Q

I want to configure OWA in the most secure setup using a PIX 515. What ports should be enabled?

I'm currently setting up OWA for my network and want to configure the most secure setup using a PIX 515. What ports should be enabled? Should I set connection limits to these ports? If so, how? Should I NAT to my IIS box or should I use the DMZ config?
An OWA is actually an IIS-based Web application with an interface to the backend Exchange Mail store. Clients access the OWA site by making a request to the IIS server over port 80 (HTTP) or port 443 (HTTPS). Since, you want to use SSL, you would only need to enable port 443. You will need to forward all port 443 request from "outside" to "inside". You will need to open OWA to the Internet for it to be able to work. This will require a live address on that particular box and that box will need to talk to the actual Exchange server sitting behind the firewall. Do not put your exchange server environment in the DMZ. Only Web server running the OWA application needs to be in the DMZ.
This was first published in March 2004

Dig deeper on Working With Servers and Desktops

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close