bsohn417
asked on
Exchange 2010: ActiveSync Design
We're considering introducing Exchange 2010 ActiveSync into our environment. For one of the domains, we have 2 Exchange 2010 multirole servers running CAS, HUB, and Mailbox. We also run F5 load balancers.
For security reasons (and not performance), we're considering adding 2 dedicated CAS servers for ActiveSync. We would have 2 for redundancy. They would sit on the internal network. The F5 would sit on the DMZ and act as a reverse proxy.
My question: Is having dedicated CAS servers for ActiveSync more secure than running ActiveSync off the multirole servers? It seems like dedicated CAS servers would have a smaller attack surface.
For security reasons (and not performance), we're considering adding 2 dedicated CAS servers for ActiveSync. We would have 2 for redundancy. They would sit on the internal network. The F5 would sit on the DMZ and act as a reverse proxy.
My question: Is having dedicated CAS servers for ActiveSync more secure than running ActiveSync off the multirole servers? It seems like dedicated CAS servers would have a smaller attack surface.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.