?
Solved

Need to Secure my internet facing CAS server

Posted on 2011-09-16
2
Medium Priority
?
289 Views
Last Modified: 2012-05-12
hi,

We have an exchange 2010 architecture that contains a site A and a site B. Site A is internet facing behind a firewall and we need to secure the CAS server from an IIS perspective because the default IIs page is showing when you try and access the site without the /owa at the end.
Could anyone please assist with this process
0
Comment
Question by:ablsysadmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 2000 total points
ID: 36549140
Not sure this is really a question of "securing" the IIS server.  Either you're allowing traffic on TCP 80/443, or not.  If you're running OWA on this box, you are.  If you're not running any other custom content on the IIS server, then it will be as secure as OWA can be - so long as you keep your updates current.

From a security perspective, don't run additional sites (especially apps) on the OWA server.  Don't install custom web components, either - just run what Exchange installed to support OWA.

As for the default IIS page, you might write a page that redirects incoming traffic to /owa - preferably using https.  You need only put actual content on the default web root to make the default IIS page go away.

Example default.aspx:
<%@ Page Language="C#" %> 
<script runat="server"> 
  protected override void OnLoad(EventArgs e) 
  { 
      Response.Redirect("https://[YourServerName.somewhere.com/owa"); 
      base.OnLoad(e); 
  } 
</script> 

Open in new window


Or default.html:
<head>
<meta HTTP-EQUIV="REFRESH" content="0; url=https://[YourServerName.somewhere.com/owa"> 
</head>

Open in new window


Hope that helps!
0
 

Author Comment

by:ablsysadmin
ID: 36590615
thanks, will give it a try asap and report back
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question