Hi Guys, I have been doing considerable research regarding the use of ISA to provide internet mail services of EXCHANGE by either: publishing RPC for OUTLOOK access or publishing EXCHANGE server running OWA. In either case we would have a PIX firewall, with single ISA server behind it, and all MS machines (EXCHANGE, other F and P, and DCs) behind it. It has been stated that PIX fails closed and the question asked what if ISA fails? How does it fail: open or closed? Based on my research and taking note in the certifications ISA has earned, I conclude it must fail closed, but that is not officially substantiated. I feel confident in proposing one of these solutions, but I find myself needing more compelling evidence to present to my peers and management. Opponents to my proposal are calling for WEB MAIL or SQUIRREL mail in a perimeter network, on either an MS IIS or LINUX APACHE machine. I have taken MS ISA training, bought the books (including ISA ISA and BEYOND and EXCHANGE 2000 24/7), monitored discussion on this list for several months, and tried to gather as much information as I possibly can. I have the MS TechNet article regarding the use of ISA to publish RPC and reduce its vulnerabilities and associated top 20 (10 MS and 10 UNIX) vulnerabilities list. Any comments or direction greatly appreciated; or a pole. Thanks. jp Jim Prato MS LAN and E-Mail Administrator Texas State Library 512-463-5451 JPrato@xxxxxxxxxxxxxxx