Physical architecture diagrams: EPM/Office SharePoint Server 2007 extranet environments
Updated: February 25, 2010
Topic Last Modified: 2010-02-23
This article describes three physical architectures that you can use when planning for an Enterprise n Management (EPM)/Microsoft Office SharePoint Services extranet environment:
Edge Firewall topology
Back-to-back perimeter topology
Split back-to-back topology
The physical architecture for an Intranet deployment is provided for comparison.
For an overview of this chapter about how to plan for EPM extranets, see Plan an EPM/Office SharePoint Server 2007 extranet environment.
A typical corporate EPM-focused Microsoft Office SharePoint Server 2007 server farm is composed of three layers with the following topology:
Web Front End layer
Application layer for Microsoft Office SharePoint Server 2007 and Microsoft Office Project Server 2007 application servers
Back end layer with database servers clustered or not.
In reality, the number of server computers and the topology of the server farm are not important to the logical architecture, except to increase capacity and performance, as needed. The logical architecture can be designed independently of the server-farm topology. The performance and capacity planning process will help you size the server farm to meet performance and capacity goals for an EPM Focused Microsoft Office SharePoint Server 2007 Farm in the Intranet.
Based on the physical architecture for an intranet deployment presented earlier in this article, an Edge Firewall topology will be designed as shown here.
Based on the physical architecture for an intranet deployment presented earlier in this article, a Back-to-Back Perimeter topology will be designed as shown here. If needed, each layer in the Perimeter Network may be split across separate network zones or subnets with routers managing the communication between each zone.
Based on the physical architecture for an intranet deployment presented earlier in this article, a Split Back-to-Back topology will be designed as shown here. As a variant, the application layer may reside in the Perimeter Network instead on the Internal network.