OWA in DMZ or not?
Hi. I run a 2003SP2 Exchange environment with a single Exchange server and a single OWA server in a DMZ. Over the years I've had to open more and more holes between the two networks as I've added features, etc. Someone told me I should bring the OWA server back behind the firewall and only open ports 80 and 443 to the outside. I would be usign NAT on my firewall too btw. Which method is more secure for a smaller environment?
Software/Hardware used:
Software/Hardware used:
ASKED:
May 6, 2009 12:58 PM
UPDATED:
May 6, 2009 3:09 PM
Answer Wiki:
"Best practices" is to place the OWA server behind your firewall and open 80 and 443 to the world. you'll need to forward these ports through the public IP to the server. that's all it should need to function. If you're also using RWW, you'll want to 3389 and 4125 open to the RWW server, but they do NOT have to be open to the OWA server.
if it's all on the same machine, which is typical, open 25, 110 (is using POP3) 80, 443, 3389 and 4125.
hope that helps,
To see all answers submitted to the Answer Wiki: View Answer History.
RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
