Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Security with exchange in the Domain Controller and VPN's

Status
Not open for further replies.
dianaf

dianaf

Technical User
Jun 23, 2003
13
0
0
GB

Hello!!!

I am running the exchange server software in the windows 2000 domain Controller. Actually We have just that server, We are a small business (11 users).

The point is that we need to implement VPN's, which is really scary for me :(. We got just a Hardware firewall and that server. What should I take in consideration about security? what should i implement?...I think is very dangerous, isn't it?

Hope someone can help me, Thanks in advance,
Diana Foliaco.
 
Sort by date Sort by votes
What is the firewall you purchased? As for security, take a look at It's good place to start for security related topics and whitepapers.

One word of advice: Stay up-to-date on patches and security exploits. Subscribe to Microsoft's Security Newsletter, which they use to send out notifications about security issues. Download the Lite version of HFNETCHK Pro 4.0 from Shavlik. You can get it here,
 
Upvote 0 Downvote
I would suggest getting a second device (VPN-enabled router, VPN-enabled firewall, etc.) to host the VPN, not using the AD server for that. There is quite a load placed on the box when continuously encrypting/decrypting traffic. Depending on the firewall, you may already have the hardware you need...just pay them for the "VPN" software license.

Alex
 
Upvote 0 Downvote
Sir,

The above config is very dangerous... I understand that your a smaller operation however your company may wish to determine how much does security mean to them...

The above config is dangerous because if exchange becomes exploited so has your main source of user authenication adn thats where their passwords are held ;)

However with the above in mind, and i know smaller companies dont have cash to blow esp in the current economy this is what i would do...

Look into the cisco pix 501 or 515e. Depending on how much traffic your expecting. This will provide you with a firewall and a VPN solution.

If you were to buy 2, you could easily link them together to provide site to site vpn.

If you have any questions about the above give me a shout.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
222
Sameer258
Sameer258
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
237
Johnkite
Johnkite
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
190
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
148
Nitta84
Nitta84
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
181
AllenH12
AllenH12

Part and Inventory Search

Sponsor

Back
Top