[fw-wiz] Outlook Web Access - Paranoid?

From: Mark L. Evans (MEvans@CO.SLC.UT.US)
Date: 11/26/02


From: "Mark L. Evans" <MEvans@CO.SLC.UT.US>
To: "'Firewall-Wizards (E-mail)" <firewall-wizards@honor.icsalabs.com>
Date: Tue Nov 26 16:14:00 2002

I have really enjoyed the excellent information I've gleaned from this list
over the past few months. I'm in need of some help from the list members on
the issue of securing Outlook Web Access.

We're trying to come up with the least dangerous method of allowing our
users to check their email on MS Exchange. We currently allow them to use
POP3 only. Our management would like to use Outlook Web Access. I have
followed the issue on several mailing lists. I know it's a bad idea to use
Exchange at all but management thinks I am too paranoid on this issue.

It seems the best method is a reverse proxy using squid on a DMZ machine and
then into the IIS server on the inside over SSL. What are your
opinions/suggestions on this issue? Do you have any other methods that are
more secure?

TIA,
Mark L. Evans - CISSP



Relevant Pages

  • HELP (gasp!)
    ... I am about to migrate to Exchange 2003/Enterprise from Exchange 2000 ... network management along with a mail store that ... going to have quota limits and plenty of stern warnings when they approach ... I've exported object lists and indexed the "old forest" from just about ...
    (microsoft.public.exchange.admin)
  • Re: testing laptop based on bsd anyone
    ... I'm not sure what tools and drivers you are have issues with, ... lists should help ... I'm having problems with wireless pen-tests due to the linux drivers ... vulnerability management needs. ...
    (Pen-Test)
  • Re: career doldrums
    ... For example, our division management requires ... denial-of-service problems with mailing lists (if a couple of list members have ... give me local admin privs?" ... and the maintenance crews were rather militant groups of their union, ...
    (sci.research.careers)
  • Re: career doldrums
    ... For example, our division management requires ... denial-of-service problems with mailing lists (if a couple of list members have ... give me local admin privs?" ... Neither side will budge. ...
    (sci.research.careers)
  • Re: career doldrums
    ... they can see who is eligible to be eventually welcomed into the domain of management. ... When we complained, they explained that the OoO messages could theoretically verify that your email address is "live" for any spammers who email you, and it could also cause denial-of-service problems with mailing lists. ... They refuse to give us even local-machine admin privs. ... I spent my undergrad summers working in an oil refinery. ...
    (sci.research.careers)