I'm pretty sure that this box can do this, only way to find out is to give it a go. It should be documented.
It is of my opinion that if you have a decent firewall and you are publishing services such as SMTP, FTP, HTTP, HTTPS or anything tcp based, then you should always use the proxy function on the firewall. Depending on the firewall, it will protect against protocol attacks and more. ISA is a solution, but it adds an extra box to the topology, its another machine to patch, maintain, license, power, air condition etc. etc... My point is, if you have a good firewall, use the proxies that come with it and don't bother with ISA. Regards K -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erick Thompson Sent: 22 July 2004 01:09 To: Exchange Discussions Subject: RE: DMZ ports for Front End Server I'm running firmware version 5.0.0r4.0. I have to admit some ignorance of 'deep packet inspection', but I would assume that it's looking for malformed packets that could be an exploit attempt. Thanks, Erick > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > knighTslayer > Sent: Wednesday, July 21, 2004 4:18 PM > To: Exchange Discussions > Subject: RE: DMZ ports for Front End Server > > Erick, > > I believe, though I could be wrong, that it supports the concept of > 'deep packet inspection' for proxies. Though I have no direct > experience with that firewall to the degree of configuring in-bound > proxies. > > What version/release is it running? I may know someone who can just > answer that question straight. > > > K > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Erick Thompson > Sent: 22 July 2004 00:09 > To: Exchange Discussions > Subject: RE: DMZ ports for Front End Server > > Do you know if the Netscreen 25 can do that? > > Thanks, > Erick > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > knighTslayer > > Sent: Wednesday, July 21, 2004 3:50 PM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > Better off with ISA Proxy very true too. > > > > Or any decent firewall that can smart proxy in-bound tcp traffic. > > Probably cheaper than introducing ISA server in to the frame. > > > > Check with you firewall vendor. > > > > A good firewall example: > > > > http://www.cyberguard.com/news_room/whitepaper_smartproxies.cfm > > > > K > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On > Behalf Of Ed > > Crowley [MVP] > > Sent: 21 July 2004 23:42 > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > You're better off with a web proxy server in the DMZ such > as ISA than > > a front-end server. > > > > Ed Crowley MCSE+Internet MVP > > Freelance E-Mail Philosopher > > Protecting the world from PSTs and Bricked Backups!T > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > knighTslayer > > Sent: Wednesday, July 21, 2004 3:24 PM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > I agree with Dean. > > > > If at least the FE server is in a DMZ and you are logging on both > > External AND DMZ interfaces on your chosen firewall, then > you are much > > better informed than JUST logging on a External to Internal NAT'd > > level. > > > > It's a given that we all review firewall log reports regularly of' > > course. > > > > My two cents. > > > > K > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Dean Cunningham > > Sent: 21 July 2004 23:12 > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > I need no convincing, your the one that needs convincing ;-) > > > > > > > > >>> [EMAIL PROTECTED] 22/07/2004 9:22:41 a.m. >>> > > You keep convincing yourself of that... ;o) > > > > -----Original Message----- > > From: Dean Cunningham [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, July 21, 2004 5:00 PM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > You'll never convince me to do that ;-) if the FE is > compromised, so > > is your whole network. > > At lease with it in the DMZ, you have some control over the > ports and > > addresses it can connect internally to. > > > > What persuaded you to change? > > > > >>> [EMAIL PROTECTED] 22/07/2004 7:10:36 a.m. >>> > > It is not really THAT many ports, but we had these > discussions here a > > bunch ot times and came to a conclusion that front-end in DMZ would > > not be a good thing to do. I actually used to be for the > DMZ idea in > > the past but got persuaded to change my mind. > > > > If you still want to explore it, there are MS whitepapers on > > front-end/back-end Exchange configuration and on Exchange > hosting that > > show all the ports that you will need to open. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Rosselle, Brett > > Sent: Wednesday, July 21, 2004 3:05 PM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > > > I haven't actually deployed it(in production) yet, so > either option is > > still viable. > > > > Any particular reason for not having it in the DMZ, other > than having > > to define a zillion ports, or is that the main reason? If > it is, it's > > a good enough reason for me. > > > > Brett > > > > > > > > -- > > Brett Rosselle > > Systems Administrator > > Brightpoint North America > > 317.707.2525 Tel > > 317.707.2397 Fax > > [EMAIL PROTECTED] > > > > > > -----Original Message----- > > From: Martin Blackstone [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, July 21, 2004 1:57 PM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > I concur > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Fyodorov, Andrey FTL > > Sent: Wednesday, July 21, 2004 11:57 AM > > To: Exchange Discussions > > Subject: RE: DMZ ports for Front End Server > > > > Take that front-end out of DMZ and put it into the internal network. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of > > Rosselle, Brett > > Sent: Wednesday, July 21, 2004 2:40 PM > > To: Exchange Discussions > > Subject: DMZ ports for Front End Server > > > > > > > > > > I'm guessing this had been covered in the past. I thought > the Exchange > > discussions website had a search feature, but either it > does not, or I > > am just not capable of finding it. > > > > I'm trying to find a list of the minimum ports needed for a > > 2003 Front End server to be able to connect back to the internal > > network from the DMZ. > > > > I found this link: > > > > http://support.microsoft.com/default.aspx?scid=kb;en-us;Q278339 > > > > Not sure if it's correct for this aplication. Is there a > better list > > somewhere? > > > > Thanks, > > > > Brett > > > > > > -- > > Brett Rosselle > > Systems Administrator > > Brightpoint North America > > 317.707.2525 Tel > > 317.707.2397 Fax > > [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > > > > > > ********************************************************************** > > Have you clicked on yet? > > www.nrc.govt.nz > > ************************************************************** > > ********Bpar > > Thanks, > > > > Bre > > NORTHLAND REGIONAL COUNCIL > > > > This email and any files transmitted with it are confidential and > > intended solely for the use of the individual or entity to > > whom they > > are addressed. If you have received this email in error > please notify > > [EMAIL PROTECTED] > > > ********************************************************************** > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > > > > > > ********************************************************************** > > Have you clicked on yet? > > www.nrc.govt.nz > > > ********************************************************************** > > NORTHLAND REGIONAL COUNCIL > > > > This email and any files transmitted with it are confidential and > > intended solely for the use of the individual or entity to > > whom they > > are addressed. If you have received this email in error > please notify > > [EMAIL PROTECTED] > > > ********************************************************************** > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang > > =english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > > ext_mode=&lang=english > > To unsubscribe send a blank email to %%email.unsub%% > > Exchange List admin: [EMAIL PROTECTED] > > To unsubscribe via postal mail, please contact us at: > > Jupitermedia Corp. > > Attn: Discussion List Management > > 475 Park Avenue South > > New York, NY 10016 > > > > Please include the email address which you have been contacted with. > > > > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang > =english > To unsubscribe send a blank email to > %%email.unsub%% > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe send a blank email to > %%email.unsub%% > Exchange List admin: [EMAIL PROTECTED] > To unsubscribe via postal mail, please contact us at: > Jupitermedia Corp. > Attn: Discussion List Management > 475 Park Avenue South > New York, NY 10016 > > Please include the email address which you have been contacted with. > > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang =english To unsubscribe send a blank email to %%email.unsub%% Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
