Plan for and design security (Office SharePoint Server)

Applies To: Office SharePoint Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.

Topic Last Modified: 2016-11-14

This chapter provides a methodical approach to building security into your solution design for Microsoft Office SharePoint Server 2007. This approach is based on a foundation of the following security guides that are provided in Microsoft patterns & practices (https://go.microsoft.com/fwlink/?LinkId=73704&clcid=0x409):

• Securing Your Web Server (https://go.microsoft.com/fwlink/?LinkId=73705&clcid=0x409)

• Securing Your Database Server (https://go.microsoft.com/fwlink/?LinkId=73706&clcid=0x409)

• Securing Your Network (https://go.microsoft.com/fwlink/?LinkId=73707&clcid=0x409)

These guides explain practical secure configurations for specific server roles. The guidance for each server role includes recommended secure settings for the network, the operating system, and the applications that are installed, including Internet Information Services (IIS), Microsoft ASP.NET Framework, and Microsoft SQL Server.

The information in this chapter supplements the patterns & practices security guides in several ways:

• Provides recommendations for each server role within a server farm.

• Identifies additional networking, operating system, and application settings that are appropriate for server roles.

• Provides recommendations for securing the specific applications and features that are installed by Office SharePoint Server 2007.

• Targets security recommendations to security environments that are common for Office SharePoint Server 2007 solutions.

Plan for and design security by using the following steps:

1. Plan your security environment   The security guidance that is recommended for your organization depends on which environment best matches your intended use of Office SharePoint Server 2007. Use the following article to help plan your security environment:

   • Choose your security environment (Office SharePoint Server) describes the four key security environments: internal team or department, internal IT-hosted, external secure collaboration, and external anonymous access.

2. Plan server farm security   plan how to secure individual servers within a server farm. The patterns & practices security guides are used as a foundation for securing Office SharePoint Server 2007 environments. Use the following articles to help plan server farm security:

   • Review the secure topology design checklists (Office SharePoint Server) to ensure that your topology and logical architecture meet the criteria for a secure design.

   • Plan for secure communication within a server farm (Office SharePoint Server) to ensure that the methods of secure communication are most appropriate for your solution.

   • Plan security hardening for server roles within a server farm (Office SharePoint Server) to determine the specific hardening settings for each of the server roles in your server farm.

3. Plan secure configurations for features   plan how to configure Office SharePoint Server 2007 features in a secure manner. Use the following article to help plan secure configurations:

   • Plan secure configurations for Office SharePoint Server features provides recommendations for securely configuring Office SharePoint Server 2007 features. The recommendations in this article are usually configured by using Central Administration, rather than in the network, operating system, IIS, or .NET Framework.

4. Plan environment-specific security   plan security targeted to your specific environment. Use the following articles to help plan environment-specific security:

   • Plan security for an internal team or department environment (Office SharePoint Server) provides additional security guidance targeted to the internal team or department environment.

   • Plan security for an internal IT-hosted environment (Office SharePoint Server) provides additional security guidance targeted to the internal IT-hosted environment.

   • Plan security for an external secure collaboration environment (Office SharePoint Server) provides additional security guidance targeted to the external secure collaboration environment.

   • Plan security for an external anonymous access environment (Office SharePoint Server) provides additional security guidance targeted to the external anonymous access environment.

5. Plan security roles   Use the following article to plan for and design security roles:

   • Plan for security roles (Office SharePoint Server) describes planning roles for administrators and for users.

6. Plan for single sign-on   If you plan to connect to data sources outside of your server farm, single sign-on can be used to automatically authenticate users, rather than prompting for credentials. Use the following article to help plan for sign sign-on:

   • Plan for single sign-on describes using single sign-on in Office SharePoint Server 2007.

7. Plan for accounts   Use the following article to plan for administrative and service accounts:

   • Plan for administrative and service accounts (Office SharePoint Server) provides requirements and recommendations for configuring administrative and service accounts.

Some of these planning articles are intended for specific security environments. The following figure shows the intended planning flow based on the security environment.

Download this book

This topic is included in the following downloadable book for easier reading and printing:

• Planning and architecture for Office SharePoint Server 2007, part 2

See the full list of available books at Downloadable content for Office SharePoint Server 2007.