Embed Size (px)
Citation preview
1
SharePoint in
Hybrid Environment
Leonard Mwangi
Consultant
Alexander Open Systems
2
SharePoint
About me
[email protected]://lmundia.com @lmundia
SQL Insights Analytics
Cloud Integration
3
About AOS
• Presence in Addison & Fort Worth
• Tech Elite 250 CRN Award - 2015
• Application Dev
• SharePoint/SQL/BI/Custom Dev.
• Microsoft
• Exchanged/AD/Lync/SCCM
• AOSCloud
• Communication & Collaboration
• Networking & Wireless
• Virtualization
• GIS
• Security
4
Agenda
• Introduction
• Business Drivers
• Architecture & Design
• Infrastructure
• Services & Features
• Demo
5
Agenda
Introduction
• Business Drivers
• Architecture & Design
• Infrastructure
• Services & Features
• DemoIntroduction
6
Introduction
Cloud computing becoming popular & reliable
On-Premise, Private Cloud & Public Cloud services
8% of Customer moving entirely to cloud
33% of hybrid penetration by 2017
– Size
– Industry
– Geography
– Political
– Regulations
Retail, Hospitality, Education, Manufacturing
Office 365 – SharePoint, Exchange, Lync
7
Introduction
You are considering a hybrid
deployment
You have a SharePoint 2013
environment on-premises
You have an Office 365 tenant
You have established resources
for managing and
troubleshooting SharePoint
2013
8
Agenda
Introduction
Business Drivers
• Architecture & Design
• Infrastructure
• Services & Features
• DemoBusiness Drivers
9
Business Drivers
Flexibility
Cost of Operation
Significant footprint in Remote locations
Regulatory reasons
Manageability
On-Premises
of enterprise
customers are
“on the road” to
cloud
33%
10
Business Drivers
Staged Migration
On Premise Coexistence
The flexibility of migrating some capabilities to SharePoint Online and accessing both on-
premises and online sites with the same domain credentials
Microsoft will more securely deliver new features and capabilities to
SharePoint Online
Deployed and maintained on premises with complete control and
ownership of hardware, maintenance, resources, and
administration
SharePoint Online
11
Business Drivers
Maintain Hybrid Model
On Premise
Microsoft will more securely deliver new features and capabilities to
SharePoint Online
Deployed and maintained on premises with complete control and
ownership of hardware, maintenance, resources, and
administration
SharePoint Online
12
Business Drivers
Understanding Hybrid environment
Hybrid SharePoint
Hybrid
SharePoint
SharePoint
on-premises SharePoint
Online = +
13
Business Drivers
Features not available in SharePoint Online
Most of the administration options exposed via SharePoint Central Admin
Commands which are available in SharePoint On-Premises through Windows PowerShell
Use of full-trust code solutions (farm solutions) in Office 365
Features such as PerformancePoint, advanced business intelligence or a Records Center integrated with third party systems
14
Business Drivers
Reasons to Hybrid
Size of the organization does not make it practical to implement cloud computing exclusively.
Regulatory Compliance and governance requirements determines where the organization contents must be stored.
Relationship with business partners and vendors may require on-premisefarm to maintain relationship.
Nature of business requires higher level of service than cloud can offer.
Organization must protect its current investment in IT and maximize ROI
Strategic planning and budgeting cycles – large scale migration.
Transition environment to cloud.
Take advantage of preferred features from both SharePoint 2013 On-premand SharePoint Online
15
Agenda
Introduction
Business Drivers
Architecture & Design
• Infrastructure
• Services & Features
• Demo
Architecture &
Design
16
Architecture & Design
Before Implementing a SharePoint Hybrid Solution
1. What do you need to accomplish?
2. How is your On-Premise architecture?
3. What is the desired experience for your users?
17
Architecture & Design
Considerations
Topology
One-Way Outbound
One-Way Inbound
Two-way (Bi-directional)
Identity Management
Users Synchronization
SSO or Password Sync
Server to Server(S2S) authentication
Hybrid Solutions
SharePoint Search
Business Connectivity Services
Duet Enterprise Online
18
Architecture & Design
Topology - One-Way Outbound
Microsoft Office 365 tenant
• Search: One-way outbound
• Business Connectivity Services: Not supported
• Duet Enterprise for SharePoint and SAP: Not supported
SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online cannot query
SharePoint ServerSharePoint Server can query SharePoint
Online
SharePoint Online SharePoint
Federated
search results Site collection Primary web appLocal search
results only
19
Architecture & Design
One-Way Outbound Considerations
Internet domain (adventureworks.com) and ability to create DNS records.
SharePoint Plan 1 or 2 or E1, E3 & E4
On-Prem has to be functional
Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
On-Prem Azure AD Sync tool (DirSync)
SSL Certificate to replace default Security Token Service (STS)
Your user has to be able to authenticate in both environments.
20
Architecture & Design
Topology - One-Way Inbound
Microsoft Office 365 tenant SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online SharePoint
Perimeter
Network
Customer network
Federated
search results Site collection Primary web appLocal search
results only
SharePoint Online can query SharePoint Server SharePoint Server cannot query SharePoint Online
Outbound
Inbound
Reverse proxy
• Search: One-way inbound
• Business Connectivity Services: Supported
• Duet Enterprise for SharePoint and SAP: Supported
21
Architecture & Design
One-Way Inbound Considerations
Internet domain (adventureworks.com) and ability to create DNS records.
SharePoint Plan 1 or 2 or E3 & E4
On-Prem has to be functional
On-Prem SharePoint has to be accessible from the Internet.
On-Prem reverse proxy device for security
Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
On-Prem Azure AD Sync tool (DirSync)
Secure Channel SSL Certificate
SSL Certificate to replace default Security Token Service (STS)
Your user has to be able to authenticate in both environments.
22
Architecture & Design
Topology - Two-Way (Bi-Directional)
Microsoft Office 365 tenant SharePoint Server 2013
Internet IntranetMicrosoft data center
SharePoint Online SharePoint
Perimeter
Network
Customer network
Federated
search results Site collection Primary web appLocal search
results only
SharePoint Online can query SharePoint Server SharePoint Server can query SharePoint Online
Outbound
Inbound
Reverse proxy
• Search: Bidirectional
• Business Connectivity Services: Supported
• Duet Enterprise for SharePoint and SAP: Supported
23
Architecture & Design
Two-Way (Bi-Directional) Considerations
Internet domain (adventureworks.com) and ability to create DNS records.
SharePoint Plan 1 or 2 or E3 & E4
On-Prem has to be functional
On-Prem SharePoint has to be accessible from the Internet.
On-Prem reverse proxy device for security
Federation between On-Prem & Azure AD (AD FS 2.0) for SSO
On-Prem Azure AD Sync tool (DirSync)
Secure Channel SSL Certificate
SSL Certificate to replace default Security Token Service (STS)
Your user has to be able to authenticate in both environments.
24
Architecture & Design
Identity Management
Process of managing digital identities and policies that govern how the identities can be used to access resources.
Synchronize On-premise users with Office 365
ADFS with Single Sign On (SSO) or DirSync with Password Sync
Configure Server-to-Server authentication between SharePoint Servers and SharePoint Online.
25
Architecture & Design
Hybrid Solutions
Search –
Available for all the 3 topologies
Allows content search
Business Connectivity Services –
Available for one-way inbound or two-way topology configuration.
On-Premise data accessibility from SharePoint Online (external list or app for SharePoint)
Duet Enterprise Online –
View and Edit SAP data stored in SAP Application from SharePoint Online
Available for one-way inbound or two-way topology configuration.
26
Agenda
Introduction
Business Drivers
Architecture & Design
Infrastructure
• Services & Features
• DemoInfrastructure
27
Infrastructure
Hardware & Software requirements
SharePoint Server 2013
Azure Active Directory
SharePoint Online tenancy
AD FS 2.0 – SSO
Directory Synchronization tool
Internet domain
28
Infrastructure
Microsoft Office 365 tenant Internet Intranet
Microsoft data center
Perimeter
Network
Customer network
Outbound
Inbound
Firewall
Search service
https://intranet.User profile store Site collection
Active DirectoryActive Directory
Federation Services
Microsoft Online Services
Directory SynchronizationMicrosoft Online
Directory ServiceDirectory synchronization
Secure store
Windows Azure Active
Directory Access Control
Services
Client-side object model
pipelineServer-to-server trust
29
Agenda
Introduction
Business Drivers
Architecture & Design
Infrastructure
Services & Features
• Demo
Services &
Features
30
Services & Features
Hybrid Solutions
Search
Business Connectivity Services
Duet Enterprise Online
Business Intelligence
Enterprise E3, E4 or PowerBI licenses
Can publish to SharePoint Online with one-way outbound or two-way authentication.
Federated & External users can only view/Edit workbooks of up to 10MB.
Social – Integration with yammer both On-Premise & SharePoint Online
31
Agenda
Introduction
Business Drivers
Architecture & Design
Infrastructure
Services & Features
DemoDemo
32
Agenda
33
Food for thought
“…Well, how will you ensure that the data does not get corrupted when it rains?!” - Vishwa Gupta former
Indian Revenue Service Officer on dangers of cloud computing
34
SharePoint
Questions?
SQL Insights Analytics
Cloud Integration
@lmundia
http://lmundia.com
www.aos5.com
35
Thank you to our sponsors…
