We sometimes hear customers talking about locating Exchange 2007 or Exchange 2010 Client Access Servers (CAS) on the perimeter network (also known as the "DMZ" - Demilitarized Zone). A perimeter n...
Published Oct 21, 2009
Version 1.0
Blog Post
With E2K7 is there anything documented in regards to best practices based on the following setup:
Firewall: Hardware/Appliance
Server 1: DMZ - Edge Transport
Server 2: Inside - CAS/Hub Transport
Server 3: DC/GC
*All Servers are running Windows Server 2008 64bit.
*Connector from HT to ET to Internet and Internet to ET to HT for mail delivery.
Questions:
1. Based on the mentioned Connector information/email flow, is this still best practice where port is only opened to DMZ (Internet/ET/HT : HT/ET/Internet) or is it now recommended to punch a hole through the Firewall straight to the HT internally and sent from the HT externally (Internet/HT : HT/Internet)?
2. Where does Forefront GTM fit into this picture (add to DMZ - Edge Transport server or setup on separate server e.g. Server 4: DMZ - Forefront GTM)? Publish E2K7 with FfGTM to allow for OWA or is it not recommended to allow OWA externally anymore and only use Outlook Anywhere via the ET?
Thanks
Firewall: Hardware/Appliance
Server 1: DMZ - Edge Transport
Server 2: Inside - CAS/Hub Transport
Server 3: DC/GC
*All Servers are running Windows Server 2008 64bit.
*Connector from HT to ET to Internet and Internet to ET to HT for mail delivery.
Questions:
1. Based on the mentioned Connector information/email flow, is this still best practice where port is only opened to DMZ (Internet/ET/HT : HT/ET/Internet) or is it now recommended to punch a hole through the Firewall straight to the HT internally and sent from the HT externally (Internet/HT : HT/Internet)?
2. Where does Forefront GTM fit into this picture (add to DMZ - Edge Transport server or setup on separate server e.g. Server 4: DMZ - Forefront GTM)? Publish E2K7 with FfGTM to allow for OWA or is it not recommended to allow OWA externally anymore and only use Outlook Anywhere via the ET?
Thanks