Internet / Remote Access
Hi Everyone,
We have an Exchange server and is using most of the benefits (shared contacts, calendars, etc) ..
We want to open the Exchange server on the internet and want the best and most secure option available ..
I believe opening Exchange for "full Exchange features" will become too slow over the internet and could be more susceptible for virus and hacking attacks.
A thought is to open Exchange only for I-MAP from the internet, and only use the full functionality (contacts, calendars, etc) over the local-LAN.
I have the following questions, which should be able to help us determining the best solution:
1. Is it possible to run "full-Exchange" features over the internet without sacrificing security and operation-speed?
2. I read an article where Microsoft suggests a "front-end" and "back-end" Exchange server - for security ..
For which scenario will this be advised?
3. Will Exchange be happy with I-MAP access (from the internet) and normal Exchange access from within the office? Which ports should we open on the firewall for I-MAP to be operational?
Any help and advise will be highly appreciated.
Regards, Rupert
We have an Exchange server and is using most of the benefits (shared contacts, calendars, etc) ..
We want to open the Exchange server on the internet and want the best and most secure option available ..
I believe opening Exchange for "full Exchange features" will become too slow over the internet and could be more susceptible for virus and hacking attacks.
A thought is to open Exchange only for I-MAP from the internet, and only use the full functionality (contacts, calendars, etc) over the local-LAN.
I have the following questions, which should be able to help us determining the best solution:
1. Is it possible to run "full-Exchange" features over the internet without sacrificing security and operation-speed?
2. I read an article where Microsoft suggests a "front-end" and "back-end" Exchange server - for security ..
For which scenario will this be advised?
3. Will Exchange be happy with I-MAP access (from the internet) and normal Exchange access from within the office? Which ports should we open on the firewall for I-MAP to be operational?
Any help and advise will be highly appreciated.
Regards, Rupert
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yup, ive got 2003 in single server and havent had any problems.
ASKER
Hi Simon,
I think the idea is now take shape.
IMAP:
I understand that I-MAP doesn't give the experience of the full Exchange invironment, but could work for just reading mail, viewing your mailbox on Exchange, etc?
OWA:
Outlook Web-Access will give you the full functionality, and the users will hardly realize the difference.
ISSUE:
The issue we still have is that users don't want to be connected all the time, while composing new message, etc.
I.o.w. they want to work off-line and online dial-in to Send / Receive.
What I gather from the information above, a user will have to be connected to the internet to use the Outlook Web-Access functionality?
I-MAP then seems the way to go, or is there another way to have Outlook synchronising with Exchange from the internet, without using a web-interface.
The user should be able to dial-up, connect, download messages, disconnect. Do what ever they need to, for as many hours as they want ... then connect to send and retrieve mail.
The only thing I am not certain of, is how to configure Outlook to use the same mailbox, for "local Exchange connectivity" and "remote IMAP connectivity" .. so that the user will have as little intervention as possible with the switch from "local" to "remote / internet" access.
Please advise
Regards, Rupert
I think the idea is now take shape.
IMAP:
I understand that I-MAP doesn't give the experience of the full Exchange invironment, but could work for just reading mail, viewing your mailbox on Exchange, etc?
OWA:
Outlook Web-Access will give you the full functionality, and the users will hardly realize the difference.
ISSUE:
The issue we still have is that users don't want to be connected all the time, while composing new message, etc.
I.o.w. they want to work off-line and online dial-in to Send / Receive.
What I gather from the information above, a user will have to be connected to the internet to use the Outlook Web-Access functionality?
I-MAP then seems the way to go, or is there another way to have Outlook synchronising with Exchange from the internet, without using a web-interface.
The user should be able to dial-up, connect, download messages, disconnect. Do what ever they need to, for as many hours as they want ... then connect to send and retrieve mail.
The only thing I am not certain of, is how to configure Outlook to use the same mailbox, for "local Exchange connectivity" and "remote IMAP connectivity" .. so that the user will have as little intervention as possible with the switch from "local" to "remote / internet" access.
Please advise
Regards, Rupert
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Exchange has been built with remote working in mind.
OWA does require a connection all the time while you write the email, but Outlook configured to use RPC over HTTPS and cached mode does not. I have written emails on planes before, landed, connected my laptop to the internet and then sent the emails. I have a full copy of my mailbox on the laptop and can make changes to my calendar and contacts. Next time I connect to the internet, those changes are synchronised to my mailbox on the Exchange server.
I would suggest that you try setting up some of the features that have been outlined and experience it for yourself. Working remotely with Exchange and having the full feature set is not the problem that you might think.
Simon.
OWA does require a connection all the time while you write the email, but Outlook configured to use RPC over HTTPS and cached mode does not. I have written emails on planes before, landed, connected my laptop to the internet and then sent the emails. I have a full copy of my mailbox on the laptop and can make changes to my calendar and contacts. Next time I connect to the internet, those changes are synchronised to my mailbox on the Exchange server.
I would suggest that you try setting up some of the features that have been outlined and experience it for yourself. Working remotely with Exchange and having the full feature set is not the problem that you might think.
Simon.
ASKER
I haven't configured Outlook web access as yet, if I remember correctly, you need a front-end server to do this securely?
We configured terminal services in the meantime, but the problem users have, is that they have to be online all the time to work on e-mail messages. They want to be able to compose and read-messages offline, and only go online to receive & send ...
And then the other problem with TS access is that they can't upload and download files, as they are bound to the remote session all the time.
Any idea how we can overcome these issues?
Regards, Rupert