I have a windows 2003 domain with an exchange 2007 as mailserver installed.
All exchange roles are installed on the exchange 2007 server, except the edge server, the 'edge' is installed on a windows 2008 foundation server in the DMZ zone.
Now, our company policy said that the 'OWA' can 't be published through port80/443 on our firewall to the exchange server on our LAN.
If I have to follow that policy, I read about 2 options:
ISA server installation in the DMZ or moving the exchange 'CAS' role to the DMZ.
So my question is, what is the best option (are other opions), what is possible?
I prefer to move the 'CAS' role to the DMZ, an ISA-server is again an extra license...
Can I move the 'CAS' role onto the edge server? or do I have to install a second 64bit server in the DMZ?
If it's not possible to install it on the same server/platform as the edge, can I make an virtual 'CAS' on that server?