Agenda

#SUGDC

Who are we? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant scott.hoag@appliedis.com

Dan Usher @binarybrewery Booz Allen Hamilton Incorporated Lead Associate usher_daniel@bah.com

#SUGDC

Phones silenced, phasers set to stun Ask questions

Housekeeping

#SUGDC

Planning SKU Overview and Licensing SLA Authentication Security & Compliance

Office 365 Overview

#SUGDC

Office 365 Software Description http://www.office365sd.com

Office 365 Deployment Guide http://technet.microsoft.com/en-us/library/hh852466.aspx

Office 365 Advanced Deployment Guide http://technet.microsoft.com/en-us/library/hh852483.aspx

Deployment Readiness Tool https://onramp.office365.com/onramp/

Planning

#SUGDC

SKU Overview and Licensing

#SUGDC

SKU Overview and Licensing

#SUGDC

Office 365 is treated as a component of Microsoft’s online services 5 day prior notification for scheduled maintenance 99.9% Uptime Percentage Pods and Failover Service Credits

Service Level Agreement

http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=6535

#SUGDC

“Any period of time when users are unable to read or write any portion of a SharePoint site collection for which they have appropriate permissions.”

What is considered downtime?

#SUGDC

Cloud Identity Directory and Password Synchronization Federation

Authentication Options in The Cloud™

#SUGDC

Identity Scenarios

Cloud Identity

Single identity in the cloud with no integration to on-premises directories

Directory & Password Synchronization 

Single identity and credentials

Federated Identity

Single federated identity and credentials

#SUGDC

Certified for ISO 27001 EU Model Clauses Data processing agreement HIPAA Business Associate Agreement FISMA Moderate Family Educational Rights and Privacy Act

Security & Compliance

Office 365 Trust Center

#SUGDC

What is included? Social

SkyDrive Pro, Newsfeeds, Community Sites/Portals External Users

Sites Project Sites, Collaboration Sites/Portal

eDiscovery

Search Business Intelligence Apps Workflow

#SUGDC

Application Development Apps! Apps! Apps! Use SharePoint components Surface remote data Offload business logic Access SharePoint list data Make SharePoint a portal for other applications Integrate SharePoint with Office applications and services

Apps for SharePoint overview

#SUGDC

Authentication All in The Cloud™ Hybrid Cloud™ and on-premises

#SUGDC

Branding Design Manager Change the Look Dynamic Navigation Search Engine Optimization

#SUGDC

Enterprise Metadata Taxonomies and Folksonomies are not shared Information architecture dictates where content lives

Similar content can (and should) be managed together Customizations & Dashboards for targeted content should be managed in a single environment Think segmented, not shared

#SUGDC

Information Rights Management Applied to files at the list and library level Relies on the Windows Azure Active Directory Rights Management (Windows Azure AD RM) IRM applies only to files that are attached to list items, not the actual list items. Encryption is supported for

PDF The 97-2003 file formats Word, Excel, and PowerPoint The Office Open XML formats for Word, Excel, and PowerPoint The XML Paper Specification (XPS) format

#SUGDC

User Profiles Each environment could host a User Profile and My Site for each user

Recommend that users have a single My Site and a single User Profile.

DirSync is unidirectional Leverage Trusted Host Locations Tags and Notes are unique to each environment

#SUGDC

SharePoint 2010 and Office 365 Search Not possible to share indexes Limited options

One search center with side-by-side results Two search centers with separate results

Best bets can help (point to external sources) Not possible to consume O365 Federated results on-premises It is possible to browse to the raw federated results feed from an O365 Search Center

#SUGDC

SharePoint 2013 and Office 365 Search Authentication Topologies

Supported Functionality

One-way outbound SharePoint Server 2013 Search services can query SharePoint Online site collections and return federated results to SharePoint Server 2013 Search

One-way inbound SharePoint Online Search services can query SharePoint Server 2013 site collections and return federated results to SharePoint Online Search

Two-way (bidirectional) Both SharePoint Server 2013 and SharePoint Online Search services can query site collections in the other environment and return federated results

#SUGDC

SharePoint 2013 and Office 365 Search

#SUGDC

SharePoint 2013 and Office 365 Search

#SUGDC

SharePoint 2013 and Office 365 Search

#SUGDC

Reverse Proxy Requirements The device must support

Certificate authentication using a wildcard or SAN X.509 certificate as the client certificate Allow pass through of OAuth 2.0 redirection-based authentication Preservation of request headers

If the internal and external URLs of your on-premises SharePoint Server 2013 are different, the device must support path mapping and link translation. Forefront Threat Management Gateway (TMG) 2010 is the only reverse proxy device for which specific configuration guidance is available. Microsoft Unified Access Gateway (UAG) is not supported for use as a reverse proxy device in hybrid environments that require certificate authentication.

#SUGDC

SharePoint 2013 and Office 365 Search On-premises AD DS domain in a forest that has a Windows Server 2008/Windows Server 2008 R2/Windows Server 2012 forest functional level An on-premises server for

AD FS 2.0 Microsoft Online Services Directory Synchronization tool

An operational on-premises SharePoint Server 2013 farm that has each of the following: An Enterprise Search site collection configured with a public external URL An SSL certificate issued by a public root authority An App Management Service Proxy A Subscription Settings service application A Search service application

An Office 365 Enterprise plan (E1/E3) A reverse proxy device with an Internet connection that permits unsolicited inbound traffic An Internet domain and access to DNS records for the domain

#SUGDC

Business Intelligence Topologies

One-way inbound Two-way (bidirectional)

Use App or External list to access data from SPO to your on-premises environment BCS Service brokers OData service endpoints Can be configured to support full CRUDQ functionality

#SUGDC

Autohosted Apps Contains one or more Windows Azure Web Sites SharePoint provisions and deploys for you Launched from a SharePoint 2013 host web May also include

SharePoint components on an app web Windows Azure SQL Server database

Windows Azure Access Control Services (ACS) brokers OAuth Requests

#SUGDC

Migration Tips SharePoint Migration Tools

Out in the hallway… be sure to ask about full fidelity of metadata Migration Techniques and Strategies

Phased typically works better… Fab 40 - not available… don’t try

Let the Exchange folks go first J

questions

#SUGDC

Who are we again? Scott Hoag @ciphertxt Applied Information Sciences Infrastructure Consultant scott.hoag@appliedis.com

Dan Usher @binarybrewery Booz Allen Hamilton Lead Associate usher_daniel@bah.com