RE: OWA 2003

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Sun, 22 Jan 2006 11:10:13 -0600

Yes, reverse proxy, which is the FE Exchange Server, does belong on the
firewall's DMZ. In my deployments, the ISA firewall's DMZ.

So I guess we agree. I thought you were recommending that the FE and the
BE both belong in the same security zone. My bad!

Thanks!
Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Andy David [mailto:adavid@xxxxxxxxxxxxx] 
> Sent: Sunday, January 22, 2006 11:02 AM
> To: [ExchangeList]
> Subject: [exchangelist] RE: OWA 2003
> 
> http://www.MSExchange.org/
> 
> I think a reverse-proxy in the DMZ with the FE behind the firewall is
> preferred. You may think otherwise. I respect that, and your 
> experience
> in these matters, however, I do not agree that your solution is
> necessarily the best anymore than you think mine is. I know security
> people who themselves had taken both sides of the argument as well.
> 
> That's ok, The OP can decide, for himself. I am not going to lose any
> sleep if everyone on this list disagrees with me or not. 
> 
> Now see, I did expend energy :)
> 
> 
> 
> 
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
> Sent: Sunday, January 22, 2006 11:45 AM
> To: [ExchangeList]
> Subject: [exchangelist] RE: OWA 2003
> 
> http://www.MSExchange.org/
> 
> One of my jobs is to make sure that misinformation and incorrect
> information is not promulgated on these boards. What you wrote was
> consistent with incorrect information, but I wanted to make sure I
> didn't misunderstand what you said.
> 
> Tom
> 
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> 
>  
> 
> > -----Original Message-----
> > From: Andy David [mailto:adavid@xxxxxxxxxxxxx]
> > Sent: Sunday, January 22, 2006 10:45 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] RE: OWA 2003
> > 
> > http://www.MSExchange.org/
> > 
> > Yes, we all know that you think you know a lot. 
> > Good luck with that!
> > 
> > 
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Sunday, January 22, 2006 11:42 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] RE: OWA 2003
> > 
> > http://www.MSExchange.org/
> > 
> > Hi Andy,
> > Sounds like you don't have a rationale, just a *belief*. 
> > Wishes, dreams,
> > and beliefs really don't belong in a secure network design.
> > 
> > And that's not how I *feel*, that's what I *know*.
> > 
> > HTH,
> > Tom
> > 
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> > 
> >  
> > 
> > > -----Original Message-----
> > > From: Andy David [mailto:adavid@xxxxxxxxxxxxx]
> > > Sent: Sunday, January 22, 2006 10:36 AM
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: OWA 2003
> > > 
> > > http://www.MSExchange.org/
> > > 
> > > I don't think so, but hey, to each his own. I think you are
> > WRONG. (
> > > my caps work as well).
> > > I'll let you carry this argument on with yourself as 
> isn't worth my 
> > > energy.
> > > 
> > > 
> > > 
> > > 
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > Sent: Sunday, January 22, 2006 11:25 AM
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: OWA 2003
> > > 
> > > http://www.MSExchange.org/
> > > 
> > > Hi Andy,
> > > 
> > > You are patently WRONG about that. Where did you get such 
> incorrect 
> > > advice? Because whoever told you that is most definitely
> > not security
> > > minded.
> > > 
> > > You might want to share the rationale you used for this
> > assertion so
> > > that we can shoot it down sequentially and rationally.
> > > 
> > > Tom
> > > 
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > > 
> > >  
> > > 
> > > > -----Original Message-----
> > > > From: Andy David [mailto:adavid@xxxxxxxxxxxxx]
> > > > Sent: Saturday, January 21, 2006 9:57 PM
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] RE: OWA 2003
> > > > 
> > > > http://www.MSExchange.org/
> > > > 
> > > > http://www.microsoft.com/downloads/details.aspx?FamilyID=E6466
> > > > 6FC-42B7-4
> > > > 8A1-AB85-3C8327D77B70&displaylang=en
> > > > 
> > > > 
> > > > Don't put it in the DMZ however. That's just foolish. Put a 
> > > > reverse-proxy in the DMZ if you must. Otherwise, keep the
> > Front End
> > > > server behind your firewall.
> > > > 
> > > > 
> > > > 
> > > > -----Original Message-----
> > > > From: Dave Flaim [mailto:thethin@xxxxxxxxxxxxxxxxxxxxxxx]
> > > > Sent: Saturday, January 21, 2006 10:41 PM
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] OWA 2003
> > > > 
> > > > http://www.MSExchange.org/
> > > > 
> > > > Is it possible to install OWA on a separate server than
> > the Excange
> > > > 2003 server - ie. we would like to place he OWA server in
> > > the DMZ.  Of
> > > 
> > > > so does anyone have a procedure or reference?
> > > > 
> > > > Thanks
> > > > Dave Flaim
> > > > CVI
> > > > 
> > > > ------------------------------------------------------
> > > > List Archives: 
> > > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > > Exchange Newsletters: 
> > http://www.msexchange.org/pages/newsletter.asp
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this MSExchange.org
> > Discussion List
> > > > as:
> > > > adavid@xxxxxxxxxxxxx To unsubscribe visit 
> > > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > > Report abuse to info@xxxxxxxxxxxxxx .org
> > > > 
> > > > ------------------------------------------------------
> > > > List Archives: 
> > > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > > Exchange Newsletters: 
> > http://www.msexchange.org/pages/newsletter.asp
> > > > ------------------------------------------------------
> > > > Visit TechGenix.com for more information about our other sites:
> > > > http://www.techgenix.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this MSExchange.org
> > Discussion List
> > > > as: tshinder@xxxxxxxxxxx To unsubscribe visit 
> > > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > > Report abuse to info@xxxxxxxxxxxxxx
> > > > 
> > > > 
> > > 
> > > ------------------------------------------------------
> > > List Archives: 
> > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > Exchange Newsletters: 
> http://www.msexchange.org/pages/newsletter.asp
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this MSExchange.org 
> Discussion List
> > > as:
> > > adavid@xxxxxxxxxxxxx
> > > To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > Report abuse to info@xxxxxxxxxxxxxx
> > > ge.org
> > > 
> > > ------------------------------------------------------
> > > List Archives: 
> > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > Exchange Newsletters: 
> http://www.msexchange.org/pages/newsletter.asp
> > > ------------------------------------------------------
> > > Visit TechGenix.com for more information about our other sites:
> > > http://www.techgenix.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this MSExchange.org 
> Discussion List
> > > as: tshinder@xxxxxxxxxxx To unsubscribe visit 
> > > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > > Report abuse to info@xxxxxxxxxxxxxx
> > > 
> > > 
> > 
> > ------------------------------------------------------
> > List Archives: 
> > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this MSExchange.org Discussion List 
> > as:
> > adavid@xxxxxxxxxxxxx
> > To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > Report abuse to info@xxxxxxxxxxxxxx
> > hange.org
> > 
> > ------------------------------------------------------
> > List Archives: 
> > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this MSExchange.org Discussion List 
> > as: tshinder@xxxxxxxxxxx To unsubscribe visit 
> > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> > Report abuse to info@xxxxxxxxxxxxxx
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this MSExchange.org 
> Discussion List as:
> adavid@xxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to info@xxxxxxxxxxxxxx
> abuse to info@xxxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: 
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this MSExchange.org 
> Discussion List as: tshinder@xxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to info@xxxxxxxxxxxxxx
> 
> 

Other related posts:

• » OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » Re: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » RE: OWA 2003
• » [ExchangeList] OWA 2003
• » [ExchangeList] Re: OWA 2003
• » [ExchangeList] Re: OWA 2003
• » [ExchangeList] Re: OWA 2003
• » [ExchangeList] Re: OWA 2003
• » [ExchangeList] Re: OWA 2003
• » OWA 2003
• » Re: OWA 2003
• » Re: OWA 2003

1. Home
2. exchangelist
3. Archive
4. 01-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---