Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Exchange 2010: ActiveSync Design

Posted on 2012-04-10
2
Medium Priority
?
852 Views
Last Modified: 2013-12-27
We're considering introducing Exchange 2010 ActiveSync into our environment.  For one of the domains, we have 2 Exchange 2010 multirole servers running CAS, HUB, and Mailbox.  We also run F5 load balancers.  

For security reasons (and not performance), we're considering adding 2 dedicated CAS servers for ActiveSync.  We would have 2 for redundancy. They would sit on the internal network.  The F5 would sit on the DMZ and act as a reverse proxy.  

My question: Is having dedicated CAS servers for ActiveSync more secure than running ActiveSync off the multirole servers?  It seems like dedicated CAS servers would have a smaller attack surface.
0
Comment
Question by:bsohn417
2 Comments
 
LVL 18

Accepted Solution

by:
Don S. earned 1000 total points
ID: 37829881
Not really.  The attack surface comes from the CAS role.  I don't think the surface changes weather it is on the mailbox server or not.  That said, for performance and management/backup-retore reasons it is generally best practice to seperate the Mailbox role from the CAS role.
0
 
LVL 9

Assisted Solution

by:ash007
ash007 earned 1000 total points
ID: 37831832
It wont matter if its multirole or single role
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
In my humble opinion (IMHO), TouchDown from Symantec is the best in class for this type of application, but Symantec has end-of-lifed it and although one can keep using it, it will no longer be supported or upgraded.  Time to look for alternatives t…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month10 days, 9 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question