Hi All,
We are upgrading to Exch2010 in the next 3 months and then to Exch 2013 thereafter. At the moment we have Exch 2003 FE Server sitting on the internal LAN that host OWA so connections are allowed directly to the LAN. One of our seniour managers have a need to put OWA connections terminate in the DMZ.
Few Questions popped up
1. Is this best practice and recommended by Microsoft?
2. In this post http://social.technet.microsoft.com/Forums/en-US/35c03ed9-be08-4e21-9192-e2167eb79738/alternative-method-for-publish-owa?forum=exchangesvrgeneral I read that letting OWA connections through to your internal LAN just with a firewall NAT is OK and supported by Microsoft
3. If it is best practice to publish things like OWA, etc, what are the best solutions. Is it still worth while to go with TMG and then look for an alternative?
4. By implementing the ET Role in the DMZ does that not make up for some security and does Microsoft not OK that without a Reverse Proxy?
Looking forward to hear from you and the experience you have gained in the field
Thanks in advanced