What I mean is that there is no security issue opening/forwarding a port from RED to GREEN when no service is listening on that port. Othewise if a service is listening on, the security is demanded to that service. I don't trust on those who still affirm that IIS is a sort of Swiss cheese (for the community that cheese is called Emmenthal. A cheese full of big holes). I think that IIS6 is now strong enough and a U can avoid proxying, but having a Apache/Proxy is the best solution you can build. Follow the same iter for the mobile services without regrets ! If a proxy machine can be attacked, spoofed, destroyed, after that, there is no way to gain access to the real service, this is an assiome. I've a lot of OWA pubblished via EFW port forwarding, without reverse proxyes and without security problems, so...have nice sleep !!
>From: "Stanley Tim" <[EMAIL PROTECTED]> >Reply-To: [email protected] >To: <[email protected]> >Subject: Re: [Efw-user] Outlook Web Access >Date: Wed, 11 Apr 2007 19:09:16 -0400 > >Just curious. How secure is this, forwarding to the GREEN network? I >currently have an Apache server in the DMZ (orange) that I reverse proxy >to my GREEN exchange server. I hit apache with SSL. I followed the >following info: http://3cx.org/item/46 > > >I am also attempting Windows Mobile devices in the same fashion. > >Thanks, >Tim > > >Hi, > >I've multiple outlook web access behind EFW installations. > >Simply create a PORT FORWARDING to the GREEN Exchange ip address for >TCP port 80/443 depending on your >OWA access parameters. > >Take care that your Exchange, like every GREEN service served by EFW, >MUST have EFW as GATEWAY or, in >some way, as LAST RESORT ROUTE to be >successfully "NATTED INSIDE". > >LAST RESORT ROUTE concept, requires advanced routing engines, not >always accomplished by Win > >environements. > > > >Hope this can Help > > > > >------------------------------------------------------------------------- >Take Surveys. Earn Cash. Influence the Future of IT >Join SourceForge.net's Techsay panel and you'll get the chance to share >your >opinions on IT & business topics through brief surveys-and earn cash >http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >_______________________________________________ >Efw-user mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/efw-user _________________________________________________________________ Trova le foto delle tue star preferite su Live.com ! http://search.live.com/images/results.aspx?q=modelle&FORM=QBIR&mkt=it-it ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
