Securely publish Outlook Web Access on Exchange 2007 without ISA server

Question

Is there a way to securely publish Outlook Web Access on Exchange 2007 without the need of an ISA server?

score 3 · Answer 1 · answered Jun 12 '10 at 07:07

It depends on your definition of secure. Many companies expose their client access servers to the internet with nothing but a traditional firewall in front of it, opening just port 443. If you do this, you'd be wise to monitor the Microsoft monthly patches and keep the server up to date with Windows and Exchange patches. If you're not comfortable doing this, then by definition you're looking for an application firewall. ISA is a common choice. Other options are Barracuda's Web Application Firewall or Citrix's NetScaler. If you're using a hardware load balancer, it too might have some application firewall capabilities. For instance, F5 publishes a Deployment Guide for Exchange that includes steps for making Outlook Web Access and other protocols for accessing Exchange more secure via their BigIP.

score 0 · Answer 2 · answered Jul 04 '11 at 00:53

0

I would look at doing an apache server on a linux box sitting in front of owa. This way when your client needs access they go through this gateway first.

answered Jul 04 '11 at 00:53

gdurham

879
7
10

Securely publish Outlook Web Access on Exchange 2007 without ISA server

2 Answers2