OWA in DMZ or not?

5 pts.
Tags:
Exchange 2003
Outlook
Outlook 2003
OWA
OWA 2003
WatchGuard
Hi. I run a 2003SP2 Exchange environment with a single Exchange server and a single OWA server in a DMZ. Over the years I've had to open more and more holes between the two networks as I've added features, etc. Someone told me I should bring the OWA server back behind the firewall and only open ports 80 and 443 to the outside. I would be usign NAT on my firewall too btw. Which method is more secure for a smaller environment?
ASKED: May 6, 2009  12:58 PM
UPDATED: May 6, 2009  3:09 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

“Best practices” is to place the OWA server behind your firewall and open 80 and 443 to the world. you’ll need to forward these ports through the public IP to the server. that’s all it should need to function. If you’re also using RWW, you’ll want to 3389 and 4125 open to the RWW server, but they do NOT have to be open to the OWA server.

if it’s all on the same machine, which is typical, open 25, 110 (is using POP3) 80, 443, 3389 and 4125.

hope that helps,

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following