Designing a Secure Extranet with Sharepoint Russ Basiura Principal Consultant RJB Technical Consulting

Slides:



Advertisements
Similar presentations
Active Directory Federation Services How does it really work?
Advertisements

Dan Usher Joel Ward. Who we are… What we’ve seen… Security Concerns in today’s world Why SmartCards? Authentication & Authorization of SharePoint IIS.
SIM403. Claims Provider Trust Relying Party x Relying Party Trust Claims Provider Trust Your ADFS STS Partner ADFS STS & IP Relying Party Trust Partner.
Module 5: Configuring Access to Internal Resources.
ASP.NET Web Application Security Hannes Preishuber ppedv AG
Microsoft ASP.NET Security Venkat Chilakala Support Professional Microsoft Corporation.
1 SharePoint Momentum 17K+ Customers, 100M Licenses Leader in Gartner ® Magic Quadrants, Forrester Wave TM Continued Platform and Application Innovation.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
IIS Configuration © N. Ganesan, Ph.D.. Renaming the Default Web.
Internet Information Server (IIS)
Remote Access SSL VPN Stewart Duncan Technical Manager.
Philadelphia Area SharePoint User Group Welcome to the Philadelphia Area SharePoint User Group Russ Basiura SharePoint Consultant.
Fraser Technical Solutions, LLC
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Ing. Ondřej Ševeček | GOPAS a.s. | MCM: Directory Services | MVP: Enterprise Security | | |
Welcome to Philly Code Camp Russ Basiura SharePoint Consultant RJB Technical Consulting
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd
Copyright 2007, Information Builders. Slide 1 WebFOCUS Authentication Mark Nesson, Vashti Ragoonath Information Builders Summit 2008 User Conference June.
Barracuda Load Balancer Server Availability and Scalability.
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
Internet-Based Client Access
Access Gateway Operation
Session 10 Windows Platform Eng. Dina Alkhoudari.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Author: Bill Buchanan. Work Schedule Author: Bill Buchanan.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
Federation and Federated Identity: Part 2 Building Federated Identity Solutions with Forefront Unified Access Gateway (UAG) and ADFS v2 John Craddock Infrastructure.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
©2012 Microsoft Corporation. All rights reserved. Content based on SharePoint 15 Technical Preview and published July 2012.
RJB Technical Consulting Microsoft Office SharePoint Server 2007 Governance Russ Basiura RJB Technical Consulting.
Welcome to PhillySharePoint Russ Basiura
Philadelphia Area SharePoint User Group Building Customer/Partner Extranets Designing a Secure Extranet with Sharepoint 2007 Russ Basiura RJB Technical.
1 Web services and security ---discuss different ways to enforce security Presenter: Han, Xue.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
Welcome to the Delaware Valley SharePoint User Group Russ Basiura SharePoint Consultant RJB Technical Consulting
Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.
SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.
RJB Technical Consulting Microsoft Office SharePoint Server 2007 Deployment – Do’s and Don’ts Russ Basiura.
The.NET Runtime and IIS Presented by Chris Dickey – cdickey.net consulting
Single Sign-On
CensorNet Ltd An introduction to CensorNet Professional On-premise web filtering & management An introduction to CensorNet Professional On-premise web.
Network Edge Protection: A Technical Deep-Dive into Internet Security & Acceleration Server
Designing Secure SharePoint External Access Ondrej Sevecek | MCM: Directory | MVP: Security |
Module 11: Securing a Microsoft ASP.NET Web Application.
Integrating and Troubleshooting Citrix Access Gateway.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
SSO Case Study Suchin Rengan Principal Technical Architect Salesforce.com.
SharePoint in the Education Space Presented by: Daniel Petersen Director of Business Solutions Applied Tech.
Module 5 : Security I Jong S. Bok
Web Services Security Patterns Alex Mackman CM Group Ltd
Installing IIS 7(.5). Web Platform Installer What’s New in IIS 7 Fast CGI (PHP!) Shared Configuration Automated App Pool Isolation Extensions PowerShell.
Linus Joyeux Valerie Alonso Managing consultantLead consultant blue-infinity (Switzerland) Active Directory Federation Services v2.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Unlocking the Secrets of Alfresco Authentication Mehdi BELMEKKI, Consultancy Team Alfresco.
Arizona SharePoint Professionals Group.
Alain Bethuyne Web Security Architect BNPParibas Fortis
SharePoint Authentication and Authorization
Stop Those Prying Eyes Getting to Your Data
Agenda Introduction Security flow for a request Authentication
Enabling Secure Internet Access with TMG
Implementing TMG Server Publishing
Utilize Group Policy Terminal Server Settings
الخطوات المطلوب القيام بها قبل انشاء الموقع
IS 4506 Server Configuration (HTTP Server)
SharePoint Online Hybrid – Configure Outbound Search
Building Security into Your System
Presentation transcript:

Designing a Secure Extranet with Sharepoint Russ Basiura Principal Consultant RJB Technical Consulting Extranets

Agenda Deployment Scenario Configuration Challenges Security and Authentication

Scenario

Active Directory in the DMZ –No Trusts Single Server or small farm –All servers in the DMZ All Services in the DMZ –Mail –IM Basic Authentication over HTTPS Digest Authentication (Not Supported)

Scenario All Users must logon Management via Remote Desktop All content stored in portal Ports –TCP 3389 open to intranet for RDP –TCP 80 open to intranet for HTTP –TCP 443 open to extranet for HTTPS

User Challenges Authentication –Users don’t like being asked for identity –Use Portal SSO to access other resources URLS –Store content on the portal –Put content links on the portal

Technical Challenges Authentication SSL

Authentication Basic over https Integrated –NTLM –Kerberos Digest –Single web server or web farm with affinity –Not Supported Custom –ISAPI Filter with persistent cookie –Not Supported

Custom Authentication Must create a valid Windows Principal Must attach context to thread before entering.Net pipeline –Ows.dll is an ISAPI extension –ISAPI extensions cannot be chained Build an ISAPI filter –Create and manage Windows Principal –Embed basic authentication headers in request

Discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.