Publishing SharePoint to your Users externally using Windows Server 2012 R2 Web App Proxy and Mobilize your Workforce Remote Access options for SharePoint .pptx

JAHM4 4 views 41 slides Jun 26, 2024
Slide 1
Slide 1 of 41
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41

About This Presentation

Publishing SharePoint to your Users externally using Windows Server 2012 R2 Web App Proxy and Mobilize your Workforce
Remote Access options for SharePoint
What are people doing today?
Current Challenges
Bring Your Own Device challenges
Current Product options
Web Application Proxy in Windows Serve...

Size: 8.27 MB
Language: en
Added: Jun 26, 2024
Slides: 41 pages

Slide Content

Publishing SharePoint to your Users externally using Windows Server 2012 R2 Web App Proxy and Mobilize your Workforce Chris Johnson General Manager Provoke Solutions SPC333

Kiwi on loan to the USA – Seattle www.looselytyped.net @ LoungeFlyZ Ex-10yr Microsoftie , SharePoint Product Management, Program Management and Consulting Services whoami ?

What we are going to cover today Remote Access options for SharePoint What are people doing today? Current Challenges Bring Your Own Device challenges Current Product options Web Application Proxy in Windows Server What is new in Windows Server 2012 R2 Device Authentication as well as User Authentication Adding the icing on the cake and authenticating devices too

Remote Access Keeping people connected to information More important than ever Exploding need for people to work anywhere, any time. 10% of people work from home ~1 day a week 4.5% work from home all the time One off urgent matters Location independence Office locations Disaster management Device independence BYOD Personal devices, Work devices, Random devices

Business Value Employees are happier and more satisfied if they are able to chose how and where they work.

Challenges with remote access Risk “Harder” to manage Inherently more risk so IT are not keen Trusting users Data loss Device loss Phones on bar stools Laptops in cabs Security More ways in means more to protect

Solutions today VPN P oint to site Securing using certs, pwd , tokens etc.. Typically requires setup on a machine Direct Access Point to site Automatic Smart tunneling Unified Access Gateway end point Reverse Proxies “Publish” inside things to the outside DMZ based

Microsoft’s Reverse Proxy Unified Access Gateway (UAG) UAG in DMZ, SharePoint in private network You authenticate using Forms Authentication UAG authenticates with Active Directory Forms  NTLM translation You don’t need to fiddle with SharePoint authentication/authorization setup UAG SharePoint Internet Intranet

UAG roadmap Last Unified Access Gateway version No new versions going forward Mainstream support until April 14, 2015 E xtended support through April 14, 2020 Announcement: http:// blogs.technet.com/b/server-cloud/archive/2013/12/17/important-changes-to-the-forefront-product-line.aspx

Challenges with Reverse Proxies They tend to need to change things URL rewriting on the fly Authentication at the boundary SSL termination Changes sometimes need to system being published e.g. SharePoint AAM SharePoint very picky about things changin g

What are Microsoft going to replace UAG with?

Windows Server 2012 R2 Web Application Proxy Remote Access server role Reverse proxy functionality ADFS integrated for Authentication Leverage additional authentication options that AD FS provides: Workplace Join device authentication Multi Factor Authentication (MFA) Authentication works with: Web based apps – Claims aware Office Forms Based Auth (MS-OFBA) Modern Apps ( Oauth ) NTLM/Basic auth – Pass-through mode

Publish access to resources with the Web Application Proxy Users can access corporate applications and data wherever they are IT can use the Web Application Proxy to pre-authenticate users and devices with multi-factor authentication through integration with AD FS Use conditional access f or granular control over how and where the application can be accessed Active Directory provides the central repository of user identity as well as the device registration information Web Application Proxy Devices Apps & Data AD FS Active Directory Reverse proxy pass through e.g. NTLM & Basic based apps Published applications Restful OAuth apps Office Forms Based Access Claims & Kerberos web apps AD Integrated

Setting up WAP

Demo! Accessing SharePoint via WAP

Controlling Access User access Control what users have access to applications User claim support e.g. last name == “Johnson” Device Access Bring Your Own Device (BYOD) creating risk for Enterprises Beyond plain user access Application Support for apps, browsers, OSs It’s more than just vanilla user access

How to safely support the plethora of devices in the modern workplace ?

Device Registration Workplace Join “Lightweight” domain join Devices are registered with the organization Certificate issued for that device and associated to a user Device presents certificate to AD FS when logging in Supported devices include: iOS Windows 8.1 Registration can be revoked by the org or by the user at any time. Apps and Data on device can be selectively wiped without full annihilation of device .

AD FS Setup

Claim Rules for Relying Party

Extra Goodness Multifactor Authentication Support Extra level of security Lower risk of username/password hacks New built in support for Multifactor authentication in Office 365

Demo! Workplace Join, Device Registration Enforcement and Multifactor Authentication

Summary Reverse Proxy alive and well UAG end of life Web Application Proxy starts to replace parts of UAG Windows Server 2012 R2 and WAP Web Application Proxy built in ADFS integrated for authentication Workplace Join Device registration and authentication for extra security

Q&A

MySPC Sponsored by connect. reimagine. transform. Evaluate sessions on MySPC using your laptop or mobile device: m yspc.sharepointconference.com

© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Tags
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 4
  • Slides 41
  • Age 525 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
Know for Certain 21
Know for Certain
DaveSinNM
22 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views
View More in This Category