yes ..Im still on exch55 ..but yes most likely similar. FYI: I run the webshield on a very old CPQ pro150 with like 96MB ram, 1GB HD thought they recommend more machine, it will depend on your mail volume. BUT you do not need cutting edge to make it run. Run's OK machine needs a reboot about every two weeks or three..Though I think it is likely from me turning the security screws on it in the MS NT4 OS and not WS45sp1..never know though.
Again to not except it to get every attachment. It has done an excellent job of virus protection provided the DAT is upto date AND the DAT can catch the virus in question. It's better then nothing at the moment and I consider it free since it came in the suite. for now GS45 does the exch box, GS5 is supposed to be better...my opinion differs...some what. OWA 55.. while not the full desktop OL works well, Ive done it from a Keyosk on the NJ Turnpike. Again in the 55 OWA it does not require a huge amount of machine. Ihad it on a Pro 200/ 128MB/SCSI 4GB for a long time worked well.... fast... So remember theres more then one way to skin a bean counter............. bill -----Original Message----- From: Rob Ellis [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 2:06 PM To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp No, not remote users, server smtp traffic. We are proposing citrix full desktop, OWA for some remote users, no POP/smtp access for end users. The Webshield I mentioned is as you say, part of TVD. Our design sounds very much like your setup. Regards, Rob Ellis -----Original Message----- From: Mellott, Bill [mailto:[EMAIL PROTECTED]] Sent: 06 June 2002 18:49 To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp Ill throw in .02 Assuming you are referring to allowing remote users to get their e-mail. I'm doing the OWA thing for "remote/roaming" users. I do some Citrix for full desktops. I do NOT allow users to connect to the exch box at this time via SMTP/POP. I do at this time use the Simple Webshield product bundled with the NIA/Mcafee TVD suite. It does reside on it's own machine. so Internet smtp > webshield > Exch. yes the webshield sit's before Exch box. Yes it provides me with an additional layer of pre exch virus protection...works ok yes it also provides some prefiltering on attachments...sucks...does not go any deeper the first level i.e. FWD> FWD it will miss. Note: Their full blown product webshield APP is supposed to work well..no exp with it, Ill keep my opinions to myself.. If I had to let user(s) directly get to either port 110/POP and port25/smtp to do their e-mail... 1.) I would not ..thats me.. 2.) Forced too only via some secure connection like a VPN. bill PS for those interested I run the AV product to at the file level and scan all files on the exchange box with no exceptions. ;-) -----Original Message----- From: Bendall, Paul [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 06, 2002 1:38 PM To: Exchange Discussions Subject: RE: lesser of the evils - ssl or smtp Okay I'll add another spanner to your works, I would advise an SMTP relay server on your DMZ but I really wouldn't use McAfee Webshield. Why I hear you cry for one it is pretty bad at blocking viruses and two we have had no end of problems with it crashing or not sending to certain domains when it gets a DAT update. Why not use the SMTP component of IIS as your SMTP relay server and then use ScanMail or Antigen on your Exchange server. Either that or use someone like MessageLabs to outsource your antivirus too. Regards, Paul -----Original Message----- From: Rob Ellis [mailto:[EMAIL PROTECTED]] Sent: 06 June 2002 18:26 To: Exchange Discussions Subject: lesser of the evils - ssl or smtp Ok, I've got a couple of scenarios, which of them is the least risky? Exchange 2000 mailbox server on the LAN, accepting/making connections using SMTP through a firewall to the internet Exchange 2000 mailbox server on the LAN, accepting SSL secured OWA connections from the internet, again, protected by a firewall. Basically I am being told I may have to do both with the same box, but I'd rather have the smtp traffic going through a DMZ based gateway running McAfee Webshield, and let the OWA clients come into the internal box over SSL (which I see as less of a risk than opening up port 25. If you had to choose one of the 2 above scenarios, which would it be? Regards, Rob Ellis _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] ---------------------------------------------------------------------- If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. ---------------------------------------------------------------------- _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
