You could investigate implementing ISA or an e-gap solution to improve security... ISA has broader functionality which might also be useful to the organization.
> -----Original Message----- > From: Jeffrey Dubyn [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 10:33 PM > To: Exchange Discussions > Cc: 'Michael A. Brown'; Stan Martin > Subject: RE: OWA Setup on a different machine on XCH2000 SP2 > > Thanks to all who replied! > > Bottom line is we will be using just the OWA on the lone Exchange Server > on the LAN (not in the DMZ). I'm still a little uncomfortable allowing > traffic from the Internet onto the server, but it seems the best of all > "evils" so to speak. There's also the fact that the customer would not > be too happy shelling out the $$ for the Enterprise edition. > > In answer to your question, Tony, yes you need the Enterprise Edition to > use a Front-End Server (your OWA server). > > Jeff > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Anthony L. > Sollars > Sent: Tuesday, July 16, 2002 2:29 PM > To: Exchange Discussions > Subject: RE: OWA Setup on a different machine on XCH2000 SP2 > > > I am designing this exact system, but my plan is to use a front end > exchange server on the intranet and a back-end OWA web server on the > internet segmented in a DMZ. If this box does get compromised I don't > want it having free access to the rest of my intranet. > > Do I have to have Enterprise edition Exch2k to have my OWA on a separate > server? > > -TOny > > -----Original Message----- > From: Ed Crowley [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, July 16, 2002 9:59 AM > To: Exchange Discussions > Subject: RE: OWA Setup on a different machine on XCH2000 SP2 > > The advantage of deploying a front-end server is that your mailbox > server isn't touched directly by an Internet user. That is, you can > configure your firewall to allow HTTPS only to the OWA server. It's not > a huge security benefit, in my opinion, but it might make you sleep > better. I agree with leaving the front-end server in the intranet and > allowing HTTPS (SSL) only from the Internet. > > Ed Crowley MCSE+Internet MVP kcCC+I > Tech Consultant > hp Services > Protecting the world from PSTs and Bricked Backups! > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Jeffrey Dubyn > Sent: Tuesday, July 16, 2002 2:24 AM > To: Exchange Discussions > Subject: RE: OWA Setup on a different machine on XCH2000 SP2 > > > Just curious - isn't the fact that OWA is being used at all mean that > the box is exposed to the Internet, even if it's NAT'ed behind a > firewall? The idea is to use this via the Internet, not an Intranet. > Thanks! > > Jeff > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Ed Crowley > Sent: Monday, July 15, 2002 11:37 PM > To: Exchange Discussions > Subject: RE: OWA Setup on a different machine on XCH2000 SP2 > > > I don't think there are any security benefits unless you're going to > expose it to the Internet. > > Ed Crowley MCSE+Internet MVP kcCC+I > Tech Consultant > hp Services > Protecting the world from PSTs and Bricked Backups! > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Jeffrey Dubyn > Sent: Monday, July 15, 2002 5:18 PM > To: Exchange Discussions > Cc: 'Michael A. Brown'; Stan Martin > Subject: OWA Setup on a different machine on XCH2000 SP2 > > > We are looking to configure OWA for use with our lone Exchange 2000 > server (SP2). Are there any security benefits to configuring this on a > different machine than the Exchange server? Also, do we need to have > the Enterprise Edition of Exchange 2000 and configure it as a front-end > server to do this? > > Thanks! > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
