RE: Share Point?

• Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #136"
• Maybe in reply to: Derek Schaible: "Share Point?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 13 May 2003 10:07:31 +0100
To: "Derek Schaible" <dschaible@cssiinc.com>, <focus-ms@securityfocus.com>

I'd look at using ISA Feature Pack 1 to Web publish the Sharepoint
server rather than placing it on the DMZ.
This prevents all the "SharePoint in Extranet" scenario configuration
which is often troublesome.

Checkpout the ISA FP1 scenarios for more information, and also
www.spsfaq.com for general SPS info.

hth
Spence

-----Original Message-----
From: Derek Schaible [mailto:dschaible@cssiinc.com]
Sent: 09 May 2003 14:33
To: focus-ms@securityfocus.com

Greetings List,

I have a customer who wants to place sharepoint in a DMZ for outside
clients to access documents. It is their intent to place all of their
data regarding a project on the SharePoint server and use that as the
single point of storage for this project. Meaning, everyone on the team
uses this one share in the DMZ.

Does this sound safe? Has anyone here tested Share Point's security?
I'm sure this isn't the first time someone has needed to do something
like this, how have some of you handled this scenario?

I appreciate anyone's input on this matter and any advice at all is
welcome!

Thanks,
Derek

------------------------------------------------------------------------
-----
FastTrain has your solution for a great CISSP Boot Camp. The industry`s
most recognized corporate security certification track, provides a
comprehensive prospectus based upon the core principle concepts of
security. This ALL INCLUSIVE curriculum utilizes lectures, case studies
and true hands-on utilization of pertinent security tools. For a limited
time you can enter for a chance to win one of the latest technological
innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-focus-ms
------------------------------------------------------------------------
------

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender immediately and then delete from your system.

This footnote also confirms that this email message has been swept
for the presence of known computer viruses.

**********************************************************************

-----------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry`s most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-focus-ms
------------------------------------------------------------------------------

• Previous message: Marc Fossi: "SecurityFocus Microsoft Newsletter #136"
• Maybe in reply to: Derek Schaible: "Share Point?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]