I see discussion of people putting an OWA server on a DMZ then poking holes
in the FW to allow access to the exchange server. Why not just nat the
address of the OWA server and leave it on the internal LAN? Use SSL and
allow only 443 through the firewall to the OWA server. Microsoft White
Paper hints that this is a much cleaner solution then putting the OWA on a
DMZ. What security reasons are there for the OWA on a DMZ? Seems like it
takes more management and configuration to get the OWA on the DMZ to work
and you have to open more ports on the FW and it really doesn't provide
anymore security.
Shawn Lawson
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
