Educause Security Discussion mailing list archives

Re: ISA firewall for exchange

From: "Miller, Don C." <donm () UIDAHO EDU>
Date: Wed, 18 Feb 2009 13:16:53 -0800

Gary, we treat all clients as untrusted and require RPC over HTTPS
(Outlook Anywhere) for everyone.  This allowed us to only provide access
to HTTPS from any location which was required for Outlook Web Access
anyway.  All other traffic is blocked via ACLs and firewall techniques.

Don Miller
University of Idaho

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Flynn
Sent: Wednesday, February 18, 2009 6:36 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] ISA firewall for exchange


We're getting ready to bring up Exchange and all Microsoft's
documentation recommends protecting it from direct Internet
exposure with ISA or a similar application firewall.

Thoughts?


-- 
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

Current thread:

ISA firewall for exchange Gary Flynn (Feb 18)
- <Possible follow-ups>
- Re: ISA firewall for exchange Miller, Don C. (Feb 18)
- Re: ISA firewall for exchange Adam Carlson (Feb 18)