RE: DMZ, OWA and Exchange 5.5 questions

[Rick Ward - HQ]

Title: Message

it is an option.. however be aware this version is very IIS patch aware. If you're not running the latest, most current patches, you might run into more trouble that you wish you hadn't. I found problems in my testing as we have sites that are not on the most current patches(yet).

 

Nice thing about SECUREIIS is that it doesn't care... you didn't even need any patches if you don't want too.. We do.. but the eEye engine doesn't really care.. It's already guarded against those vulnerabilities.

 

-----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:57 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

Neat!

 

Also for E2K:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309677

 

-----Original Message-----
From: Dan Yarrow [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:56 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

That areticle seems to be posted after the original versions.  In the install of ver 2 its simply an option you select for "Microsoft Exchange OWA system"

-----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 15 January 2002 07:49
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

Just be aware:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q309508

 

 

 -----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:45 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

On your OWA server?

 

 

-----Original Message-----
From: Dan Yarrow [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:46 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

orrrr you could just use URLScan and IISLockdown from Microsoft for nothing.. :)

-----Original Message-----
From: Rick Ward - HQ [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 15 January 2002 07:01
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

100% agree with Mr. William..

I also recommend a product for IIS called SECUREIIS by eEye.com. It works very well with IIS 4.0/5.0 and protects against virtually any DOS/Hack attacks. Costs about $800 per server, and very reasonable for what it does. MS is looking at it as well. Between that, SSL and a Firewall you can be assured you're very well protected... Only thing better would be Apache on OpenBSD, but that's another can-o-worms.

-Rick
-----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 11:55 AM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions

You don't really gain anything putting the OWA part in the DMZ.  OWA acts as what I call "MAPI-by-proxy" so the number of holes you need to punch in the internal firewall basically denigrates your DMZ.

William

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 11:49 AM
To: MS-Exchange Admin Issues
Subject: DMZ, OWA and Exchange 5.5 questions

greetings

Has anyone set up OWA in a DMZ, where the server that OWA resides on is not part of the domain on the internal network?  Is this possible?  We're using NT 4 with Exchange 5.5, latest sp for those versions.

We're in the process of scoping out whether this can be done and have been looking through technet, Slipstick, Swynk and a few other sites but haven't really found the answer.

tia for any input or guidance.

Patrick Ribbons

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm