Hello, i've deployed Mcafee EMM in dual-server configuration, my external FW is based on Cisco ASA, and on my DMZ i have a Reverse Proxy (MS Forefront) that i use to publish Active-Sync, OWA, Outlook Anywhere. The reason of this post is to share my concerns and get help about the guidelines or best practices for publishing the EMM (DMZ) Server to internet.
For start, i can't find a single document explaining this scenario, so if you have any information from mcafee, please be kind to share it. but most importantly, i definitely dont like the idea and not feel confident about exposing IIS directly to internet, i know its secure by certificates, however we all know this is not bulletproof. if possible, i would like to publish EMM using my TMG server. but again, i'm not sure if this is supported by Mcafee.
so please if somebody could helpme with this doubts or provideme some guidelines to secure publish my server, i would be very gratefull.
thanks, have a nice day.