Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to block Outlook 2007 access over a WAN

Posted on 2009-04-02
4
Medium Priority
?
412 Views
Last Modified: 2012-05-06
We have an MPLS network with all of our sites connected through VPN tunnells.  Somehow, our users have figured out that they can open Outlook and get to their email.  We don't want this to happen.
Is there a way to block Outlook 2007 from connecting through the firewall?  Maybe a port number or something?
I don't want to block it in Group Policy, because I want them to be able to open Outlook if they need to.  Sometimes we send them disks that have PST files and they need to read them.  So blocking Outlook all together is not an option.

Also, keep in mind that I need to be able to centrally manage this change.  I don't want to go into each person's host file and change that.
0
Comment
Question by:Robins_Morton
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 24052855
Question, how do users get their email if they don't use outlook?  Do you only allow web based OWA mail?  

Outlook uses RPC to connect to the Exchange box which has a dynamic port range.    So blocking it is not feasible.   I would use a software firewall on the exchange box, or create a VLAN for the exchange box to limit the host to communications with only specified boxes such as the Domain Controller, EDGE Server, Blackberry server, etc....  


0
 

Author Comment

by:Robins_Morton
ID: 24052937
Our users use Citrix for all of their remote computing.  

I want to make sure that our in-house users can still get to the exchange server.  The in-house users are on a seperate VLAN, but they have to be able to see the server's VLAN, so VLAN seperation is not an option.  Changing the IP address of the Exchange server is not an option either.  I have too much stuff tied to that IP address.

What kind of software firewall?  Is there one that will block an IP range?  My remote users all come through a different set of IP addresses.
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 24053469
If the exchange is on a VLAN, and you use cisco switches, you can create or edit an ACL that controls access into the VLAN.   A simple acl that allows certain ranges, then denies everything else would work.  

Would you consider that?  
0
 

Accepted Solution

by:
Robins_Morton earned 0 total points
ID: 24354029
I have found a work around.  We are going to just use Group Policy to deny Outlook from opening.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Large Outlook files lead to various unwanted errors and corruption issues. Furthermore, large outlook files can also make Outlook take longer to start-up, search, navigate, and shut-down. So, In this article, i will discuss a method to make your Out…
Many people use more than one email account and so it becomes difficult for them to manage them when they use separate accounts,  so, in this article, I have shared an easy way to add Other Mail Accounts in your Google Inbox. It helps to combine all…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question