From: Dan Yarrow [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:52 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions
List Charter and FAQ at:-----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 15 January 2002 07:45
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questionsOn your OWA server?-----Original Message-----
From: Dan Yarrow [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 1:46 PM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questionsorrrr you could just use URLScan and IISLockdown from Microsoft for nothing.. :)-----Original Message-----
From: Rick Ward - HQ [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, 15 January 2002 07:01
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions100% agree with Mr. William..
I also recommend a product for IIS called SECUREIIS by eEye.com. It works very well with IIS 4.0/5.0 and protects against virtually any DOS/Hack attacks. Costs about $800 per server, and very reasonable for what it does. MS is looking at it as well. Between that, SSL and a Firewall you can be assured you're very well protected... Only thing better would be Apache on OpenBSD, but that's another can-o-worms.
-Rick
-----Original Message-----
From: Lefkovics, William [mailto:[EMAIL PROTECTED]]
Sent: Monday, January 14, 2002 11:55 AM
To: MS-Exchange Admin Issues
Subject: RE: DMZ, OWA and Exchange 5.5 questions
You don't really gain anything putting the OWA part in the DMZ. OWA acts as what I call "MAPI-by-proxy" so the number of holes you need to punch in the internal firewall basically denigrates your DMZ.
William
http://www.sunbelt-software.com/exchange_list_charter.htm
