Solution Overview
The new content management features provided in SharePoint 2007 and the flexible platform provided by SharePoint can provide an answer to each of the Internet portal requirements.
Table 22.2 maps each specific requirement to the solution architecture that SharePoint will provide.
| Requirement | Solution |
|---|---|
| No publishing is allowed to Internet-facing server | Use SharePoint content deployment features to push content from internal staging server to Internet-facing server |
| Public must be able to anonymously access content | Internet-facing server must be configured for anonymous access |
| Internet presence must be professional, clean, and consistent | Use SharePoint master pages and page layout to provide consistent framework |
| Master page will be customized with company logo to emphasize professional Internet presence | |
| Use global navigation to provide consistent and easy-to-use navigation of the site | |
| Easy navigation | Use SharePoint Global Navigation control |
| PR group needs to publish occasional press releases easily | Create a site content type that provides the structure and fields for the press releases so that even occasional publishers have a straightforward publishing process |
| PR press releases must be archived to records management center | Configure records management features to allow users to archive press release |
| Support engineer management and product developers want to see flow and feature area of active bugs | KPIs for bug tracking |
| Support engineers will be publishing technical articles based on bug information that needs to be reviewed by technical editors before release | Create site content type for technical articles that has an approval workflow that routes the articles to technical editors before being published |
| Site content needs to be in English and Latin | Use site variations to replicate English site structure to the Latin site structure |
| Web managers require site auditing information tomake key publishing decisions | Enable SharePoint auditing |
In this solution, you will create the following site structure:
External Server: The external presence will link to all site resources using the global navigation bar.
Product Information: A subsite that provides product information and resources for company products.
Press Releases: The press release page provides summary information for all current press release articles.
Support articles: A subsite for publishing support articles.
About Us: This page provides contact information for the organization.
Internal Server: The internal server mirrors the external site structure but in addition has a site collection that hosts the bug tracking list and KPIs for bugs.
You are going to implement these servers using single-server implementations for each server. The external server will be configured behind a firewall to protect against network eavesdropping and unauthorized access, and a firewall will be configured between the internal and external server as shown in Figure 22.1.
Figure 22.1. Server-to-server configuration diagram
In addition, you will configure the following items to protect your environment and information:
Use NTLM secure authentication so that the authentication process does not send packets over the network.
Encrypt SQL Server authentication credentials by installing a server certificate on the database server.
Use SSL to encrypt browser-to-server communications and IPSec to encrypt all IP traffic that flows between the two servers.
Create firewall policies that will block traffic from any port with exceptions for those used by SharePoint communications to the client for Firewall1 and server-to-server communications for Firewall2.
Configure IP filtering and IPSec policies that will prevent unauthorized hosts from establishing connections.
Disable any services that are not being used, which reduces that threat surface for attacks.
Cross-Ref
For more information about the threats posed for server-to-server communications, see Chapter 10.