Do I need two network interface cards (NICs) in ISA Server or just one? How can I have ISA Server 2004 in a DMZ? I have found a lot of technical documents about ISA Server with Exchange Server, but they all have ISA Server as the firewall.
Yes, you need to have two NIC cards to support the Reverse Proxy function of ISA Server for OWA and OMA. You can still have ISA Server in the DMZ of a third-party firewall. Regardless of the firewall you utilize to create the DMZ, ISA Server in the DMZ has become the recommended configuration from Microsoft for providing the best security for Exchange 2003. See the Microsoft article, Using ISA Server 2004 with Exchange Server 2003, for more information.
Actually you do not need two NICs for the Reverse Proxy function. This is one of the only configurations for ISA Server that does not require another NIC. We have this same setup in our environment where ISA Server is only used for Outlook Web Access (OWA), and we only have one NIC card installed.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
Dig Deeper on ISA Server and Firewalls for Microsoft Exchange Server
Related Q&A from Richard Luckett
When you're stumped on how to track email items following a central mailbox move, fix the dilemma by knowing what happens to items in mailboxes when ...continue reading
You can pull out the big guns to manually remove what's left of your failed Exchange Server from Active Directory, but it's best to consider ...continue reading
There are a number of actions to take to implement OWA security, including obvious ones like creating strong password policies. Admins should also ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.