Educause Security Discussion mailing list archives

Re: Sharepoint servers and Exchange servers

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Wed, 6 Feb 2008 16:55:53 -0500

On Wed, 06 Feb 2008 16:29:29 EST, "Cheek, Leigh" said:

Is having Sharepoint servers and Exchange servers in the same firewall
zone a wise security choice?  Because the access level will be different
for those two types of systems, I am of the opinion that you would be
unnecessarily opening your Exchange servers to greater risk. What do you
think? What other risks or advantages do you see to being in the same
zone?


If you put them in two almost but not totally identical zones, you're just
increasing the chances that a screw-up will result, either in breaking
something in a difficult-to-diagnose way, or opening up an actual exposure.

Consider the "reducto ad absurdum" take on this - imagine you have 15 Exchange
servers, with different constituencies on them.  Some have your C-level execs,
some have engineers, some have paper-pushers, some have random employees.  Do
you want to park each one in its own little firewall zone?  Probably not,
because managing 15 zones will probably come back to haunt you...

Attachment: _bin
Description:

Current thread:

Sharepoint servers and Exchange servers Cheek, Leigh (Feb 06)
- <Possible follow-ups>
- Re: Sharepoint servers and Exchange servers Valdis Kletnieks (Feb 06)
- Re: Sharepoint servers and Exchange servers Shane Bishop (Feb 06)
- Re: Sharepoint servers and Exchange servers Cheek, Leigh (Feb 07)