RE: Need your thoughts

  • From: "Mulnick, Al" <Al.Mulnick@xxxxxxxxxx>
  • To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 19 Dec 2003 15:56:38 -0500

John, you should probably be fair and point out that RPC/HTTP doesn't
require a firewall.  That's the point of it.  It's over a well known port
(HTTP or HTTPS in this case) so that firewalls aren't as concerned about it.
RPC is encapsulated.  This concept was dreamt up prior to ISA as I recall.
ISA just allows you to do some cool stuff that you otherwise can't do such
as terminating the SSL stream (after all, why wouldn't you want SSL vs.
HTTP?)at the outside interface, inspecting the packets, then re-encrypting
the packets on their way to the FE server so that nobody can lurk in the DMZ
or the other side of the ISA server.  Seems there's more, such as virus
scanning etc that can also be done in the stream, but that's something
better handled by the Exchange server anyway.


-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] 
Sent: Friday, December 19, 2003 2:23 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Need your thoughts

> BTW: Saw a "RPC through HTTP tunnel demo" with ISA server and Exchange 
> 2003... Don`t know if that`s possible without ISA.

That is application layer, and only firewall I know that is Exchange
application aware is ISA.

John Tolmachoff
eServices For You

List Archives:
Exchange Newsletters:
Exchange FAQ:
Other Internet Software Marketing Sites:
Leading Network Software Directory:
No.1 ISA Server Resource Site: Windows Security
Resource Site: Network Security Library: Windows 2000/NT Fax Solutions:

Other related posts: