Do I need two network interface cards (NICs) in ISA Server or just one? How can I have ISA Server 2004 in a DMZ? I have found a lot of technical documents about ISA Server with Exchange Server, but they all have ISA Server as the firewall.
Yes, you need to have two NIC cards to support the Reverse Proxy function of ISA Server for OWA and OMA. You can still have ISA Server in the DMZ of a third-party firewall. Regardless of the firewall you utilize to create the DMZ, ISA Server in the DMZ has become the recommended configuration from Microsoft for providing the best security for Exchange 2003. See the Microsoft article, Using ISA Server 2004 with Exchange Server 2003, for more information.
Actually you do not need two NICs for the Reverse Proxy function. This is one of the only configurations for ISA Server that does not require another NIC. We have this same setup in our environment where ISA Server is only used for Outlook Web Access (OWA), and we only have one NIC card installed.
Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:
Dig deeper on ISA Server and Firewalls for Microsoft Exchange Server
Related Q&A from Richard Luckett
There are a number of actions to take to implement OWA security, including obvious ones like creating strong password policies. Admins should also ...continue reading
Our resident Microsoft Lync expert explains where to find IP phones that are compatible with Microsoft Lync Server.continue reading
While Cisco IP phones are not directly compatible with Microsoft Lync Server, there are ways to make them compatible. Lync guru Richard Luckett ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.