Setting up an OWA Server

Hello - we are currently on Exchange 2003.  We will be implementing some new IronPort email and web filtering.  We will also be creating a DMZ (utilizing a Cisco ASA).  We actually have a tech company coming in to set all that up.  Anyway, what we are going to want to do is set up an OWA server in the DMZ.  I want to be able to allow some users access to email remotely as well as using it for email with smart phones.  Could someone point me in the right direction as far as getting this OWA server setup?  Do I just get another license of Exchange and install it on another box which will go in the DMZ?   This is where I am confused?  Is there an option during install for making this second exchange server utilized for OWA?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Yes, you will need to setup another server with OWA in the scenerio you described. We have an internal Exchnage server that handles all MAPi requests and a webmail server loaded with exchnage and configured with OWA only to handle Https and smart phone traffic. We also have another bes server for blackberries
You'll install it as a second Exchange server, and then configure it to act as a frontend for OWA.  Here's a guide that will walk you through the steps.

Microsoft's recommendation can be found here.

In short, Microsoft recommends creating an OWA frontend behind your firewall and not in the DMZ.  Then configure an ISA reverse proxy in the DMZ.  If you only have one exchange server, then it's not absolutely necessary to install the 'frontend' server for OWA.  You can set up OWA on the exchange server, and then publish this through the ISA server.

If taking this approach, then install ISA, and afterwards, create the rules for publishing exchange.

Just to sum it up, I don't want to steer you away from your plan, especially if company policy deems it so.  I simply wanted to present another option, as well as the information you needed for the specific scenario requested.  Just be sure to secure and disable any unused services/ports regardless or which route you choose.  At that point, you've done what you can to secure it.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.