• Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ActiveSync security question

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> ActiveSync security question Page: [1]
Message << Older Topic   Newer Topic >>
ActiveSync security question - 27.Jun.2014 1:04:21 PM   


Posts: 5
Joined: 24.Mar.2009
Status: offline
We have OWA secured with 2-factor authentication using a security token (Safeword). ActiveSync requires SSL, but has no security layer before credentials are passed through it. This is a security concern of ours, since it allows anyone to lock-out domain accounts by providing an incorrect password for a domain user account.

I'm curious how others are securing ActiveSync. As I understand it, it uses the same port 443 as OWA, on the same server. How could we block ActiveSync to the public without blocking OWA? We would still need to provide it internally, externally through the VPN and to the DMZ behind the Mobile Iron Sentry. ActiveSync policy is inadequate, since it requires the client to uphold that policy.

Thanks for any advice.

< Message edited by RadioActiveLamb -- 27.Jun.2014 1:07:46 PM >
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2010] >> Outlook Web Access >> ActiveSync security question Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts

Follow TechGenix on Twitter