ISA Server 2004 UNLEASHED [Electronic resources]

Michael Noel

نسخه متنی -صفحه : 191/ 136
نمايش فراداده

Securing Access to SharePoint 2003 Sites with ISA 2004

SharePoint portal service sites are fast becoming a common web-based collaboration tool. Along with publishing SharePoint sites come the same types of risks that are faced by web servers. It is therefore recommended to secure SharePoint Portal Sites under the protective umbrella of ISA.

Understanding SharePoint 2003

SharePoint Portal Server 2003, illustrated in Figure 14.12, is an advanced document management and collaboration portal utility released by Microsoft. It allows for custom lists, document libraries, discussion groups, and other collaboration features right out of the box, and it is fast becoming a critical port of many organization's environments.

Figure 14.12. Viewing SharePoint Portal Server 2003.

[View full size image]

Publishing a SharePoint Site with ISA Server Publishing Rules

Publishing a SharePoint portal site involves exactly the same procedure that was outlined in the previous section, with a few small exceptions as follows:

It is highly recommended to use SSL encryption with SharePoint pages.

Individual SharePoint site collections can be published in ISA through the use of multiple publishing rules and/or bridging.

SharePoint is an excellent candidate for link translation.

Using Link Translation to Hide Internal SharePoint Links

One of the most useful features of ISA Server for SharePoint Sites is its capability to perform link translation of the site. Link translation, as previously defined, effectively looks through all the web traffic and replaces specific hypertext links with administrator-defined ones. Where this comes in handy is with SharePoint, which too often exposes a bug in the code that allows internal SharePoint Portal identities to be exposed to the Internet. For example, if SERVER15 is a SharePoint Server, but the SharePoint Site is, the pages in SharePoint sometimes appear with links to //server15, which cannot be resolved from the Internet.

To enable link translation on a SharePoint site, do the following:


On the Link Translation tab of the web publishing rule, check the box to replace absolute links in web pages.


Click the Add button.


Under the Add/Edit Dictionary Item dialog box, enter the text that will be replaced, such as that server15 should be replaced with, as is shown in Figure 14.13.

Figure 14.13. Performing link translation on a SharePoint site.

In addition to replacing text links with link translation, in the Link Translation tab it is also possible to restrict by content type, by clicking on the Content Types button. The following types of content are available for restriction:


Application Data Files


Compressed Files


HTML Documents


Macro Documents

