Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Understanding ISA Server 2006 with Exchange Server 2007

 

Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007

Topic Last Modified: 2007-04-06

This topic provides an overview of how to configure Microsoft Internet Security and Acceleration (ISA) Server 2006 on a computer that is running Microsoft Exchange Server 2007 that has the Client Access server role installed. To help secure your Exchange 2007 deployment, you can use software and hardware firewall solutions. We recommend that you use an advanced firewall server such as ISA Server 2006 with Exchange 2007 because these two products were designed to work together to help secure and enhance the client access experience.

When you use the New Exchange Publishing Rule Wizard to configure your ISA Server computer to allow client access, you automatically configure ISA Server settings that are required for the new features that are in both Exchange 2007 and ISA Server 2006 to work correctly. For more information about how to install a server certificate on ISA Server 2006, see Publishing Exchange Server 2007 with ISA Server 2006.

Microsoft Office Outlook 2007 for Exchange Server 2007 is designed to take full advantage of the new features that are available in ISA Server 2006. When you deploy Exchange 2007 in an environment where ISA Server 2006 is being used to help secure your corporate network, the full set of features for Exchange Client Access is available. For more information, see Using ISA Server 2006 with Outlook Web Access.

In many organizations, users must have mailbox access when they are not in the office. Outlook Anywhere ensures that users can interact with their Microsoft Exchange information from any location. To support this client access method, specific paths must be published on the ISA Server computer. For more information, see Using ISA Server 2006 with Outlook Anywhere.

We recommend that you use ISA Server 2006 to enhance the security of all available client access methods in your Exchange Server 2007 deployment. When you configure Exchange ActiveSync client access together with ISA Server 2006, communications between the Exchange ActiveSync clients and the Exchange server pass through an ISA Server computer to add an additional layer of Secure Sockets Layer (SSL) encryption. For more information, see Using ISA Server 2006 with Exchange ActiveSync.

We recommend that you use ISA Server 2006 for all available client access methods in Exchange 2007. When you publish Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4rev1 (IMAP4) client access together with ISA Server 2006, communications from the POP3 or IMAP4 clients that are located on the Internet to the ISA Server computer and from the ISA Server computer to the Client Access server are encrypted by using SSL. For more information, see Using ISA Server 2006 with POP3 and IMAP4.

When you deploy Exchange 2007, we recommend that you upgrade any earlier versions of ISA Server that you are using.

Deploying Exchange 2007 in an environment that has been configured to use an earlier version of ISA Server, such as ISA Server 2004, will require changes to the ISA Server rules that you might have configured for client access. If you decide to use ISA Server 2004 or ISA Server 2000 with Exchange 2007, you must create new server or Web publishing rules for the new Client Access servers that you want your users to access.

The following table describes the virtual directories to use as paths for the Web and server publishing rules that you must create for client access to Exchange when you use a version of ISA Server that is earlier than ISA Server 2006. Make sure that you use only the paths for the client applications that you plan to use. For example, if you do not plan to use Microsoft Exchange ActiveSync, you do not have to publish the Microsoft-Server-ActiveSync virtual directory.

Exchange 2007 virtual directories that are used as paths in ISA Server publishing rules for earlier versions of ISA Server

Path name Description

/owa

This virtual directory is used by Outlook Web Access to access mailboxes on Exchange 2007 computers that have the Mailbox server role installed.

/public

This virtual directory enables users to access public folders for mailboxes that are located on computers that are running Exchange 2007, Microsoft Exchange Server 2003, or Microsoft Exchange 2000 Server.

/exchweb

This virtual directory is used by Outlook Web Access to access mailboxes on computers that are running Exchange 2003 or Exchange 2000.

/exchange

This virtual directory is used by Outlook Web Access to access mailboxes on computers that are running Exchange 2003 or Exchange 2000.

/UnifiedMessaging

This virtual directory is used for Unified Message access.

/Microsoft-Server-ActiveSync

This virtual directory is used by Exchange ActiveSync.

/EWS

This virtual directory is used for Exchange Web Services.

/Autodiscover

This virtual directory is used by the Autodiscover service for the Exchange ActiveSync and Outlook clients.

/rpc

This virtual directory is used by Outlook Anywhere in Outlook 2007.

For more information about how to configure client access to Microsoft Exchange together with ISA Server 2006, see the following topics:

For more information about the new enhancements to ISA Server 2006 when it is used with Exchange 2007, see What's New and Improved in ISA Server 2006. For more information about ISA Server 2006, see the Microsoft Internet Security and Acceleration Server 2006 Web site. For more information about ISA Server 2006 features, see ISA Server 2006 Features at a Glance.

To ensure that you are reading the most up-to-date information and to find additional Exchange Server 2007 documentation, visit the Exchange Server TechCenter.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.