Frank,
Your best bet would be to harden the exchange server (yeah, I know it is
next to impossible to harden a MS product), install SSL certificates on it,
and set up Outlook Web-Access. Put this machine behind a firewall, which
would only allow HTTPS traffic to come through, no HTTP, and you should be
fine. Your communication will be encrypted, and the machine will only be
accessible via HTTPS protocol. If you can put this machine behind an AG
(proxy-based firewall like Raptor), it would be your best bet, because that
should protect it from the many IIS exploits, and ensure the integrity of
the machine.
Your only true difficulty in this scenario would be to educate the users
to use https:// ;)
-Igor Gashinsky
At 10:34 AM 2/29/00 -0500, you wrote:
>Hello all,
>
>The organization is studying the idea of allowing access the the corporate
>Exchange server via the Internet - going through IIS via an SSL connection
>first.
>
>Can this be done securely? Has anyone done this? What problems are
>likely to be encountered?
>
> Thanks,
> Frank
>
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
