PAUL WILL START 10 MINUTE TIMER Blended SharePoint 2010 & .NET Solutions
PAULBullet Points from the email blastDeveloping a Strategy for Leveraging SharePoint Inside-OutNew Internet Friendly Licensing in SharePoint 2010Branding for SuccessAuthentication and Anonymous AccessSelecting the Right Extranet TopologyForefront Threat Management and Unified Access GatewaysBest Practices & Avoiding Pitfalls
MICHAELLimited to ONE Internet domain. (Not AD domain) Example: ShareSquared.com Partners.ShareSquared.com Emplyees.ShareSquared.com NOT: CompanyA.com CompanyB.com OrganizaitonC.org*** Fast Search/Enterprise SharePointYou cannot deploy both on the same license. The license only covers SharePoint Enterprise Internet OR Fast Search Server. Not both concurrently.*** SharePoint Foundation if you expose it externally you need to purchase a Windows external connector or your server.
MICHAELMicrosoft Licensing check with a Licensing Representative BEFORE you deploy your site!
MICHAELWindows Auth Remote UsersExtranet Remote Partners/Clients/etcAnonymous Read-only users ***Although you can allow users to post to lists (blogs, comments, etc) but you cannot set them up to contribute to libraries.
PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN Q & A - EVERYONE
PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN WEBINAR: Tuesday October 26th 11:00 AM PSTCOMPOSER Site: About to get a makeover as a branded 2010 site, build using Composer & MaestroPRICING / LICENSING: Free SharePoint Foundation Version – Composer Only~$299 for Foundation BuildComposer Standard and Enterprise is sold per-UserMaestro Standard and Enterprise is sold per-serverSee the site for pricing details & info in a follow-up email w/ the Q & A contentQ & A – EVERYONEExtranet Topologies for SharePoint 2010http://tinyurl.com/SpExtranetChartPlan Security Hardeninghttp://technet.microsoft.com/en-us/library/cc262849.aspxAccount Permissions and Security Settingshttp://technet.microsoft.com/en-us/library/cc678863.aspx
Best Practices for SharePoint 2010 Public Facing Sites
Speakers Michael Van Cleave Sr. Architect & Practice Lead MCT, MCPD, MCTS, MCSD.NET Paul Papanek Stork SharePoint MVP & Author Chief Architect & Practice Lead MBA, MCT, MCSE, MCSD, MCDBA, MCTS, MCITP, MCPD…
Agenda Discuss the Business Case New Internet Friendly Licensing Branding Tips for Success Authentication and Anonymous Access Extranet Topologies Security Gateways Best Practices/Avoiding Common Pitfalls Resources and Q & A
Audience Survey What is your primary role in implementing SharePoint initiatives? Decision Maker, Influencer or Sponsor Admin, Architect or Developer Analyst or End User Consultant
The Business Case Market Trends Collaborate with business partners/clients Connect your virtual offices or telecommuting employees Create a more compelling internet presence (e.g. including dynamic content, workflow, etc.) Why SharePoint? Leverage content contributors / SME’s throughout your organization Provide more timely, pointed content with ease Build on your existing SharePoint investment Don’t start from scratch! SharePoint is specifically built for these scenarios
New Licensing Models Internet Server licensing No CALs required for external users Versions SP Server 2010 for Internet Sites, Standard Same functionality as Standard CAL Limited to one Internet domain (i.e. not AD domain) SP Server 2010 for Internet Sites, Enterprise Same functionality as with Enterprise CAL Includes FAST Search Server SharePoint Foundation Free, essentially
New Licensing Models – Cont’d Determine upfront what functionality you need for your public site Licensing costs differ significantly Development costs can differ significantly Microsoft Licensing is complex! Contact us if you need help: Info@ShareSquared.com
Authentication Choices Windows Authentication Native windows authentication methods do not work well over internet Basic Authentication over HTTPS Alternative to native windows authentication Forms Based Authentication Alternative user store (SQL, LDAP, etc.) Full support for client application integration. Anonymous Access Read-only users
Audience Survey Where are you on the SharePoint 2010 adoption curve? Already using SharePoint 2010 Will implement/upgrade in 0-3 Months Will implement/upgrade in 4-12 Months No near-term plans to upgrade/use Unsure – need more information
Selecting the Right Topology Questions to Ask Who are the potential users? How will the site be used? What is in the existing environment? Internet Facing Topologies Edge Firewall Back to Back Perimeter Network Split Back to Back Perimeter Network
Edge Firewall Good for light duty/low security installations Best for telecommuting employees
Edge Firewall Pros/Cons Advantages Disadvantages Least amount of hardware & configuration All Data stored within the trusted network Only one set of servers to maintain A single farm to build and maintain May not need Internet license Lowest Security Only one firewall protecting Internal network
Perimeter Network Good for an Internet only web site. Good for public hosting environment
Perimeter Network Pros/Cons Advantages Disadvantages Single farm simplifies sharing and maintenance No external user access to internal network Content Deployment between internal and external farm possible Additional infrastructure and configuration required Internal users have two user accounts Content Deployment requires external sites to be Read Only
Split Perimeter Best for an Extranet Collaboration scenario One way AD Trust
Split Perimeter Pros/Cons Advantages Disadvantages SQL servers not in Perimeter network Internal users don’t need two accounts External users can use Windows (Basic) authentication Requires the most hardware Most Complex solution
Gateway Servers ISA Server 2006 Forefront TMG Server 2010 Forefront UAG Server 2010
Threat Management Gateway Designed for Outbound Access Control Capabilities SharePoint publishing Network load balancing Array support Mobile access Rich authentication Unified portal Direct Access
Unified Access Gateway Designed for Inbound Access Control Capabilities SharePoint publishing Network load balancing Array support Mobile access Rich authentication Endpoint health detection Granular access policies Information leakage mitigation Direct Access
Audience Survey What do you see as next steps? Learn more about Public Facing Sites in SharePoint 2010 Plan& Design a Public Facing SharePoint Site Implement a Public Facing SharePoint Site in SharePoint 2010 Get some help!
Avoiding Pitfalls Anonymous access users still need licenses People Picker issues with Read Only Domain Controllers Admin and Service Accounts should be from Trusted Domain Deactivate/Block features and services that won’t be used (e.g. MySites) Don’t use Themes for SharePoint Foundation 2010 Don’t just move to SharePoint – use it’s features!
Best Practices Start with a “Least Privileges” Security Account approach Set Anonymous Policy for the External Web Application Zone Use Content Deployment for Read Only WCM systems Service accounts should all be Managed Accounts with automated password Leverage multiple zones Analyze content & put it into the proper SharePoint structures
SharePoint GamePLAN® Jumpstart your SharePoint deployment Conducted by an MCM, MVP or Sr. Architect Deliverables Education on SharePoint 2010 Brainstorming & Conceptual Design Assessment – Hardware, AD, Skills, etc. Planning & Implementation Roadmap $4,500 + travel for a 3-day engagement Utilize Microsoft Vouchers (as applicable) Email Info@ShareSquared.com or Call 800-445-1279
Downloads Several handouts are available for download from LiveMeeting: SharePoint 2010 GamePLAN SharePoint Composer/Maestro Company Profile FREE Trial Version of SharePoint Composer: www.SharePointComposer.com
Resources and Q & A Assessment & Planning Schedule a SharePoint GamePLAN engagement Learn more about SharePoint 2010 Next Webinar: “Tour de SharePoint 2010 with our SharePoint MVP's & Certified Master Candidates” on 5/3/2011 Online resources Extranet Topologies for SharePoint 2010 http://tinyurl.com/SpExtranetChart Plan Security Hardeninghttp://tinyurl.com/PlanSecHarden Account Permissions and Security Settings http://tinyurl.com/AcctPerm Contact Us: Info@ShareSquared.com or 800-445-1279