RE: Outlook Web Access - Paranoid?

[Frank Knobbe <fknobbe () knobbeits com>]

On Thu, 2002-11-28 at 09:14, Paul D. Robertson wrote:

> Deploying Internet-facing systems that sit on the internal can nullify the 
> firewall.  Do that with either the wrong product at the wrong time, or too 
> many products, and there's no point in _having_ the firewall.

Paul,

I predict this will only be getting worse. The more .NET stuff gets
developed, the more 'Internet-integrated' Microsoft apps become, the
more you will see a firewall becoming a device that will 'break'
Microsoft computing (we see it today with the inability to pass certain
protocols through a firewall either because of protocol-channel design
or inability to pass NAT). Eventually you will have to remove the
firewall to get your MS apps working (or punch so many wholes in it that
we have more open than closed).

Exchange is a perfect example. Compare an Exchange-OWA setup within an
Exchange 5.5 + NT Domain environment and Exchange 2K + AD environment.
Exchange 5.5 didn't have the requirement of also being an Exchange box,
and required less ports to less servers. Exchange 2K requires so much as
Steve indicates...

I know people complain about code-bloat. There is also a bloat here in
regards of protocols and infrastructure. Not sure what to call it other
than protocol-bloat, but I don't like it...

Anyhow, Happy Turkey Day to everyone.

Regards,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part