Metalogix Replicator for SharePoint transfers can automatically encrypt Replication Packages based on your SharePoint infrastructure with little or no additional Replicator configuration. Network administrators have complete control over the level of encryption used for Replicator and are assured that the encryption used for replication traffic is the exact same encryption that is used for other client transactions on their web applications.
Although Replicator and SharePoint both do not directly encrypt their respective traffic, they are built on Internet Information Services (IIS), which encrypts the traffic. This encryption is supported by both SharePoint and Replicator through the HTTPS protocol.
Replication Packages
As changes are made in SharePoint, Replicator captures these as events and extracts the changes into Replication Packages. These packages are stored on disk as zip files that contain proprietary wrappers that further protect the SharePoint changes from being read.
When the target web application downloads a Replication Package from the source where the package was created, it requests the package from a virtual directory created in the IIS web site for the web application. Authorization and encryption for these downloads are managed directly by IIS.
Encrypting Transfers using HTTPS
Due to its unique design, Replicator leverages the security configuration of the underlying SharePoint platform. When the web application, and its IIS web sites, are created to use Secure Socket Layer (SSL) all traffic to and from the web application is automatically encrypted.
For example, after capturing a change on https://corporateoffice, a Replication Package is created in https://corporateoffice/_layouts/.../Replicator/Export/package.zip. The target web applications are notified that the package is available for download and then download the package using Microsoft BITS. BITS downloads the package, which is automatically encrypted by IIS running on the Corporate Office farm. When the target server finishes downloading the package, it then decrypts the package for use on the target. As the package is being transferred between the source and target farms, it is encrypted and protected.
This encryption and decryption is done entirely by IIS running on the source farm and the client, BITS, on the target farm. By building on the SharePoint and IIS platform and using industry standards such as Transport Level Security (TLS) and Secure Socket Layer (SSL), the encryption technology is understood by security administrators and can be configured to meet their requirements. Other replication solutions may offer similar, but proprietary, encryption capabilities, but without the ability to configure encryption to meet your needs.
Encrypting Transfers using Secure VPN
Companies with offices in multiple geographies can "ensure that browser-based access for external users is secure, well-managed and supports complete functionality without creating vulnerabilities1" by using a secure VPN solution. Secure VPN solutions, ensure all users and servers connected with VPN have secure and encrypted access to each other. In these environments, all traffic sent through the secure VPN connection is automatically encrypted, without requiring any changes in SharePoint or its underlying platform.
Secure VPN solutions allow network administrators to create a single comprehensive security solution for their clients, without requiring specific changes and configuration in SharePoint. Replication Package transfers that are sent over the secure VPN connection are automatically encrypted by the VPN solution.
1For more information, see How to Select an SSL VPN for Remote Access to Microsoft SharePoint Portal Server 2007 (http://download.microsoft.com/download/F/0/2/F0229C11-B47E-4002-A444-60207C6E11F5/SSL%20VPN%20for%20SharePoint-WP-200702.doc).
© ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz Cookie Preference Center