Hi All,
I know there are number of solutions out there which can allow you to expose SharePoint On-Premise externally. All solution come with some limitation. I am looking for someone who has implemented such a solution and lesson learned.
Here is the high level requirement:
– SharePoint Portal (Some web application not all) from on-premise SharePoint Farm to be available outside company network
– We should limit devices and track those devices accessing portal
– User should be able to authenticate by using their active directory credentials so no additional authentication should be required.
– If a user moves between web application, he/she should not be challenged to enter his/her domain credentials
Thanks
Adnan
We’re using F5s and Symantec VIP for two factor Authentication. Â I am just getting into the whole details of setting it up, so will report back on how it works…
Hi Robin,
We have done POC by using Web Application Proxy (WAP), next version of UAG but we found issues with this product. For example, no support for http to https redirector, you have to set up separate SSL certificate for each web application, system request to authenticate against each web application. We did not find a way to restrict individual devices.
Thanks
Adnan
We’ve done this using UAG – it satisfies all of your requirements above.
It was relatively simple to setup, but is end-of-life for Microsoft who apparently have similar technology built into their Windows 2012 server OS (a reverse proxy/gateway) which we’ve not tried.
We are now also investigating using F5s for this instead. That is also a reverse proxy but is a little less capable that UAG in terms of URL inspection/security
