We agree on security as a journey. We seem to disagree about putting an application on a DC. Exchange especially. Will it work? Yes. But the tradeoffs in that situation can be distasteful from an operational and security point of view if security, flexibility, scalability, and availability are o
Security a goal? It's more of a journey where the destination is "we didn't get hacked this week (month/year)"BTW, I wasn't saying that it's the worst idea ever to put e-mail on a DC (if it's a GC it will save you the journey for authentication), but in an organization where you have 2+ sites (and
Hmm... I'm becoming more and more convinced that security on any platform is more of a goal than a destination anyway :)
Putting other apps on a server that is designed to be a security server is not best practice on any platform SBS or not. SBS exists because it makes more economic sense than mo
Granted external FTP isn't one that SBSers recommend either and we're
freaking out going WHAT ARE YOU THINKING? as well.
As we say down here we don't get hacked... we get stupid.
Tim Vander Kooi wrote:
It's not speed or resources that scare most of us when it comes to
sharing DC space wit
It's not speed or resources that scare most of us when it comes to
sharing DC space with other apps, it's security. With SBS Microsoft has
(at least in theory) covered most of those security bases for the admin.
The last time I allowed another admin to install FTP on a server he
inadvertently put n
