OK, I got my Exchange server up and running and I am toying with the idea of opening up RPC over HTTP to allow access to the server from the outside world. I've read some conflicting statements over how secure it is. Plus the fact that is says HTTP and not HTTPS gives me the heebeejeebies...
I don't have enough client licenses through my firewall to support as many VPN connections as I have, nor can I afford as many as I need. And, Microsoft's VPN to me is like their antivirus software... It will stop something but it isn't true protection...
Any suggestions as to how I can give my people access to Exchange without compromising security, to much as I know any hole to the server is a risk...???
Thanks!
As a part of setting up RPC over Http on an Outlook client you will have the option to enforce SSL connections by checking the box by "Connect using SSL only, and then select Mutually authenticate the session when connecting with SSL."
HTH
Simon