Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Exchange 2010: ActiveSync Design

Posted on 2012-04-10
2
805 Views
Last Modified: 2013-12-27
We're considering introducing Exchange 2010 ActiveSync into our environment.  For one of the domains, we have 2 Exchange 2010 multirole servers running CAS, HUB, and Mailbox.  We also run F5 load balancers.  

For security reasons (and not performance), we're considering adding 2 dedicated CAS servers for ActiveSync.  We would have 2 for redundancy. They would sit on the internal network.  The F5 would sit on the DMZ and act as a reverse proxy.  

My question: Is having dedicated CAS servers for ActiveSync more secure than running ActiveSync off the multirole servers?  It seems like dedicated CAS servers would have a smaller attack surface.
0
Comment
Question by:bsohn417
2 Comments
 
LVL 18

Accepted Solution

by:
Don S. earned 250 total points
ID: 37829881
Not really.  The attack surface comes from the CAS role.  I don't think the surface changes weather it is on the mailbox server or not.  That said, for performance and management/backup-retore reasons it is generally best practice to seperate the Mailbox role from the CAS role.
0
 
LVL 9

Assisted Solution

by:ash007
ash007 earned 250 total points
ID: 37831832
It wont matter if its multirole or single role
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
how to add IIS SMTP to handle application/Scanner relays into office 365.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question