If
you're putting a FE server in your DMZ, you might as well take the DMZ out of
the picture. You are punching far too many holes in your FW to even
consider it a FW in this scenario...
List Charter and FAQ at:-----Original Message-----
From: MHR(Michael Ross) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 11:25 AM
To: MS-Exchange Admin Issues
Subject: RE: domainOk, but if you have an exchange server, or ISA server on your DMZ, how to you equate it to the production domain?A front end exchange server would have to be in your production Domain.. I would think you would dual home the server, and thus done properly would give you some protection on your production domainbut if you have internal clients, putting them in your domain is more secure than putting them in some obscure workgroup right?Then you can use domain policy to lock them down, track activity and so forth right?List Charter and FAQ at:-----Original Message-----
From: Erik Sojka [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 10:19 AM
To: MS-Exchange Admin Issues
Subject: RE: domainThat's a wide open question. Are you talking for an internal network or just for a DMZ deployment?A box in the DMZ should be in its own separate thing (domain or WG, doesn't matter which). If that box gets compromised, then the damage is only limited to that box. The attacker doesn't also get access to the production domain or any other DMZ boxes.List Charter and FAQ at:-----Original Message-----
From: MHR(Michael Ross) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 11:17 AM
To: MS-Exchange Admin Issues
Subject: domainCan anyone settle a bet?I have a coworker who is saying a workgroup is more secure than a domain, I say its the otherway around.He is also betting me that any servers setup in your DMZ should be setup in workgoups and not domains...List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
http://www.sunbelt-software.com/exchange_list_charter.htm
