We are testing the IVE's activesync solution to use exchange in IPhone mobile.
However, we think that this solution have little security because anybody can access to exchange server directly without authentication in the IVE. If anybody is able to encapsulate any traffic over SSL this traffic would arrive to exchange server and could take control of this machine and from there jump to any machine in intranet. Have the exchange server enough security to avoid this problem? Would we have risk security with this architecture?
Do you think about that? Is weak?
PD: Will active Sync solution have authentication option in the IVE?
Your only option is to use certificates to protect your static passwords. You will find many entries in the documentation and kb about this.