|
Forgive me if this has recently been brought up.
I need some best practice information for the following scenario using Microsoft
Exchange Server:
I have several thousand users on Exchange
Server. Approx half of these users need to access their mailbox from the
protected LAN/WAN segments as native MS Exchange clients using Outlook.
The exchange servers are members member of the internal NT domain. The admin
group only wants to create a single account for each mail user, and not have to
maintain seperate directories (based on the outcome of these questions, this may
be able to change)
The other half of my users need to access their
mail accounts from the internet via standard POP3/SMTP protocols. A VPN is not
logistically feasable for this purpose.
I am using Checkpoint FW-1 with a
DMZ.
How should I architect my mail infrastructure and
still maintain some semblance of security? Any advice/criticicism/help would be
very much appreciated.
Thanks,
Brian Burns
|
