Re: Outlook web access

["David Glosser" <david_glosser () yahoo com>]

We use apache in our DMZ configured as a reverse proxy to talk to an Inotes
server (Inotes is lotus' equivalent of OWA).
Same principle.  We also required users to authenticate through our firewall
via web authentication (checkpoint fw1)
before accessing the reverse proxy server.  This prevented the reverse proxy
server from having to deal with nimda,
code red, etc. ( I don't know if this option is available with other
firewalls).
HTH
David Glosser

----- Original Message -----
From: "Jennifer Fountain" <JFountain () rbinc com>
To: "Marc Suttle" <marc.suttle () anidirect com>;
<security-basics () securityfocus com>
Sent: Friday, February 28, 2003 3:28 PM
Subject: RE: Outlook web access


I don't know of any utility that you could use to do this; however, maybe
you could use a reverse proxy.  ISA  (although it is $1000 or so for the
license.  There are open source proxies but I haven't tested them) works
well for us.  You could configure additional security on the ISA server or
your firewall.

HTH
Thank you
Jenn Fountain



-----Original Message-----
From: Marc Suttle [mailto:marc.suttle () anidirect com]
Sent: Thursday, February 27, 2003 1:21 PM
To: security-basics () securityfocus com
Subject: Outlook web access


Hello list,
Real quick question.  I was wondering if there are any open source
utilities that will install to apache that will allow outlook web access
from the dmz to an internal exchange server.

My setup is this:


internet-------fw---------internal lan--------exchange 5.5 mail server
                -
                -
                -dmz------apache web server-------


I would like to have some kind of login for the users at the apache level on
the dmz that would interact with the exchange server on the internal
network.  Any input if this was clear is appreciated.  Basically I do not
want to allow any communications from the outside to the internal network.

Thanks,

Marc