RE: domain

[Ben Winzenz]

Title: Message

But if you are interested in security at all, you don't put an Exchange server on your DMZ.  Or any box that has to authenticate with the internal domain, for that matter.  It is just dumb.  Even with FE/BE, you don't need to put the FE server on the DMZ.  You would enable SSL and open port 443 to that server.

Ben Winzenz
Network/Systems Administrator
Peregrine Systems

-----Original Message-----
From: MHR(Michael Ross) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 10:31 AM
To: MS-Exchange Admin Issues
Subject: RE: domain

Ok, but if you have an exchange server, or ISA server on your DMZ, how to you equate it to the production domain?

A front end exchange server would have to be in your production Domain.. I would think you would dual home the server, and thus done properly would give you some protection on your production domain

but if you have internal clients, putting them in your domain is more secure than putting them in some obscure workgroup right?

Then you can use domain policy to lock them down, track activity and so forth right?

-----Original Message-----
From: Andy David [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 10:24 AM
To: MS-Exchange Admin Issues
Subject: RE: domain

Domains are more secure.

Workgroups in DMZs.

 

-----Original Message-----
From: MHR(Michael Ross) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 30, 2002 11:17 AM
To: MS-Exchange Admin Issues
Subject: domain

Can anyone settle a bet?

 

I have a coworker who is saying a workgroup is more secure than a domain, I say its the otherway around.

He is also betting me that any servers setup in your DMZ should be setup in workgoups and not domains...

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

------------------------------------------------------------------------------
The information contained in this email message is privileged and confidential information intended only for the use of the individual or entity to whom it is addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copy of this message is strictly prohibited. If you have received this email in error, please immediately notify Veronis Suhler Stevenson by telephone (212)935-4990, fax (212)381-8168, or email ([EMAIL PROTECTED]) and delete the message. Thank you.

==============================================================================

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm