I think when you consider some of the other options on the market for SSL termination and reverse proxy, you'll find that ISA 2006 is a reasonable choice. If you are anything other than the very smallest of shops, I wouldn't necessarily call it overkill to at least consider deploying Standard Edition.
Standard Edition is cheap relative to other products and integration is extremely easy, especially if you already have a Microsoft investment (server licenses, support). It gets a lot more expensive when you step up to Enterprise high availability configurations, though. Since you are a Cisco shop, there are some options for SSL termination there too. Content Services Switch comes to mind, but that is not cheap. Damon Cassell MITRE -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randy Hall Sent: Thursday, January 04, 2007 4:41 PM To: Focus-MS Subject: How to deploy Microsoft OWA without using ISA? We have been using OWA2000 for a few years now. The front end server sits in a DMZ and communicates to the backend server with a very painfully developed access list. In addition, you need two factor authentication to even get to the login screen. I recently attended a Microsoft presentation of the new architecture of Outlook 2007. The one thing that stuck out to me was that you can no longer put the front end server in a DMZ. It has to be on the internal network. The recommended way to publish OWA is ISA2006. I don't currently have ISA2006 anywhere in my network and we are a very heavy Cisco shop. What options do I have for publishing OWA? Purchasing ISA2006 for this one application seems a bit overkill. Any help or guidance would be appreciated. Google turns up lots of hits for doing this with ISA but doesn't give any alternative. Randy Hall - Sr. Security Engineer - CISSPĀ The Virginian Pilot - (757) 446-2754
