SharePoint Internet Sites – Performance Optimization for IT Professionals

If you have read the introduction to this articles series, you will know that Web Sites implementation should be done by an etherogenous team. A senior and clever system administrator should be part of this team.


Well, first of all SharePoint needs to be installed (this is easy) and configured (this is not always easy). I should say it should be configured well, with security and performance in mind. And this, believe me, is not easy at all.

This cannot be a guide to SharePoint configuration (I suggest you get a book on this topic, where you will find valuable information on each and every configuration topic).

But anyway I would like to point-out something you should consider especially within public web sites projects.

Network I/O

This may seem obvious, but a low network throughput is one of the most frequent reasons why you get slow response time (and unsatisfied users!).

As a system administrator you are not always in charge of network connectivity, especially when the web site is hosted by an ISP. But as an expert, you should always give suggestions to your customer and be prepared to test the network connectivity, defining metrics and possibly a baseline that you will use for simulations when you will perform stress tests.

Sometimes, though, you control part of the network of the hosting system: maybe not the peripheral segment, but the internal segment is often on your control.

Here you may suffer from a very high latency in server-to-server communication. Please, do not use a 10/100 cable to connect your SharePoint servers to the SQL backend!

And even if the network connectivity between the servers is considered good in low traffic conditions, you should consider isolating the SharePoint farm and its SQL back-end in a private subnet, maybe planning for multihoming. This way you will reduce the “noise” that other services could introduce into the network traffic, preventing contention with the packets that the SharePoint services generate.

The Microsoft Windows Performance Monitor is a great tool that can help you investigate these issues. Combining HTTP traffic reports generated by a Fiddler session can also be a valid aid, although you need some elaboration over the data you will collect.

Disk I/O

Network connectivity is not the only point you should pay attention to: disk I/O may be another bottleneck if you buy a 99$ external hard drive for your SQL data files!

As usual, you need some capacity planning beforehand, as well as some baseline and some support tool.

I would suggest you take a look at these two valuable resources related to capacity planning and SQL I/O subsystem measurement:



Your web site will, probably, be accessible to anonymous users and to authenticated users as well.

What is the authentication authority you are going to use? The answer to this question may require some special consideration, since it may involve SSL protection (SSL is secure, but it adds some overhead due to traffic decryption) or the connection to an external authentication authority you trust.

The claims based authentication that SharePoint 2010 supports in centered on the concept of security tokens that are typically saved as cookies and, as such, passed back and forth increasing the requests payload: if you start playing with claims augmentation and have dozens of claims assignable to users, your security token size will increase accordingly.

And this is just about user-to-server authentication.

But you should remember that the SharePoint servers, the SQL servers and potentially any other service you are using on the server side usually requires authentication: this authentication happens on the server side only, is typically based on Windows identities, may be claims based, may be based on NTLM or Kerberos authentication. Some of these settings are not depending on the configuration you may apply, some other settings are completely under your responsibility (NTLM vs Kerberos is one example… and you are choosing Kerberos, right?!!).

Taking these considerations to the extreme (not so extreme, believe me) sometimes you end up with a domain controller within your network segment, so that you reduce the latency that is caused by authentication requests. Maybe you do not need this kind of topology, but this should give you an idea of how performance optimization is an extremely hard topic that requires a wider knowledge than the basic SharePoint configuration 🙂


Needless to say, you will need to scale because a single-box server will hardly be enough for a heavy load web site.

Talking about scaling, you know that you have the option of either:

  • Increase the resources of server (scaling-in)
  • Add additional servers

In the first case, you should have a deep knowledge of what type of resources should be multiplied: do you need additional RAM? Faster CPUs? Additional disk space as a support for a more aggressive blob caching (I’m going to talk about blob caching later within another article of this series)? This list could continue…

In the second case, you should decide what you are going to duplicate. In other words, if you add servers you need to know which server roles you want to be redundant (which may add fault tolerance, together with performance improvements!) .

Sometimes you need to add a balancer (hardware or software) in front of your servers. This is the case for your web front end servers: without a NLB in front of them, who will instruct the client requests to be routed somewhere different than the single server you had before? 🙂

SharePoint Internet Sites – Performance Optimization

SharePoint has evolved over times. There’s been a significant step forward with the release of Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007, and several architectural improvements we all can see now, when the 2010 wave has been widely adopted by customers worldwide.

From a Web Content Management perspective, MOSS 2007 brought into the SharePoint family the former MCMS 2002 product, which was modified in order to make it an integral part of the SharePoint platform.

Since then, a constantly increasing number of web sites have been developed on top of MOSS 2007 and, now, on top of SPS2010 (at the risk of being redundant, I have to name as a stunning example).

Web sites, especially those who will be visited by hundreds of thousands of users, need special considerations up-front, starting with the architectural phase where the global components and services are envisioned and planned.

During this early steps, a team needs to be created so that every single aspect of the web site implementation is taken into account.

You need a deep understanding of the network and server infrastructure you are going to put in place, as well as solid knowledge of the HTML/CSS/JS standards on which you will be building the pages that will be presented to the final user. And… well, you will be developing something custom (SharePoint is a platform, not a complete and ready-to-use product, isn’t it?), and you need to do this special attention, trying to minimize the server load to make it possibly scale-out and reach a wider audience with service continuity.

That’s why this series of articles tries to categorize some best practices you need to be aware of when designing and building public, internet facing web sites, and the categorization I’m going to propose is based on your role on the project: either you are an ITPRO, a Web Designer or a Developer, there’s something you should think about within this particular kind of projects.

Enough for an introduction, let’s start with some real world insight!