SharePoint 2010 public facing sites


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • PAUL WILL START 10 MINUTE TIMER Blended SharePoint 2010 & .NET Solutions
  • PAUL
  • PAULBullet Points from the email blastDeveloping a Strategy for Leveraging SharePoint Inside-OutNew Internet Friendly Licensing in SharePoint 2010Branding for SuccessAuthentication and Anonymous AccessSelecting the Right Extranet TopologyForefront Threat Management and Unified Access GatewaysBest Practices & Avoiding Pitfalls
  • PAUL
  • MICHAELLimited to ONE Internet domain. (Not AD domain) Example: NOT:*** Fast Search/Enterprise SharePointYou cannot deploy both on the same license. The license only covers SharePoint Enterprise Internet OR Fast Search Server. Not both concurrently.*** SharePoint Foundation if you expose it externally you need to purchase a Windows external connector or your server.
  • MICHAELMicrosoft Licensing check with a Licensing Representative BEFORE you deploy your site!
  • MICHAELChoose a SharePoint Expert:Branding in needs expert proficiency due to it’s complexity.Start from close to scratch: Start from a minimal.master and only include needed controls (moderate)(icon)Performance is Key: use Fiddler to assist you with what the page is sending to the browserReduce Javascript Payloads: some of the following scripts may not be needed depending on your site. Remove the .js file if it’s functionality is not needed.
  • MICHAELWindows Auth Remote UsersExtranet Remote Partners/Clients/etcAnonymous Read-only users ***Although you can allow users to post to lists (blogs, comments, etc) but you cannot set them up to contribute to libraries.
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAUL
  • PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN Q & A - EVERYONE
  • PAUL
  • PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN WEBINAR: Tuesday October 26th 11:00 AM PSTCOMPOSER Site: About to get a makeover as a branded 2010 site, build using Composer & MaestroPRICING / LICENSING: Free SharePoint Foundation Version – Composer Only~$299 for Foundation BuildComposer Standard and Enterprise is sold per-UserMaestro Standard and Enterprise is sold per-serverSee the site for pricing details & info in a follow-up email w/ the Q & A contentQ & A – EVERYONEExtranet Topologies for SharePoint 2010 Security Hardening Permissions and Security Settings
  • SharePoint 2010 public facing sites

    1. 1. Best Practices for SharePoint 2010 Public Facing Sites<br />
    2. 2. Speakers<br />Michael Van Cleave<br />Sr. Architect & Practice Lead <br />MCT, MCPD, MCTS, MCSD.NET<br /> Paul Papanek Stork<br />SharePoint MVP & Author <br />Chief Architect & Practice Lead<br />MBA, MCT, MCSE, MCSD, MCDBA, MCTS, MCITP, MCPD…<br />
    3. 3. Agenda<br />Discuss the Business Case<br />New Internet Friendly Licensing<br />Branding Tips for Success<br />Authentication and Anonymous Access<br />Extranet Topologies<br />Security Gateways<br />Best Practices/Avoiding Common Pitfalls<br />Resources and Q & A<br />
    4. 4. Audience Survey<br />What is your primary role in implementing SharePoint initiatives?<br />Decision Maker, Influencer or Sponsor<br />Admin, Architect or Developer<br />Analyst or End User<br />Consultant<br />
    5. 5. The Business Case<br />Market Trends<br />Collaborate with business partners/clients<br />Connect your virtual offices or telecommuting employees<br />Create a more compelling internet presence (e.g. including dynamic content, workflow, etc.)<br />Why SharePoint?<br />Leverage content contributors / SME’s throughout your organization<br />Provide more timely, pointed content with ease <br />Build on your existing SharePoint investment <br />Don’t start from scratch!<br />SharePoint is specifically built for these scenarios<br />
    6. 6. New Licensing Models<br />Internet Server licensing <br />No CALs required for external users<br />Versions<br />SP Server 2010 for Internet Sites, Standard<br />Same functionality as Standard CAL<br />Limited to one Internet domain (i.e. not AD domain)<br />SP Server 2010 for Internet Sites, Enterprise<br />Same functionality as with Enterprise CAL<br />Includes FAST Search Server<br />SharePoint Foundation<br />Free, essentially<br />
    7. 7. New Licensing Models – Cont’d<br />Determine upfront what functionality you need for your public site<br />Licensing costs differ significantly <br />Development costs can differ significantly<br />Microsoft Licensing is complex! <br />Contact us if you need help:<br />
    8. 8. Branding for Success<br />Start from “close to” scratch<br />Performance is Key<br />Consider image format and size<br />Use Fiddler or other page analyzers<br />Reduce JavaScript payloads (Cui.js, Sp.ui.js, Core.js)<br />Turn off Naming ActiveX control<br />Web app general settings page<br />Organize your content <br />Utilize SharePoint lists, calendars, web parts etc. <br />Leverage content expiration, versioning, alerts, auditing, etc.<br />Choose a creative design firm that understands your brand, your content and SharePoint!<br />Use a SharePoint Expert for implementation<br />
    9. 9. Authentication Choices<br />Windows Authentication<br />Native windows authentication methods do not work well over internet<br />Basic Authentication over HTTPS<br />Alternative to native windows authentication<br />Forms Based Authentication<br />Alternative user store (SQL, LDAP, etc.)<br />Full support for client application integration.<br />Anonymous Access<br />Read-only users<br />
    10. 10. Configuring FBA & Anonymous Access<br />
    11. 11. Audience Survey<br />Where are you on the SharePoint 2010 adoption curve?<br />Already using SharePoint 2010<br />Will implement/upgrade in 0-3 Months<br />Will implement/upgrade in 4-12 Months<br />No near-term plans to upgrade/use<br />Unsure – need more information<br />
    12. 12. Selecting the Right Topology<br />Questions to Ask<br />Who are the potential users?<br />How will the site be used?<br />What is in the existing environment?<br />Internet Facing Topologies<br />Edge Firewall<br />Back to Back Perimeter Network<br />Split Back to Back Perimeter Network<br />
    13. 13. Edge Firewall<br />Good for light duty/low security installations<br />Best for telecommuting employees<br />
    14. 14. Edge Firewall Pros/Cons<br />Advantages<br />Disadvantages<br />Least amount of hardware & configuration<br />All Data stored within the trusted network<br />Only one set of servers to maintain<br />A single farm to build and maintain<br />May not need Internet license<br />Lowest Security<br />Only one firewall protecting Internal network<br />
    15. 15. Perimeter Network<br />Good for an Internet only web site.<br />Good for public hosting environment<br />
    16. 16. Perimeter Network Pros/Cons<br />Advantages<br />Disadvantages<br />Single farm simplifies sharing and maintenance<br />No external user access to internal network<br />Content Deployment between internal and external farm possible <br />Additional infrastructure and configuration required<br />Internal users have two user accounts<br />Content Deployment requires external sites to be Read Only<br />
    17. 17. Split Perimeter<br />Best for an Extranet Collaboration scenario<br />One way AD Trust<br />
    18. 18. Split Perimeter Pros/Cons<br />Advantages<br />Disadvantages<br />SQL servers not in Perimeter network<br />Internal users don’t need two accounts<br />External users can use Windows (Basic) authentication<br />Requires the most hardware<br />Most Complex solution<br />
    19. 19. Gateway Servers <br />ISA Server 2006<br />Forefront TMG Server 2010<br />Forefront UAG Server 2010<br />
    20. 20. Threat Management Gateway<br />Designed for Outbound Access Control<br />Capabilities<br />SharePoint publishing<br />Network load balancing<br />Array support<br />Mobile access<br />Rich authentication<br />Unified portal<br />Direct Access<br />
    21. 21. Unified Access Gateway<br />Designed for Inbound Access Control<br />Capabilities<br />SharePoint publishing<br />Network load balancing<br />Array support<br />Mobile access<br />Rich authentication<br />Endpoint health detection<br />Granular access policies<br />Information leakage mitigation<br />Direct Access<br />
    22. 22. Publishing a SharePoint Site using TMG <br />
    23. 23. Audience Survey<br />What do you see as next steps?<br />Learn more about Public Facing Sites in SharePoint 2010<br />Plan& Design a Public Facing SharePoint Site<br />Implement a Public Facing SharePoint Site in SharePoint 2010<br />Get some help!<br />
    24. 24. Avoiding Pitfalls<br />Anonymous access users still need licenses<br />People Picker issues with Read Only Domain Controllers<br />Admin and Service Accounts should be from Trusted Domain<br />Deactivate/Block features and services that won’t be used (e.g. MySites)<br />Don’t use Themes for SharePoint Foundation 2010<br />Don’t just move to SharePoint – use it’s features!<br />
    25. 25. Best Practices<br />Start with a “Least Privileges” Security Account approach<br />Set Anonymous Policy for the External Web Application Zone<br />Use Content Deployment for Read Only WCM systems<br />Service accounts should all be Managed Accounts with automated password<br />Leverage multiple zones<br />Analyze content & put it into the proper SharePoint structures<br />
    26. 26. SharePoint GamePLAN®<br />Jumpstart your SharePoint deployment<br />Conducted by an MCM, MVP or Sr. Architect<br />Deliverables<br />Education on SharePoint 2010<br />Brainstorming & Conceptual Design<br />Assessment – Hardware, AD, Skills, etc.<br />Planning & Implementation Roadmap <br />$4,500 + travel for a 3-day engagement<br />Utilize Microsoft Vouchers (as applicable)<br />Email or <br />Call 800-445-1279<br />
    27. 27. Downloads<br />Several handouts are available for download from LiveMeeting:<br />SharePoint 2010 GamePLAN<br />SharePoint Composer/Maestro<br />Company Profile<br />FREE Trial Version of SharePoint Composer:<br /><br />
    28. 28. Resources and Q & A<br />Assessment & Planning<br />Schedule a SharePoint GamePLAN engagement<br />Learn more about SharePoint 2010<br />Next Webinar: “Tour de SharePoint 2010 with our SharePoint MVP's & Certified Master Candidates” on 5/3/2011<br />Online resources<br />Extranet Topologies for SharePoint 2010 <br />Plan Security Hardening <br />Account Permissions and Security Settings<br /><br />Contact Us: or 800-445-1279<br />