Security Basics mailing list archives
Re: Exchange Server and External Access
From: salgak () speakeasy net
Date: Mon, 25 Aug 2003 16:38:16 +0000
-----Original Message----- From: Cherian M. Palayoor [mailto:cpalayoor () cwalkergroup com] Sent: Friday, August 22, 2003 11:53 PM To: security-basics () securityfocus com Subject: FW: Exchange Server and External Access Thanks for the suggestions. Based on the feedback so far, there appears to 2 school of thought.... Solution 1) Have Exchange setup in a FE/BE configuration with the FE in the DMZ and the BE in the internal LAN. Have the FE poll the BE through a secure link using SSL. Problem : Too expensive, requires Exchange Enterprise and not to mention Windows Advanced Server. Also it may not resolve the problem as what I am primarily hoping to achieve here is faster access time. We presently have to traverse through a WAN cloud and 2 firewalls to get to the Internet and the DMZ. Solution 2) Move the Exchange Server to the DMZ and set it up either as an OWA or POP3 Server. Problem : This would affect internal user access speed and also the OWA option would negatively impact users fed on a diet of Outlook's convenience. Is it possible to run a third part Server like possibly Sendmail to front end Exchange ?
Unless you know EXACTLY what you're doing, I'd stay FAR away from Sendmail. The performance dropoff of a mail server in the DMZ is negligible, and OWA allows the same access as Outlook does with the exception of Personal File Folders. Why not set it up as both OWA and POP3: that way, your users can use the mail client of their choice OR a WWW interface when their box is not nearby. . . --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- Re: Exchange Server and External Access, (continued)
- Re: Exchange Server and External Access salgak (Aug 22)
- Re: Exchange Server and External Access Tony (Aug 22)
- FW: Exchange Server and External Access Cherian M. Palayoor (Aug 25)
- Re: FW: Exchange Server and External Access chort (Aug 26)
- RE: Exchange Server and External Access Depp, Dennis M. (Aug 25)
- RE: Exchange Server and External Access Gregory M. Brown (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 25)
- RE: Exchange Server and External Access McGill, Lachlan (Aug 25)
- RE: Exchange Server and External Access Nick Duda (Aug 26)
- Re: Exchange Server and External Access salgak (Aug 26)
- RE: FW: Exchange Server and External Access Cherian M. Palayoor (Aug 26)
- Re: FW: Exchange Server and External Access Gabriel Orozco (Aug 26)
- RE: Exchange Server and External Access Hay, Duane (Aug 26)
- RE: Exchange Server and External Access Aditya [Aditya Lalit Desgmukh] (Aug 27)
- Re: Exchange Server and External Access Valery Baranov (Aug 26)
- RE: Exchange Server and External Access Nero, Nick (Aug 26)
- RE: FW: Exchange Server and External Access Cherian M. Palayoor (Aug 26)
- Re: FW: Exchange Server and External Access Gabriel Orozco (Aug 27)
- RE: FW: Exchange Server and External Access Cherian M. Palayoor (Aug 27)
- Re: FW: Exchange Server and External Access some guy (Aug 27)