePoint? Think Jornata.
  • 8. What is an extranet? Controlled access from EXTeRnAl NETworks 8 Thinking SharePoint? Think Jornata.
  • 9. Design 9 Thinking SharePoint? Think Jornata.
  • 10. Primary Design Considerations • Topology • Authentication Method • User Identity Storage Location 10 Thinking SharePoint? Think Jornata.
  • 11. Topology 11 Thinking SharePoint? Think Jornata.
  • 12. Very Simple Extranet Example 12 Thinking SharePoint? Think Jornata.
  • 13. Edge Firewall Corporate network a/k/a where you access Internets Perimeter network Facebook from every morning External Firewall/UAG Server Farm Internal Users Users 13 Thinking SharePoint? Think Jornata.
  • 14. Back to Back Perimeter Internets Perimeter network Corporate network External Firewall Router A Router B Firewall Internal Users /UAG /UAG Users LAYER 1 LAYER 2 LAYER 3 Web Servers APP & SQL DNS, Active Directory, Servers LOB Systems 14 Thinking SharePoint? Think Jornata.
  • 15. Back to Back Perimeter with Cross-Cross Farm Services Internets Perimeter network Corporate network External Firewall Firewall Internal Users /UAG /UAG Users CONSUMING FARM SERVICES FARM 15 Thinking SharePoint? Think Jornata.
  • 16. Split Back-to-Back Corporate network Internets Perimeter network YAY! FACEBOOKS! LOLS! External Firewall Firewall Internal Users /UAG /UAG Users Web Servers, SQL Servers, Application Servers, Application Servers, DNS, Active DNS, Active Directory Directory 16 Thinking SharePoint? Think Jornata.
  • 17. Authentication 17 Thinking SharePoint? Think Jornata.
  • 18. Authentication Methods • Windows – NTLM – Kerberos – Basic • Forms-Based Authentication (FBA)* – *Claims needs to be enabled for FBA • Claims-Based Authentication – SAML tokens 18 Thinking SharePoint? Think Jornata.
  • 19. User Identity Storage 19 Thinking SharePoint? Think Jornata.
  • 20. User Identity Storage • Active Directory • LDAP • SQL Server • Other 20 Thinking SharePoint? Think Jornata.
  • 21. Your Requirements 21 Thinking SharePoint? Think Jornata.
  • 22. Evaluating Your Requirements • What do you REALLY need? – Who needs access? – How sensitive is the data? – How sensitive is your network? – Budget?** 22 Thinking SharePoint? Think Jornata.
  • 23. **Budget 23 Thinking SharePoint? Think Jornata.
  • 24. Plan Your Requirements • Who needs access? – Internal employees only • Active Directory – Internal employees and external users • Active Directory – Additional domain with restricted access • Active Directory & Forms Based Authentication – Claims Authentication – External only (rare) • Clients, partners, consultants – Active Directory or LDAP or SQL? – Forms Based Authentication or Windows auth? – Separate or together? – Hosting – Mobile Clients 24 Thinking SharePoint? Think Jornata.
  • 25. Remember this… You are giving a key to access your company’s data in some form or another. 25 Thinking SharePoint? Think Jornata.
  • 26. Requirements • How sensitive is the data & internal network? – Network & SharePoint • DMZ • Same farm, separate web application • Separate farm • Multiple Farms – Cross-farm services, publishing 26 Thinking SharePoint? Think Jornata.
  • 27. Requirements • How sensitive is the data & internal network? – Security • Secure Certificates (SSL) • Encryption • Firewall – Both hardware and software? – Content Filtering – ACLs • Virtual Private Network • Anti-Virus and Anti-Malware • Client-based certificates • One-time passwords (RSA tokens) • Phone verification • Biometrics – Retina, fingerprint, facial structure, hair and blood samples Thinking SharePoint? Think Jornata. 27
  • 28. SharePoint 2010 28 Thinking SharePoint? Think Jornata.
  • 29. SharePoint 2010 • Supported version? – All Versions: Foundation up through Enterprise Server 2010 – Office 365 • Can be used as an extranet (since that’s basically what it is!) 29 Thinking SharePoint? Think Jornata.
  • 30. DEMO! Assumptions: Any Topology; Multi-mode (Windows & FBA Auth); SQL Users: 1. Create ASP.NET Membership Database 2. Configure SharePoint 3. Configure IIS 4. Create and Manage Users 30 Thinking SharePoint? Think Jornata.
  • 31. Managing Users • IIS – Must change default role manager and membership providers each time = DOWNTIME. – Separate IIS Virtual Web Application • BCS – Great way to manage users (passwords, emails, etc.) – No ability to create users without another layer of logic • Codeplex – SharePoint 2010 FBA Pack • http://sharepoint2010fba.codeplex.com • 3rd Party… 31 Thinking SharePoint? Think Jornata.
  • 32. Remember this too… • Test the configuration • Review security regularly 32 Thinking SharePoint? Think Jornata.
  • 33. Resources • My blog series – Part 1 : http://go.gvaro.net/ExtranetsP1 – Part 2 : http://go.gvaro.net/ExtranetsP2 – Part 3 : http://go.gvaro.net/ExtranetsP3 33 Thinking SharePoint? Think Jornata.
  • 34. Resources • Phone Factor – Phone Verification – http://www.phonefactor.com • Plan Security Hardening (TechNet) – http://go.gvaro.net/uSyY1Z • SharePoint 2007 & 2010 Farm Ports (Firewall Config) – http://go.gvaro.net/uWQZzU • SharePoint Ports, Proxies, and Protocols (Firewall Config) – http://go.gvaro.net/tblxCn • Harden SQL Server for SharePoint – http://go.gvaro.net/viVQuN 34 Thinking SharePoint? Think Jornata.
  • 35. Resources • Visual FBA configuration by Donal Conlon – http://go.gvaro.net/oPnAYx • Extranet tested topologies for SP 2010 Model – http://go.gvaro.net/SP2010ExtTopMod • ASP.NET 2.0 Membership Database Reference – Create, Add Users, etc. – http://go.gvaro.net/AN2Mbr • FBA Configuration in SharePoint 2010 – LDAP: http://go.gvaro.net/FBALDAP – ASP.NET Membership DB: http://go.gvaro.net/FBAANMDB 35 Thinking SharePoint? Think Jornata.
  • 36. Resources • PeoplePicker Wildcard Search – http://go.gvaro.net/FBAWildCard • Helpful Resources for Troubleshooting Membership Providers – http://go.gvaro.net/TSMemProv • “Sign me in automatically” in FBA – http://go.gvaro.net/pAkDQP • Configuring SSL in a Development Environment – http://go.gvaro.net/uOTTlJ 36 Thinking SharePoint? Think Jornata.
  • 37. Summary • Plan Your Design – Topology • Same Farm? Dedicated Farm? Back-to-Back? Etc… – Authentication Mechanism – User Identity Storage Location • Evaluate Your Requirements – Map to Technology • Do – Test! – Easy Configuration – User and Role Management 37 Thinking SharePoint? Think Jornata.
  • 39. Q&A 39 Thinking SharePoint? Think Jornata.
  • 40. Meets 2nd Wednesday/Month • 6P – 8PM • Microsoft N.E.R.D. Center • http://www.bostonsharepointug.org • Twitter: @BASPUG / #BASPUG Thinking SharePoint? Think Jornata.
  • 41. About Me • Geoff Varosky – Jornata • Architect, Director of Evangelism • BASPUG Co-Founder • SPS Boston Co-Organizer – Blog : www.sharepointyankee.com – Email: gvarosky@jornata.com – Twitter: @gvaro – LinkedIn & Facebook Thinking SharePoint? Think Jornata.