I don't have a definite solution for you, but the options I'm looking into
testing shortly are the following.

1) Allow people access to CRM server(s) via VPN connection. This option is
secure and allows CRM to run on it's default port of 80 (Some MSFT products,
particularly new ones, don't like running on anything other than the default
port.)
2) Open up port 443 and run CRM server(s) using HTTPS. This will require a
either getting a PKI key from Versign or similar, or installing Certificate
Server somewhere in your environment.

Both options ensure data is not transmitted across the public internet in an
unencrypted manner. If you run CRM Server(s) on just port 80 withintegrated
security, you are only protected your user's users passwords from being
hacked/sniffed/etc, CRM data will still be transmitted in clear-text. (If I
remember correctly, CRM required that Digest Authentication not be enabled.)

HTH somewhat,
Jim



For Security reasons
"Frank Lee" <frank@workopia.com> wrote in message
news:007d01c35c42$b7d4f650$a501280a@phx.gbl...

Thanks for the replies folks.
To answer the last two:
We are using ISA server to publish (via Web Publishing Rules function) the
CRM web site from our internal network. The CRM server is not visible to
the outside world. So yes if this were a server with an externally
accessible IP we could just open up a packet filter for it.
Hopefully someone more familiar with ISA than us can shed some light on
this. I opened up a case with MBS support, they were clueless.
Thanks,
Gary



"Jim Budde" <jimbudde@hotmail.com> wrote in message
news:OOV1VhFXDHA.1620@TK2MSFTNGP12.phx.gbl...

Frank,

Thanks for the heads up on wating for 1.2 with regards to running on port
443 with CRM. It comes as no great surprise though, this being the first
release. Minimize risk and go with a plain vanilla install on port 80.

-Jim


"Frank Lee" <frank@workopia.com> wrote in message
news:02e201c35c61$20295a70$a601280a@phx.gbl...