I'm not sure if this is the most secure way to do
this, but here is how we have accomplished this at my
company. We have an IIS web server with the Outlook
Web Access installed on it. We have SSL enabled for
the web site. Now both the Exch and IIS are on our
internal net. (We should probably have IIS on a DMZ)
The only hole in the firewall is for port 443 (SSL) to
the IIS server.
Clients talk only to the web server never directly to
Exchange. Only the web server talks to Exchange.
Clients get authenticated to IIS/OWA using basic over
SSL. SSL not only encrypts the password handshake but
also the traffic between the browser and server.
Check the Planning and Deploying Outlook Web Access
guide for basic over SSL.
Good luck.
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail � Free email you can access from anywhere!
http://mail.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
