Hi People of Astaroland
I have a question about the security risks of my Outlook Anywhere (RPC over HTTP) setup.
My current LAN is a Windows 2003 Standard Small Business Server (including exchange) with about 25 workstations all wired together on a main switch. The gateway is my Astaro box running v7.306. Since I only have one NIC on the Win2k3 server, I have its Windows firewall switched off and rely on the Astaro for all the firewalling from external sources.
So far this has worked as I've only had to allow OpenVPN access to the internal network but the number of remote users is increasing and demands for a flexible/faster system are increasing.
In response, I have configured the server for Outlook Anywhere and have successfully connected external machines by forwarding https traffic via DNAT to the internal IP of the server. So far I've done this from known external IP addresses for obvious security reasons.
My question is, what are the security implications of opening port 443 to traffic from the internet as a whole? As I understand it, I'll be relying soley on single factor authorisation of the IIS (ie username and password) on my Win2k3 server which makes me a little uneasy. What do others think? Is the "Outlook Anywhere" system more secure than I think?
Thanks in advance [:S]
Steve
This thread was automatically locked due to age.
