I am seeking for professional support in improving my existing network security levels and maximizing the business continuity by minimizing the risk in LAN & WAN.
I have 3 interfaces - inside - 192.168.150.0/24, outside - 18.104.22.168/29 and DMZ 10.10.10.1/24. My exchange server, proxy server and web server - (192.168.150.0/24), should be connected to “inside” interface and in “DMZ” – (10.10.10.1/24) I am planning to implement Trend Micro SMTP gateway which could pull all SMTP traffic which is forwarding by my ISP, my ISP is mail forwarding to 22.214.171.124/29 address. My“outside” interface is connected to VSAT modem (Gateway - 126.96.36.199/29). And from my exchange side all outgoing SMTP traffic is forwarded to ISP DNS address (188.8.131.52).
In addition all my proxy traffic must route through my ISA server which is in “inside” interface. I have plans to enable outlook web access in a additional front-end server; do you recommend this if it yes where should I keep the server in DMZ or Inside?