Using Zones
It's common to have both public and private information on SharePoint sites. To avoid confusing users, I usually create separate web applications for sites shared to the world (www), partners (extranet), and internal to the company (intranet).
All three may be available over the Internet; the separation is there to let users know that when they upload something to www or extranet, folks outside the company can see it; and when they upload to the intranet, it is shared only within the company.
In that scenario, I create separate web applications with their own content databases and unique permissions. That separation is easy to understand, but it sometimes requires that files be copied from one web site to another.
You can avoid that by using zones to create different views of a single web application. Figure 13-9 shows a single web application (wombat0) with zones for Intranet, Internet, and Extranet. Each zone has its own URL used to access it, but the zones all map to the same web application and content.
Each zone can have its own set of members, security policy, and even authentication mode, which effectively lets you create a different experience for each entry point. Table 13-11 summarizes how that works for the zones shown in Figure 13-9.
Table 13-11. Using zones to create different experiences for a single web application
Zone | URL (entry point) | Login | Experience |
|---|---|---|---|
Internet | None; Windows authentication with anonymous access enabled | Everyone ... |