Hi Ruba, The BE/FE deployment was designed to accomplish two things: 1 - allow the Exch admin to create a "security zone" between the Internet and Intranet sides of Exch 2 - allow the Exch admin to "spread the load" for different Exch functions across multiple machines. Since ISA pretty much obviates the need for a DMZ, you don't need the FE/BE deployment for security reasons. Unless you can show that the Exch FE/BE combination is overloaded, there's no need to separate them. IOW, if it works, LITFA... -----Original Message----- From: Ruba Al Omari [mailto:romari@xxxxxxxxxxxxxxxxx] Sent: Wednesday, July 13, 2005 12:10 AM To: [ISAserver.org Discussion List] Subject: [isalist] FE Vs BE http://www.ISAserver.org When publishing exchange 2003 (OWA and SMTP) through ISA2004 with an SSL, is it better to use FE and BE configuration or is it as secure as using ISA2004 with BE directly without having FE? Thanks, r. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.