I'm hoping someone can point me in the right direction...
I need to block EWS for external only mail clients, Lync should still be able to connect as well as internal Mac clients.
Our company policy is no un-managed devices can sync mail. In order to enforce this we disable outlook anywhere and only allow our users to connect on the network, VPN or active sync on approved devices.
I was able to do this with Exchange 2010 using a Citrix netscaler as i was doing SSL offloading and was able to have a policy for all external connections. However 2013 does not support SSL offloading (yet... maybe with SP1?)so now I think the best way to do this is in IIS on the CAS array. I do not want to setup a UAG/TMG.
I have been looking around and it looks like URL rewrite or IP blocking is they way to go, but i cant see a way to block based off of user-agent and IP at the same time as to allow Lync from anywhere and Macs from internal.
Thanks
Systems Administrator