RE: Secure OWA publishing

  • From: Rick Boza <rickb@xxxxxxxxxxx>
  • To: Exchange List <exchangelist@xxxxxxxxxxxxx>
  • Date: Sat, 20 Nov 2004 12:55:48 -0500

Actually, OWA and RPC/HTTP solve two different business challenges.

OWA is strictly from a web browser and doesn¹t involve RPC from the client.
This is ideal from home systems as well as shared systems ­ an airport
kiosk, for example.

RPC/HTTP on the other hand is for communications between Outlook 2003 and
Exchange 2003 via a secure connection.

You¹re on the money as far as needing to either buy or create a certificate
for your SSL connections ­ in both cases this is the only way to go
(technically not, but it would be incredibly foolish not to do so).

If you publish your own cert (from Windows 2003, for example) you can use a
GPO to set all your systems to trust the issuing CA ­ so your laptop users
(for example) would automatically accept it.  Your home users would need to
add it as a trusted root or accept the certificate every time they hit OWA.


On 11/20/04 9:30 AM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> wrote:

> http://www.MSExchange.org/
> The best was of publishing OWA that I have seen thus far is RPC over HTTPS.
> Yes you will have to either buy a subscription of SSL or create your own which
> people from your company will have to accept once if they use connect from
> home or from their notebook.
>  
> Andrew
>  
>  
> 
> 
> From: Ruba Al Omari, Eng. [mailto:romari@xxxxxxxxxxxxxxxxx]
> Sent: Saturday, November 20, 2004 5:17 AM
> To: [ExchangeList]
> Subject: [exchangelist] Secure OWA publishing
>  
> http://www.MSExchange.org/
> Hello all,
>  
> I have Exchange 2000 back end server, I recently installed Exchange 2003 as a
> front end server to be able to publish OWA, as my users are currently using
> POP3 and IMAP clients from outside the organization.
> When trying to publish the OWA as per the guide from Thomas Shinder from the
> ISA site, I need an SSL , to get an SSL trial version it only works for 40
> bits and for a test server not a production server.
>  
> My question is:
> -         Is the SSL and CA the only secure way to publish exchange 2000 OWA?
> Is this is the way other exchange administrators do it?
> -         I have netscreen firewall (which we are publishing POP3 through) if
> I publish the http for the exchange as well from the netscreen will that be
> secure enough? Without having to have the ISA and the SSL?
>  
> Appreciate any help,
> Many thanks,
>  
>                  
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> andrew@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> rickb@xxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts:

  1. Home
  2. exchangelist
  3. Archive
  4. 11-2004