It is a trade off, home users are allowed and encouraged to use and update virus-scanning software and also personal firewall software configured to update frequently. They might have more current dat files than someone using a company laptop that is sitting at his house and only uses occasionally when he connects somewhere/somehow and then pptp's into the pptp server, which is also my ISA server. -----Original Message----- From: Steve Bostedor [mailto:Steveb@xxxxxxxxxx] Sent: Wednesday, October 23, 2002 9:38 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Security of publishing Exchange 2000 http://www.ISAserver.org Yea, but if their computer is infected with a virus, Trojan, or worm, that bad code becomes part of your network. I don't mind users of company owned equipment using the VPN, but home users with computers that have no antiviral software or the dat files are out of date are not going to connect to my network in that manner. -----Original Message----- From: Mathews, Todd L Mr HQ INSCOM [mailto:tlmathe@xxxxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, October 23, 2002 9:18 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Security of publishing Exchange 2000 http://www.ISAserver.org I have users VPN into the ISA server box, pptp and then they can access their mail either using outlook or OWA. Just a thought Todd -----Original Message----- From: Steve Bostedor [mailto:Steveb@xxxxxxxxxx] Sent: Wednesday, October 23, 2002 8:36 AM To: [ISAserver.org Discussion List] Subject: [isalist] Security of publishing Exchange 2000 http://www.ISAserver.org We have many users who would like to be able to get their Exchange email from their unprotected home computers. I see a lot of posts here about publishing Exchange to the Internet. How secure is that? Is it really safe to publish your Exchange RPC to the Internet? I'm a bit reluctant to let them connect their unprotected home computers to our LAN via VPN or dial-up in these days of rampant Internet worms and Trojans. We have been using www.gotomypc.com for the few that needed remote access from unsecured computers, but that would be expensive on the scale that is on the horizon here. I have also considered publishing a Windows 2000 terminal server and controlling access by the Windows 2000 "Log In Locally" policy. What do you guys think about the security aspect of these issues? Thanks, Steve ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tlmathe@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: junk@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tlmathe@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')