Hi there!
I have two questions about securing exchange2010-owa.
The first question is:
I have a small enviroment where the exchange-server is installed on the domain-controller.
Is the system enough protected, when its always on an actual patch-level, all user-passwords are strong and the system is protected by the WAF?
Second question: Would it be a good idea to restrict the access to the owa to those users who have a client-certificate? And how do I do so?
The UTM is already reacheable over security.example.net and the UTM has a selfsigned cert for this domain.
Ok, there is a third question: Is it possible to restrict the access on the exchange-webserver to OWA and prohibit browsing all others paths?
Thanks al lot J.Kontny
I have two questions about securing exchange2010-owa.
The first question is:
I have a small enviroment where the exchange-server is installed on the domain-controller.
Is the system enough protected, when its always on an actual patch-level, all user-passwords are strong and the system is protected by the WAF?
Second question: Would it be a good idea to restrict the access to the owa to those users who have a client-certificate? And how do I do so?
The UTM is already reacheable over security.example.net and the UTM has a selfsigned cert for this domain.
Ok, there is a third question: Is it possible to restrict the access on the exchange-webserver to OWA and prohibit browsing all others paths?
Thanks al lot J.Kontny