RE: Setting UP Microsoft OWA

["DeGennaro, Gregory" <Gregory_DeGennaro () csaa com>]

I do not know why you want to do this?

A)  86%+ of malicious activity comes from internally.
B)  Dedicated machines for single processes is recommended unless you have a
4th generation SUN computer in which you have hardware domains.

Have you tried configuring the IIS server for (2) OWA processes?

I am still skeptical about this because you should have an Internet hardened
OWA server in DMZ or a Whale Communications e-GAP server or some sort of
webmail proxy in the DMZ.  And then have your internal OWA sever inside your
internal LAN.  Or accept the risk of a potentially crackable system, even
with SecureID because OWA does not protect the client side where most of the
cracking takes place.


Greg

-----Original Message-----
From: Wright, Bill [mailto:bwright () ny whitecase com] 
Sent: Wednesday, June 18, 2003 1:28 PM
To: security-basics () securityfocus com
Subject: Setting UP Microsoft OWA

We have an OWA server in the DMZ that is integrated with SecureID for
outside
users to check their email, but if we access that page internally we also
get
the secureid prompt even though were "trusted".  Is there a way to set up
two
websites with OWA running on the same server, 'outside' requests would
prompt
for secureid and the 'inside' requests wouldn't.  Thanks for all the help.

Bill
Infrastructure Engineer



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------