sharepoint.microsoft.com

1,311
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,311
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori 04/12/10 13:10
  • Joel Oleson and Charles Ofori 04/12/10 13:10
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori 04/12/10 13:10
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Joel Oleson and Charles Ofori
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • Joel Oleson and Charles Ofori
  • 12/04/10 13:10 © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
  • sharepoint.microsoft.com

    1. 1. IT13 - Extranets and Internet Facing Environments in the Real World Deployment and Management European Microsoft SharePoint Conference 2007 February 12th to 14th, 2007 Convention Center Hotel Estrel, Berlin, Germany
    2. 2. Important <ul><li>If you’re looking for “Building Internet Facing SharePoint Sites” session, it’s tomorrow (Wednesday) at 11:45AM. </li></ul><ul><li>This session is about how MS IT implemented SharePoint extranets and Internet accessible internal applications. </li></ul>
    3. 3. Agenda <ul><li>Three extranet/Internet facing case studies </li></ul><ul><ul><li>Key features </li></ul></ul><ul><ul><li>Challenges </li></ul></ul><ul><ul><li>Today’s workarounds </li></ul></ul><ul><ul><li>2007 enhancements </li></ul></ul><ul><li>Secure, flexible, scalable topologies </li></ul><ul><li>Demo </li></ul><ul><ul><li>ISA 2006 web publishing </li></ul></ul><ul><ul><li>Exchange 2007 offline SharePoint files </li></ul></ul>
    4. 4. Three Scenarios <ul><li>MS IT hosted collaboration extranet </li></ul><ul><ul><li>For collaboration with business partners </li></ul></ul><ul><li>MCS Intellectual Capital Exchange </li></ul><ul><ul><li>For MS consultants on site with customers </li></ul></ul><ul><li>Enterprise intranet web presence </li></ul><ul><ul><li>For employees working away from work </li></ul></ul>
    5. 5. Terms <ul><li>Authentication – who you are </li></ul><ul><li>Authorization – what can you do </li></ul><ul><li>Alternate domain (namespace) – “Zones” </li></ul><ul><ul><li>Domains used to access a single set of content, e.g. </li></ul></ul><ul><ul><ul><li>http://customer </li></ul></ul></ul><ul><ul><ul><li>https://customer.domain.com </li></ul></ul></ul><ul><li>Web Application = IIS Virtual Server = IIS Web Site </li></ul>
    6. 6. Three Scenarios <ul><li>MS IT hosted collaboration extranet </li></ul><ul><ul><li>For collaboration with business partners </li></ul></ul><ul><li>MCS Intellectual Capital Exchange </li></ul><ul><ul><li>For MS consultants on site with customers </li></ul></ul><ul><li>Enterprise intranet web presence </li></ul><ul><ul><li>For employees working away from work </li></ul></ul>
    7. 7. Key Features Partner Collaboration ICE SPSites WSS Hosting My Site Hosting Site Directory Search Areas AD Accounts Partner Account Access
    8. 8. Microsoft Partner Collaboration Dublin Singapore Redmond Americas Team Asia/SouthPacific SPTeam Europe ETeam https://*.team.extranet.microsoft.com https://*.eteam.extranet.microsoft.com https://*.spteam.extranet.microsoft.com
    9. 9. Issues <ul><li>Authentication </li></ul><ul><ul><li>Two factor? </li></ul></ul><ul><li>Account management </li></ul><ul><ul><li>AD Account Creation Mode? </li></ul></ul><ul><li>Isolation of partner accounts </li></ul><ul><ul><li>Separate AD forest? </li></ul></ul>
    10. 10. Workarounds for SharePoint 2003 <ul><li>Authentication </li></ul><ul><ul><li>Basic over SSL with logout button </li></ul></ul><ul><ul><li>Auth delegation with ISA 2006 support for forms and cookies </li></ul></ul><ul><li>Account management </li></ul><ul><ul><li>Managed partner forest </li></ul></ul><ul><ul><li>Custom web account provisioning </li></ul></ul><ul><li>Isolation of partner access </li></ul><ul><ul><li>Separate farm in DMZ </li></ul></ul>
    11. 11. Enhancements in SharePoint 2007 <ul><li>Authentication </li></ul><ul><ul><li>Pluggable authentication (ASP.NET 2.0) </li></ul></ul><ul><ul><li>Forms based authentication (FBA) with cookies </li></ul></ul><ul><ul><li>ADFS federation with Passport/LiveID, others </li></ul></ul><ul><li>Account management </li></ul><ul><ul><li>LDAP directories </li></ul></ul><ul><ul><li>Users database (SQL Server, etc.) </li></ul></ul><ul><li>Isolation of partner access </li></ul><ul><ul><li>Application isolation with Web application </li></ul></ul><ul><ul><li>Multiple authentication providers </li></ul></ul>
    12. 12. ASP.NET 2.0 Authentication <ul><li>Pluggable authentication provider framework </li></ul><ul><ul><li>User identity is independent from Windows or Activity Directory identity </li></ul></ul><ul><ul><li>Custom code to handle authentication </li></ul></ul><ul><ul><li>Two related providers </li></ul></ul><ul><ul><ul><li>Membership – user identities </li></ul></ul></ul><ul><ul><ul><li>Role – roles/groups/attributes for a user </li></ul></ul></ul><ul><li>Out of the box providers </li></ul><ul><ul><li>LDAP v3 (provided by MOSS 2007) </li></ul></ul><ul><ul><li>SQL Server (ASP.NET 2.0) </li></ul></ul><ul><ul><li>AD – single domain only (ASP.NET 2.0) </li></ul></ul>
    13. 13. ASP.NET Authentication Limitations <ul><li>Browser clients only </li></ul><ul><ul><li>Search crawler must use Windows account </li></ul></ul><ul><ul><li>Office client interaction degraded due to lack of FBA support </li></ul></ul><ul><li>One authentication type per web application </li></ul><ul><li>Forms over Windows accounts </li></ul><ul><ul><li>Forms user not the same as Windows user </li></ul></ul>
    14. 14. Three Scenarios <ul><li>MS IT hosted collaboration extranet </li></ul><ul><ul><li>For collaboration with business partners </li></ul></ul><ul><li>MCS Intellectual Capital Exchange </li></ul><ul><ul><li>For MS Consultants on site with customers </li></ul></ul><ul><li>Enterprise intranet web presence </li></ul><ul><ul><li>For employees working away from work </li></ul></ul>
    15. 15. Key Features Partner Collaboration Consultant Portal SPSites WSS Hosting My Site Hosting Site Directory Search Areas AD Accounts Partner Account Access
    16. 16. ICE Topology Topics and Areas My ICE Sub Areas ICE http://ice https://ice.partners.extranet.microsoft.com
    17. 17. Challenges <ul><li>Granular security </li></ul><ul><li>Cross Browser Compatibility </li></ul><ul><li>Reverse publishing/zones </li></ul>
    18. 18. Workarounds for SharePoint 2003 <ul><li>Granular security </li></ul><ul><ul><li>IRM’d documents </li></ul></ul><ul><li>Cross Browser Compatibility </li></ul><ul><ul><li>End user education re: depreciated functionality </li></ul></ul><ul><li>Reverse publishing/zones </li></ul><ul><ul><li>Use ISA web publishing for reverse proxying </li></ul></ul><ul><ul><li>Zones in WSS 2.0 SP2 </li></ul></ul>
    19. 19. Enhancements in SharePoint 2007 <ul><li>Granular security </li></ul><ul><ul><li>Item level security </li></ul></ul><ul><ul><li>Server side IRM policy enforcement </li></ul></ul><ul><li>Cross Browser Compatibility </li></ul><ul><ul><li>Improved cross browser support </li></ul></ul><ul><li>Reverse publishing/zones </li></ul><ul><ul><li>No absolute URLs </li></ul></ul><ul><ul><li>Support for reverse proxy </li></ul></ul><ul><ul><li>Zone based policy support </li></ul></ul>
    20. 20. Three Scenarios <ul><li>MS IT hosted collaboration extranet </li></ul><ul><ul><li>For collaboration with business partners </li></ul></ul><ul><li>MCS Intellectual Capital Exchange </li></ul><ul><ul><li>For consultants on site with customers </li></ul></ul><ul><li>Enterprise intranet web presence </li></ul><ul><ul><li>For employees working away from work </li></ul></ul>
    21. 21. Key Features Partner Collaboration Consultant Portal Employee Portal WSS Hosting My Site Hosting Site Directory Search Areas AD Accounts Partner Account Access
    22. 22. SpSites Topology https://spsites.microsoft.com 10,000’s WSS Sites 10,000’s My Sites Site Directory Profiles
    23. 23. Challenges <ul><li>Cross forest add user (people picker) </li></ul><ul><li>Delegation of Shared Services (Search) </li></ul><ul><li>Multilingual MySites </li></ul><ul><li>Authentication token timeout </li></ul>
    24. 24. Workarounds for SharePoint 2003 <ul><li>Cross forest add user (people picker) </li></ul><ul><ul><li>Custom developed UI using profiles </li></ul></ul><ul><li>Delegation of Shared Services (Search) </li></ul><ul><ul><li>Build custom UI with delegation </li></ul></ul><ul><li>Multilingual MySites </li></ul><ul><ul><li>Content editor web parts (not full solution) </li></ul></ul><ul><li>Authentication token timeout </li></ul><ul><ul><li>Custom “logout” button </li></ul></ul>
    25. 25. Enhancements in SharePoint 2007 <ul><li>Cross forest add user (people picker) </li></ul><ul><ul><li>Cross forest support – stsadm command </li></ul></ul><ul><li>Delegation of Shared Services (Search) </li></ul><ul><ul><li>Delegation with security trimmed UI </li></ul></ul><ul><li>Multilingual MySites </li></ul><ul><ul><li>User chooses site language during provisioning </li></ul></ul><ul><li>Authentication token timeout </li></ul><ul><ul><li>Forms authorization and expiring cookie support </li></ul></ul><ul><ul><li>“ Logout” button built-in </li></ul></ul>
    26. 26. Secure, Scalable, Flexible Topologies
    27. 27. Single Infrastructure for Intranet, Internet, and Extranet Portals
    28. 28. Perimeter Proxy (Reverse Proxy/Web Publishing) Internet Perimeter Network Corporate Network
    29. 29. Back To Back Perimeter Internet Perimeter Network Corporate Network
    30. 30. Back To Back Perimeter With Publishing Internet Perimeter Network Corporate Network
    31. 31. Back To Back Perimeter With Publishing And Content Caching Internet Perimeter Network Corporate Network
    32. 33. 4-Factor Authentication with ISA 2006
    33. 34. 1 st Factor: Smart Card <ul><li>https://portal.public.microsoft.com </li></ul>
    34. 35. 2 nd Factor: Smart Card
    35. 36. 3 rd Factor: Smart Card PIN
    36. 37. 4 th Factor: Forms Based Authentication
    37. 38. “ SharePoint Web Access”
    38. 39. No Smart Card, No VPN Required <ul><li>https://spsites.microsoft.com </li></ul>
    39. 40. Key Take Aways <ul><li>Flexible scalable topologies </li></ul><ul><ul><li>Consolidation with isolation </li></ul></ul><ul><ul><ul><li>Internal URL, external URL, partner URL </li></ul></ul></ul><ul><ul><ul><li>Isolate Partner accounts from Intranet </li></ul></ul></ul><ul><ul><ul><li>Employees use same account in intranet & extranet </li></ul></ul></ul><ul><ul><li>Internet ready/Publishing </li></ul></ul><ul><ul><li>Cross forest support </li></ul></ul><ul><li>Extensible authentication </li></ul><ul><ul><li>ASP.NET 2.0 pluggable auth/multi auth </li></ul></ul><ul><ul><li>Zone policies </li></ul></ul><ul><ul><li>Forms/cookies/logout </li></ul></ul>
    40. 41. Key Take Aways <ul><li>Test! Test! Test! </li></ul><ul><ul><li>Network latency and bandwidth </li></ul></ul><ul><ul><ul><li>Locally: 50-80 ms </li></ul></ul></ul><ul><ul><ul><li>Globally: 180-250 ms (as much as 450 ms) </li></ul></ul></ul><ul><ul><li>Understand the datasizes </li></ul></ul><ul><ul><ul><li>Engineering & Manufacturing documents (large) </li></ul></ul></ul><ul><ul><li>Understand usage scenarios </li></ul></ul><ul><li>Understand the collaboration policy in the organization </li></ul><ul><ul><li>Authorization, roles, retention policies. </li></ul></ul>
    41. 42. Resources <ul><li>Planning, Designing &amp; Securing an Extranet and Internet Facing WSSv3 and SharePoint Server 2007 Environments </li></ul><ul><ul><li>http://blogs.msdn.com/sharepoint/archive/2006/08/08/planning-designing-amp-securing-an-extranet-and-internet-facing-wssv3-and-sharepoint-server-2007-environments.aspx </li></ul></ul><ul><li>SharePoint Community Search </li></ul><ul><ul><li>http://search.live.com/macros/lliu/spsearch </li></ul></ul><ul><li>SharePoint Community Portal </li></ul><ul><ul><li>http://sharepoint.microsoft.com/sharepoint </li></ul></ul>
    42. 43. Sweepstake <ul><li>Complete your Feedback form and have a chance to win a Zune!* </li></ul>* English US version
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×