Windows Sharepoint Services

mrhaun03mrhaun03 Member Posts: 359
Can Windows Sharepoint Services be access externally? Or is there something you need to purchase? I'm not havin much luck findin anything.
Working on Linux+

Comments

  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    While I don't know much about Sharepoint, I do know that like with any server, you can give it a public ip and have it accessible via the internet. If you want to do something more secure, you can purchase ISA and have it publish Sharepoint. That way, Sharepoint can sit in the private network and traffic/authentication can be encrypted.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • mrhaun03mrhaun03 Member Posts: 359
    Thanks for the reply Royal. I'm not too familiar with IIS and what I found on the web made it seem as though I needed to purchase another product.

    I think I just need to give it in external IP and NAT it to an internal IP.
    Working on Linux+
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    mrhaun03 wrote:
    I think I just need to give it in external IP and NAT it to an internal IP.

    Yep, simple enough. But just keep in mind that doing this is not the most secure method. If you have an external ip directly mapped to an internal ip, it will always be accessible to client computers on the internet. This significantly increases the attack surface of that server. If you have private data on stored on that sharepoint server, I'd look into having an ISA box.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • mrhaun03mrhaun03 Member Posts: 359
    I'm not exactly sure of the confidentiality of the documents, but would you say accessing it over SSL isn't good enough?

    Although you can never have enough security...
    Working on Linux+
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Well, SSL is the least thing that should be done. Even though it's using SSL, it is still directly exposed to the internet. There's still "more" risk than if you were to use ISA publishing it. ISA would be the one exposed and you would harden that server which does not directly contain the documents. Just make sure you harden your Sharepoint server as much as possible if you do decide to have it directly accessible via the internet. Make sure that your internet facing firewall ONLY allows port 443 to hit the sharepoint server and use as many bits as possible when encrypting it. If the docs are confidential, I'd seriously look into a more secure solution.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • Gabe7055Gabe7055 Member Posts: 158
    I agree with royal to be safe your going to want to host sharepoint thru ISA for your external users. Sharepoint like Exchange has a lot of access to AD so it's not something you want to host externally and have to open a lot of ports on your firewall.
  • mrhaun03mrhaun03 Member Posts: 359
    Thanks for the suggestions...if we end up implementing Sharepoint, for sure I'll let my manager know we need to secure it. Security is the main reason I got into IT.
    Working on Linux+
Sign In or Register to comment.