Re: Exchange implementation
- From: "Asher_N" <compguy666@xxxxxxxxxxx>
- Date: Fri, 13 Jan 2006 08:47:27 -0800
ISA-Exch BE. Publish Exchange through ISA. Don't let anybody tell you
otherwise, ISA is as stable and secure a firewall as anything else out
there.
[rant]Remember, there ain't no such thing as a 'hardware' firewall. It's
just a specialized computer with an embeded OS. The firewalls are always
software.[/rant]
I use the ISA-Exch solution and I've never had a problem.
"=?Utf-8?B?Ym1hbg==?=" <bman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:03B3A2FE-BD9F-4BB7-8E6D-776203D94621@xxxxxxxxxxxxx:
> Thanks for the quick reply.
>
> Our organization is a finacial institution. So security is a major
> factor. We have about 75 employees. I need a cost effective solution.
> What do you think is the best senerio?
>
> Thanks
>
> "Mark Arnold [MVP]" wrote:
>
>> On Fri, 13 Jan 2006 07:14:01 -0800, "bman"
>> <bman@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>
>> >Hello,
>> >
>> >Got some general exchange questions. I want to use exchange for my
>> >email solution. I am looking at a couple senerios for deployment. I
>> >want to be able to allow employess to to use OWA. I also want my
>> >enviroment to be secure. I am looking at using a front-end back-end
>> >solution. From the research I have found it looks like the most
>> >secure. I am also looking at just putting the exchange server in the
>> >DMZ without the FE-BE solution. If I just put the server in the DMZ
>> >what kind of limitations will I have and what kind of risks does
>> >that pose for my email service?
>> >
>> >With OWA will the employess still have and be able to create
>> >personnal folders when accessing over the internet?
>> >What kind of limitations will we have with the calendar using OWA?
>> >
>> >If you can point me to some articles, that would be great!
>> >
>> >Thanks for your time.
>>
>> Putting the Exchange server in the DMZ is about the most insane and
>> insecure thing you could do, so it's probably worth discounting that
>> idea.
>>
>> If you want to be secure then you use a 3 box solution. ISA - FE -
>> BE. If you don't have enough users to justify 3 boxes and don't want
>> to use the ISA for other purposes (firewall, proxy etc.) then port
>> forward 443 from the firewall to the FE and put that in a different
>> VLAN. Use IPSec between FE and BE.
>> If you want to use ISA and don't want three boxes then use ISA and a
>> BE, dispense with the FE. Publish SSL on the ISA and have it
>> re-encrypt to the BE.
>> See www.isaserver.org for some help. Also see
>> www.microsoft.com/exchange/library for the FE/BE configuration guide.
>>
>> By all means stop by here again with a supplementary question when
>> you have decided which route you wish to take.
>>
>
.
- References:
- Re: Exchange implementation
- From: Mark Arnold [MVP]
- Re: Exchange implementation
- Prev by Date: Re: Moving to SBS - advice
- Next by Date: Re: Moving to SBS - advice
- Previous by thread: Re: Exchange implementation
- Next by thread: Re: Moving to SBS - advice
- Index(es):
Relevant Pages
|
Loading
