STP Nairobi: Michael Noel’s ‘The Ultimate SharePoint Infrastructure Best Practices Session’

Michael's session at STP Nairobi (AKA SharePoint Saturday Nairobi) was dedicated to "best practices around setting up SharePoint."

Michael NoelBeginning with the topic of architecting the farm, Michael said that it's "most important to understand that there are three tiers of infrastructure": the Web tier, the data tier, and the Service Applications tier (the "middle tier"). "You need to architect your environment around these three tiers of SharePoint infrastructure."

Regarding architecting the farm, Michael explained that small farm models include all-in-one instances (everything on a single server; avoid this model), and instances of having the database roles and SharePoint roles on separate servers. The smallest "highly available" farm involves four servers: two SharePoint servers, and two database servers, allowing for failover. The best practice is six servers: two Web servers, two database servers, and two servers dedicated to Service Apps. The ideal is to have your Service App farm and content farm separate (six servers total) and thus have the ability to update and patch servers individually.

Michael pointed out that large SharePoint farms are highly scalable with multiple servers dedicated to each tier.

Moving on to SharePoint server virtualization, Michael explained that virtualization allows you to be much more flexible in your architecture. A single-server virtualized environment allows for a test environment in even smaller organizations. In larger organizations with a two-server highly available farm, you'll enjoy high availability across hosts and all components virtualized. An increasingly common approach is a mix of physical and virtual servers, where the highest transaction servers are physical. Michael pointed out that virtualized environments are just as scalable as are physical ones.

Michael said that "the key to proper virtualization is to ensure that you have the proper amount of resources allocated to each of the hosts" (processor, available memory, network bandwidth, network latency, etc.).

"Before you deploy SharePoint," he said, "you need to understand that each site collection can only exist in a single content database." In 2010, "SharePoint stores things in full," so spread out the data via distributed content database design. Michael advises that you "architect around scalability when you're setting up SharePoint." "Remote BLOB Storage (RBS) allows you to take the BLOBs and put them somewhere else," (somewhere outside of your content database, that is) which shrinks your content database accordingly.

SQL Server optimization involves setting up multiple files for SharePoint databases: the DB-A file, the DB-B file, and the tempdb file. This approach is just one example of how you can boost performance levels.

It's "highly recommended [that you] pre-size your content databases and tempdb files to avoid fragmentation."

Michael shared that it is "another best practice to Implement SQL Maintenance Plans, [which will] keep the databases from becoming corrupt."

Speaking to high availability and disaster recovery (HA and DR), Michael said that there are lots of new options in SQL Server 2012, such as AlwaysOn Availability Groups. These Groups include synchronous-commit (which combines clustering and mirroring), as well as an asynchronous-commit option. Michael noted, however, that using AlwaysOn requires enterprise licenses for both Windows and SQL Server 2012.

Touching on the topic of network load balancing at the Web tier, Michael said that it's supported using both hardware-based load balancing as well as software-based load balancing (via Windows Network Load Balancing).

"From a security perspective," said Michael, "there are a lot of layers of security that aren't natively supported in SharePoint." There are five layers of SharePoint security: infrastructure security (the best practice is to implement Kerberos authentication); data security (it's recommended that you implement Role-based Access Control); transport security (SSL certificates are the most critical, as "it's important to encrypt that traffic"); edge security ("use a tool to secure inbound connections to your SharePoint environment"); and rights management (restricting what someone can do once they've gained access to a document).

There was no DNS server available, so Michael was unable to demonstrate failover as intended, so he used his remaining time to engage in an extended Q&A, addressing specific, environment-based issues that attendees were experiencing, and helpfully providing custom-tailored recommendations in each case.


Sharing the Point Africa Tour is made possible through the generous sponsorship of Colligo.


All sessions on the STP Africa Tour:

All SharePoint Versions

The web parts are functional components that extend your SharePoint environment whether it’s hosted, on-premises, or part of Microsoft® Office 365.

SharePoint 2013, 2016, 2019, Online (Office 365)

On-Premises Only

These web parts extend SharePoint beyond its out-of-the-box capabilities by tailoring it to your requirements with Bamboo Solution’s growing portfolio of SharePoint Web Parts.

SharePoint 2013, 2016, 2019


Product Suites

Experience greater power and savings by bundling our SharePoint apps and web parts.

Essentials Suite

Essentials Plus Suite

Bamboo Premier Suite

Project Management Suite

Knowledge Management Suite

External User Manager


For more information on our product suites, contact us.

Featured Services

SharePoint Health Check

A SharePoint Health Check will identify the causes of issues and risks associated with your specific environment, and is custom tailored to provide you with the best recommendations to optimize your SharePoint environment.

SQL Health Check

Document recommendations relating to performance, stability, availability, or a specific focus you request of your SQL Server database instances.

My SharePointXperts

The truth is that each SharePoint skill may not be a full time job for many organizations, and it is nearly impossible for one person to do everything you need – so augment your team with SharePointXperts; providing the skill sets you need when you need them!