Sophos UTM 9: Web server protection and Outlook for Android / iOS

I was once again led astray. I had installed an update for Exchange when a short time later the Outlook app for iOS and Android stopped working. The app was no longer synchronizing data and there were no error messages. As I had carried out an update shortly before, I suspected this at first. ... Read more

Exchange 2016: ActiveSync account requires the domain to be specified

When migrating to Exchange 2016, you may come across the following problem: For smartphones or other ActiveSync devices, the domain was previously optional and was left blank, as can be seen in the following screenshot of an iPhone: If the CAS proxy function is now used for coexistence between Exchange 2010/2013 and ... Read more

Apple, ActiveSync and StartCom / StartSSL / WoSign

I am currently receiving a lot of inquiries about ActiveSync and Apple devices. Apple devices do not want to establish an ActiveSync connection with Exchange using the integrated Mail app. So if you find your environment in the following description, you will run into the problem described: Apple devices with the integrated mail app (iPhone, iPad) The SSL certificate comes from StartCom / StartSSL ... Read more

Exchange 2010/2013: Block Outlook app for iOS and Android

I have already written a howto for setting up the Outlook app for iOS. However, the app has the "small" disadvantage that the user name and password are transmitted to Microsoft: https://blog.winkelmeyer.com/2015/01/warning-microsofts-outlook-app-for-ios-breaks-your-company-security/ To prevent users from using the app and passwords from leaving the company, an ActiveSync policy can be created on the Exchange server to block the app: ... Read more

Setting up Exchange with Outlook for iOS (iPad / iPhone)

Outlook has also been available for iOS and Android since 29.01.15. Here is a short howto for setting it up in conjunction with Exchange Server. However, caution is advised when using Outlook for iOS and Android: https://blog.winkelmeyer.com/2015/01/warning-microsofts-outlook-app-for-ios-breaks-your-company-security/ If you still want to use Outlook for iOS, please read on now: The introduction can be canceled with the "X". ... Read more

Exchange 2013: Sophos UTM 9.3 WAF as reverse proxy for Outlook Anywhere, OWA, ActiveSync and Autodiscover

I didn't really warm to the Sophos UTM 9.2 WAF in conjunction with Exchange 2013. In my opinion, there were too many things that didn't work as I expected. But Sophos UTM 9.3 is now available, so it's time for a new test. The environment is almost unchanged: It ... Read more

Exchange 2010: Options for ActiveSync error analysis

In most environments, the Windows Event Viewer is a good first port of call to identify ActiveSync problems. In environments with multiple CAS servers, the logs of each CAS server must be checked. The Windows Event Log can be filtered by the source "MSExchange ActiveSync" for this purpose: Parallel to the event display, the general function can also be checked using the test CMDlet ... Read more

Exchange 2013: Sophos UTM 9.2 WAF as reverse proxy for Outlook Anywhere, OWA, ActiveSync and Autodiscover

Foreword Some time ago, I had already tested some alternatives to Forefront TMG. I had already tested an older version of Sophos UTM. However, version 9.2 is now available, in which the web application firewall (WAF) has been significantly improved according to Sophos. I therefore took a closer look at Sophos UTM. ... Read more