Windows Sharepoint Services

Can Windows Sharepoint Services be access externally? Or is there something you need to purchase? I'm not havin much luck findin anything.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

royal

While I don't know much about Sharepoint, I do know that like with any server, you can give it a public ip and have it accessible via the internet. If you want to do something more secure, you can purchase ISA and have it publish Sharepoint. That way, Sharepoint can sit in the private network and traffic/authentication can be encrypted.

mrhaun03

Thanks for the reply Royal. I'm not too familiar with IIS and what I found on the web made it seem as though I needed to purchase another product.

I think I just need to give it in external IP and NAT it to an internal IP.

royal

mrhaun03 wrote:

I think I just need to give it in external IP and NAT it to an internal IP.

Yep, simple enough. But just keep in mind that doing this is not the most secure method. If you have an external ip directly mapped to an internal ip, it will always be accessible to client computers on the internet. This significantly increases the attack surface of that server. If you have private data on stored on that sharepoint server, I'd look into having an ISA box.

mrhaun03

I'm not exactly sure of the confidentiality of the documents, but would you say accessing it over SSL isn't good enough?

Although you can never have enough security...

royal

Well, SSL is the least thing that should be done. Even though it's using SSL, it is still directly exposed to the internet. There's still "more" risk than if you were to use ISA publishing it. ISA would be the one exposed and you would harden that server which does not directly contain the documents. Just make sure you harden your Sharepoint server as much as possible if you do decide to have it directly accessible via the internet. Make sure that your internet facing firewall ONLY allows port 443 to hit the sharepoint server and use as many bits as possible when encrypting it. If the docs are confidential, I'd seriously look into a more secure solution.

Gabe7055

I agree with royal to be safe your going to want to host sharepoint thru ISA for your external users. Sharepoint like Exchange has a lot of access to AD so it's not something you want to host externally and have to open a lot of ports on your firewall.

mrhaun03

Thanks for the suggestions...if we end up implementing Sharepoint, for sure I'll let my manager know we need to secure it. Security is the main reason I got into IT.