Is it safe deploy Windows Mobile handsets when we only have one Exchange 2003 server?

Question

Would it not be a security risk to have phones connecting directly to our Exchange server rather than a front end server in a dmz?

Also, we'd need to disable SSL on the Exchange Virtual Directory; would this cause the communications between the handsets and Exchange to be un-encrypted?

Any advice would be appreciated!

Thank you :)

score 1 · Accepted Answer · answered Mar 19 '10 at 14:48

1

Do you currently access the Exchange server from the outside in any way, like OWA? If so, Is it currently secured with an SSL cert? If those answers are yes, then it should not be a problem at all. A lot of SMBs use SBS and have this exact config.

On the second part, why are you disabling SSL?

answered Mar 19 '10 at 14:48

DanBig

11,423
1
29
53

Nope, only internal access the the moment. So I guess we'll need to get some certs setup then to secure it all? According to the M$ blurb (http://support.microsoft.com/default.aspx?scid=kb;en-us;817379), I need to create another virtual directory that doesn't use SSL, otherwise it won't work. Thanks for replying btw! – Mar 19 '10 at 15:31

Is it safe deploy Windows Mobile handsets when we only have one Exchange 2003 server?

1 Answers1