Is Outlook Anywhere secure?

[Andre Pawlowski <sqall () h4des org>]

Hi list,

I have to build an Exchange 2010 service for my company and have some
concerns about Outlook Anywhere (RPC over HTTPS). With Outlook Anywhere
everyone of our company should have access to their Exchange Mailboxes
through the internet.

So my question is: Is Outlook Anywhere secure? I mean, you shouldn't
open RPC on your server for the outside and in my understanding RPC
tunneled through HTTPS is just the same.

We want to use TMG for checking the incoming traffic to the Exchange
servers. But I doesn't find anything about that the TMG checks the
incoming RPC in the Outlook Anywhere connection. I only read the TMG
extracts the RPC over HTTPS and forwards the RPC to the Exchange servers.

Has anyone an idea or some hints for me?

-- 

Andre Pawlowski

-------------------------------------------------------------------

If you could be God's worst enemy or nothing, which would you choose?
        -Chuck Palahniuk

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------