Publishing SharePoint to web securely
We have just built a dedicated extranet sharepoint 2010 server with content on seperate sql. It is on the internal lan so some internal users can log in using AD authentication and created a seperate SQL DB to create external user logins. We have tested and are ready to publish to web.
Have read up on extranet topologies on MS website and the edge firewall topology is the only one we can implement using our Cisco ASA appliance, but I am unsure of the correct/most secure way to do this. We have an ssl certificate "extranet.company.com" and I am assuming we can install this on the SharePoint server and NAT through the ASA but I keep reading that a reverse proxy is more secure.
We have a DMZ so what exactly would I have to do to set up with a reverse proxy. All the articles I have read seem to point to an MS Edge firewall or Forefront TMG which we have not deployed.
Have read up on extranet topologies on MS website and the edge firewall topology is the only one we can implement using our Cisco ASA appliance, but I am unsure of the correct/most secure way to do this. We have an ssl certificate "extranet.company.com" and I am assuming we can install this on the SharePoint server and NAT through the ASA but I keep reading that a reverse proxy is more secure.
We have a DMZ so what exactly would I have to do to set up with a reverse proxy. All the articles I have read seem to point to an MS Edge firewall or Forefront TMG which we have not deployed.
ASKER
Koen,
Apologies, have been on other things so just coming back to this.
Thanks for the reply and I will look in to it. I am not a SharePoint admin so am a bit lacking in knowledge about this but from what I have read on a couple of blogs Microsoft appear to be dropping TMG, so can you use UAG as a standalone product to publish SharePoint. The only other option to reverse proxy from what I can see is to use something like squid which I do not particularly want to do.
Apologies, have been on other things so just coming back to this.
Thanks for the reply and I will look in to it. I am not a SharePoint admin so am a bit lacking in knowledge about this but from what I have read on a couple of blogs Microsoft appear to be dropping TMG, so can you use UAG as a standalone product to publish SharePoint. The only other option to reverse proxy from what I can see is to use something like squid which I do not particularly want to do.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Solution given was not what is required.
http://blogs.technet.com/b/ben/archive/2010/12/29/sharepoint-publishing-concepts-and-considerations.aspx