General discussion

Locked

Front-end proxy for OWA

By Vetch_101 ·
Following on from sterling help from apotheon with regards to Firewalls, I have a question to ask the community....

My MD wants to be able to access Outlook Web Access (Exchange 2000 running on our PDC) from the internet... Whilst this is not exactly a great situation to be in in the first place, I'm absolutely sure that having it on the internal network would be crazy - so I'll have to implement a DMZ to achieve it...

I'm thinking that setting up an Apache reverse proxy in the DMZ to buffer the OWA machine would be a good call...

Is there a problem with this as a concept - will Apache be able to properly protect the OWA? I've got this website as a guide for the process... http://3cx.org/item/46
Is there too great a security risk opening the PDC up on the internet, even behind a proxy?

Would there be an issue with putting an Anti-Spam/Virus gateway on the box too (using Postfix and Spam Assassin) and piping incoming email through that box as well? Or would it be best to keep both DMZ services on separate boxes....?

I was looking at this guide http://flakshack.com/anti-spam/wiki/index.php on OpenBSD for my Anti-Spam proxy - I'm guessing a lot of it is portable between *nixes....

Any help or suggestions would be appreciated...

Many thanks,

Jx

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by CG IT In reply to Front-end proxy for OWA

why don't you consider a stand alone ISA Server 2004 as your perimeter proxy server and firewall.

It will protect the Exchange Server, act as a proxy for internet access and all sorts of other goodies.

Collapse -

by Vetch_101 In reply to Front-end proxy for OWA

Hi,

Thanks to you both for your suggestions.

I think the thing about using ISA Server is that ISA Server is ridiculously expensive... Whereas, OpenBSD and Linux is free - and probably more secure...

The question I was trying to ask is - is there an inherent security risk in running OWA on a PDC, even if it is protected with a proxy server?

Many thanks,

Jx

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums