In the end, web front-ends always allow to expose selected parts of any kind of internal (potentially insecure) protocols to the internet through a demilitarized zone that only allows https protocol.
It’s like being allowed to watch the data you are interested in through a glass window, but no touching :)
Webapp probably uses Exchange services internally and exposes only a web interface to the internet
Ah, I suppose that makes sense.
In the end, web front-ends always allow to expose selected parts of any kind of internal (potentially insecure) protocols to the internet through a demilitarized zone that only allows https protocol.
It’s like being allowed to watch the data you are interested in through a glass window, but no touching :)