Firewall Wizards mailing list archives
RE: Exchange Questions
From: "Frank W. Keeney" <FKeeney () hsa com>
Date: Mon, 17 May 1999 07:37:55 -0700
If that machine is compromised they have access to your internal net. If it's in the same MS domain then you make it too easy for a potential intruder to gain access to all your internal MS hosts. IMHO all host with services accessible from the Internet should be in the DMZ (or service network). Windows NT hosts such as Exchange or web servers should be in their own MS Domain. Then setup a one way MS Domain trust so the external domains trust the internal domains but not the other way around. I've setup FW1 in the past with seven Ethernet ports. One for each "external" host. This was for a client where security was critical. +++++++++++++++++++++++++++++++++++++++++++++++++++++++ Frank Keeney, Network Services, Home Savings of America +1 626-814-5080 mailto:fkeeney () hsa com +++++++++++++++++++++++++++++++++++++++++++++++++++++++ ---------- From: cschuttg () winning-strategies com [SMTP:cschuttg () winning-strategies com] Sent: Thursday, May 13, 1999 2:00 PM To: firewall-wizards () nfr net Subject: RE: Exchange Questions I can't think of one. We have our Exchange server on the trusted net and set the firewall to forward those packets on port 25 to the address of the Exchange server. Works fine and protects the server the most. -----Original Message----- To: firewall-wizards () nfr net Subject: Exchange Questions If I was setting up a DMZ, using Firewall-1, what advantage would there be if I put my Exchange server & Email connector outon the DMZ?
Current thread:
- Exchange Questions Rex Murphy (May 13)
- <Possible follow-ups>
- RE: Exchange Questions Danny Walker (May 16)
- RE: Exchange Questions Russ (May 16)
- RE: Exchange Questions cschuttg (May 16)
- RE: Exchange Questions Frank W. Keeney (May 16)
- RE: Exchange Questions sean . kelly (May 17)
- RE: Exchange Questions Frank W. Keeney (May 17)
- RE: Exchange Questions Russ (May 18)
- RE: Exchange Questions Frank W. Keeney (May 18)