SharePoint 2007 is a critical component that can often contain sensitive data about an organization and its intellectual property. Many organizations want to enable their end users to be able to access this data from anywhere on the Internet, but are concerned about the security implications of doing so. For these scenarios, best practice dictates the use of a reverse proxy security solution that provides for application-layer filtering of the HTTP traffic to the SharePoint environment. One of the most comprehensive applications to provide this level of filtering to a SharePoint is Microsofts Internet Security and Acceleration (ISA) Server 2006.
A SharePoint 2007 site reverse proxy scenario, detailed in Figure 1.24, allows all the Secure Sockets Layerencrypted traffic intended for SharePoint to be intercepted, scanned at the application layer for vulnerabilities and attacks, and then re-encrypted and sent back to the SharePoint Server. To reduce the surface attack vector of the platform, allow only the specific HTTP calls required by SharePoint 2007 and disallow all other types of HTTP calls, extensions, and methods.
"SharePoint 2007 Unleashed" learn more
Sharepoint 2007 Summary
SharePoint 2007 products and technologies are an exciting evolution of a product that has received considerable attention in recent years. Inclusion of new collaboration features such as blogs, wikis, RSS feed readers, and other end user enhancements make the platform more accessible and user friendly, whereas improvements made to existing key functionality enhances the viability of the platform. In addition, several key new administrative enhancements and functionalities, such as email-enabled content support, Excel Services, and Business Data Catalog services, position the product for enterprise document management capabilities.
This chapter discussed the functionality improvements and additions to both Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. Later chapters of this book supply additional information about each of the topics discussed here.
Understanding the differences between libraries and lists is important for a better understanding of how SharePoint 2007 can assist the organization in managing documents and less structured information that might exist in databases or spreadsheets that are only useful to limited groups of users.
It is a good idea to become familiar with the differences among workspaces, sites, site collections, and top-level sites when planning and designing SharePoint 2007 environments.
The new and improved navigational tools in SharePoint 2007 enable site collection administrators and site administrators to customize their sites to meet the needs of the end users, and now include tree views, breadcrumb trails, and fully customizable Quick Launch area.
Understand the differences among SharePoint 2007 product versions and their embedded features. Many organizations might find that a cheaper version of the product suits its particular needs.
When possible, standardize on the Office 2007 family of products to take advantage of the many integration points between the Office 2007 applications and SharePoint 2007. Although earlier versions of Office will interface to a lesser degree with SharePoint 2007, key features such as receiving RSS feeds in Outlook 2007 and being able to take document library files offline in Outlook 2007 wont be available.
Excel Services is available in only SharePoint Server 2007 Enterprise Edition. It allows the publishing of Excel 2007 spreadsheets to trusted and managed locations. By using the Excel Web Access web part, it is possible to publish portions or all of a worksheet or workbook to SharePoint 2007 users, who can interact with the data to a limited degree without affecting the source data. Both Windows SharePoint Services 3.0 and SharePoint Server 2007 offer enhanced search functionality, but SharePoint Server 2007 is required for advanced search functionality, the ability to search people as well as data, the ability to search content external to SharePoint, and dozens of other enhanced features for end users and administrators.
Download and run the Microsoft Best Practices Analyzer for Windows SharePoint Services 3.0. The results give the SharePoint farm administrator a report that summarizes errors and warnings based on Microsoft best practices and SharePoint configuration requirements.