Jon We are using Exchange Direct Push. We use two ISA 2004 Firewall servers (Network Load Balanced) in our DMZ, (in a workgroup config), backed off to, two front-end servers Network Load Balanced, we have three clustered EVS behind the front-ends. Front-end and Back-end servers are in our internal LAN. ISA 2004 servers in the DMZ. (workgroup) TCP 443, opened into the LAN. Same certificiate used on all front-end and isa servers. ISA 2004 OWA Published Rule setup on ISA. We use XDA II/IIS/Mini IIs and ActiveSync Regards Andrew ----- Original Message ----- From: Jon D To: exchangelist@xxxxxxxxxxxxx Sent: Friday, October 27, 2006 1:44 PM Subject: [ExchangeList] Exchange Direct Push Is anyone using the new exchange direct push technology yet? I was told that to enable it I would need to map 443 from the Internet to my Exchange server, and also that I would need an SSL certificate installed. I'm wondering if anyone has done it with only 1 exchange server? I have 1 exchange server behind 1 firewall. No seperate exchange front end, no seperate smpt server, and we dont use owa, so no owa server. Just 1 exchange box. I always have concerns opening ports up, so curious what other people are doing. Would you only do this if you had a front end exchange box in a DMZ? Thanks in advance, Jon .