ginal Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: 08 November 2009 23:29
To: MS-Exchange Admin Issues
Subject: Re: E2k3 Security Question
Yeah, that's a different thing than putting an FE in the DMZ. I'll ask
him to reconsider his recommendation - we've had pre
-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Sunday, November 08, 2009 2:55 PM
To: MS-Exchange Admin Issues
Subject: Re: E2k3 Security Question
Can you tell me more about the 'reverse proxy in front of OWA' and 'internet
facing edge appliances'? Does they support
Yeah, that's a different thing than putting an FE in the DMZ. I'll ask
him to reconsider his recommendation - we've had preliminary
discussions regarding this, but the final report isn't ready to be
presented to management. I can live with introducing ISA into our
environment, preferably in the DMZ
rt SMTP.
> The firewall rules break it.
>
> -
> Sent from my BlackBerry Wireless Handheld
>
> - Original Message -
> From: Kurt Buff
> To: MS-Exchange Admin Issues
> Sent: Sun Nov 08 12:54:36 2009
> Subject: Re: E2k3 Security Question
.
-
Sent from my BlackBerry Wireless Handheld
- Original Message -
From: Kurt Buff
To: MS-Exchange Admin Issues
Sent: Sun Nov 08 12:54:36 2009
Subject: Re: E2k3 Security Question
Can you tell me more about the 'reverse proxy in front of OWA' and
'inter
t; front of OWA (this is E2K3). I expect E2K7 to be similar.
>
> I realize this may not work for everyone but it is our model.
>
> -
> Sent from my BlackBerry Wireless Handheld
>
> - Original Message -
> From: Peter Johnson
> To:
realize this may not work for everyone but it is our model.
-
Sent from my BlackBerry Wireless Handheld
- Original Message -
From: Peter Johnson
To: MS-Exchange Admin Issues
Sent: Sun Nov 08 11:12:04 2009
Subject: RE: E2k3 Security Question
Microsoft
Thanks for this. I had just found your blog entry in the list archives
mere moments ago, after more searching. I'll take this in hand to the
meetings we're having, and push back on it.
Kurt
On Sun, Nov 8, 2009 at 10:24, Simon Butler wrote:
> That consultant needs to be asked how putting a fronte
That consultant needs to be asked how putting a frontend server improved the
security of your network.
When you get the answer, please post back, because no one has given me a good
reason why. I ask everyone the same question when they ask how to do it, and no
one can answer it.
I can give yo
Microsoft's recommendation has always been to put the Front end server/CAS role
directly into your network behind the firewall rather than in the DMZ. The
reasoning behind this is related to how many holes you have to punch in the
internal firewall to allow RPC access from the FE/CAS roles to th
10 matches
Mail list logo