SESSION CODE: OFS213 Dan Holme, MVP, SharePoint Chief SharePoint Evangelist, AvePoint Author, SharePoint 2010 Training Kit (Microsoft Press) GOVERNANCE INFORMATION MANAGEMENT & SECURITY DRIVING YOUR ARCHITECTURE (c)
Download ReportTranscript SESSION CODE: OFS213 Dan Holme, MVP, SharePoint Chief SharePoint Evangelist, AvePoint Author, SharePoint 2010 Training Kit (Microsoft Press) GOVERNANCE INFORMATION MANAGEMENT & SECURITY DRIVING YOUR ARCHITECTURE (c)
SESSION CODE: OFS213 Dan Holme, MVP, SharePoint Chief SharePoint Evangelist, AvePoint Author, SharePoint 2010 Training Kit (Microsoft Press) GOVERNANCE INFORMATION MANAGEMENT & SECURITY DRIVING YOUR ARCHITECTURE (c) 2011 Microsoft. All rights reserved. Dan Holme ► Based in Maui, Hawaii ► Chief SharePoint Evangelist – AvePoint ► 5-year MVP ► Microsoft Technologies Consultant NBC Olympics ► Speaker: SPC, TechEd, Connections ► Columnist: SharePoint Pro magazine ► Author: SharePoint 2010 Training Kit ► [email protected] ► @danholme DEFINING GOVERNANCE GOVERNANCE Governance defines the people, processes, policies and technologies that deliver a service People Policy Process People Policy Process Technology GOVERNANCE People Policy SERVICE Technology Process About This Session OBJECTIVES & AGENDA Architecting Governance SharePoint http://intranet HR Finance Vacation & Sick Day Tracking Benefits Financial Performance Expense Reports PRODUCTION FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Search Metadata My Sites Remote LoB App Research & Development CRM Finance WWW Extranet WWW Extranet Objectives & Agenda ► Defining Governance ► Management Controls and Scopes ► Information Architecture vs. Management ► Four-Step Architecting Governance Process ► Scenario-Based Logical & Physical Architectures Fundamentals MANAGEMENT CONTROLS AND SCOPES Management controls and scopes FARM Zone WEB APPLICATION Service Application CONTENT DATABASE SITE COLLECTION Top-Level Site List or Library [Folder] Subsite Item or Document Subsite Management controls and scopes ► It’s about containers (scopes) ► Security (permissions)? We understand that… – Scope unique permissions = site, list/library, folder – Administrative overhead of multiple containers ► But… Governance and management is more than just security! Fundamentals INFORMATION ARCHITECTURE VS. MANAGEMENT Site Map ≠ Architecture SharePoint http://intranet HR Benefits Finance Vacation & Sick Day Tracking Financial Performance Expense Reports Information Architecture vs. Management Information Architecture Organize and describe content Metadata Structure Relationships Inputs Knowledge Management team Librarians Content owners Subject matter experts (SMEs) Outcomes Site map (navigation) Taxonomy Search Targeting (audiences) Information Architecture SharePoint http://intranet HR Benefits Finance Vacation & Sick Day Tracking Financial Performance Expense Reports Information Architecture vs. Management Information Architecture Organize and describe content Metadata Structure Relationships Inputs Knowledge Management team Librarians Content owners Subject matter experts (SMEs) Outcomes Site map (navigation) Taxonomy Search Targeting (audiences) Management Manage the content & service Access levels (permissions) Lifecycle Storage Inputs Information management policies IT usage policies Regulatory environment SLAs Outcomes Access levels Records management Compliance Performance Service Architecture PRODUCTION FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Search Metadata My Sites Finance Remote LoB App Research & Development CRM Test Farm http://apps http://teams http://intranet Site Collection / Engineeri ng HR Site Collection Site Collection Site Collection Site Collection HR Engineering Finance Expense Reports Search Metadata My Sites Finance WWW Extranet WWW Extranet SharePoint http://intranet HR Finance Vacation & Sick Day Tracking Benefits Financial Performance Expense Reports PRODUCTION FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Search Metadata My Sites Remote LoB App Research & Development CRM Finance WWW Extranet WWW Extranet Four-Step Process to ARCHITECTING GOVERNANCE Architecting Governance Architecting Governance Architecting Governance Management controls and scopes FARM Zone WEB APPLICATION Service Application CONTENT DATABASE SITE COLLECTION Top-Level Site List or Library [Folder] Subsite Item or Document Subsite Architecting Governance Sites, lists, libraries, and folders FARM Zone WEB APPLICATION Service Application CONTENT DATABASE SITE COLLECTION Top-Level Site List or Library [Folder] Subsite Item or Document Subsite Architecting Governance More Details about ARCHITECTING GOVERNANCE Architecting Governance Requirements and Classification Business Business purpose of the solution Technical Project Budget, deadlines, etc. Information architecture How content is described, organized and discovered Information management How content is created, secured, maintained, and disposed of Service management IT assurance: performance, availability, recovery SLAs and SLOs Requirements to Architecture Business Requirements Information Classification Information Architecture Information Management Policies Information Management Requirements Technical Requirements Solicited Service Management Requirements Service Architecture Derived Architecting Governance Requirements multiple web apps Blocked file types DNS namespace (URL) Web site service isolation Web server: server isolation Application pool: process isolation Classic Mode or Claims Based Authentication Self-service site creation, automatic deletion of unused sites More requirements multiple web apps SharePoint Designer controls Impact of upgrade Multiple scopes Functional web applications (http://apps) not upgraded immediately Business applications in this SharePoint web app have specific functionality They meet business requirements without upgrade Features that are installed to support these applications take time to upgrade Collaborative web sites, intranet, and services upgraded immediately Take advantage of new features of SharePoint vNext Service application connections and configuration Requirements multiple zones Anonymous access Anonymous policy SSL Authentication providers User policy Guidance: Web apps and zones INTRANET: published intranet content http://intranet COLLABORATION: business unit, department, team, project http://teams EXTRANET: collaboration with customers, vendors & partners http://extranet Zone: https://clients SOCIAL: enterprise social networking and personal content http://people PUBLIC WEB SITE http://www APPS: functional business applications (expense report) http://apps SIGNIFICANT LINE OF BUSINESS APPLICATION http://<LOB> e.g. http://CRM Requirements Multi-farm architectures Code isolation Dev / Test / Staging / Production Access Public-facing web site Extranet in Cloud: Partners & Customers We don’t have a test farm? No… You don’t have a production farm! Geoperformance Collaboration farm(s) with team sites Feature and process isolation Enterprise SharePoint farm with intranet and enterprise services Enterprise services: search, metadata, social (User Profiles, My Sites) Premium farm(s) for custom applications Consider the implications SLAs Chargebacks Upgrade to vNext Requirements multiple site collections Ownership Primary & secondary site collection administrators (Central Admin) The owner and secondary owner attributes of a site collection Full control of site collection + receive site collection email notifications Administration Site collection administrators as defined in the site collection Full control of site collection Quotas Locks SharePoint Designer restrictions Features Sandbox Solutions Search settings Audit settings User & group management Multiple scopes Content lifecycle example FARM http://teams HR Benefits Finance Benefits Page Benefits http://intranet HR Finance Benefits Page Requirements multiple content databases Storage Management Location of database Which SQL Server(s) host the database Storage platform Redundancy Clustering Mirroring Storage platform features Backup SLAs How long it takes to back up data Recovery SLAs How long it takes to restore data RTO and RPO PowerShell delegation Remote BLOB Storage (RBS) is enabled per content database with FILESTREAM provider Architecting Governance Architecting Governance Architecting Governance Architecting Governance The Great Divide Management requirements more “containers” Web applications Site collections Content databases Out-of-box features scoped to a single site collection Navigation Add a subsite, navigation links created automatically Content management Site columns and content types apply to a subsite Administration Audit reports pull audit information from an entire site collection “Behind the scenes” FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Finance Presentation to the user SharePoint http://intranet HR Benefits Finance Vacation & Sick Day Tracking Financial Performance Expense Reports Overlay Information Architecture ► Navigation – Manually-configured Quick Launch and top link bar (global navigation) – Custom link lists (advantage: security trimmed) – Custom or third-party navigation controls – SPXmlContentMapProvider Navigation FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Expense Reports Site Collection Site Collection Site Collection HR Engineering Finance Finance Presentation to the user SharePoint http://intranet HR Benefits Finance Vacation & Sick Day Tracking Financial Performance Expense Reports Overlay Information Architecture ► Navigation – Manually-configured Quick Launch and top link bar (global navigation) – Custom link lists (advantage: security trimmed) – Custom or third-party navigation controls – SPXmlContentMapProvider ► Search-Based Navigation Administration PRODUCTION FARM http://apps http://teams http://intranet Site Collection / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Search Metadata My Sites Finance Remote LoB App Research & Development CRM Test Farm http://apps http://teams http://intranet Site Collection / Engineeri ng HR Site Collection Site Collection Site Collection Site Collection HR Engineering Finance Expense Reports Search Metadata My Sites Finance WWW Extranet WWW Extranet Overlay Administration ► Administration “single pane of glass” across – Site collections – Web applications – Farms ► For… – Manage access, audit, manage groups – Deploy content ► PowerShell ► Third-party administration tools Architecting Governance IN SUM… Architecting Governance Requirements to Architecture Business Requirements Information Classification Information Architecture Information Management Policies Information Management Requirements Technical Requirements Solicited Service Management Requirements Service Architecture Derived SharePoint http://intranet HR Finance Vacation & Sick Day Tracking Benefits Financial Performance Expense Reports FARM http://apps http://teams http://intranet Site Collection Remote LoB App http://teams http://CRM WWW Extranet http://www http://clients / HR Engineering Site Collection Site Collection Site Collection Site Collection Expense Reports HR Engineering Finance Finance GOVERNANCE People Policy SERVICE Technology Process GOVERNANCE MANAGEMENT SERVICE Resources ► TechNet – Governance resource center • http://technet.microsoft.com/en-us/sharepoint/ff800826.aspx – Governance features • http://technet.microsoft.com/en-us/library/cc262287.aspx – Plan for Software Boundaries • http://technet.microsoft.com/en-us/library/cc262787.aspx ► [email protected] ► @danholme ► www.sharepointpromag.com – Articles & weekly newsletter ► Questions & Answers ► Please submit your evaluations! Enrol in Microsoft Virtual Academy Today Why Enroll, other than it being free? The MVA helps improve your IT skill set and advance your career with a free, easy to access training portal that allows you to learn at your own pace, focusing on Microsoft technologies. What Do I get for enrolment? ► Free training to make you become the Cloud-Hero in my Organization ► Help mastering your Training Path and get the recognition ► Connect with other IT Pros and discuss The Cloud Where do I Enrol? www.microsoftvirtualacademy.com Then tell us what you think. [email protected] © 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. (c) 2011 Microsoft. All rights reserved. Resources www.msteched.com/Australia www.microsoft.com/australia/learning Sessions On-Demand & Community Microsoft Certification & Training Resources http:// technet.microsoft.com/en-au http://msdn.microsoft.com/en-au Resources for IT Professionals Resources for Developers (c) 2011 Microsoft. All rights reserved.