RPC/HTTPS Security Question...

RPC/HTTPS Security Question... (Full Version)

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing

Message

charlieit -> RPC/HTTPS Security Question... (3.Nov.2009 1:18:05 PM)
I have OWA working beautifully using ISA 2006. I also have RPC over HTTPS working for Outlook clients who connect using VPN. Question: Is it an "acceptable" security practice to allow Outlook clients to connect (using RPC over HTTP) WITHOUT using VPN? I don't feel as if it should be--because the only security OWA really provides is an encrypted username/password (which is what RPC over HTTP is doing)...right? If it IS an acceptable practice, does anyone know where I can find how to setup ISA to do this? Thanks, Charlie

paulo.oliveira -> RE: RPC/HTTPS Security Question... (4.Nov.2009 3:54:20 PM)
Hi, from my point of view it is a good security, specially when you have ISA in place. Besides the SSL encryption, you still have the advantage of ISA features like pre-authentication and application layer inspection. On this web site there´s a lot of articles regarding this subject. Or you can take a look at Technet web site also. Regards, Paulo Oliveira.

Page: [1]