Embed Size (px)
DESCRIPTION
Agenda Remote Access ScenariosRemote Access Scenarios Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004 Authentication Methods for SharePointAuthentication Methods for SharePoint Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS Publishing Live Communication Server 2005Publishing Live Communication Server 2005
Citation preview
More Power Out: Empowering More Power Out: Empowering your mobile workforceyour mobile workforce
Damir BersinicDamir BersinicIT Pro AdvisorIT Pro Advisor
Microsoft CanadaMicrosoft Canada
[email protected]@microsoft.comhttp://blogs.technet.com/damirbhttp://blogs.technet.com/damirb
Rick ClausRick ClausIT Pro AdvisorIT Pro AdvisorMicrosoft CanadaMicrosoft Canada
[email protected]@microsoft.comhttp://blogs.technet.com/rclaushttp://blogs.technet.com/rclausxBox Live: Rickster CDNxBox Live: Rickster CDN
Session Goals:Session Goals:
• Allow your workforce to be mobile and Allow your workforce to be mobile and connectedconnected
• Configure your environment to maximize Configure your environment to maximize your mobile workforce experienceyour mobile workforce experience
• Best Practices, Tools and Tips.Best Practices, Tools and Tips.
AgendaAgenda
• Remote Access ScenariosRemote Access Scenarios• Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004• Authentication Methods for SharePointAuthentication Methods for SharePoint• Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS• Publishing Live Communication Server 2005Publishing Live Communication Server 2005
Remote Access ScenariosRemote Access ScenariosTraditional Remote Access MethodsTraditional Remote Access Methods• File Transfer Protocol (FTP) SitesFile Transfer Protocol (FTP) Sites
• Secure connections using the InternetSecure connections using the Internet• Lack of functionalityLack of functionality• Administrative expenseAdministrative expense
• Dial-up Remote Access Server (RAS)Dial-up Remote Access Server (RAS)• Secure direct connectionsSecure direct connections• Expensive (server resources)Expensive (server resources)• Administrative expenseAdministrative expense
• Virtual Private Networks (VPN)Virtual Private Networks (VPN)• Secure connections using the InternetSecure connections using the Internet• Expensive (server resources)Expensive (server resources)• Administrative expenseAdministrative expense
Remote Access ScenariosRemote Access ScenariosExtranetsExtranets• Accessible to Web browsersAccessible to Web browsers
• HTTP and HTTPS accessHTTP and HTTPS access• Low administrative costsLow administrative costs• Secure connections using the InternetSecure connections using the Internet
• Different authentication mechanisms availableDifferent authentication mechanisms available• Fully-functional Web-based applicationsFully-functional Web-based applications
• Line-of-business applicationsLine-of-business applications• SharePoint Portal SitesSharePoint Portal Sites• Collaborative SharePoint team sitesCollaborative SharePoint team sites
• Consistent user-experienceConsistent user-experience• Intranet accessIntranet access• Extranet and Internet accessExtranet and Internet access
Remote Access ScenariosRemote Access ScenariosRPC over HTTPS ProxiesRPC over HTTPS Proxies• Allows for VPN-less connections while still Allows for VPN-less connections while still
providing strong securityproviding strong security• More and more applications are supporting RPC More and more applications are supporting RPC
proxies via HTTPS using SSL tunnelsproxies via HTTPS using SSL tunnels– Outlook 2003 SP1 can use RPC over HTTPSOutlook 2003 SP1 can use RPC over HTTPS
• Other applications are planned in the futureOther applications are planned in the future
AgendaAgenda
• Remote Access ScenariosRemote Access Scenarios• Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004• Authentication Methods for SharePoint Web Authentication Methods for SharePoint Web
SitesSites• Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS• Publishing Live Communication Server 2005Publishing Live Communication Server 2005
Publishing Web Sites with ISA Publishing Web Sites with ISA Server 2004Server 2004ISA Server FirewallsISA Server Firewalls
Web ServerWeb Server
Domain Domain ControllerController
ISA ServerISA Server
ISA Server 2004 OverviewISA Server 2004 Overview ISA Management MMCISA Management MMC Rules, Listeners, PublishingRules, Listeners, Publishing
demonstrationdemonstration
Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004Server PublishingServer Publishing
• Typically used for services other than Web or FTPTypically used for services other than Web or FTP• Examples: SQL Server, SMTP ServicesExamples: SQL Server, SMTP Services• Used for Live Communications Server 2005 TLSUsed for Live Communications Server 2005 TLS
• Can be used for publishing Web sitesCan be used for publishing Web sites• Not recommendedNot recommended
• Lack of configuration flexibilityLack of configuration flexibility• External HTTP requests can bypass the Web proxy serviceExternal HTTP requests can bypass the Web proxy service
Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004Link TranslationLink Translation
• Some Web applications use absolute addresses for resources and Some Web applications use absolute addresses for resources and hyperlinkshyperlinks• Can result in inaccessibility to users on the Internet or extranetCan result in inaccessibility to users on the Internet or extranet• Can expose computer names and IP addresses to hackersCan expose computer names and IP addresses to hackers• Can be confusing to users on the intranetCan be confusing to users on the intranet
• SharePoint applications often use a mix of relative and absolute addressesSharePoint applications often use a mix of relative and absolute addresses• Server namesServer names• IP addressesIP addresses
• ISA Server allows string substitution to resolve absolute address issuesISA Server allows string substitution to resolve absolute address issues
AgendaAgenda
• Remote Access ScenariosRemote Access Scenarios• Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004• Authentication Methods for SharePoint Web Authentication Methods for SharePoint Web
SitesSites• Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS• Publishing Live Communication Server 2005Publishing Live Communication Server 2005
Authentication Methods for SharePoint Web SitesAuthentication Methods for SharePoint Web SitesSecuring SharePoint ApplicationsSecuring SharePoint Applications
• SharePoint supports a number of different authentication SharePoint supports a number of different authentication scenariosscenarios• Anonymous accessAnonymous access• Basic authenticationBasic authentication• Windows authenticationWindows authentication• SSL and certificate authenticationSSL and certificate authentication
• SharePoint users and groups are used to control access to SharePoint users and groups are used to control access to sites, libraries, and other resourcessites, libraries, and other resources
Authentication Methods for SharePoint Web SitesAuthentication Methods for SharePoint Web SitesAuthentication for Published SharePoint SitesAuthentication for Published SharePoint Sites
• ISA Server 2004 can:ISA Server 2004 can:• Pre-authenticate usersPre-authenticate users
• Often with basic authenticationOften with basic authentication• Use SSL for basic authentication scenariosUse SSL for basic authentication scenarios
• Publishing a secure Web sitePublishing a secure Web site• User credentials are encrypted by SSLUser credentials are encrypted by SSL
• Use pass-through Windows authenticationUse pass-through Windows authentication• Passes authentication to the SharePoint Web serverPasses authentication to the SharePoint Web server
Securing SharePoint with ISA 2004Securing SharePoint with ISA 2004 Configure SharePoint SecurityConfigure SharePoint Security Configure External DNS for Site AccessConfigure External DNS for Site Access Publish SharePoint Site Using ISA 2004Publish SharePoint Site Using ISA 2004 Connecting to SharePoint Site from External Connecting to SharePoint Site from External NetworkNetwork
demonstrationdemonstration
AgendaAgenda
• Remote Access ScenariosRemote Access Scenarios• Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004• Authentication Methods for SharePoint Web Authentication Methods for SharePoint Web
SitesSites• Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS• Publishing Live Communication Server 2005Publishing Live Communication Server 2005
FirewallFirewall
Flexible, Secure Access Flexible, Secure Access
Windows 2003Windows 2003AD / GC ServerAD / GC Server
Exch 2003Exch 2003
ISAISA FirewallFirewall
Perimeter Network (DMZ)Perimeter Network (DMZ) E2003 Back-E2003 Back-End ServersEnd Servers
Radius Radius (IAS) Server(IAS) Server
ISA 2004ISA 2004RPC FilteringRPC FilteringSMTP FilteringSMTP FilteringRSA SecurIDRSA SecurIDOWA Access WizardOWA Access Wizard
OWA ClientsOWA Clients(HTTPS / HTML)(HTTPS / HTML)
Outlook ClientsOutlook Clients(RPC/HTTPS)(RPC/HTTPS)
WAP 2.0, iModeWAP 2.0, iMode(xHTML, cHTML)(xHTML, cHTML)
Pocket PC Pocket PC (HTTPS / HTML)(HTTPS / HTML)
Wireless Wireless Carrier and Carrier and
InternetInternet
Configure RPC over HTTPSConfigure RPC over HTTPSConfigure Exchange 2003 Server for RPC Configure Exchange 2003 Server for RPC over HTTPSover HTTPS Publish RPC over HTTPS in ISA 2004Publish RPC over HTTPS in ISA 2004 Configure Outlook 2003 for RPC over Configure Outlook 2003 for RPC over HTTPSHTTPS
demonstrationdemonstration
FirewallFirewall
Flexible, Secure Access Flexible, Secure Access
Windows 2003Windows 2003AD / GC ServerAD / GC Server
Exch 2003Exch 2003
ISAISA FirewallFirewall
Perimeter Network (DMZ)Perimeter Network (DMZ) E2003 Back-E2003 Back-End ServersEnd Servers
Radius Radius (IAS) Server(IAS) Server
ISA 2004ISA 2004RPC FilteringRPC FilteringSMTP FilteringSMTP FilteringRSA SecurIDRSA SecurIDOWA Access WizardOWA Access Wizard
OWA ClientsOWA Clients(HTTPS / HTML)(HTTPS / HTML)
Outlook ClientsOutlook Clients(RPC/HTTPS)(RPC/HTTPS)
WAP 2.0, iModeWAP 2.0, iMode(xHTML, cHTML)(xHTML, cHTML)
Pocket PC Pocket PC (HTTPS / HTML)(HTTPS / HTML)
Wireless Wireless Carrier and Carrier and
InternetInternet
Publishing OWA and OMAPublishing OWA and OMA Configure Outlook Web AccessConfigure Outlook Web Access Configure Exchange for Outlook Mobile Configure Exchange for Outlook Mobile AccessAccess Publish OWA and OMA in ISA 2004Publish OWA and OMA in ISA 2004
demonstrationdemonstration
FirewallFirewall
Flexible, Secure Access Flexible, Secure Access
Windows 2003Windows 2003AD / GC ServerAD / GC Server
Exch 2003Exch 2003
ISAISA FirewallFirewall
Perimeter Network (DMZ)Perimeter Network (DMZ) E2003 Back-E2003 Back-End ServersEnd Servers
Radius Radius (IAS) Server(IAS) Server
ISA 2004ISA 2004RPC FilteringRPC FilteringSMTP FilteringSMTP FilteringRSA SecurIDRSA SecurIDOWA Access WizardOWA Access Wizard
OWA ClientsOWA Clients(HTTPS / HTML)(HTTPS / HTML)
Outlook ClientsOutlook Clients(RPC/HTTPS)(RPC/HTTPS)
WAP 2.0, iModeWAP 2.0, iMode(xHTML, cHTML)(xHTML, cHTML)
Pocket PC Pocket PC (HTTPS / HTML)(HTTPS / HTML)
Wireless Wireless Carrier and Carrier and
InternetInternet
Publishing Exchange ActiveSyncPublishing Exchange ActiveSync Configure Exchange for ActiveSyncConfigure Exchange for ActiveSync Publish ActiveSync in ISA 2004Publish ActiveSync in ISA 2004
demonstrationdemonstration
AgendaAgenda
• Remote Access ScenariosRemote Access Scenarios• Publishing Web Sites with ISA Server 2004Publishing Web Sites with ISA Server 2004• Authentication Methods for SharePoint Web Authentication Methods for SharePoint Web
SitesSites• Publishing OWA, OMA, RPC over HTTPSPublishing OWA, OMA, RPC over HTTPS• Publishing Live Communication Server 2005Publishing Live Communication Server 2005
Publishing the LCS 2005 ServerPublishing the LCS 2005 Server Configure LCS 2005 for External AccessConfigure LCS 2005 for External Access Publish LCS 2005 in ISA 2004Publish LCS 2005 in ISA 2004
demonstrationdemonstration
More Power Out:More Power Out:Empowering your mobile workforceEmpowering your mobile workforce• Web-based extranets provide access to business Web-based extranets provide access to business
information with low administrative and resource information with low administrative and resource costscosts
• SharePoint Web sites provide ideal extranet SharePoint Web sites provide ideal extranet solutions for collaborative access to business solutions for collaborative access to business informationinformation
• ISA Server 2004 can be used to publish and secure ISA Server 2004 can be used to publish and secure – SharePoint applications for an extranet or over the InternetSharePoint applications for an extranet or over the Internet– Exchange Outlook Web Access / Outlook Mobile AccessExchange Outlook Web Access / Outlook Mobile Access– Outlook RPC over HTTPSOutlook RPC over HTTPS– Live Communication Server 2005Live Communication Server 2005
For More Information…For More Information…• Main TechNet Canada Web site atMain TechNet Canada Web site at
www.microsoft.ca/technet
• Exchange Server 2003 SP2Exchange Server 2003 SP2http://www.microsoft.com/exchange/evaluation/sp2/overview.mspx
• Exchange Product Team BlogExchange Product Team Bloghttp://blogs.technet.com/exchange
• Live Communications Server 2005 SP1Live Communications Server 2005 SP1http://office.microsoft.com/en-ca/FX010908711033.aspx
• Sharepoint Portal Server 2003Sharepoint Portal Server 2003http://www.microsoft.com/sharepoint/default.mspx
Join us for the next session on:Join us for the next session on:
Extending your collaboration Extending your collaboration platformplatform
