RE: OWA 2003
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Sun, 22 Jan 2006 12:12:54 -0600
Hi Carl,
You better not make so many assumptions, you know what happens when you
assume :)
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Carl Houseman [mailto:c.houseman@xxxxxxxxx]
> Sent: Sunday, January 22, 2006 11:25 AM
> To: [ExchangeList]
> Subject: [exchangelist] RE: OWA 2003
>
> http://www.MSExchange.org/
>
> I'll assume that you don't speak for Microsoft and you don't
> have anything
> to back up "what they had in mind" other than a personal belief.
>
> If it is more than a belief, feel free to name names of
> Microsoft employees
> who told you what they had in mind.
>
> I'm done with this now. You can of course try the same
> argument over at
> that other Exchange list if you need more abuse from MVPs.
>
> Carl
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Sunday, January 22, 2006 12:07 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: OWA 2003
>
> Hi Carl,
>
> I don't call opening a handful of ports "blowing holes". I think
> security professionals know better. What Microsoft had in mind with to
> keep things rediculously easy for the ill informed, that's all.
>
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
> **Who is John Galt?**
>
>
>
> > -----Original Message-----
> > From: Carl Houseman [mailto:c.houseman@xxxxxxxxx]
> > Sent: Sunday, January 22, 2006 10:55 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] RE: OWA 2003
> >
> > http://www.MSExchange.org/
> >
> > As always, there are two camps on this. One camp wants to
> > blow holes in the
> > firewall to permit the FE to talk to the BE. The other wants
> > to avoid that.
> >
> > See "Figure 1 Secure Firewall Structure" here:
> > <http://www.microsoft.com/technet/security/prodtech/exchangese
> > rver/secmod44.
> > mspx>
> >
> > So, Microsoft favors the FE and BE servers on the same
> > security zone, when
> > their ISA server is used as reverse proxy.
> >
> > Have fun arguing with Microsoft. When you convince them and
> > they change
> > their document, let us know. Otherwise, we already know your
> > opinion, so
> > thanks for sharing.
> >
> > Carl
> >
> > -----Original Message-----
> > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > Sent: Sunday, January 22, 2006 11:31 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] RE: OWA 2003
> >
> > http://www.MSExchange.org/
> >
> > About why putting a front-end, Internet facing, Exchange
> Server on the
> > same security zone as the back end Exchange servers. I'd like to
> > understand the misconceptions that underlie that assertion,
> so that we
> > can shoot them down and show how foolish they are.
> >
> > Thanks!
> > Tom
> >
> > Thomas W Shinder, M.D.
> > Site: www.isaserver.org
> > Blog: http://spaces.msn.com/members/drisa/
> > Book: http://tinyurl.com/3xqb7
> > MVP -- ISA Firewalls
> >
> >
> >
> > > -----Original Message-----
> > > From: Andy David [mailto:adavid@xxxxxxxxxxxxx]
> > > Sent: Sunday, January 22, 2006 10:30 AM
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: OWA 2003
> > >
> > > http://www.MSExchange.org/
> > >
> > > About what?
> > >
> > >
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> > > Sent: Sunday, January 22, 2006 11:25 AM
> > > To: [ExchangeList]
> > > Subject: [exchangelist] RE: OWA 2003
> > >
> > > http://www.MSExchange.org/
> > >
> > > Hi Andy,
> > >
> > > You are patently WRONG about that. Where did you get such
> incorrect
> > > advice? Because whoever told you that is most definitely
> > not security
> > > minded.
> > >
> > > You might want to share the rationale you used for this
> assertion so
> > > that we can shoot it down sequentially and rationally.
> > >
> > > Tom
> > >
> > > Thomas W Shinder, M.D.
> > > Site: www.isaserver.org
> > > Blog: http://spaces.msn.com/members/drisa/
> > > Book: http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Andy David [mailto:adavid@xxxxxxxxxxxxx]
> > > > Sent: Saturday, January 21, 2006 9:57 PM
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] RE: OWA 2003
> > > >
> > > > http://www.MSExchange.org/
> > > >
> > > > http://www.microsoft.com/downloads/details.aspx?FamilyID=E6466
> > > > 6FC-42B7-4
> > > > 8A1-AB85-3C8327D77B70&displaylang=en
> > > >
> > > >
> > > > Don't put it in the DMZ however. That's just foolish. Put a
> > > > reverse-proxy in the DMZ if you must. Otherwise, keep the
> > Front End
> > > > server behind your firewall.
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Dave Flaim [mailto:thethin@xxxxxxxxxxxxxxxxxxxxxxx]
> > > > Sent: Saturday, January 21, 2006 10:41 PM
> > > > To: [ExchangeList]
> > > > Subject: [exchangelist] OWA 2003
> > > >
> > > > http://www.MSExchange.org/
> > > >
> > > > Is it possible to install OWA on a separate server than
> > the Excange
> > > > 2003 server - ie. we would like to place he OWA server in
> > > the DMZ. Of
> > >
> > > > so does anyone have a procedure or reference?
> > > >
> > > > Thanks
> > > > Dave Flaim
> > > > CVI
>
>
> ------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this MSExchange.org
> Discussion List as: tshinder@xxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to info@xxxxxxxxxxxxxx
>
>
Other related posts:
