You can use Microsoft ISA Server as a standalone firewall, and you can also use it to publish Exchange resources (e.g., OWA, SMTP, IMAP4, POP3, RPC over HTTP). But because an Exchange front-end server needs to communicate with Active Directory before it can proxy a client request to a back-end server, most folks prefer to not put the front-end server in a DMZ. Instead, most folks will open a port on their firewall and direct it to one or more front-end servers inside the network. This would mean you only have to open a single port per protocol (e.g., 443 for HTTPS, 993 for IMAPS and 25 for SMTP).
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.