When this is done, is this "enough" security? I'm looking at setting up OWA, and trying to figure out the best security setup. Money is a huge issue (non-profit org), so I'm looking at
1) Open port 80 to internal Exchange system 2) Open port 443 (SSL) to internal Exchange system 3) Set up a front end server 4) Use ISA publishing Where/how should/could a VPN fit into this? Any other issues I should think about? Thanks, Erick > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > Anthony Sollars > Sent: Tuesday, January 20, 2004 10:58 AM > To: Exchange Discussions > Subject: RE: EX2003 OWA Front End or ISA Publishing for security > > > Yes it sure is, this is the MS best practice. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Ken > Cornetet > Sent: Tuesday, January 20, 2004 10:34 AM > To: Exchange Discussions > Subject: RE: EX2003 OWA Front End or ISA Publishing for security > > Yes, publishing OWA through ISA server (standalone, not part of a > domain) is more secure than using a FE server. Last I checked, this is > actually what Microsoft recommends. > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Jean-Francois Bourdeau > Sent: Tuesday, January 20, 2004 1:04 PM > To: Exchange Discussions > Subject: EX2003 OWA Front End or ISA Publishing for security > > > Hi > > I would like to know that most of you think about using ISA to Publish > OWA 2003 instead of having a Front End Server ? > > If we don't have a lot of user and that the only reason we > won't a Front > End is for security, I try to convince my customer to user > the ISA they > have. > > IF a Front End Server is compromise and a hacker have access to it, do > you agree with me that because that front end server talk to the back > end exchange, it's making life easy for the hacker to access the > internal exchange and internal network ? > > Web Publishing through ISA is a lot more secure I think ? > > Thanks > > JF > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t ext_mode=& lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
