Re: [fw-wiz] PIX -> ISA -> OWA Configuration
From: Danny (nocmonkey_at_gmail.com)
Date: 05/05/05
- Previous message: Behm, Jeffrey L.: "RE: [fw-wiz] Hopefully not too OT"
- In reply to: Jason Gomes: "[fw-wiz] PIX -> ISA -> OWA Configuration"
- Next in thread: Chris Blask: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Jason Gomes <greyline@phreaker.net> Date: Thu, 5 May 2005 14:25:48 -0400
On 5/1/05, Jason Gomes <greyline@phreaker.net> wrote:
> What is the preferred placement for a OWA front-end server given these
> two possible network configurations and why?
>
> 1) [Internet] <==> [PIX Firewall] <==> [ISA Proxy] <==> [PIX Firewall]
> <==> [OWA] <==> [Internal Net w/Exchange Svr]
>
> 2) [Internet] <==> [PIX Firewall] <==> [ISA Proxy] <==> [OWA] <==> [PIX
> Firewall] <==> [Internal Net w/Exchange Svr]
>
> Notes:
> The ISA server is performing a reverse proxy for HTTPS connections.
> In #1, the backend firewall will only allow port 443 through to OWA.
> In #2, all ports required for OWA to communicate with the internal
> exchange server is allowed.
What type of clients? Road warrior employees with laptops? If so, how about:
3) Verified client with proprietary VPN client and AES 256 -> Big bad
Innernat -> Firewall only allowing connections from proprietary VPN
client -> ISA Proxy -> OWA & Exchange
...D
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Behm, Jeffrey L.: "RE: [fw-wiz] Hopefully not too OT"
- In reply to: Jason Gomes: "[fw-wiz] PIX -> ISA -> OWA Configuration"
- Next in thread: Chris Blask: "RE: [fw-wiz] PIX -> ISA -> OWA Configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
