CAS and perimeter networks

If you’re upgrading from Exchange 2003, you might be tempted to assume that the CAS is a direct replacement for the front-end (FE) servers that you deploy into the perimeter network to handle incoming client connections from the Internet and to block unauthenticated connections. A perimeter network (otherwise known as a demilitarized zone) is deployed between the Internet and a company intranet as part of a defense-in-depth strategy. Servers that are able to handle the threat posed by Internet attacks are placed in the perimeter network to detect and block incoming attack vectors. In these scenarios, a firewall separates the FE servers from the rest of the Exchange organization and sanitizes the traffic that flows from ...

Get Microsoft® Exchange Server 2010 Inside Out now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.