TABLE OF CONTENTS Enterprise Exchange 2003 users will typically use Outlook 2003 (or earlier versions) as their client of choice when inside the corporate environment and accessing their Exchange mailboxes. When such users require access to their mailboxes from outside the corporate environment, several different approaches can be employed. These approaches can include dial-up connections or tunneled/Virtual Private Network (VPN) sessions using the Routing and Remote Access Service (RRAS). More commonly though, users are often turning to OWA to provide a means to access their Exchange mailboxes.
For a user to get access to an Exchange mailbox from a Web browser somewhere on the Internet, a connection needs to be established from the Web browser to typically an Exchange 2003 Front-End server within the corporate environment using HTTP. The Exchange 2003 Front-End server will then proxy the HTTP connection to the appropriate Exchange 2003 Back-End server. Several approaches can be used for this task, each with varying degrees of complexity, cost, and security. This chapter discusses perhaps the most common means of implementing this architecture and reviews several significantly more secure approaches that achieve the same goal.
For reasons of security, it is unwise to open a corporate firewall to allow access from Web browser clients straight through to Front-End and Back-End servers on the internal part of the network. Why is it unwise? Basically because you have to open your firewall such that any computer on the Internet can connect over...
