Re: Recommendations for Installing Exchange
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 08/23/04
- Next message: Ken Schaefer: "Re: More Authorization Questions"
- Previous message: Ken Schaefer: "Re: Win 2003 & Exchange 2003e"
- In reply to: Evan: "Recommendations for Installing Exchange"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 23 Aug 2004 11:40:24 +1000
You should be able to put Exchange behind the firewall - to communicate with
the outside world, port 25 will need to be open (for inbound connections).
Port 110 is for POP3, so unless your clients are outside the firewall, and
downloading mail using a POP3 client, you do not need this port open.
Exchange also has OWA (Outlook Web Access) which is a web based method for
people to check their mail. If you want to use this, your Exchange server
will need port 80 (HTTP) or port 443 (HTTPS - SSL secured connections - I
recommend this strongly).
Anyone that tells you that running a server is a security risk, or is "very
insecure" without telling you /what/ you are trying to defend against is
doing you a disservice. Security is about managing risk. You need to know
what the risk are, and whether you can afford the consequences of one of
these risks coming true. What are you trying to protect against? Someone
stealing your data? Someone taking over your server? Someone using your
server to relay spam?
In terms of running Exchange, it's probably best to put it on its own
server. But, if you can't afford a separate server, put it on one of your
existing boxes. Again, you need to decide whether you can do this properly.
If a separate box is not going to have RAID, a UPS etc, then put it on one
of your existing boxes, and make sure that the existing box has redundant
hard disks (RAID), UPS, proper backups etc. For 30 users, I doubt Exchange
is going to put much of an additional load on your existing servers.
Cheers
Ken
"Evan" <yeah@right.com> wrote in message
news:313001c48729$e2e083b0$a301280a@phx.gbl...
>I also posted this in the Exchange Server 2003 Setup
> newsgroup, but I wanted to get a good consensus, so I'm
> posting here too:
>
> On my network I have 1 PDC w/ a few other services running
> such as Software Update Services and Symantec Antivirus
> Corp. I also have a Secondary DC that runs a restricted
> ftp/web server. Both servers are running Windows Server
> 2003. There are a little over 30 client machines all
> running XP Pro. All clients and servers are behind a
> FreeBSD based firewall connected to the internet through a
> business DSL line. I would not like anyone be able to
> easily gain access to any of my systems or information.
> However, there is no sensitive information, and so if they
> did it would not be a HUGE problem.
> My question is this... I've heard that mail servers can be
> very insecure. I am thinking about installed Exchange
> 2003. I just wanted to get some input on where I should
> deploy it. I would really like to put it on my primary DC,
> but if it is going to be a big security risk I can put it
> on my secondary. If even putting it on my secondary isn't
> recommended, I can get a third computer to run it off of,
> but I'd really like to not do that unless it will
> compromise the network too much to do otherwise. Another
> question I had is whether or not the computer I install it
> on can stay behind the firewall (with ports 110 and 25
> forwarded of course), if I need to put it in the DMZ, or
> if it needs to go in front of the firewall altogether.
> I have never really used exchange before, and I'm sort of
> looking forward to it, but I wanted to make sure about all
> of this first. I would really like to do this tonight so
> that it can be up and running by tomorrow, so if anyone
> can quickly respond I would very much appreciate it. Thank
> you for your help and your time.
- Next message: Ken Schaefer: "Re: More Authorization Questions"
- Previous message: Ken Schaefer: "Re: Win 2003 & Exchange 2003e"
- In reply to: Evan: "Recommendations for Installing Exchange"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
