We have two exchange 2003 sp2 servers on w2k3 server and 2 old exchange 5.5 servers in a windows 2000 Mixed mode with 2 winnt BDCs. All mailboxes have been moved to the new exchange 2003 servers already. I would like to install one exchange 2003 server-owa as front end for users to access our two backend exchange 2003 servers. We have one checkpoint firewall in front of all servers. Based on the link below, I have some questions. http://www.msexchange.org/tutorials/owa_exchange_server_2003.html
Do I need to run IIS lockdown to secure our front end server?(even if we filter out traffic through firewall).
Where do you get the IIS lockdown if we need one?
If I select "this is a front-end server" on new Server-owa using ESM>Server object>properties, is there any impact on mailboxes of our two backend 2003 servers and exchange 5.5 servers during the day?
Can we deselect the checkbox to make it a backend server again or it is a one-way street?
What are the major steps to implement the Front End server quickly without complicated registry modification?
Here is our network diagram.
internet -- Checkpoint Firewall ---(Exchange 2003, exchange 5.5, Server OWA, Two
w2k domain controllers & two winnt bdcs within the same hub)
For example(my version below, please correct it):
1) Enable a new exchange 2003 server and select the front end checkbox via ESM
2) Purchase SSL from Verisign
3) Enable SSL on new server-owa following instructions from Verisign
4) What ports need to be opened in firewall?
5) What changes need to be done in Domain controller and server-owa front end server?
6) What needs to be done on our existing two backend exchange 2003 servers
7) I assume we do not need to do anything on exchange 5.5 servers(They will be removed soon)
Thanks a lot for any inputs.