• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA Server 2006 as Exchange Server Front End, Security implications

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA Server 2006 as Exchange Server Front End, Security implications Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA Server 2006 as Exchange Server Front End, Security ... - 14.Oct.2006 12:16:50 AM   
hunglikethor

 

Posts: 112
Joined: 12.Oct.2006
Status: offline
I have decided to take the plunge and transition over to Exchange E-mail infrastructure from current Sendmail. I already have an existing PostFix Mail Gateway and multi-tiered Firewall infrastructure to which I want to add ISA Server 2006 as an Exchange server Front end and an Exchange Back End Server (2003 Enterprise to start, upgrade to 2007) on the trusted LAN. My thought process was to use the ISA Server 2006 in a Exchange Server Front-End role. Since it will be behind two firewalls, I was going to make the ISA Server part of my Windows 2003 R2 native AD domain/forest. ISA Server 2006 will have two NIC cards; one will interface with upstream firewall subnet, the other NIC will be on the same subnet as the corporate LAN.

The Exchange Server 2003 Enterprise will reside on the corporate LAN and also be part of the same Windows 2003 R2 AD domain/forest as ISA Server 2006 machine. Access to the Exchange Server would be either locally on the LAN, or remotely using OWA, Outlook Anywhere, etc via ISA Server 2006. Outbound e-mail would go from any client (internal or external), through the Exchange Server and out the Postfix Mail Gateway. No Front-End server besides the ISA Server 2006 is needed, since this will be the only Exchange server in the domain/forest for the time being.

My security concern is the ISA Server 2006 machine as part of the same AD Domain/Forest as the corporate LAN where the Excahnge Server, Domain Controllers, clients, member servers, etc. I figure since ther are two firewalls between the outside and the ISA Server, that it is well protected. Are there any other security pitfalls or issues I should be concerned with in deploying this configurations?

Thanks in advance for any advice!

Edward Ray
Post #: 1
RE: ISA Server 2006 as Exchange Server Front End, Secur... - 14.Oct.2006 1:23:18 PM   
AndyJG247

 

Posts: 10
Joined: 13.Oct.2006
Status: offline
Regarding the domain membership I found this a really good article.

http://www.isaserver.org/tutorials/Debunking-Myth-that-ISA-Firewall-Should-Not-Domain-Member.html


(in reply to hunglikethor)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> ISA Server 2006 as Exchange Server Front End, Security implications Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts