Deploying Exchange 2007, ISA 2006 in a pix firewall environment.
I'm in the process of deploying exchange 2007. This is my current setup. Internet == Pix == LAN To have the least impact on throughput, I have some question on deploying Exchange, edge transport, and ISA. Would anyone say this is correct? Internet == ISA == Edge transport == PIX == LAN or Internet == ISA == PIX == LAN PIX DMZ == Edge transport Thanks in advance.
February 25th, 2012 11:48am

I think your second is closer. Each device (ISA / Edge) provides different functionality. I would set it up as follows: Internet - PIX - EDGE (in DMZ) - PIX - LAN Internet - PIX - ISA (dual NIC, Dual DMZ port) - PIX - LAN This works great and provides more security (ISA dual DMZ - no LAN interface). However, I have also setup this: Internet - PIX - ISA - LAN Both will work. JAUCG
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2012 1:46pm

Any updates?JAUCG
February 25th, 2012 2:44pm

I would not recommend putting the ISA in between Exchange and PIX. I would rather publish the OWA behind ISA or behind the PIX. Publishing behind ISA is much better as it does reverse proxy and authentication gets done visa ISA and which is best comparing to PIX. On pix you will have to allow the 443 and fwd the traffic to the translated ip while ISA does inspect the traffic in SSL too. check out this blog. - tmgblog.richardhicks.com Where Technology Meets Talent
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2012 10:47pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics