For the best security on an Exchange 2007 deployment, I really don't want to open up port 80 on the firewall. I will be using SSL certificates for OWA 2007 from Verisign.
Posted on 2008-10-10
I am deploying client access servers in exchange 2007. I plan to use SSL cerificates from Verisign with OWA. However, many outside users with legacy web browsers might not be able to connect with https Are there any functions in OWA 2007 which require http? I really don't want to expose the internal lan to port 80 if not necessary. An ISA reverse proxy setup will be deployed later, but now we need the client access server behind the inside firewall (not in the dmz) and OWA up and running. I can see the help deskphones ringing off the hook from the external users who can't connect via http if their browsers are not patched. With only SSL port 443 open with a signed certificate from verisign,, there is a higher security configuration on the OWA deployment.
What is your suggestion?