Deployment Guide

citrix.com

Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide2013 Deployment Guide

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

2

Table of ContentsOverview 3 SharePoint Hybrid Deployment Overview 3 Workflow 4 StepbyStepConfigurationonCitrixNetScaler 6 Summary 12 Appendix 12

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

3

Overview Office365isMicrosoft(MS)OfficedeliveredasSaaS.ThisdeploymentguideprovidesguidanceonahybridsolutiontodeployOffice365withCitrixNetScalerandimprovetheefficiencyand performance of the solution. A hybrid deployment enables customers to retain necessary modules within their datacenter whilemakingtherestofthedataavailablethroughthecloud.With Identify federation and trusted communication between SharePoint Online and SharePoint 2013 Server, a hybrid solution also offers a seamless user experience for the end user. When a customerestablishesthistrustframework,integratedfunctionalitybetween services and features such as Search, Microsoft Business Connectivity Services, and Duet Enterprise Online for Microsoft SharePointandSAPcanbeconfigured.

Ofthethreetopologiesforhybriddeployment,recommendedbelow,Onewayinboundandtwoway,requiredeployingareverseproxysolution.

• One way Outbound: On-premises SharePoint Server 2013 Enterprise Search portal can reach out toSharePointOnline(PartofOffice365)butviceversaisnottrue

• One way inbound: SharePoint Online search portal can reach out to On-premises deployment but vice versa is not true

• Twoway:On-premisesSharePointServer2013EnterpriseSearchportalandSharePointOnlinesearch portal can reach out to each other

Inonewayoutboundthetrafficfloworiginatesfrominternalnetworkanddoesnotrequireareverseproxytowork.However,whenthetrafficcomesfromoutsidetotheinternalnetworkandaspertheMicrosoftguidelines,areverseproxyisrequired.TheNetScaler® reverse-proxy solution is notonlythebestintheindustry,butalsoenablesusecaseslikeidentityfederationandsingle-sign-on in these deployments.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

4

Prerequisites• SharePoint 2013 Enterprise • NetScaler10.5

Product Version and License

Product VersionNetScaler 10.5

NS license Any

SharePoint 2013

Workflow sphybridlab.onmicrosoft.com https://portal.onmicrosoft.com/admin/defualt.aspx administrator / Passw0rd

User Office 365 tenantNetScaler

1. User logs on to Office 365 and submits a search query

Office 365 sends consolidated results of online and On-Premises search

On premises SharePoint Server

3. ADC sends request to SharePoint server

4. Search response

2. NetScaler ADC receives search request and performs certificate based authentication

5. ADC forwards response to Office 365

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

5

Topology ThefollowingdiagramshowsthetopologyoftheMicrosoftsite,withsamplevalues.AreverseproxydeviceisusedbetweenSharePointfarmandInternet.Hybridfeatureisconfiguredtousethesecure store service. Reverse Proxy is used to publish the end point for share point.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

6

Step by Step Configuration on Citrix® NetScaler1. Create a SharePoint Server.

2.CreateaservicegroupfortheMicrosoftSharePointserver.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

7

3.ConfigureaTCP,HTTP,orHTTP-EVCmonitor.

4.Importtheservercertificate.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

8

5.ImportaCAsigningcertificatechain(forexampleDigiCert-CA3,DigiCert-RootCAandBaltimore-RootCA).

6.CreateavirtualserverfortheSharePointHybridfeature,listeningonport443.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

9

7.Specifyaloadbalancingalgorithmandcookiepersistency.

8.Bindtheservercertificateandsigningcertificate(asaCAcertificate).

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

10

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

11

9.IntheConfigureSSLParamsdialogbox,enableclientauthentication.

10.Createarulethatresetstheconnectioniftheclientcertificatesubjectnamedoesn’tmatchthecorrectdomain(forexample,*.sphybridlab.com).

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

12

WiththisSSLpolicyandactionNetScalerwillverifyincomingSSLconnectionhavingthecorrectcertificateissuedtothespecificdomain.ThiswillensureNetScalerrejectsaconnectionattemptifthecertificateCNfielddoesnotmatchwithdomainandtherebyimprovingthebottomlinesecurity.

Summary ReverseproxydevicesplayaroleinthesecureconfigurationofahybridSharePointServer2013deploymentwheninboundtrafficfromSharePointOnlineneedstoberelayedtoanon-premisesSharePoint Server 2013 farm.

FollowingaresomeofthebenefitsofdeployingaSharePoint2013hybridenvironmentwithNetScaler:

1. Pre-authentication of Internet users while search queries are sent to on-premises SharePoint 2013 servers

2. MonitoringandAnalysisofsearchrequestswithNetScalerpolicyframeworkandwebinsightmodules

3. Secureendpointforinboundtraffic,usingSSLencryptionandclientcertificateauthentication4.Integratedcachingandcacheredirectiontooptimizesearchperformance5.Datacompressiontominimizelatency6.Best-in-industrynetworkattackpreventionandapplicationfirewallsolutionsincludingURLfiltering

Appendix • http://technet.microsoft.com/en-us/library/jj838715(v=office.15).aspx• http://technet.microsoft.com/en-us/library/dn607304(v=office.15).aspx

1014/PDF

Corporate HeadquartersFortLauderdale,FL,USA

Silicon Valley HeadquartersSantaClara,CA,USA

EMEA HeadquartersSchaffhausen,Switzerland

India Development CenterBangalore,India

Online Division HeadquartersSantaBarbara,CA,USA

Pacific HeadquartersHongKong,China

Latin America HeadquartersCoralGables,FL,USA

UK Development CenterChalfont,UnitedKingdom

About CitrixCitrix(NASDAQ:CTXS)isaleaderinmobileworkspaces,providingvirtualization,mobilitymanagement,networkingandcloudservicestoenablenewwaystoworkbetter.Citrixsolutionspowerbusinessmobilitythroughsecure,personalworkspacesthatprovidepeoplewithinstantaccesstoapps,desktops,dataandcommunicationsonanydevice,overanynetworkandcloud.ThisyearCitrixiscelebrating25yearsofinnovation,makingITsimplerandpeoplemoreproductive.Withannualrevenuein2013of$2.9billion,Citrixsolutionsareinuseatmorethan330,000organizationsandbyover100millionusersglobally.Learnmoreatwww.citrix.com.

Copyright©2014CitrixSystems,Inc.Allrightsreserved.CitrixandNetScaleraretrademarksofCitrixSystems,Inc.and/oroneofitssubsidiaries,andmayberegisteredintheU.S.andothercountries.Otherproductandcompanynamesmentionedhereinmaybetrademarksoftheirrespective companies.

Deployment Guide

citrix.com

NetScaler and SharePoint Hybrid

13