We're going to establish VPN access to few Internal LAN servers. Could you
help with the following questions:
(1) Should we allow mail access, via VPN (SecuRemote), to our mail server
which are in our Internal LAN,
or should we define a special mail server on DMZ ? how we can
synchronize between DMZ and Internal
servers ?.
(2) We have Exchange mail servers which do NOT use pop-3, but use several
unpredictable ip ports.
I also understand that these "Microsoft" protocols cause very poor
performance, Doesn't it ?.
Which ports should I open to allow mail access to exchange servers ?,
what can I do to improve the Exchange's
connection performance ?.
(3) Should we keep mail folders on our mail servers, or locally on the PC ?,
How could we synchronize it ?.
(4) In order to access Internal LAN servers via VPN we can:
* Define it locally on each PC - Management problem.
* Define it on our DNS Server - Information can be used by unwanted
users.
* Use IP Address - Not user friendly.
Which from the above are the best way ?. or may be there is another one
?.
Thanks for your answers....
Arie Gilboa
Information Security Manager
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
