Is it ok to setup IIS6 on the same box that have Exchange what impact that
will have on security I already have a wtchguard Firwall.

Thank You

Thank you for your help

My website is finalize and I was just wondering if it is ok to just put it
within the same box of the exchange.

From my understanding I think I need IIS to allow the access for the website
and set it up.

in reference to Exchange I think the port I am using on the Firewall is
HTTPS is this mean that my OWA is coming through SSL or not


I hope my Q? are not sound stupid I am just trying to learn.

Thnk You very much for your replay


[quoted text, click to view]

In article <O2q2YCMBFHA.3924@TK2MSFTNGP10.phx.gbl>, msw@hotmail.com
says...
[quoted text, click to view]

Need more info - what are you going to be doing with IIS?

We run IIS on all our exchange servers to provide OWA through SSL. We do
not allow OWA via HTTP.

In one or two instances we have permitted a static web site to run on
the same box as the Exchange server, but not anything that we could not
secure and lock-down, and at it's own IP also.

Just make sure that you don't enable OWA through HTTP, use SSL even if
you need to create your own certificate.

--
--
spamfree999@rrohio.com

Exchange requires IIS in order to run OWA (Outlook Web Access), so it's
probably already there. As for what impact it'll have, well, that depends on
how you configure it, but it's pretty tight by default. Fill us in with a
bit more detail and we might be able to offer more.


--
Jason Brown
Microsoft GTSC, IIS

This posting is provided "AS IS" with no warranties, and confers no
rights.


[quoted text, click to view]

In article <OH7kTcVBFHA.3524@TK2MSFTNGP15.phx.gbl>, msw@hotmail.com
says...
[quoted text, click to view]

There is no way to know based on the limited (none) information you've
provided about what the site is for/doing. If it's a site where the
users must register with their Windows user name and password, then I
would not do it, unless it's through a HTTP (SSL) port.

[quoted text, click to view]

If you are hosting a company website and also OWA, then you already have
IIS setup, the real question is do you have it secured.

[quoted text, click to view]

HTTPS is 443 or SSL for firewalls - that means that you already have OWA
setup using SSL, if you allow HTTP inbound on the same IP you could be
asking for problems.

Setup a second IP on the server nic exposed to the internet and run the
open web site from it - then create a rule in the firewall to map HTTP
to that IP.

[quoted text, click to view]

There are no stupid questions, at least not as long as you ask them.

[quoted text, click to view]

Have you locked down the system? Have you run the MBSA on it? Do you
have quality Anti-Virus software running on the server?

[quoted text, click to view]

--
--
spamfree999@rrohio.com