What is the purpose of zones in sharepoint? (web application zones or authentication zones or how do they call it)

Question

I can't understand the concept and, first of all, where it belongs. Is it solely a Shrepoint concept or more general like of ASP.NET or IIS level? Does it only affect authentication and if so how does it affect it? Or what effect does it have on an application? I know it is a broad question, but I've googled for about 15 minutes and haven't been able to find the answer. And it is kind a not so critical for me now but I'm curious.

Can you please give a link to a resource with an explanation of this? Thanks!

@Edit: I mean zones like in Authentication Provider : Forms Zone : Intranet (Internet, Default)

@Edit: From what I've understood by now the zones have to do with the association of IIS web applications with sharepoint web applications, and with site collections for that matter. So for example you can extend a web application creating a new IIS web application but from sharepoint's point of view it is just another URL pointing to the same web application with the same set of site collections. And the extension IIS web application can have a different sharepoint zone associeted with it (or thay can be the same zone) providing a way to use a different authentication methods for different access points of the same sharepoint application.

Am I right here?

Answer 1

it allows you to have different access from different urls with different security.

This allows you to set "Windows Authentication" for Intranet, "Form Authentication" for the extranet and "Form Authentication with allow anonymous" for the Internet.

The cache settings are also different depending on the zone. You can configure the cache to behave differently depending on which zone you are.

So far, those are the main differences for the different zones (including 3 different public url available).

Answer 2

Each "zone" is essentially a new IIS Website, where each of the web sites point to a single Application Pool. Theses are also called extensions. Application pools in IIS create complete thread isolation by running separate worker proccesses.

Any Web application can be extended into multiple zones. Extending a Web application to additional zones allows users to access the same Web site through separate and independent URLs, each with its own Web.Config file and IIS application scope. Each zone is configured with its own load-balanced URL (protocol, host header, and port). This allows, for instance, one Web application to make use of many configurations including multiple authentication stores, caching scenarios, content databases, or custom HTTP modules.

Basically it allows you to treat a single site differently based on what URL is used to access the site. What is important to keep in mind is the aspect of Load Balancing, caching and content databases.

If you have a local intranet that will have, say, 500 internal users and want to extend that site so that you allow external users, say in the thousands, then these features will allow you to separate content and load balancing to limit physical access to specific servers, use custom HTTP Modules for specific zones to create unique sign on rules based on these groups of users.