Plan for security and encryption in an EPM/Office SharePoint Server 2007 extranet environment

  • Article

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.

 

Topic Last Modified: 2010-02-23

This article describes how to plan for security and encryption in an Enterprise Project Management (EPM)/ Microsoft Office SharePoint Server 2007 extranet environment. For an overview of this chapter about how to plan for EPM extranets, see Plan an EPM/Office SharePoint Server 2007 extranet environment.

Plan for security and encryption

Security guidance for an EPM Focused Microsoft Office SharePoint Server 2007 extranet farm environment focuses on recommending practical security configurations and settings for multiple teams or departments that use Microsoft Office SharePoint Server 2007 and Office Project Server 2007 features for collaboration. Security guidance for this environment focuses on:

  • Securing a server farm environment, including isolating content between groups

  • Securing server-to-server communication and client-server communication

  • Hardening servers for specific server roles

  • Securely configuring features

Guidance for the EPM Focused Microsoft Office SharePoint Server 2007 extranet farm environment assumes that all servers reside in a single internal network. For additional in-depth security guidance review Overview: Plan server farm security (Office SharePoint Server).

Also, Plan secure configurations for Office SharePoint Server features discusses additional best practices for Microsoft Office SharePoint Server 2007 feature areas (My Sites, Web Parts, Search etc.) configurations.

For the EPM Focused Microsoft Office SharePoint Server 2007 extranet farm, we recommend that you configure Internet Information Services (IIS) to use Secure Sockets Layer (SSL) for increased security or Kerberos authentication if a Kerberos infrastructure is in place. If you do not configure IIS to use SSL, potentially sensitive data is sent in plain text between the clients and servers on the network. We recommend that you configure servers to use the Internet Protocol security (IPsec) protocol for server-to-server communication.

For additional in-depth Office Project Server 2007 security guidance, review Plan encryption method for Project Server 2007.