• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 186
  • Last Modified:

Exchange 2010 internet facing security advice

Gang, Im currently dealing with an environment that has exchange 2003 and exch 2010 co-existing. Since exchange 2010 does not advise placing CAS servers in the DMZ they just have a NAT for their CAS boxes to the outside allowing multiple protocols i.e. owa, autodiscover, pop, etc.
Now we are concerned with Security, as the NAT is not ideal? What would you suggest? The exchange edge role or ForeFront, or separate DMZ or? What is best practice with least intrusion ?
0
DEFclub
Asked:
DEFclub
2 Solutions
 
AkhaterCommented:
NAT is not ideal I'd agree however it is not that bad either, your best option is to have a reverse proxy in the DMZ that would take care of the communication from internet  to the cas. like TMG for example
0
 
Malli BoppeCommented:
I would go with the TMG
0
 
DEFclubAuthor Commented:
k
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now