Publishing SharePoint 2013 in DMZ

Dear Experts,

what is the best option to publish the SharePoint 2013 in DMZ. Please advice

Thanks
tabreedAsked:
Who is Participating?
 
Walter CurtisSharePoint AEDCommented:
That is a good way to move forward. Microsoft has some very good information. Here is the URL:

https://technet.microsoft.com/en-us/library/dn280944.aspx

Keep in mind, in today's hacker wild world, nothing is safe, so even using a "secure" system could be risky.

Best of luck to you...
0
 
Walter CurtisSharePoint AEDCommented:
At this moment there are a gazillion answers. Can you focus the questions, explain what you want to do and what you have to work with. What are the resources available and what are the limitations and expectations.

Thanks
0
 
tabreedAuthor Commented:
we would like to publish our SharePoint 2013 portal on internet
0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
Walter CurtisSharePoint AEDCommented:
Is this on premise of SharePoint 365?
If this is on premise, do you have the infrastructure in place, do you have a DMZ?
If this is on premise, do you have a multiple tier farm, or a single server farm?
What type of access do you expect to have for the portal? Anonymous access? Users with accounts in your AD domain? Other types of users?

Generally, you will have your web front end available to the outside world, hopefully protected by a firewall. You SQL server should be in the protected internal network as well as the SharePoint app server.

What else can you say to describe your plans?
0
 
tabreedAuthor Commented:
it is on Premise and we do have DMZ in place. we have signal Farm with AD domain access.

at the monument our SharePoint servers are hosted in internal network (2 WEB front end, 2 APP and 2 DB ) . now we are paling to publish SharePoint on internet to have our users to access out side office
0
 
Walter CurtisSharePoint AEDCommented:
Good information.

You can place your WFE servers in the perimeter zone. They should be able to stay in the same AD domain, however it is possible to have the WFE servers in a different DMZ based AD domain. If you need to do that, mention it and I add some information about how to do that.

Not sure if the users will have ad accounts or not, but if they do, you can publish the WFE servers in the DMZ, and set your firewall to allow windows authenticate. If by users you are referring to users without AD accounts, you will need some type of authentication providers. Be carfeul and do not enable anonymous access since from what you note above there should only be named users accessing the system.

In this scenario, there may be additional license required. You should check on that before you make SharePoint available via public network, (internet.)  

If you have not considered this, maybe use a VPN setup to allow your internal a way to access SharePoint without having to go the internet access direction.

Hope that helps...
0
 
tabreedAuthor Commented:
Thanks, I will be planning to publish the SharePoint by using TMG or WAP and it is only for AD users. Please advice.

Thanks
0
 
tabreedAuthor Commented:
WAP  is required additional configuration like ADFS  & MFA. instead of WAP can I go with TMG. Please advice.

Thanks
0
 
Walter CurtisSharePoint AEDCommented:
Yes,  you can use TMG, but Microsoft is phasing it out soon. You may need to check the Microsoft web site for more details.
0
 
tabreedAuthor Commented:
thanks, can you please provide me the URL.

thanks
0
 
Walter CurtisSharePoint AEDCommented:
0
 
tabreedAuthor Commented:
Thank you so much, lastly please provide me the  step by step implementation steps for TMG.

Thanks
0
 
Walter CurtisSharePoint AEDCommented:
This process is too involved and depends on your environment so much that is it not possible to give a step by step in a forum such as this. Microsoft is going to be your best resource for such detailed instructions. I search at the Microsoft TechNet web site would be your first step. Also, often forgotten, but the help files that ship with the product are the best resource.

Good luck...
0
 
tabreedAuthor Commented:
Thanks, I can publish using TMG without any issues  am I right.

Thanks
0
 
Walter CurtisSharePoint AEDCommented:
To be honest, that can not be answered because an environment is not something that can be described in just a few lines. You will need to dive very deeply in to your environment as well as what TMG has to offer and how to use it in your environment.
0
 
tabreedAuthor Commented:
but TMG is capable for this ?
0
 
Walter CurtisSharePoint AEDCommented:
Yes
0
 
Walter CurtisSharePoint AEDCommented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.