RE: OWA without ISA server

  • From: "adrian bolzan" <abolzan@xxxxxxxxxxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Wed, 8 Jun 2005 10:06:04 +1000

Hi Andrew, 

thanks for your reply.  Do you use ISA server?

I thought to post it to the ISA list but as I am not using it and it is
related to Exchange security thought this forum would be more
appropriate.

cheers,
Adrian



________________________________

        From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
        Sent: Tuesday, 7 June 2005 10:10 PM
        To: [ExchangeList]
        Subject: [exchangelist] RE: OWA without ISA server


        http://www.MSExchange.org/


        You should be asking this question in the ISAServer.org mailing
list, not in the Exchange one. I use RPC over HTTP on my Exchange server
2003. I don't have any problems with it except that the odd user doesn't
use Windows XP which is required to make it work.

        

        Andrew

        

        


________________________________


        From: adrian bolzan [mailto:abolzan@xxxxxxxxxxxxxxxxxxxxxxxxx]
        Sent: Tuesday, June 07, 2005 5:15 AM
        To: [ExchangeList]
        Subject: [exchangelist] OWA without ISA server

        

        http://www.MSExchange.org/

        Hi all,

        

        We currently run Exchange 2003 with FE and BE servers.

        The FE server is in a DMZ, whilst the BE servers are located on
the Internal/protected network.

        The FE servers are only accessed by staff on our WAN and
selected staff via the internet (those with permanent IP addresses).

        We do not use ISA server, although it is on the horizon, rather
using a firewall appliance that performs stateful packet inspection,
DOS, etc.

        

        Currently, the FE server is part of our domain, and i have
opened up all ports between the FE server and the BE server and DC's in
the protected network, whilst restricting access from the internet to
those with permanent IP addresses on the ADSL/cable connections. If I
remember correctly, I can configure the communication between the FE
server and the DC's to be over a single port, which requires registry
hacks, although this has not been implemented.

        

        What are your thoughts, with respect to security, on allowing
general HTTPS access to the FE server for OWA from the internet without
ISA server and with the scenario i have painted above?

        

        cheers,

        adrian

         

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Exchange Newsletters:
http://www.msexchange.org/pages/newsletter.asp
        Exchange FAQ:
http://www.msexchange.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 ISA Server Resource Site: http://www.isaserver.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this MSEXchange.org Discussion
List as: andrew@xxxxxxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Report abuse to listadmin@xxxxxxxxxxxxxx

        ------------------------------------------------------
        List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Exchange Newsletters:
http://www.msexchange.org/pages/newsletter.asp
        Exchange FAQ:
http://www.msexchange.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Other Internet Software Marketing Sites:
        World of Windows Networking: http://www.windowsnetworking.com
        Leading Network Software Directory: http://www.serverfiles.com
        No.1 ISA Server Resource Site: http://www.isaserver.org
        Windows Security Resource Site: http://www.windowsecurity.com/
        Network Security Library: http://www.secinf.net/
        Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
        ------------------------------------------------------
        You are currently subscribed to this MSEXchange.org Discussion
List as: abolzan@xxxxxxxxxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
        Report abuse to listadmin@xxxxxxxxxxxxxx
============================================================
IMPORTANT - This email and any attachments is confidential.
If received in error, please contact the sender and delete
all copies of this email. Please note that any use,
dissemination, further distribution or reproduction of this
message in any form is strictly prohibited. Before opening or
using attachments, check them for viruses and defects.
Regardless of any loss, damage or consequence, whether caused
by the negligence of the sender or not, resulting directly or
indirectly from the use of any attached files, our liability
is limited to resupplying any affected attachments.
Any representations or opinions expressed in this email are
those of the individual sender, and not necessarily those
of the Capital Transport Services.
============================================================




============================================================
IMPORTANT - This email and any attachments is confidential.
If received in error, please contact the sender and delete
all copies of this email. Please note that any use,
dissemination, further distribution or reproduction of this
message in any form is strictly prohibited. Before opening or
using attachments, check them for viruses and defects.
Regardless of any loss, damage or consequence, whether caused
by the negligence of the sender or not, resulting directly or
indirectly from the use of any attached files, our liability
is limited to resupplying any affected attachments. 
Any representations or opinions expressed in this email are
those of the individual sender, and not necessarily those
of the Capital Transport Services.
============================================================

Other related posts: