<div>
TMG provides exchange with an application filters for SMTP/HTTP/S. with out TMG for sure the security level is lower.<br />
<br />
By publishing exchange services through TMG/ISA (reverse proxy), TMG filter the traffic and analyzing it then proceed it according to the setting configure on the publish rule. without TMG traffic goes directly to the exchange server which could be a kind of attack traffic.
</div>


<div>
Sulimanw,<br />
<br />
I understand that over 6000$ per CPU per server (Enterprise in order to build an array) &nbsp;are going to give you a layer of security.<br />
<br />
The question is besides relaxing the security what else am I going to lose? Any features? &nbsp; <br />
<br />
Is anyone out there running his production env without TMG or ISA? <br />
<br />

</div>


<div>
I have a client running exchange with only windows firewall enabled - public IP is assigned in the exchange server itself-.<br />
<br />
It is running since 5 years, nothing happened (no attacks), but no one can know when it will be attacked ! 
</div>


<div>
Is this configuration supported by MS? It's my understanding that as long as your CAS server is not placed in the DMZ you the configuration is supported. <br />

</div>


<div>
Yes it is supported, but not secured at all.
</div>


<div>
I forgot to add that yes the configuration is supported by MS
</div>


<div>
<div class="content wysiwyg-content">
We would like to migrate from Exchange 2003 to 2010 by doing the following configuration: <br />
&nbsp;<br />
1:1 NAT public IP to the CAS array IP<br />
&nbsp;<br />
2 servers - &gt;&nbsp;with CAS (WNLB) and HUB configured <br />
&nbsp;<br />
2 servers -&gt; MBX with DAG<br />
&nbsp;<br />
Anyone running something like the above scenario in a production env.? For the scenario above what is going to be the downside of not using a TMG server? <br />
<br />
<br />

</div>
</div>


We would like to migrate from Exchange 2003 to 2010 by doing the following configuration: 
 
1:1 NAT public IP to the CAS array IP
 
2 servers - > with CAS (WNLB) and HUB configured 
 
2 servers -> MBX with DAG
 
Anyone running something like the above scenario in a production env.? For the scenario above what is going to be the downside of not using a TMG server? 




Anyone running Exchange 2010 SP1 with 1:1 NAT public IP to the CAS array IP instead of TMG

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.