Hi Tom, You are right, as always :) Yes, the OWA traffic is HTTP from FE - BE, where as RPC over HTTP is not. So OWA traffic will not be scanned by VAPI as it passes through the FE. I need to start reading again... HTH. Regards, Raj Periyasamy Systems Administrator MCSE(Messaging), CCNA -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, May 04, 2005 10:54 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Hi Raj, Are you sure about this? I thought with a FE Exchange Server it worked like this: Client | |_(encrypted HTTP (SSL) | ISA firewall (SSL to SSL bridging) | |_(encrypted HTTP (SSL) | FE Exchange | |_HTTP | BE Exchange mailboxes While you're describing is more like RPC over HTTP, or SMTP over HTTP. Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx] Sent: Wednesday, May 04, 2005 9:42 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Hi Tom, From the FE to BE the traffic is SMTP/RPC, and Exchange uses its SMTP engine to route the traffic between the FE and BE. So a VAPI compliant AV scanner in a FE server will still scan the content as it passes through the FE routing engine. SSL bridging is between Client-ISA-FE only. The FE-BE traffic is not SSL encrypted. HTH. Regards, Raj Periyasamy Systems Administrator MCSE(Messaging), CCNA -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, May 04, 2005 10:32 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Hi Raj, Does the scanning work on the FE server? The e-mail messages are still HTTP encapsulated at that point. Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx] Sent: Wednesday, May 04, 2005 9:09 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Arjan, I don't think it makes practical sense to scan OWA traffic for virus as it is usually encrypted SSL. However, if you are worried about email viruses, then you should implement an Exchange specific antivirus software in your front end and back end servers. We use McAfe Groupshiled 5.2, and has been very successful. HTH. Regards, Raj Periyasamy Systems Administrator MCSE(Messaging), CCNA -----Original Message----- From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] Sent: Wednesday, May 04, 2005 6:46 AM To: [ISAserver.org Discussion List] Subject: [isalist] OWA Publishing http://www.ISAserver.org I wanted to use a ISA 2004 server for publishing OWA, but i need some kind of virus scanning, i'm using TrendMicro IWSS for http trafic on an other server, which service needs to listen for traffic, the iwss service, or the isa service ? If the isa service need to listen, the traffic need to go through the iwss service, and after that to the front-end servers. Can someone explains me how to make it possible, if it is possible, or mayby some other solution. Regards, Arjan ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: raj.periyasamy@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: raj.periyasamy@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: raj.periyasamy@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx