Recommended choices other than ISA ?

Recommended choices other than ISA ? (Full Version)

All Forums >> [Microsoft Exchange 2007] >> Secure Messaging

Message

ericthyred -> Recommended choices other than ISA ? (6.Aug.2007 8:21:39 AM)
Hi all, I am still having problems understanding how MS recommends a CAS to be directly accessible from the internet ! The only reason I think of would be to sell more ISA servers... [&:] In case my clients refuse to integrate ISA, is there another product in the market that would have the same benefits than ISA provides regarding CAS accessibility from the internet ? Thanx

rishishah -> RE: Recommended choices other than ISA ? (5.Oct.2007 9:49:39 AM)
Sorry for the late reply to your thread. But why would you even ask such a question? CAS - Client Access Service and hence if you want the client to access Exchange 2007 (besides the MAPI Protocol) than you need to point them to the CAS Server. If your client comes from the internet than you need to open the correct ports for the various Client access methods. ISA 20006 is an enterprise firewall and for OWA/RPC HTTPS/Push E-mail provides some very secure functionality. However any other firewall can also do this, but if you wish to be absolutely secure than you should finf a firewall that allows Reverse SSL Proxying Pre-Connection Authentication against the AD Allowing access to certain web directories only HTTP Methods granularity If not you have to simply open (eg port 443 for OWA/Push E-mail) and simply let your CAS server deal with all the security and the security mess that comes with this. If your client is like many who does not understand that the ISA is actually an EAL4+ firewall than simply deploy another firewall in front of the ISA to make him happy, unless of-cource your client will see reason. HOpe this helps.

Page: [1]