Web/Database/Exchange Servers and a Firewall Architecture Redesign
I have a network architecture that needs to be redesign to fulfill some needs. Need:Webserver need to proactively notify exchange server to send out email message Current architecture:Exchange and Database server behind firewall, Webserver ouside firewall. Webserver are not able to communicate with exchange server unless a dedicated port is open. Alternative design:Exchange, Database server, and Webserver all behind firewall. Open a port for public user to access the web server. 1. Which architecture is better?2. In either design, how should the web server communicate with the exchange server while maintaining high security protecture?3. In either design, what other security threats should be taken into consideration? and what are the solution to it?
July 30th, 2009 2:42am

I would prefer Alternate design to have Webserver in the same network as Exchange has but in that case you need to evaluate the security risk of opening ports to access web server. However you can also go for current design by opening port 25 in single direction from Webserver to Exchange server and creating scopped Receive connector on Exchange to receive anonymous mails just from webserver IP address... Allowing application servers to relay off Exchange Server 2007 http://msexchangeteam.com/archive/2006/12/28/432013.aspxAmit Tank | MVP Exchange Server | MCITP: EMA | MCSA: M | http://ExchangeShare.WordPress.com
Free Windows Admin Tool Kit Click here and download it now
July 30th, 2009 7:33am

Any other suggestions?
August 6th, 2009 10:01pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics