Hello,
We are moving to a hybrid model for our Exchange system. The Exchange server that is going to be the link between on-prem and cloud has to have a public static IP address. Normally, when we allow traffic in from the outside to a server we restrict the ip range that can enter by using a address group on the source portion of the IPv4 policy. If I am correct in my research at Microsoft this is around 200 FQDN's including some wildcards. Wildcards don't make sense in this use because you can't do a dns lookup on a wildcard name - there could be an infinite number of subdomains. I'm sure I'm not the only Fortinet user with a hybrid model so what do you suggest? I just hate the thought of opening up the server to the whole world.
Thanks for any help!
Hi GHGIT - did you ever get an answer to this? We have the same challenge but i cant find anything (so far) on the Forti site detailing best practice on how to implement a solution.
cheers
Graham
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.