RE: [fw-wiz] (no subject)
From: Nieveler, Juergen (Juergen.Nieveler@akzonobeldeco.de)
Date: 11/26/02
- Next message: Lorens Kockum: "Re: [fw-wiz] Inspecting routers"
- Previous message: Kyle R. Hofmann: "Re: [fw-wiz] Inspecting routers"
- Maybe in reply to: Dean Pullen: "[fw-wiz] (no subject)"
- Next in thread: Paul D. Robertson: "RE: [fw-wiz] (no subject)"
- Reply: Paul D. Robertson: "RE: [fw-wiz] (no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Nieveler, Juergen" <Juergen.Nieveler@akzonobeldeco.de> To: 'Paul Robertson' <proberts@patriot.net>, Don Goldstein <Don.Goldstein@CCBUSA.COM> Date: Tue Nov 26 08:00:03 2002
> OWA and IIS haven't exactly had the best record. Add in password
> guessing and a pipe in to an AD or DC, and the upsides don't
> look all that attractive to me. Now, if you're talking about a VPN'd
> segment off the DMZ, you could perhaps minimize the risk, but I don't
think
> I'd advise my closest competitor to field OWA on their DMZ as a strategy
> without some more serious and direct protection.
As I might face a similar situation soon, how about this scenario:
Put the OWA in the LAN, and a reverse Proxy (Squid prefered, but ISA-server
if necessary) in the DMZ?
After all, OWA should only need port 80 and/or 443, shouldn't it?
-- Mit freundlichen Gru?en / Yours sincerely Juergen Nieveler Akzo Nobel Deco GmbH IT / Netzwerk & Systeme eMail: Juergen.Nieveler@AkzoNobelDeco.de Disclaimer: Views are mine, not my employers' -- -------------> IMPORTANT <---------------- This message, including attachments, is confidential and may be privileged. If you are not an intended recipient, please notify the sender then delete and destroy the original message and all copies. You should not copy, forward and/or disclose this message, in whole or in part, without permission of the sender. Diese Nachricht, einschliesslich anhaengender Dateien, ist persoenlich und kann vertraulich sein. Wenn Sie diese Nachricht irrtuemlich erhalten, benachrichtigen Sie bitte den Absender und loeschen Sie bitte die Originalnachricht und alle Kopien. Sie sollten die Nachricht ohne die Zustimmung des Absenders weder ganz noch teilweise kopieren, weiterleiten oder sonstwie weiterverbreiten.
- Next message: Lorens Kockum: "Re: [fw-wiz] Inspecting routers"
- Previous message: Kyle R. Hofmann: "Re: [fw-wiz] Inspecting routers"
- Maybe in reply to: Dean Pullen: "[fw-wiz] (no subject)"
- Next in thread: Paul D. Robertson: "RE: [fw-wiz] (no subject)"
- Reply: Paul D. Robertson: "RE: [fw-wiz] (no subject)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
