Cloud

SharePoint Hybrid Architectures Introduction

Hybrid SharePoint environments combine deployments of SharePoint on premise with SharePoint Online. There are many different flavors of hybrid scenarios. In this post I will walk you through some of the terminology and explain the different options.
The goal of any hybridization is to leverage the strengths of both parts, while minimizing the components’ weaknesses.  Hybrid SharePoint environments enable organizations to realize a higher degree of flexibility than forcing a choice between either an on-premises or cloud model.  Organizations can start to achieve the benefits associated with the use of cloud computing coupled with the customization, flexibility, and tight data governance of an on-premises system; while delivering a consistent experience to users.
IC713121Although cloud solutions are most certainly recommended, the cloud simply does not work for every organization and every scenario. There are going to be workloads that are not perfect fits for the cloud. In those instances, it’s totally ok to leave those workloads on premise. Here are some scenarios where hybrid solutions are useful:

  • Rapid provisioning of new workloads on Office 365 while maintaining existing on-premises workloads
  • Organizations wishing to migrate workloads from an existing on-premises environment to the cloud over time in a phased approach
  • Organizations wanting to supplement their cloud environment with additional features or customizations which are currently only possible on-premises
  • Compliance or data sovereignty reasons which might stipulate certain data be hosted in a particular location
Microsoft - The Essential Guide to Microsoft Teams End-User Engagement
The Essential Guide to Microsoft Teams End-User Engagement

We take you through 10 best practices, considerations, and suggestions that can enrich your Microsoft Teams deployment and ensure both end-user adoption and engagement.

Get the Guide

SharePoint Online offers many features which can aid an organization in deploying a robust hybrid environment. Most hybrid environments today will utilize SharePoint 2013 on premise. All of the information you will find on TechNet will be specific to the 2013 version. For purposes of this post, that’s where we’ll focus, however we do have customers utilizing hybrid environments with SharePoint 2010 and 2007.
A hybrid SharePoint environment can enable enterprise users to:

  • Search for content in both SharePoint Server 2013 and SharePoint Online at once
  • Interact with on-premises business data from SharePoint Online
  • Access corporate SAP systems from SharePoint Online
  • Seamlessly access files and data in both SharePoint Server 2013 and SharePoint Online

Additionally, a hybrid SharePoint environment can provide greater flexibility in your content management strategy by allowing you to keep sensitive data on-premises while migrating other content to the cloud.
Microsoft supports 3 types of Hybrid topologies for SharePoint:

FunctionCurrent ProcessFuture ProcessImpacted
Security and Digital Identity – Compliance (KYC)The Know Your Customer (KYC) regulation is an integral part of global anti-money laundering (AML) efforts. Compiling and maintaining these databases is expensive for financial services; this can lead to duplication of effort and can delay transactions.If digital identities are recorded on a blockchain shared ledger, an individual can add devices to their identity and add authorization to transact on their behalf. Verifiable and robust identities, cryptographically secured
blockchain technology could provide a single digital source of ID information, allowing for the seamless exchange of documents between banks and external agencies. This would likely result in automated account opening and reduced resources and costs, while maintaining the legally required privacy of data.
All financial services firms, payment card networks, regulators
Cross-border PaymentsCross-border payments use SWIFT messaging. Fees are leveraged by multiple intermediaries.BBVA cleared a real money transfer between Spain and Mexico in minutes. One-fee
Smart contracts can be coded to reflect any data-driven business logic. For example:
•Cross-border transactions
•Digitalizing letters of credit
•Loan repayments
Consumer banks, commercial banks
Clearing & SettlementCentralized clearing and settlement for all financial instruments. Settlement can take from days to weeks, depending on the complexity of the transaction.Settlement can be done in minutes using blockchain.

A fundamental advantage of a distributed ledger system, in which no single company has control, is that it resolves problems of disclosure and accountability between individuals and institutions whose interests are not necessarily aligned. It gives each member of the network far greater and timelier visibility of the total activity.

DTCC has already proven that complex post-trade events inherent to credit default swaps (CDS) can be managed with distributed ledger technology in a permissioned, distributed, peer-to-peer network.
Investment banking, asset management, corporate banking, hedge funds, ForEx trading, clearinghouses, central banks, regulators
Transfer of Ownership (Contracts, Titles)Transferring title of a property or negotiating contractual terms for financing, funding and loads is a long and onerous process with multiple intermediaries, include the legal profession.Securities based on payments and rights that are executed according to predefined rules can be written as smart contracts.

A smart contract is any contract that can automatically enforce itself without the need for a trusted intermediary. Any contract can be a smart contract if the terms of the contract can be automated. The blockchain assures that everybody is seeing the same thing at the same time, which negates the need for trust.
All banks, legal profession, real estate industry, regulators
Asset ManagementEach party in the trade lifecycle (e.g., broker dealers, intermediaries, custodians, clearing and settlement teams) currently keeps its own copy of the same record of a transaction, creating significant inefficiencies and room for error.Blockchain technology would provide an automated trade lifecycle in which all parties to the transaction would have access to the exact same data about a trade. This would lead to substantial infrastructural cost savings, effective data management and transparency, faster processing cycles, minimal reconciliation, and a reduced need for brokers and intermediaries.Asset management banks, broker-dealers, custodians
Smart Assets (Supply Chain/Trade Finance)Primary pain points for supply chain firms are: no visibility of payments, long payment schedules, demand management.Blockchain provides a system of trusted records that addresses all three.
Digitizing letters of credit and bills of lading facilitates a smart asset tracking system. Tracking assets that are rich in data can be turned into information for corporate clients.
Financing firms, supply chain industry
LendingMultiple intermediaries and fees for bank loans, mortgages, credit card debt, government bonds, muni bonds, asset-back securities Both loan and collateral can be stored in a blockchain. A smart contract can automatically revoke access to the collateral if the terms of the loan are broken.

Debt can be issued, traded and settled on the blockchain. Improves small business lending and lending for the unbanked (Approx. 2bn – World Bank).
Commercial banking, consumer banking, payment card network, money transfer services, telecommunications, regulators
FundingFunding and investing in an asset, IPOs, dividends, capital appreciation, rental incomePeer-to-peer financing, recording of corporate actions, automatic payment of dividends, smart contracts for title registries. Contracts that monitor the performance of digital or non-digital assets can also be used as futures, forwards, swaps, and options.Investment banking, corporate banking, real estate, legal
InsuranceManaging risk, derivatives, insuring assetsDecentralized markets for insurance, more transparent derivativesInsurance, risk management, brokerages, corporate banks, clearinghouses, regulators
GovernanceAccounting for valueA distributed ledger will mean real-time audit and financial reporting capabilities. Transparency of the blockchain improves regulatory management.Audit, asset management, regulators, banks
Recording and storing transactions and custodyCentralized recording and storage of financial assets, currencies, commodities for all types of accounts Cryptographic mathematical equations and immutable blockchain secures recording and storing of all transactions. Will reduce need for typical financial services accounts (brokerage, checking, savings, etc.).Consumer banks, Investment banks, brokerages, asset management, regulators

A one-way inbound hybrid topology enables SharePoint Online to request data from a SharePoint Server 2013 web application. In order for inbound data connections to occur, a web application in the SharePoint Server 2013 must be published to the Internet with an internet-routable URL. This requires the deployment of a reverse proxy device that is configured to securely accept the inbound connection and relay the request to SharePoint Server 2013.
Conversely, a one-way outbound hybrid topology only supports trusted connections from SharePoint Server 2013 to a SharePoint Online web application. Because web applications in SharePoint Online are already configured with an internet-routable URL, SharePoint Server 2013 can connect directly through an existing corporate firewall or forward proxy like any other request to an Internet server.
One-way outbound: An outbound authentication topology lets the on-premises SharePoint Server 2013 farm make authenticated connections to SharePoint Online. Connections to SharePoint Online that originate from SharePoint Server 2013 are referred to as outbound connections.
1

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
One-way inbound: An inbound authentication topology lets SharePoint Online make authenticated connections to the on-premises SharePoint Server 2013 farm. Connections to SharePoint Server 2013 that originate from SharePoint Online are referred to as inbound connections.
2

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Two-way: A two-way authentication topology lets SharePoint Online make authenticated connections to the on-premises SharePoint Server 2013 farm, and lets the on-premises SharePoint Server 2013 farm make authenticated connections to SharePoint Online.
3

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Each available hybrid solution requires a specific hybrid topology. Your choice of which hybrid topology to use is based on a combination of what you need to do, the solution you need, your on-premises SharePoint architecture, and the desired user experience. For example, if you want users of your on-premises SharePoint Server 2013 farm to see both local and SharePoint Online results, you might only need a one-way outbound hybrid topology. If you want users to see both sets of search results regardless of the location of the search portal, you will need a two-way topology.
Before you make a decision, collect and consider the information that will frame your business requirements, such as:

  • Do your users need to be able to search, find, and use on-premises content and data while they’re in the field or at a branch office?
  • Do your remote users need to securely access data from existing on-premises business systems?
  • Is it more cost effective to deploy a hybrid environment, or move your SharePoint content and applications to the cloud entirely?
  • Are there legal or regulatory considerations that could affect your decision on where to store business data?
  • Does your SharePoint Server 2013 farm contain custom code that cannot be easily migrated to SharePoint Online?

As is true for the rollout of any major technology solution, the successful deployment of a hybrid environment is largely dependent on the thoroughness of the design and planning process. You should carefully consider and clearly define your requirements and business goals, and review the constraints of your existing SharePoint environment. Also, take time to consider the technical requirements of deploying and managing the different hybrid topologies. Informed by this information, you can decide which SharePoint hybrid solution or solutions are appropriate for you, and which topology is required to support them.
For more information, contact Perficient and one our certified cloud specialists can help you deploy a SharePoint Hybrid environment. Also, visit TechNet for more details on the above information. Stay tuned to this blog for more information, I’ll be writing more in depth blogs on Hybrid Architectures.

About the Author

More from this Author

Thoughts on “SharePoint Hybrid Architectures Introduction”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Subscribe to the Weekly Blog Digest:

Sign Up