Security Issues For Exchange 2000 Outlook Web Access Implementation

The purpose of this paper is to cover the fundamental security considerations during the implementation of an Exchange 2000 Outlook Web Access (OWA) Front End (FE) server in a demilitarized zone (DMZ) using secure HTTP access. In my own personal research I was unable to find one comprehensive document that covers the various aspects for this implementation. I have consolidated what I consider to be important steps along with some tips for securing an OWA FE server in a DMZ to provide outside access of email to internal users.