The document discusses potential solutions for physicians' external collaboration sites, an internal corporate portal, and SourceNET. It considers using Windows SharePoint Services (WSS) and SharePoint Portal Server (SPS) to provide authentication, permissions, and collaboration capabilities across the different user and site types. Key users like QA, EDU, IC, Finance, HR and Communications have different current workflows and tool usage that could potentially be supported by SharePoint solutions. Network architecture considerations are also discussed around authentication and single sign-on across internal and external systems.
2. Project Vision
SourceNET -
Physicians’ External
Open Access
Collaboration Sites
Intranet
Internal Corporate
Portal with
Collaboration Areas
3. User Types
Physicians want the ability to log into their collaboration environments in an
extranet scenario. They would access the sites over a secure internet
connection without using Citrix.
Some Internal users authenticates against the domain when they log into a
computer. The NHS has implemented a roving profile system so when a user
logs onto a machine they have their working environment and network
drives ( H:, I: and W: ) are mapped. This is a typical scenario in most
organizations but in the NHS this is the minority of users.
The majority of computer users in the NHS are “Open Access Users”: the
computer automatically logs into an account that has minimum access
rights. When people need to use Meditech or Outlook Web Access they log
into the service with their individual credentials. These users don’t have
access to network file storage beyond MOX shared Cabinets.
4. Meditech and Mox
All NHS staff have a Meditech
account which provides access
to MOX (Meditech Office email).
MOX is a text-only medium and
will be an unsupported product
by June 30, 2005.
5. I: Drive
• I: Drive is shared
network storage whose
permission and
structure is based on
the NHS Org. Chart
• This makes cross-
discipline collaboration
on files challenging
• IT often has to create
new shares for cross-
discipline teams
6. Two Technologies
Windows SharePoint Services provides a scalable system
that can support high-function Web sites. Windows
SharePoint Services comes with a collection of useful
templates for information sharing and collaboration sites.
There’s almost no limit to the number of applications and the
kinds of applications that can run on this platform.
SharePoint Portal Server is an application that enhances a
Windows SharePoint Services installation with features like
site organization and navigation, content topics, targeted
news, personalized sites, content search, organization-wide
alerts, and multi-layered, hierarchical control over the content
and policy of individual Web sites.
7. Potential Solution Landscape
Physicians’ external Open Access Authenticated Portal
collaboration spaces Intranet Site and Internal
(Could be current site Collaboration Spaces
or one based on WSS)
WSS SPS
(Search, My Sites, Audiences)
WSS
SourceNET
WSS (WSS) WSS
WSS
WSS WSS
WSS
WSS WSS
WSS
WSS
WSS
9. SharePoint Content Restrictions
SPS SharePoint is aware of
(Search, My Sites, Audiences) who is accessing it and
this allows for multi-
layered, hierarchical
WSS control over the
WSS content and policy of
individual Web sites.
WSS
Permissions are set by
the site creators and do
WSS
WSS not have to be
administered by IT.
WSS
WSS
11. QA, EDU, IC
• Use Meditech (Payroll, Ideas on Features:
Materials, Lab Reports) • Videos from Vendors
• P&P Audit Trails
• They would like an approval
Collaborate Now: process with digital sigs
• Email, I Drive • They would like to know when
a document has been accessed
• Collaborate with Everyone
• WSS’s ability to create surveys
• Extensively use Document and forms are promising
Version Features of Office • Links and Calendars
• Using Sub-sites to create
“Whole Education Spaces”
13. Finance
• Meditech Accounting • Reports Generation
• Capital Budgets – 600 Departments > 2-3
reports per department
• SECURITY
– Missing from SourceNET
• SharePoint is not a
reporting package
• Reports Generation
– Only simple views of data
• Nursing timesheets could be accomplished, you
– Could be accomplished in could not interact in any real
WSS way with the data
15. Organizational Development
• Use Meditech (Need • ICA (19 variants of this report)
REPORTS) – Reports are generated
from these worksheets
• Responsible for employee – WSS cannot generate
recognition – Performance reports but distribution &
Evaluation collection will be easier
• Need Employee Information – • Workshop Registration (Log
Start Date, etc. (Confidential) Attendance, Overbooking,
Change Dates)
• Resource Allocation > 1000 • They like the idea of using
Students > 8 Sites > Multiple surveys both internally and
Departments externally
• Pre- and Post-workshop
testing could be done by
survey
16.
17. Communications
• Open Access Users need a place • Can usage be tracked in
in the intranet to get basic SPS/WSS?
information, SourceNET • External sites could provide great
• SourceNET can either stay with potential for collaboration with
the current application software other LINs
or move to WSS • Important to let the WSS sites
• Communications needs to grow slowly
understand what is possible with • Limit initial release to non-open
SharePoint access users
• Bulk of the NHS user community
cannot collaborate because they
are super-mobile
19. Human Resources
• Recruitment
– Job Postings
– Applicant lists – Email & Paper (fax,
etc)
– 500 job postings per year – 10-15
paper & 10-15 email applications
per posting
– Information sent from Managers
(typically paper) – Interview Notes,
References
• Employee Information is shared
with “Benefits”
– Info Stored in files, emails, Access
– A spreadsheet is sent to IS, OD,
QA/EDU/IC about new Hires and
Terminations
– Labour Relations has their own
records
20. OASIS Teams
• OASIS Teams’ Collaboration • Lost & Found
Spaces
– OASIS teams are project
teams that deal with internal
issues
– One team per project
– Team members are cross-
discipline
21. Document templates for better search
• Roving profiles
– This should allow the IS
team to add appropriate
metadata to everyone’s
based office documents
22. Network Architecture
One way trust
relationships BUT
AD1 accounts /
All external Once examined Clients in AD2 fall into groups need to be
access ISA passes on two categories: enabled on AD2
Authenticated
requests are the request to · accounts
ESX Virtual PCs clients are logged
directed first the appropriate allowed
on to the domain
to the ISA server from AD1
and are not asked
proxy server · Unique
external One Way Trust for further
authentication
accounts e
AD2 AD2 AD1
i1 DC1 DC2
i4
ISA
External WSS Cert.
OWA Cert. External WSS Cert. i2
Internal SPS Cert. SQL
External Authenticated
Client Client
External Internal SPS Cert.
WSS & SQL i5
Any enabled clients can use
the external WSS site i3
published by ISA SharePoint
Portal
If ACE authentication passes
NHS GATE The ISA will first authenticate
Physician
external requests destined e Open
for the internal SPS site ACE Access
against the ACE using the Client
RSA fob. Only then with the
request be forwarded to the
Open access clients
SPS server for application
authenticaion
e will be asked to login
Exchange to all services. Since
NHS the authentication is
Physician an Internet Explorer
with FOB
session when
opening a document
e* for editing they will
Legend / Key OWA be asked to
OWA Cert.
i1 i3 i5 authenticate again
NEW installations, in order with Word, Excel,
i2 i4
etc.
e Existing Installs
e* Existing setup works -
This can be modified after the
installation of i1 for increased security