Solved

Publishing SharePoint 2013 in DMZ

Posted on 2016-08-14
18
41 Views
Last Modified: 2016-08-15
Dear Experts,

what is the best option to publish the SharePoint 2013 in DMZ. Please advice

Thanks
0
Comment
Question by:tabreed
  • 10
  • 8
18 Comments
 
LVL 14

Expert Comment

by:SneekCo
ID: 41755902
At this moment there are a gazillion answers. Can you focus the questions, explain what you want to do and what you have to work with. What are the resources available and what are the limitations and expectations.

Thanks
0
 

Author Comment

by:tabreed
ID: 41755927
we would like to publish our SharePoint 2013 portal on internet
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41755930
Is this on premise of SharePoint 365?
If this is on premise, do you have the infrastructure in place, do you have a DMZ?
If this is on premise, do you have a multiple tier farm, or a single server farm?
What type of access do you expect to have for the portal? Anonymous access? Users with accounts in your AD domain? Other types of users?

Generally, you will have your web front end available to the outside world, hopefully protected by a firewall. You SQL server should be in the protected internal network as well as the SharePoint app server.

What else can you say to describe your plans?
0
 

Author Comment

by:tabreed
ID: 41755944
it is on Premise and we do have DMZ in place. we have signal Farm with AD domain access.

at the monument our SharePoint servers are hosted in internal network (2 WEB front end, 2 APP and 2 DB ) . now we are paling to publish SharePoint on internet to have our users to access out side office
0
 
LVL 14

Assisted Solution

by:SneekCo
SneekCo earned 500 total points
ID: 41756275
Good information.

You can place your WFE servers in the perimeter zone. They should be able to stay in the same AD domain, however it is possible to have the WFE servers in a different DMZ based AD domain. If you need to do that, mention it and I add some information about how to do that.

Not sure if the users will have ad accounts or not, but if they do, you can publish the WFE servers in the DMZ, and set your firewall to allow windows authenticate. If by users you are referring to users without AD accounts, you will need some type of authentication providers. Be carfeul and do not enable anonymous access since from what you note above there should only be named users accessing the system.

In this scenario, there may be additional license required. You should check on that before you make SharePoint available via public network, (internet.)  

If you have not considered this, maybe use a VPN setup to allow your internal a way to access SharePoint without having to go the internet access direction.

Hope that helps...
0
 

Author Comment

by:tabreed
ID: 41756376
Thanks, I will be planning to publish the SharePoint by using TMG or WAP and it is only for AD users. Please advice.

Thanks
0
 
LVL 14

Accepted Solution

by:
SneekCo earned 500 total points
ID: 41756641
That is a good way to move forward. Microsoft has some very good information. Here is the URL:

https://technet.microsoft.com/en-us/library/dn280944.aspx

Keep in mind, in today's hacker wild world, nothing is safe, so even using a "secure" system could be risky.

Best of luck to you...
0
 

Author Comment

by:tabreed
ID: 41756920
WAP  is required additional configuration like ADFS  & MFA. instead of WAP can I go with TMG. Please advice.

Thanks
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41756961
Yes,  you can use TMG, but Microsoft is phasing it out soon. You may need to check the Microsoft web site for more details.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 

Author Comment

by:tabreed
ID: 41756974
thanks, can you please provide me the URL.

thanks
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41756981
0
 

Author Comment

by:tabreed
ID: 41756988
Thank you so much, lastly please provide me the  step by step implementation steps for TMG.

Thanks
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41756998
This process is too involved and depends on your environment so much that is it not possible to give a step by step in a forum such as this. Microsoft is going to be your best resource for such detailed instructions. I search at the Microsoft TechNet web site would be your first step. Also, often forgotten, but the help files that ship with the product are the best resource.

Good luck...
0
 

Author Comment

by:tabreed
ID: 41757011
Thanks, I can publish using TMG without any issues  am I right.

Thanks
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41757015
To be honest, that can not be answered because an environment is not something that can be described in just a few lines. You will need to dive very deeply in to your environment as well as what TMG has to offer and how to use it in your environment.
0
 

Author Comment

by:tabreed
ID: 41757017
but TMG is capable for this ?
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41757023
Yes
0
 
LVL 14

Expert Comment

by:SneekCo
ID: 41757034
Thanks
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Summary In SharePoint 2010 it is easy to create custom color themes to jazz up a site. Theme colors can also be created in PowerPoint 2010 with a few clicks. But how do the chosen colors actually look in the SharePoint site? The attached PowerPoint…
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now