Exchange Server on AWS
Exchange Server Quick Start

Security

AWS provides a set of building blocks (for example, Amazon EC2 and Amazon VPC) that you can use to provision infrastructure for your applications. In this model, some security capabilities, such as physical security, are the responsibility of AWS and are highlighted in the AWS security whitepaper. Other areas, such as controlling access to applications, fall on the application developer and the tools provided in the Microsoft platform.

This Quick Start configures the following security groups for Exchange Server:

Security group Associated with Inbound source Ports
DomainMemberSGID Exchange nodes, FileServer, RD Gateway, Domain controllers VPC CIDR Standard AP ports
EXCHClientSecurityGroup Exchange nodes, FileServer VPC CIDR

25, 80, 443, 143, 993, 110, 995, 587

ExchangeSecurityGroup Exchange nodes ExchangeSecurityGroup All ports
EXCHEdgeSecurityGroup EXCHEdgeSecurityGroup

Private subnets CIDR

0.0.0.0/0

50636

25

LoadBalancerSecurityGroup Load balancer 0.0.0.0/0 0.0.0.0/0