In a previous article, I discussed the new server role architecture in Exchange 2013. This article continues the series by discussing the Client Access server role.
While this Exchange server role sh...
Updated Nov 09, 2023
Version 3.0
Blog Post
Hello,
We are a company with 110 Mailboxes (2 IT workers).
We planned to migrate from MDaemon to Exchange 2013 asap but we're actually working on network architecture for it. We already have the VM with Server 2012 installed on but we first want to design our network implementation.
Actually our MDaemon server is actually in our perimeter network - not linked to AD - and we will keep it for a while because we change our mail adress so he will redirect old mail adresses to new one.
To the flow is : WAN request for http or imap or smtp to the mail server are allowed in the FW and redirected to the Mail server in DMZ.
But here is the question :
With new design and role division of Exchange 2013, how to protect the AD from external attack still using activesync, OWA, outlookanywhere, etc...
Do we need to put CAS server on perimeter network ? Opening only needed port between it and AD + MailBox Server or do we put CAS + MBX server on LAN, then redirect all request to the cas server => which i think is not very safe.
What are bests practices for us ?
What's the safest/easiest way to implement exchange 2013 for "not too big company" ?
Thanks to everyone who can help us.