Re: [ActiveDir] Sharepoint in the DMZ

[Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]]

Question to you guys... what sort of data do you allow in this DMZ'd Sharepoint. Russ said it's SQL port open to the inside and all that...but I'm just interested if you guys have a policy as to what sort of data lives there. Brian Desmond wrote: Your consultant is smoking the good sh#t (edited by SEB to get it through spam filters).   Just open the ports between Sharepoint and your DCs. Also open TCP1433 and UDP1434 for the SQL access.   I spent two years designing & running a half million seat Sharepoint environment with this setup. It worked just fine.   Sharepoint is just another app like OWA – rather than being backended by Exchange it’s backended by SQL.   Thanks, Brian Desmond [EMAIL PROTECTED]   c - 312.731.3132   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Group, Russ Sent: Tuesday, September 12, 2006 10:45 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Sharepoint in the DMZ   Hi all I have a consultant that wants to put Sharepoint into our DMZ.  Here is what he is proposing to do: Create a child domain and put the Sharepoint computer account in the child domain Put Sharepoint server in our DMZ. Open up the same ports for Sharepoint that we would open for Outlook Web Access Also open port 1433 for SQL   Since I don’t know much about Sharepoint, I was hoping someone would be to let me know if this has been done in the past and if it's safe. Thank you Russ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx