Educause Security Discussion mailing list archives
Re: ISA Server for Exchange?
From: Russell Fulton <r.fulton () AUCKLAND AC NZ>
Date: Sat, 20 Sep 2008 09:56:20 +1200
First a disclaimer -- I am not an expert on things MS... We have recently been through the same issues and this is my understanding of it: Preferred remote access by outlook to an exchange server is RPC over HTTP. The simple minded approach to this is to open up port 80/443 on your exchange server to the world and ... The problem is that this exposes your *all* exchange server's RPC services to the world. You are vulnerable to any bugs that can be exploited via RPC, effectively you are exposing port 135. Enter ISA, this acts as a proxy for incoming RPC requests and can filter out those not explicitly need for Outlook to access mail. Russell On 19/09/2008, at 11:51 AM, Connie Sadler wrote:
I am told that we need an ISA Server for Microsoft Exchange. I am asking for the Reader's Digest condensed "english" explanation, but I am having a hard time getting it. :) Can anyone here offer an explanation that will help me to create a business case for this - for a non-technical audience? There is a lot of info on the web, but nothing pops out as useful. I need a translation from techno-speak to executive business need. Thanks! Connie Sadler CISO, Lucile Packard Children's Hospital at Stanford
Current thread:
- ISA Server for Exchange? Connie Sadler (Sep 18)
- <Possible follow-ups>
- Re: ISA Server for Exchange? Russell Fulton (Sep 19)