Hello,
We are moving to a hybrid model for our Exchange system. The Exchange server that is going to be the link between on-prem and cloud has to have a public static IP address. Normally, when we allow traffic in from the outside to a server we restrict the ip range that can enter by using a address group on the source portion of the IPv4 policy. If I am correct in my research at Microsoft this is around 200 FQDN's including some wildcards. Wildcards don't make sense in this use because you can't do a dns lookup on a wildcard name - there could be an infinite number of subdomains. I'm sure I'm not the only Fortinet user with a hybrid model so what do you suggest? I just hate the thought of opening up the server to the whole world.
Thanks for any help!
