| Executive Summary:
An extranet is a network that companies use to exchange information with clients, customers, or business partners.Because of its ease of use, document management capabilities, security, search, and change notification, Microsoft SharePoint has emerged as one of the top platforms on which to build an extranet. |
I recently finished an extranet system
implementation using Windows
SharePoint Services (WSS) 3.0. In
this overview of my experiences
and guidance, I outline the benefits
of using SharePoint for your extranet
solution, describe extranet topology and
taxonomy, explain the available authentication
methods, and offer recommendations
for extranets that span several disciplines.
Extranets
An extranet is a network typically used to
exchange information between someone
in your company and a client, customer,
or business partner. It’s an extension of a
company’s intranet, but not as public as its
public website. Because of this, a company
most likely has multiple extranets—one for
each client, customer, or partner.
When designing an extranet solution,
you usually desire a similar set of requirements.
An example of a prioritized list of
requirements might include the following:
- Security
- Ease of use
- Document management
- Searching
- Change notification
- Lists (calendar of events, contacts, tasks or
other custom data)
Ten years ago, a company that wanted an
extranet solution would need to build one
from scratch or hire a consultant to customize
a product that did something similar to
what the company required. Since then,
extranets have become so popular that
hosted extranet solutions have emerged to
satisfy the demand.
During the past few years, SharePoint has
emerged as one of the top extranet solutions that companies are considering. SharePoint
is not only a collaboration website, but a
framework that developers can use to build
entire applications. Out of the box, SharePoint
includes document management, search,
change notification, and list functionality
while maintaining a high ease of use through
its UI customization options. To finish out
our requirements list, all SharePoint content
is stored within a SQL Server database, so
security can be well-controlled.
Although I used WSS 3.0 for my extranet,
you could also use Microsoft Office Share-
Point Server (MOSS) 2007. For a discussion
about which platform is best suited for your
situation, see the sidebar “SharePoint Extranets:
WSS or MOSS?”.
Extranet Topology
Because SharePoint is an ASP.NET 2.0 web
application, it supports any external-facing
topology that web applications support.
The best practice is to host SharePoint
within the demilitarized zone (DMZ) and
use Microsoft ISA Server as an applicationlevel
firewall. For more details about the
different topologies and architectures, read
Microsoft’s extranet topology guidance at
technet.microsoft.com/en-us/library/cc263513.aspx.
Extranet Taxonomy
At the highest level, SharePoint organizes
itself as a collection of web applications.
A web application can have multiple site
collections that each contain multiple sites.
Because of the time it takes for configuration,
you don’t create a new web application
in SharePoint each time you need to provision
an extranet. Therefore, the SharePoint
object that best maps to an extranet is a site
collection. A single web application can contain
as many as 50,000 site collections before
performance begins to degrade. Figure 1
shows an example of a basic taxonomy.
SharePoint organizes information in site
collections into a set of content databases.
See the web-exclusive sidebar “Content Databases
for Extranets” (www.windowsitpro.com, InstantDoc ID 99654) for more information
and recommendations regarding
content databases.
Authentication
When determining how to authenticate
users in SharePoint, you have more options
in WSS 3.0 than ever before, thanks mostly
to ASP.NET 2.0’s membership provider API.
Each web application supports as many
as five different authentication methods
(or providers) through the use of a feature
called zones. Each time a new authentication
provider is added to a web application,
a new website is created for that zone in
Microsoft IIS. Table 1 lists the zones for an
extranet web application. Even though the
site address is different between zones,
SharePoint will resolve both requests to the
same web application.
SharePoint also allows port numbers for
zone identification, as Table 2 shows, but this
is not typically recommended for extranets
since firewalls usually only allow web traffic
ports such as 80 and 443. Also, some features
of SharePoint might not behave as intended
on a custom port over the internet.
Web Figure 1 shows the Zone name
options displayed on the Extend an Existing
Web Application page. Zone names suggest a
specific usage, but it’s only for administrative
convenience. When extending an existing
web application to a new zone, the name you
choose doesn’t matter.
You have three options for web authentication:
Windows, ASP.NET Forms, or web
single sign-on (SSO). The following discussion outlines these authentication types to
help you determine which one is best for
your specific requirements.
Windows authentication. In WSS 2.0,
Windows authentication was the only
authentication option. Even though the
authentication system has been drastically
improved in WSS 3.0, Windows authentication
is still the only choice that offers all
SharePoint features and enhanced client
integration out of the box. Although features
such as support for WWW Distributed
Authoring and Versioning (WebDAV) and
Microsoft Office integration might not be
your highest priority, they’re very convenient
in some circumstances.
Continue to page 2
Previous
)
)
Register
http://www.sharepartxxl.com/products/taxonomy
Check it out, Frank
fd2008 October 01, 2008 (Article Rating: