Opening HTTPS to send HTTPS traffic direct to Exchange server (with public static IP) - Is this a bad security threat?
Posted on 2006-10-21
****Summary of question****
IS it bad to open the HTTPS port so that HTTPS traffic is sent directly to the Exchange server (for OWA access). (as we recently had a UDP flood on the local network).
Please help as this could be an urgent issue.
I have recently turned on Outlook Web Access for a company. This means that in the firewall for the company I opened the HTTPS port so that all HTTPS traffic is sent directly to the server running exchange (which has a public static IP address).
the server always has a static public IP address and received its mail via SMTP.
However, about a week ago the company has a new telephone system installed which included I believe allowed features such as VOIP and I think the phones have an IP address from the server.
After about 4 days the telephone system went down and the telephone system people were called in. He said the reason was that the network had been flooded with UDP packets.
My concern is could that have anything to do with me opening the HTTPS port to allow for OWA to work? Is this a bad thing and is one meant to do something else rather then just open up this port?
This is very serious for me as if it turns out that it is my fault the phone system went down I will resign my position as someone who has recently taken responsibility to handle these matters
Thanks in advance.