OWA 2007 - What makes my setup secure?

Posted on 2008-02-12
Medium Priority
Last Modified: 2010-05-19
I have been researching the best way to implement OWA on a Exchange 2007 server.
I have decided to put a Mail Transport server in my dmz, and then the CAS and Exchange 2007 on another server in my lan.

What makes this setup secure/safe from attack?
I need to let my boss know what makes me think this setup is safe.
Question by:gpersand
LVL 58

Expert Comment

by:Pete Long
ID: 20874997
Hello gpersand,

Surely you would put an edge transport server in your DMZ that way you only need to expose a small AD subset using ADAM (which is useless to the human eye) and you only have to open a couple of ports to make it work (you set up an Edge subscription on an internal Exchange server to the Edge Transport Server)



Author Comment

ID: 20875033
If my DMZ edge transport server is compromised, wont that give full access to the lan?
LVL 13

Accepted Solution

consultkhan earned 2000 total points
ID: 20875064

The best way to implemented OWA ,as per Microsoft, is to publish OWA through ISA 2006.ISA is placed in DMZ with edge server and CAs/HUB remains in LOCAL LAN.

ALL client requests are processed on ISA for OWA and relayed through secured SSL channel to CAS/HUB.

read this article.
LVL 31

Expert Comment

ID: 20875074
I don't think the Edge is meant to be completely unprotected.  This particular definition of DMZ would likely include a firewall on both sides.  Also, the Edge server is not meant to be a member of your domain.

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After a recent Outlook migration from a 2007 to 2010 environment, some issues with Distribution List owners were realized. In this article, I explain how that was rectified.
Organisation is organized in a pattern to flow the day to day business, every application and system is interdepended on each other and when very important “Exchange Server downtime” happened.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Suggested Courses

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question