Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 273
  • Last Modified:

Securing Exchange 2003

Hello,

I am planning on deploying Exchange 2003 (On a Windows 2003 R2 server) on our network, specifically for the purpose of serving remote users who can benefit from remote ActiveSync and Window Mobile.

Obviously, this server will need to be on the internal network (In order to communicate with the other Exchange Servers and Domain Controllers).

However, this server will also need to be open to the internet (In order for remote users to connect and sync)

What are the best practices as far as security is concerned?

It looks to me like I will be fine with blocking everything except TCP ports 990, 999, 5678, 5679. What things do I need to be concerned about with these ports being open?
0
matheweis
Asked:
matheweis
  • 2
1 Solution
 
SembeeCommented:
Where did you get those ports from?
If you have users coming in remotely to sync with the server, whether from Outlook or handhelds, you only need one port - 443. Exchange can be deployed with a total of two ports open - 25 (SMTP) and 443 (HTTPS). No other ports are required.
You will need an SSL certificate - GoDaddy's US$20 certificates are trusted by Windows Mobile without any changes, or you could use another certificate provider and import the root.

Simon.
0
 
matheweisAuthor Commented:
I assumed (obviously incorrectly) that Remote Activesync uses the same ports as ActiveSync.

Thank you for the input - it's exactly what I needed!
0
 
SembeeCommented:
The only thing that Exchange ActiveSync and the desktop ActiveSync share in common is the name. Their operation otherwise is totally independent.

Simon.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now