However, there are several factors that complicate the answer to this question. Many email systems, especially...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Microsoft Exchange, make it quite difficult to separate the webmail front end from the email back end. They require punching so many holes in the firewall -- to allow communication between the two systems -- that they limit the effectiveness of placing them in different network zones.
If you have some flexibility in your network topology, one potential workaround is to create a separate email network zone that is firewalled from both the DMZ and your internal network, and then place both the email and webmail servers in that zone. You may then allow client access there over traditional "fat client" ports from the internal network and webmail ports from the Internet.
Dig Deeper on DMZ Setup and Configuration
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.