|
Lock down Device access via SSL?
We have a customer requirement to enable Direct Push mail to a number of Vodafone supplied mobile devices
We have an OWA cluster but currently we do NOT allow public access to the email server - this is done via an eGap solution
Therefore we will have to create a public URL to allow these mobile devices to connect to the OWA server via HTTPS. However we dont want any device or browser or PDA to be able to access this device - only a specific range
I understand that we will have to provide a signed SSL certificate on the OWA IIS boxes to allow secure encryption but Im assuming these wont restrict access to just the devices we want them to as they'll be from a trusted CA such as Verisign - SSL being about encryption not about trust
Which leaves us with the option of having to lock down access at the DMZ firewall by IP range which I really dont want to do - not least because if they take these devices onto other networks (i.e. intnl roaming) then the IP address will change
So is there any way we can use SSL to lock down access by phones via SSL? Will client SSL certs let us do this?
|
Follow Us
RSS Feed
Follow on Twitter
Facebook
YouTube
