The internal debate is whether or not the Exchange server itself should go in the DMZ or stay in the internal network. One side says put Exchange (5.5, but moving to 2K) in the DMZ to eliminate traffic from the outside to the inside. The other side of the debate feels that puts sensitive information closer to the edge of the network and that the data is safer on the inside.
Can you offer any suggestions to help us break the deadlock?
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Infrastructure and network security
Ask the Expert: Guidelines for designing a DMZ with defined levels of access
Ask the Expert: Placement of security solutions on a network
This was first published in January 2003