John, you should probably be fair and point out that RPC/HTTP doesn't require a firewall. That's the point of it. It's over a well known port (HTTP or HTTPS in this case) so that firewalls aren't as concerned about it. RPC is encapsulated. This concept was dreamt up prior to ISA as I recall. ISA just allows you to do some cool stuff that you otherwise can't do such as terminating the SSL stream (after all, why wouldn't you want SSL vs. HTTP?)at the outside interface, inspecting the packets, then re-encrypting the packets on their way to the FE server so that nobody can lurk in the DMZ or the other side of the ISA server. Seems there's more, such as virus scanning etc that can also be done in the stream, but that's something better handled by the Exchange server anyway. Al -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Friday, December 19, 2003 2:23 PM To: [ExchangeList] Subject: [exchangelist] RE: Need your thoughts http://www.MSExchange.org/ > BTW: Saw a "RPC through HTTP tunnel demo" with ISA server and Exchange > 2003... Don`t know if that`s possible without ISA. That is application layer, and only firewall I know that is Exchange application aware is ISA. John Tolmachoff Engineer/Consultant/Owner eServices For You ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 ISA Server Resource Site: http://www.isaserver.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------