With the number of mobile and remote workers increasing by the day, the need for off-site email access continues...
to grow. Conventional Microsoft Exchange access is always an option, but its speed and simplicity can be hampered by the demand for VPN connectivity. Many organizations turn to Microsoft’s Outlook Anywhere as a simple and convenient remote access email client. Let’s take a look at Outlook Anywhere to find out where it shines.
Going “Anywhere” with Outlook
Outlook Anywhere can establish a remote connection with an organization’s Exchange system without invoking an inefficient VPN connection. Cumbersome authentication features like smart cards or security tokens are also not required to verify a user’s identity.
[With Outlook Anywhere,] there is no requirement to add additional firewall rules just for Outlook client access.
Tom Phillips, Consultant
Users can access Outlook Anywhere via garden-variety Internet connections through secure remote protocol procedure (RPC) over HTTP. This setup allows for email exchanges with almost no modifications to current email or security configurations. It also helps to reduce the possibility of errors or oversights.
“For me, the biggest benefit is the ability to use existing certificates and SSL port rules used by Outlook Web App; providing OWA is already configured,” said Tom Phillips, owner and principal consultant at TG Phillips IT Consulting Inc. in Allen, Texas. “There is no requirement to add additional firewall rules just for Outlook client access.”
There are a few principal requirements for Outlook Anywhere deployment. At a minimum, the server-side must run Microsoft Exchange Server 2003 or Exchange 2007 on Microsoft Windows Server 2003; client-side systems must use Windows XP SP2 or later. The most crucial part of the setup is that the Exchange server must be configured to permit connections through HTTP.
Specifically, Outlook Anywhere relies on a Windows Server component called the RPC over HTTP Proxy component. The component is installed on the client access server (CAS) using the Enable Outlook Anywhere wizard in the Exchange Management Console (EMC).
For added security, administrators can use a reverse-proxy like the Forefront Threat Management Gateway (TMG) server to publish Outlook Anywhere to remote clients.
“Outlook Anywhere will use the same certificate used by OWA and ActiveSync to encrypt the client connections,” said Richard Luckett, president of SYSTMS of New York, a technology consulting and services firm in Rochester, New York. “But it is important that the FQDN that is configured for Outlook Anywhere exists as one of the Subject Alternate Names (SAN) in the certificate.”
Comparing Outlook Anywhere
Experts also note there are no substantial functional differences between Outlook Anywhere and the traditional Microsoft Outlook client; the real difference lies in the connection methodology using RPC over HTTP.
Most users can expect fast and efficient remote access to their email. Luckett points out that network connectivity between the client and server will be managed by an ISP rather than the host company’s IT department. Therefore, ISP service disruptions may disable Outlook Anywhere for clients affected by outages. Then again, that is a common availability caveat for any remote client/server utility.
Outlook Anywhere should also provide a good fit if your organization considers Microsoft’s Office 365 suite. In fact, Microsoft leverages Outlook Anywhere for all of its customers’ Outlook connections.
“For Office 365, Outlook Anywhere is the same as on-premises in terms of functionality,” Phillips said. “In Office 365, it is enabled by default but can be disabled on a per user basis.”