6. 6
Introduction
ī Cloud computing becoming popular & reliable
ī On-Premise, Private Cloud & Public Cloud services
ī 8% of Customer moving entirely to cloud
ī 33% of hybrid penetration by 2017
â Size
â Industry
â Geography
â Political
â Regulations
ī Retail, Hospitality, Education, Manufacturing
ī Office 365 â SharePoint, Exchange, Lync
7. 7
Introduction
You are considering a hybrid
deployment
You have a SharePoint 2013
environment on-premises
You have an Office 365 tenant
You have established resources
for managing and
troubleshooting SharePoint
2013
9. 9
Business Drivers
Flexibility
Cost of Operation
Significant footprint in
Remote locations
Regulatory reasons
Manageability
On-Premises
of enterprise
customers are
âon the roadâ to
cloud
33%
10. 10
Business Drivers
ī Staged Migration
On Premise Coexistence
The flexibility of migrating some capabilities
to SharePoint Online and accessing both on-
premises and online sites with the same
domain credentials
Microsoft will more securely deliver new
features and capabilities to
SharePoint Online
Deployed and maintained on
premises with complete control and
ownership of hardware,
maintenance, resources, and
administration
SharePoint Online
11. 11
Business Drivers
ī Maintain Hybrid Model
On Premise
Microsoft will more securely deliver new
features and capabilities to
SharePoint Online
Deployed and maintained on
premises with complete control and
ownership of hardware,
maintenance, resources, and
administration
SharePoint Online
13. 13
Business Drivers
ī Features not available in SharePoint Online
īą Most of the administration options exposed via SharePoint Central Admin
īą Commands which are available in SharePoint On-Premises through
Windows PowerShell
īą Use of full-trust code solutions (farm solutions) in Office 365
īą Features such as PerformancePoint, advanced business intelligence or a
Records Center integrated with third party systems
14. 14
Business Drivers
ī Reasons to Hybrid
īą Size of the organization does not make it practical to implement cloud
computing exclusively.
īą Regulatory Compliance and governance requirements determines where the
organization contents must be stored.
īą Relationship with business partners and vendors may require on-premise
farm to maintain relationship.
īą Nature of business requires higher level of service than cloud can offer.
īą Organization must protect its current investment in IT and maximize ROI
īą Strategic planning and budgeting cycles â large scale migration.
īą Transition environment to cloud.
īą Take advantage of preferred features from both SharePoint 2013 On-prem
and SharePoint Online
16. 16
Architecture & Design
Before Implementing a SharePoint Hybrid Solution
1. What do you need to accomplish?
2. How is your On-Premise architecture?
3. What is the desired experience for your users?
18. 18
Architecture & Design
Topology - One-Way Outbound
Microsoft Office 365 tenant
âĸ Search: One-way outbound
âĸ Business Connectivity Services: Not supported
âĸ Duet Enterprise for SharePoint and SAP: Not supported
SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online cannot query
SharePoint Server
SharePoint Server can query SharePoint
Online
SharePoint Online SharePoint
Federated
search results Site collection Primary web app
Local search
results only
19. 19
Architecture & Design
One-Way Outbound Considerations
ī§ Internet domain (adventureworks.com) and ability to create DNS records.
ī§ SharePoint Plan 1 or 2 or E1, E3 & E4
ī§ On-Prem has to be functional
ī§ Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
ī§ On-Prem Azure AD Sync tool (DirSync)
ī§ SSL Certificate to replace default Security Token Service (STS)
ī§ Your user has to be able to authenticate in both environments.
20. 20
Architecture & Design
Topology - One-Way Inbound
Microsoft Office 365 tenant SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online SharePoint
Perimeter
Network
Customer network
Federated
search results Site collection Primary web app
Local search
results only
SharePoint Online can query SharePoint Server SharePoint Server cannot query SharePoint Online
Outbound
Inbound
Reverse proxy
âĸ Search:One-way inbound
âĸ Business Connectivity Services: Supported
âĸ Duet Enterprise for SharePoint and SAP: Supported
21. 21
Architecture & Design
One-Way Inbound Considerations
ī§ Internet domain (adventureworks.com) and ability to create DNS records.
ī§ SharePoint Plan 1 or 2 or E3 & E4
ī§ On-Prem has to be functional
ī§ On-Prem SharePoint has to be accessible from the Internet.
ī§ On-Prem reverse proxy device for security
ī§ Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
ī§ On-Prem Azure AD Sync tool (DirSync)
ī§ Secure Channel SSL Certificate
ī§ SSL Certificate to replace default Security Token Service (STS)
ī§ Your user has to be able to authenticate in both environments.
22. 22
Architecture & Design
Topology - Two-Way (Bi-Directional)
Microsoft Office 365 tenant SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online SharePoint
Perimeter
Network
Customer network
Federated
search results Site collection Primary web app
Local search
results only
SharePoint Online can query SharePoint Server SharePoint Server can query SharePoint Online
Outbound
Inbound
Reverse proxy
âĸ Search: Bidirectional
âĸ Business Connectivity Services: Supported
âĸ Duet Enterprise for SharePoint and SAP: Supported
23. 23
Architecture & Design
Two-Way (Bi-Directional) Considerations
ī§ Internet domain (adventureworks.com) and ability to create DNS records.
ī§ SharePoint Plan 1 or 2 or E3 & E4
ī§ On-Prem has to be functional
ī§ On-Prem SharePoint has to be accessible from the Internet.
ī§ On-Prem reverse proxy device for security
ī§ Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
ī§ On-Prem Azure AD Sync tool (DirSync)
ī§ Secure Channel SSL Certificate
ī§ SSL Certificate to replace default Security Token Service (STS)
ī§ Your user has to be able to authenticate in both environments.
24. 24
Architecture & Design
Identity Management
ī§ Process of managing digital identities and policies that govern how the
identities can be used to access resources.
ī§ Synchronize On-premise users with Office 365
ī§ ADFS with Single Sign On (SSO) or DirSync with Password Sync
ī§ Configure Server-to-Server authentication between SharePoint Servers and
SharePoint Online.
25. 25
Architecture & Design
Hybrid Solutions
ī§ Search â
ī§ Available for all the 3 topologies
ī§ Allows content search
ī§ Business Connectivity Services â
ī§ Available for one-way inbound or two-way topology configuration.
ī§ On-Premise data accessibility from SharePoint Online (external list or app for
SharePoint)
ī§ Duet Enterprise Online â
ī§ View and Edit SAP data stored in SAP Application from SharePoint Online
ī§ Available for one-way inbound or two-way topology configuration.
27. 27
Infrastructure
Hardware & Software requirements
ī§ SharePoint Server 2013
ī§ Azure Active Directory
ī§ SharePoint Online tenancy
ī§ AD FS 2.0 â SSO
ī§ Directory Synchronization tool
ī§ Internet domain
28. 28
Infrastructure
Microsoft Office 365 tenant Internet Intranet
Microsoft data center
Perimeter
Network
Customer network
Outbound
Inbound
Firewall
Search service
https://intranet.
User profile store Site collection
Active Directory
Active Directory
Federation Services
Microsoft Online Services
Directory Synchronization
Microsoft Online
Directory Service Directory synchronization
Secure store
Windows Azure Active
Directory Access Control
Services
Client-side object model
pipeline
Server-to-server trust
30. 30
Services & Features
Hybrid Solutions
ī§ Search
ī§ Business Connectivity Services
ī§ Duet Enterprise Online
ī§ Business Intelligence
ī§ Enterprise E3, E4 or PowerBI licenses
ī§ Can publish to SharePoint Online with one-way outbound or two-way
authentication.
ī§ Federated & External users can only view/Edit workbooks of up to 10MB.
ī§ Social â Integration with yammer both On-Premise & SharePoint Online
33. 33
Food for thought
ââĻWell, how will you ensure that the data does not
get corrupted when it rains?!â - Vishwa Gupta former
Indian Revenue Service Officer on dangers of cloud computing
What is hybrid environment? [Explore/Plan/Install & Configure SPO & SPS)
â flexible IT Infrastructure that can scale on-demand -- taking small steps toward cloud, Customizations that limit move to cloud, sensitive data
â Accessibility outside the network while leveraging storage backups and recovery
- Consistency in maintaining already familiar tools sets while maintain user identity
- Meeting changing business needs with greater flexibility
https://technet.microsoft.com/en-us/library/dn769084.aspx https://support.office.com/en-us/article/SharePoint-Online-Planning-Guide-for-Office-365-for-business-d5089cdf-3fd2-4230-acbd-20ecda2f9bb8?ui=en-US&rs=en-US&ad=US
Pieces of the puzzles https://technet.microsoft.com/en-us/library/dn495634.aspx
Configuring ADFS http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx
https://technet.microsoft.com/en-us/library/dn607321.aspx
https://technet.microsoft.com/en-us/library/d845819f-0cbf-4595-bb14-19414acbd79b#BKMK_PrereqsOutbound - Prereq
https://technet.microsoft.com/en-us/library/dn769084.aspx https://support.office.com/en-us/article/SharePoint-Online-Planning-Guide-for-Office-365-for-business-d5089cdf-3fd2-4230-acbd-20ecda2f9bb8?ui=en-US&rs=en-US&ad=US