SMA per OWA and ActiveSync
One of our customer need to publish the OWA of Exchange Server 2010 through the Virtual Office of a SMA. OWA should be reached only throught SMA with 2FA auth. He also needs to activate the activesynch feature for smartphones without 2FA nor VPN. This configuration is possible? Is it documented? thanks
BWC Cybersecurity Overlord ✭✭✭
OWA and Active-Sync can be easily deployed with Application Offloading on your SMA, we're talking 100 series (hinted by the Virtual Office)?
About the MFA, you'll need probably two virtual hosts or at least two domains because OTP is triggered via Domain if we're talking about the SNWL provided OTP? For OWA you would select domain-with-otp, not 100% sure about Active-Sync. As a multi-factor for mobile devices you could use Device Managemet to allow only specific devices to access the portal as a additional layer of security.
Having two domains could cause some SSO problems later on, it's a bit tricky to predict.
Thanks Michael. I will double check with our customer. Regards.