Exchange Server

AdminKen · Guest

Is it possible to achieve two factor authentication for OWA without using ISA? (I suppose I could use two factor authentication for a entry on to a VPN and then limit the OWA 2003 to the VPN, but that is not what I mean.) I would like to know if I can set up OWA and utilize a system like RAS secureID natively or do I need ISA in front of the OWA to get it to work with two factor authentication?

Also are there any other product that achieve similar results for OWA as ISA?

thanks
Ken

Al Mulnick · Guest

Similar products? Sure, any layer-7 firewall is going to have similar. Depending on the firewall configuration you have, you may or may not be able to get RSA to work with your setup. RSA has documentation on their product to allow you to set it up, but basically it's up to that product to give you the first layer of the two-factor authentication scheme you're talking about. You would have to use RSA first, and then auth to AD for Exchange resources. RSA uses the two-factor scheme (I have something and I know something) for your first layer of auth and is independent of Exchange. I haven't looked at RSA integration lately, but it's possible that would be all you need depending on how it trusts etc.

Al
"AdminKen" <some@microsoft.com> wrote in message news:u7oMbH3sFHA.464@TK2MSFTNGP15.phx.gbl...
Is it possible to achieve two factor authentication for OWA without using ISA? (I suppose I could use two factor authentication for a entry on to a VPN and then limit the OWA 2003 to the VPN, but that is not what I mean.) I would like to know if I can set up OWA and utilize a system like RAS secureID natively or do I need ISA in front of the OWA to get it to work with two factor authentication?

Also are there any other product that achieve similar results for OWA as ISA?

thanks
Ken

ZVR · Guest

OWA works on top of IIS and RSA sells authentication agents that integrate
directly with IIS, if such a setup is desired. No need for ISA or any other
firewall. Check this out:
http://www.rsasecurity.com/node.asp?id=2807

RSA will sell you the entire solution, including the Authentication Manager,
the agent(s), and the tokens.

Virgil

"Al Mulnick" <amulnick_No_SPAM@ncDOTrr.com> wrote in message
news:%23kVVO%235sFHA.1472@TK2MSFTNGP15.phx.gbl...
Similar products? Sure, any layer-7 firewall is going to have similar.
Depending on the firewall configuration you have, you may or may not be able
to get RSA to work with your setup. RSA has documentation on their product
to allow you to set it up, but basically it's up to that product to give you
the first layer of the two-factor authentication scheme you're talking
about. You would have to use RSA first, and then auth to AD for Exchange
resources. RSA uses the two-factor scheme (I have something and I know
something) for your first layer of auth and is independent of Exchange. I
haven't looked at RSA integration lately, but it's possible that would be
all you need depending on how it trusts etc.

Al
"AdminKen" <some@microsoft.com> wrote in message
news:u7oMbH3sFHA.464@TK2MSFTNGP15.phx.gbl...
Is it possible to achieve two factor authentication for OWA without using
ISA? (I suppose I could use two factor authentication for a entry on to a
VPN and then limit the OWA 2003 to the VPN, but that is not what I mean.) I
would like to know if I can set up OWA and utilize a system like RAS
secureID natively or do I need ISA in front of the OWA to get it to work
with two factor authentication?

Also are there any other product that achieve similar results for OWA as
ISA?

thanks
Ken

AdminKen · Guest

Thanks. I guess I thought it needed ISA to make it work.

Can I continue to use Forms based authentication with OWA (IIS 6) with RSA?

Ken

"ZVR" <nospamever@me.net> wrote in message
news:c4ednWqCYvnSSoPeRVn-rg@rogers.com...

ZVR · Guest

	Exchange Server Forum Index -> Design	All times are GMT
Page 1 of 1