Exchange 2007 Edge or Client Access Server in DMZ?
Posted on 2007-11-28
I have two servers for Exchange 2007 and a Cisco ASA 5500. I want to put one of these Exchange servers in the DMZ and the other in the inside network. I need to provide OWA and Outlook Anywhere to users on the Internet. The ASA will perform firewall and some content filtering prior to packets arriving into the DMZ.
I thought I had this figured out, but I"m now confused. Is it better to put the Edge server in the DMZ and have all the other roles on the server in the inside network, or do I scrap the Edge server role completely and put the Client Access Server in the DMZ and the other roles in the inside network?
Thanks in advance.