Solved

Publishing SharePoint 2013 in DMZ

Posted on 2016-08-14
18
68 Views
Last Modified: 2016-08-15
Dear Experts,

what is the best option to publish the SharePoint 2013 in DMZ. Please advice

Thanks
0
Comment
Question by:tabreed
  • 10
  • 8
18 Comments
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41755902
At this moment there are a gazillion answers. Can you focus the questions, explain what you want to do and what you have to work with. What are the resources available and what are the limitations and expectations.

Thanks
0
 

Author Comment

by:tabreed
ID: 41755927
we would like to publish our SharePoint 2013 portal on internet
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41755930
Is this on premise of SharePoint 365?
If this is on premise, do you have the infrastructure in place, do you have a DMZ?
If this is on premise, do you have a multiple tier farm, or a single server farm?
What type of access do you expect to have for the portal? Anonymous access? Users with accounts in your AD domain? Other types of users?

Generally, you will have your web front end available to the outside world, hopefully protected by a firewall. You SQL server should be in the protected internal network as well as the SharePoint app server.

What else can you say to describe your plans?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:tabreed
ID: 41755944
it is on Premise and we do have DMZ in place. we have signal Farm with AD domain access.

at the monument our SharePoint servers are hosted in internal network (2 WEB front end, 2 APP and 2 DB ) . now we are paling to publish SharePoint on internet to have our users to access out side office
0
 
LVL 16

Assisted Solution

by:Walter Curtis
Walter Curtis earned 500 total points
ID: 41756275
Good information.

You can place your WFE servers in the perimeter zone. They should be able to stay in the same AD domain, however it is possible to have the WFE servers in a different DMZ based AD domain. If you need to do that, mention it and I add some information about how to do that.

Not sure if the users will have ad accounts or not, but if they do, you can publish the WFE servers in the DMZ, and set your firewall to allow windows authenticate. If by users you are referring to users without AD accounts, you will need some type of authentication providers. Be carfeul and do not enable anonymous access since from what you note above there should only be named users accessing the system.

In this scenario, there may be additional license required. You should check on that before you make SharePoint available via public network, (internet.)  

If you have not considered this, maybe use a VPN setup to allow your internal a way to access SharePoint without having to go the internet access direction.

Hope that helps...
0
 

Author Comment

by:tabreed
ID: 41756376
Thanks, I will be planning to publish the SharePoint by using TMG or WAP and it is only for AD users. Please advice.

Thanks
0
 
LVL 16

Accepted Solution

by:
Walter Curtis earned 500 total points
ID: 41756641
That is a good way to move forward. Microsoft has some very good information. Here is the URL:

https://technet.microsoft.com/en-us/library/dn280944.aspx

Keep in mind, in today's hacker wild world, nothing is safe, so even using a "secure" system could be risky.

Best of luck to you...
0
 

Author Comment

by:tabreed
ID: 41756920
WAP  is required additional configuration like ADFS  & MFA. instead of WAP can I go with TMG. Please advice.

Thanks
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41756961
Yes,  you can use TMG, but Microsoft is phasing it out soon. You may need to check the Microsoft web site for more details.
0
 

Author Comment

by:tabreed
ID: 41756974
thanks, can you please provide me the URL.

thanks
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41756981
0
 

Author Comment

by:tabreed
ID: 41756988
Thank you so much, lastly please provide me the  step by step implementation steps for TMG.

Thanks
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41756998
This process is too involved and depends on your environment so much that is it not possible to give a step by step in a forum such as this. Microsoft is going to be your best resource for such detailed instructions. I search at the Microsoft TechNet web site would be your first step. Also, often forgotten, but the help files that ship with the product are the best resource.

Good luck...
0
 

Author Comment

by:tabreed
ID: 41757011
Thanks, I can publish using TMG without any issues  am I right.

Thanks
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41757015
To be honest, that can not be answered because an environment is not something that can be described in just a few lines. You will need to dive very deeply in to your environment as well as what TMG has to offer and how to use it in your environment.
0
 

Author Comment

by:tabreed
ID: 41757017
but TMG is capable for this ?
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41757023
Yes
0
 
LVL 16

Expert Comment

by:Walter Curtis
ID: 41757034
Thanks
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There is one common problem that all we SharePoint developers share: custom solution deployment. This topic can't be covered fully in this short article, so all I want to do in this one is to review it from a development-to-operations perspectiv…
Summary In SharePoint 2010 it is easy to create custom color themes to jazz up a site. Theme colors can also be created in PowerPoint 2010 with a few clicks. But how do the chosen colors actually look in the SharePoint site? The attached PowerPoint…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question