Exchange 2010 and OWA

Home Forums Messaging Software Exchange 2007 / 2010 / 2013 Exchange 2010 and OWA

This topic contains 7 replies, has 5 voices, and was last updated by Avatar ThaHomie 7 years, 2 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • Avatar
    Ghostrocket
    Member
    #159004

    Hi all,

    Apologies if this sounds a daft question but I am coming back to Exchange after a 6 year absence.

    I last used 2003 and we used to have a separate frontend OWA server that sat within our DMZ, then our main mail server backend behind the firewall.

    I have been reading all morning about Exchange 2010 and it seems that most suggestions now seem to advice using TMG and Exchange 2010 with client access installed/implemented to allow access via the web, mobile etc.

    I wondered if this was the case and things have changed and you don’t have OWA frontend as such. Should anyone have any guides, advice or suggestions I would be chuffed to read them.

    Trust me after 4 hours of google my head hurts so sorry if this annoys someone.

    be gentle :)

    Avatar
    wullieb1
    Moderator
    #243707

    Re: Exchange 2010 and OWA

    You don’t have to use TMG.

    What did you use previously for this?? I.E did you have some sort of spam filter in front of your Front End server??

    If not then you would install an Edge Server in your DMZ and a CAS in the network.

    Avatar
    ThaHomie
    Member
    #384796

    Re: Exchange 2010 and OWA

    wullieb1;260079 wrote:
    You don’t have to use TMG.

    What did you use previously for this?? I.E did you have some sort of spam filter in front of your Front End server??

    If not then you would install an Edge Server in your DMZ and a CAS in the network.

    yeah sorry we had mailsweeper.

    So in essence we would need mailsweeper or something similar in the DMZ then Exchange 2010 with the CAS/OWA on our network. Correct ?

    Sorry I just like to do an ‘apples for apples’ comparison :)

    tehcamel
    tehcamel
    Moderator
    #358919

    Re: Exchange 2010 and OWA

    a Client Access Server would be similar to your “front-end” server in the DMZ….

    then have Hub-Transport/Mailbox etc roles on the server within the green zone

    Avatar
    ThaHomie
    Member
    #384797

    Re: Exchange 2010 and OWA

    tehcamel;260090 wrote:
    a Client Access Server would be similar to your “front-end” server in the DMZ….

    then have Hub-Transport/Mailbox etc roles on the server within the green zone

    So in essence your CAS/OWA server would sit in the DMZ with some additional spam/virus filtering and your main exchange server within your network.

    Or you can have your spam filtering in DMZ then your CAS/Exchange server on your network.

    So depending on your preferred setup

    Avatar
    wullieb1
    Moderator
    #243715

    Re: Exchange 2010 and OWA

    No.

    Your CAS server should be on your network. I wouldn’t put a CAS in my DMZ as it chats to AD.

    My setup with what you have at the moment would be this.

    Internet – DMZ – MailSweeper – LAN – CAS/HT/MBX

    Some light bedtime reading here for you.

    http://technet.microsoft.com/en-us/library/dd298114

    Avatar
    ThaHomie
    Member
    #384798

    Re: Exchange 2010 and OWA

    wullieb1;260160 wrote:
    No.

    Your CAS server should be on your network. I wouldn’t put a CAS in my DMZ as it chats to AD.

    My setup with what you have at the moment would be this.

    Internet – DMZ – MailSweeper – LAN – CAS/HT/MBX

    Some light bedtime reading here for you.

    http://technet.microsoft.com/en-us/library/dd298114

    Ok thanks for that, I have read that light reading previously.
    My head is still hurting.

    Avatar
    Sembee
    Member
    #260793

    Re: Exchange 2010 and OWA

    It is not supported to put any part of Exchange in to a DMZ, except for an Edge server (which handles SMTP email only). It was also considered bad practise to put a frontend server in to a DMZ in Exchange 2003 days because of the swiss cheese it made your firewall.

    Therefore if you want to have something between Exchange and the Internet, then something like TMG would be your only choice.

    Simon.

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

Register for this Petri Webinar!

Software-Defined Unlimited Backup Storage

Tuesday, August 27, 2019 @ 1:00 pm EDT

A Scale-Out Backup storage infrastructure is a must-have technology for your backups. In this webinar, join expert Rick Vanover for a look on what real-world problems are solved by the Scale-Out Backup Repository.

Register Now

Sponsored By