2. Speakers Michael Van Cleave Sr. Architect & Practice Lead MCT, MCPD, MCTS, MCSD.NET Paul Papanek Stork SharePoint MVP & Author Chief Architect & Practice Lead MBA, MCT, MCSE, MCSD, MCDBA, MCTS, MCITP, MCPD…
3. Agenda Discuss the Business Case New Internet Friendly Licensing Branding Tips for Success Authentication and Anonymous Access Extranet Topologies Security Gateways Best Practices/Avoiding Common Pitfalls Resources and Q & A
4. Audience Survey What is your primary role in implementing SharePoint initiatives? Decision Maker, Influencer or Sponsor Admin, Architect or Developer Analyst or End User Consultant
5. The Business Case Market Trends Collaborate with business partners/clients Connect your virtual offices or telecommuting employees Create a more compelling internet presence (e.g. including dynamic content, workflow, etc.) Why SharePoint? Leverage content contributors / SME’s throughout your organization Provide more timely, pointed content with ease Build on your existing SharePoint investment Don’t start from scratch! SharePoint is specifically built for these scenarios
6. New Licensing Models Internet Server licensing No CALs required for external users Versions SP Server 2010 for Internet Sites, Standard Same functionality as Standard CAL Limited to one Internet domain (i.e. not AD domain) SP Server 2010 for Internet Sites, Enterprise Same functionality as with Enterprise CAL Includes FAST Search Server SharePoint Foundation Free, essentially
7. New Licensing Models – Cont’d Determine upfront what functionality you need for your public site Licensing costs differ significantly Development costs can differ significantly Microsoft Licensing is complex! Contact us if you need help: Info@ShareSquared.com
8. Branding for Success Start from “close to” scratch Performance is Key Consider image format and size Use Fiddler or other page analyzers Reduce JavaScript payloads (Cui.js, Sp.ui.js, Core.js) Turn off Naming ActiveX control Web app general settings page Organize your content Utilize SharePoint lists, calendars, web parts etc. Leverage content expiration, versioning, alerts, auditing, etc. Choose a creative design firm that understands your brand, your content and SharePoint! Use a SharePoint Expert for implementation
9. Authentication Choices Windows Authentication Native windows authentication methods do not work well over internet Basic Authentication over HTTPS Alternative to native windows authentication Forms Based Authentication Alternative user store (SQL, LDAP, etc.) Full support for client application integration. Anonymous Access Read-only users
11. Audience Survey Where are you on the SharePoint 2010 adoption curve? Already using SharePoint 2010 Will implement/upgrade in 0-3 Months Will implement/upgrade in 4-12 Months No near-term plans to upgrade/use Unsure – need more information
12. Selecting the Right Topology Questions to Ask Who are the potential users? How will the site be used? What is in the existing environment? Internet Facing Topologies Edge Firewall Back to Back Perimeter Network Split Back to Back Perimeter Network
13. Edge Firewall Good for light duty/low security installations Best for telecommuting employees
14. Edge Firewall Pros/Cons Advantages Disadvantages Least amount of hardware & configuration All Data stored within the trusted network Only one set of servers to maintain A single farm to build and maintain May not need Internet license Lowest Security Only one firewall protecting Internal network
15. Perimeter Network Good for an Internet only web site. Good for public hosting environment
16. Perimeter Network Pros/Cons Advantages Disadvantages Single farm simplifies sharing and maintenance No external user access to internal network Content Deployment between internal and external farm possible Additional infrastructure and configuration required Internal users have two user accounts Content Deployment requires external sites to be Read Only
18. Split Perimeter Pros/Cons Advantages Disadvantages SQL servers not in Perimeter network Internal users don’t need two accounts External users can use Windows (Basic) authentication Requires the most hardware Most Complex solution
19. Gateway Servers ISA Server 2006 Forefront TMG Server 2010 Forefront UAG Server 2010
20. Threat Management Gateway Designed for Outbound Access Control Capabilities SharePoint publishing Network load balancing Array support Mobile access Rich authentication Unified portal Direct Access
21. Unified Access Gateway Designed for Inbound Access Control Capabilities SharePoint publishing Network load balancing Array support Mobile access Rich authentication Endpoint health detection Granular access policies Information leakage mitigation Direct Access
23. Audience Survey What do you see as next steps? Learn more about Public Facing Sites in SharePoint 2010 Plan& Design a Public Facing SharePoint Site Implement a Public Facing SharePoint Site in SharePoint 2010 Get some help!
24. Avoiding Pitfalls Anonymous access users still need licenses People Picker issues with Read Only Domain Controllers Admin and Service Accounts should be from Trusted Domain Deactivate/Block features and services that won’t be used (e.g. MySites) Don’t use Themes for SharePoint Foundation 2010 Don’t just move to SharePoint – use it’s features!
25. Best Practices Start with a “Least Privileges” Security Account approach Set Anonymous Policy for the External Web Application Zone Use Content Deployment for Read Only WCM systems Service accounts should all be Managed Accounts with automated password Leverage multiple zones Analyze content & put it into the proper SharePoint structures
26. SharePoint GamePLAN® Jumpstart your SharePoint deployment Conducted by an MCM, MVP or Sr. Architect Deliverables Education on SharePoint 2010 Brainstorming & Conceptual Design Assessment – Hardware, AD, Skills, etc. Planning & Implementation Roadmap $4,500 + travel for a 3-day engagement Utilize Microsoft Vouchers (as applicable) Email Info@ShareSquared.com or Call 800-445-1279
27. Downloads Several handouts are available for download from LiveMeeting: SharePoint 2010 GamePLAN SharePoint Composer/Maestro Company Profile FREE Trial Version of SharePoint Composer: www.SharePointComposer.com
28. Resources and Q & A Assessment & Planning Schedule a SharePoint GamePLAN engagement Learn more about SharePoint 2010 Next Webinar: “Tour de SharePoint 2010 with our SharePoint MVP's & Certified Master Candidates” on 5/3/2011 Online resources Extranet Topologies for SharePoint 2010 http://tinyurl.com/SpExtranetChart Plan Security Hardeninghttp://tinyurl.com/PlanSecHarden Account Permissions and Security Settings http://tinyurl.com/AcctPerm Contact Us: Info@ShareSquared.com or 800-445-1279
Notes de l'éditeur
PAUL WILL START 10 MINUTE TIMER Blended SharePoint 2010 & .NET Solutions
PAUL
PAULBullet Points from the email blastDeveloping a Strategy for Leveraging SharePoint Inside-OutNew Internet Friendly Licensing in SharePoint 2010Branding for SuccessAuthentication and Anonymous AccessSelecting the Right Extranet TopologyForefront Threat Management and Unified Access GatewaysBest Practices & Avoiding Pitfalls
PAUL
MICHAEL
MICHAELLimited to ONE Internet domain. (Not AD domain) Example: ShareSquared.com Partners.ShareSquared.com Emplyees.ShareSquared.com NOT: CompanyA.com CompanyB.com OrganizaitonC.org*** Fast Search/Enterprise SharePointYou cannot deploy both on the same license. The license only covers SharePoint Enterprise Internet OR Fast Search Server. Not both concurrently.*** SharePoint Foundation if you expose it externally you need to purchase a Windows external connector or your server.
MICHAELMicrosoft Licensing check with a Licensing Representative BEFORE you deploy your site!
MICHAELChoose a SharePoint Expert:Branding in needs expert proficiency due to it’s complexity.Start from close to scratch: Start from a minimal.master and only include needed controls (moderate)(icon)Performance is Key: use Fiddler to assist you with what the page is sending to the browserReduce Javascript Payloads: some of the following scripts may not be needed depending on your site. Remove the .js file if it’s functionality is not needed.
MICHAELWindows Auth Remote UsersExtranet Remote Partners/Clients/etcAnonymous Read-only users ***Although you can allow users to post to lists (blogs, comments, etc) but you cannot set them up to contribute to libraries.
MICHAEL
MICHAEL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAUL
PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN Q & A - EVERYONE
PAUL
PAULIf they need help, we’ve had access to SharePoint 2010 for over a year – we can guide them thru the processMention Downloads, Recording & Email invite to ECM in SharePoint 2010 WebinarExplain SharePoint GamePLAN WEBINAR: Tuesday October 26th 11:00 AM PSTCOMPOSER Site: About to get a makeover as a branded 2010 site, build using Composer & MaestroPRICING / LICENSING: Free SharePoint Foundation Version – Composer Only~$299 for Foundation BuildComposer Standard and Enterprise is sold per-UserMaestro Standard and Enterprise is sold per-serverSee the site for pricing details & info in a follow-up email w/ the Q & A contentQ & A – EVERYONEExtranet Topologies for SharePoint 2010http://tinyurl.com/SpExtranetChartPlan Security Hardeninghttp://technet.microsoft.com/en-us/library/cc262849.aspxAccount Permissions and Security Settingshttp://technet.microsoft.com/en-us/library/cc678863.aspx