Securing Other Exchange-Supported Protocols
by MCSA Michael Noel - MCSE+I, CISSP Kenton Gardinier - MCSE MCSA, Joe R. Coca, Ran
Microsoft® Exchange Server 2003 Unleashed
- Copyright
- Foreword
- Acknowledgments
- We Want to Hear from You!
- Introduction
- Microsoft Exchange Server 2003 Overview
- Exchange Server 2003 Technology Primer
- Using Exchange 2003 As an Email and Calendaring Solution
- Taking Advantage of Active Directory in Exchange
- Leveraging the Exchange 2003 As a Web Access Solution
- Expanding into the New Wireless and Mobility Technologies
- Choosing the Right Time to Migrate to Exchange 2003
- Understanding the Two Versions of Exchange 2003
- Understanding How Improvements in Windows 2003 Enhance Exchange 2003
- Reliability Enhancements in Exchange Server 2003
- Expanding on Manageability and Administration Benefits of Exchange 2003
- Improvements in Exchange 2003 Security
- Leveraging Mobility in Exchange 2003
- Performance Improvements in Exchange 2003
- Solidifying Core Technologies for Exchange 2003
- Summary
- Best Practices
- Planning, Prototyping, Migrating, and Deploying Exchange Server 2003
- Initiation, Planning, Testing, and Implementation: The Four Phases to the Upgrade
- Initiation Phase: Defining the Scope and Goals
- Initiation Phase: Creating the Statement of Work
- Planning Phase: Discovery
- Planning Phase: Creating the Design Document
- Creating the Migration Document
- The Prototype Phase
- The Testing Phase: Validating the Plan to a Limited Number of Users
- The Implementation
- Summary
- Best Practices
- Installing Exchange Server 2003
- Preparing for Implementation of Exchange 2003
- Preparing to Install Exchange 2003
- Conducting Preinstallation Checks on Exchange 2003
- Performing an Interactive Installation of Exchange Server 2003
- Performing a Scripted Installation of Exchange Server 2003
- Completing the Installation of Exchange 2003
- Performing Postinstallation Configurations
- Configuring Additional Server Services
- Testing the Exchange 2003 Installation
- Summary
- Best Practices
- Exchange Server 2003 Technology Primer
- Microsoft Exchange Server 2003 Messaging
- Exchange Server 2003 Design Concepts
- Formulating a Successful Design Strategy
- Getting the Most Out of Exchange Server 2003 Functionality
- Active Directory Design Concepts for Exchange Server 2003
- Determining Exchange Server 2003 Placement
- Configuring Exchange Server 2003 for Maximum Performance and Reliability
- Securing and Maintaining an Exchange Server 2003 Implementation
- Summary
- Best Practices
- Designing an Enterprise Exchange Server 2003 Environment
- Designing for Small Organizations—Company123
- Designing for Midsize Organizations—OrganizationY
- Designing for Large Organizations—CompanyABC
- Designing Active Directory for Exchange Server 2003
- Determining Hardware and Software Components
- Designing Exchange Infrastructure
- Integrating Client Access into Exchange Server 2003 Design
- Summarizing Design Examples
- Summary
- Best Practices
- Integrating Exchange Server 2003 in a Non-Windows Environment
- Synchronizing Directory Information with Microsoft Identity Integration Services (MIIS) 2003
- Synchronizing Exchange Server 2003 with Novell eDirectory
- Managing Identity Information Between LDAP Directories and Exchange Server 2003
- Using Services for Unix to Integrate Unix Environments with Exchange Server 2003
- Summary
- Best Practices
- Exchange Server 2003 Design Concepts
- Networking Services' Impact on Microsoft Exchange
- Domain Name System Impact on Exchange Server 2003
- Global Catalog and Domain Controller Placement
- Configuring Routing and Remote Access for Mobile Users
- Windows Server 2003 Routing and Remote Access Features and Services
- Configuring Routing and Remote Access Service Architecture
- Examining Virtual Private Networks
- Outlining Authentication Options to an RRAS System
- Examining VPN Protocols
- Choosing Between PPTP and L2TP/IPSec
- Installing and Configuring Routing and Remote Access
- Configuring Remote Access Clients
- Using RRAS Tools and Utilities
- Remote Access Scenarios
- Summary
- Best Practices
- Outlook Web Access 2003
- Securing a Microsoft Exchange Server 2003 Environment
- Client-Level Security
- Server-Level Security
- Microsoft's Trustworthy Computing Initiative
- Assessing Your Risks
- Designing a Secure Messaging Environment
- Exchange Server-side Security Improvements
- Tips, Tricks, and Best Practices for Hardening Windows Server 2003
- Securing by Functional Roles of the Server
- Standardizing Exchange Server 2003 Servers
- Protecting Exchange Server 2003 from Viruses
- Combating Spam
- Summary
- Best Practices
- Transport-Level Security
- The Onion Approach
- Using Public Key Infrastructure with Exchange Server 2003
- Supporting S/MIME
- Protecting Communications with IP Security
- Configuring IPSec
- Locking Down SMTP
- Securing Routing Group Connectors
- Securing Other Exchange-Supported Protocols
- Protecting Client–to–Front-end–Server Communications
- Locking Down Front-end and Back-end Server Communications
- Summary
- Best Practices
- Migrating to Microsoft Exchange Server 2003
- Migrating from NT4 to Windows Server 2003
- Defining the Migration Process
- Upgrading a Single Member Server
- Upgrading an NT 4.0 Domain Structure to Active Directory via the In-Place Upgrade Process
- Migrating Existing NT4 Domains to a New Windows Server 2003 Forest
- Understanding and Using the Microsoft Active Directory Migration Tool 2.0 (ADMT v2)
- Migrating Accounts Using the Active Directory Migration Tool
- Summary
- Best Practices
- Migrating from Exchange v5.5 to Exchange Server 2003
- Understanding Exchange 5.5 Migration Options and Strategies
- Comparing Exchange 5.5 and Exchange Server 2003 Environments
- Prerequisites for Migrating to Exchange Server 2003
- Structuring the Migration for Best Results
- Preparing the Active Directory Forest and Domain for Exchange Server 2003
- Installing and Configuring the Active Directory Connector
- Installing the First Exchange Server 2003 System in an Exchange 5.5 Site
- Understanding Exchange Server 2003 Mailbox-Migration Methods
- Migrating Exchange 5.5 Public Folders to Exchange Server 2003
- Migrating Exchange 5.5 Connectors and Services to Exchange Server 2003
- Completing the Migration to Exchange Server 2003
- Summary
- Best Practices
- Migrating from Exchange 2000 to Exchange Server 2003
- Outlining Migration Options from Exchange 2000 to Exchange Server 2003
- Deploying a Prototype Lab for the Exchange Server 2003 Migration Process
- Migrating to Exchange Server 2003 Using the In-Place Upgrade Approach
- Migrating to Exchange Server 2003 Using the Move Mailbox Method
- Summary
- Best Practices
- Compatibility Testing for Exchange Server 2003
- The Importance of Compatibility Testing
- Preparing for Compatibility Testing
- Researching Products and Applications
- Verifying Compatibility with Vendors
- Lab-Testing Existing Applications
- Documenting the Results of the Compatibility Testing
- Determining Whether a Prototype Phase Is Required
- Summary
- Best Practices
- Migrating from NT4 to Windows Server 2003
- Microsoft Exchange Server 2003 Administration and Management
- Exchange Server 2003 Mailbox, Distribution Group, and Administrative Group Administration
- Exchange Administration and the Delegation Wizard
- Managing Mailboxes and Message Settings in Exchange Server 2003
- Managing New Mailbox Features
- Moving Exchange User Mailboxes
- Creating and Managing Exchange Contacts
- Planning and Creating Distribution Groups
- Creating and Managing Exchange Server 2003 Administrative Groups
- Creating and Managing Routing Groups
- Using Recipient Policies
- Administering Recipient Update Services
- Using the Mailbox Recovery Center Tool
- Using the Mailbox Manager Utility
- Summary
- Best Practices
- Exchange Server 2003 Management and Maintenance Practices
- Managing Exchange Server 2003
- Auditing the Environment
- Managing Exchange Server 2003 Remotely
- Maintenance Tools for Exchange Server 2003
- Best Practices for Performing Database Maintenance
- Prioritizing and Scheduling Maintenance Best Practices
- Post-Maintenance Procedures
- Reducing Management and Maintenance Efforts
- Summary
- Best Practices
- Documenting an Exchange Server 2003 Environment
- Planning Exchange Server 2003 Documentation
- Benefits of Documentation
- Design and Planning Documentation
- Developing the Migration Documentation
- Exchange Server 2003 Environment Documentation
- Administration and Maintenance Documentation
- Disaster Recovery Documentation
- Performance Documentation
- Security Documentation
- Training Documentation
- Summary
- Best Practices
- Using Terminal Services to Manage Exchange Servers
- Exchange Server 2003 Mailbox, Distribution Group, and Administrative Group Administration
- New Mobility Functionality in Microsoft Exchange Server 2003
- Designing Mobility in Exchange Server 2003
- Accessing Outlook Using VPN Connectivity
- Leveraging Exchange ActiveSync for PDA Mobile Communications
- Using Outlook Mobile Access for Browser-Based Devices
- Designing the Appropriate Use of Exchange 2003 Mobility Capabilities
- Using Exchange Mobility for the Mobile Executive
- Replacing Laptops with Mobile Pocket Devices
- Leveraging a Low-Cost PDA Instead of an Expensive Tablet
- Summary
- Best Practices
- Implementing Mobile Synchronization in Exchange Server 2003
- Configuring Client Systems for Mobility
- Identifying Mobile Devices to Be Supported
- Supporting the Pocket PC 2002 Synchronization with Microsoft Exchange 2003
- Supporting Pocket PC 2003 Synchronization with Exchange 2003
- Using the Pocket PC 2002 and Pocket PC 2003
- Working with Smartphones
- Establishing a Link from a Mobile Phone to Exchange 2003
- Using Outlook Mobile Access to Exchange Server 2003
- Summary
- Best Practices
- Designing Mobility in Exchange Server 2003
- Client Access to Microsoft Exchange Server 2003
- Getting the Most Out of the Microsoft Outlook Client
- Everything You Need to Know About Outlook Web Access Client
- Understanding Microsoft's Direction on OWA
- Using the Basics of OWA/2003
- What's New in the OWA Client (Since Exchange 2000)
- Getting to Know the Look and Feel of OWA/2003
- Using OWA Mail Features
- Taking Advantage of Advanced OWA Features
- Customizing OWA Options
- Using the Calendar in OWA
- Gaining Functionality from the Meeting Invitation Functions
- Using Tasks in OWA
- Using Contacts in OWA
- Understanding OWA Security Features
- Tips for OWA Users with Slow Access
- Summary
- Best Practices
- Outlook for Non-Windows Systems
- Client Administration and Management
- Fault Tolerance and Optimization Technologies
- System-level Fault Tolerance (Clustering/Network Load Balancing)
- Clustering and Load Balancing with Exchange 2003 Server
- Clusters and Load Balancing Requirements
- Implementing Fault-Tolerant Exchange Systems
- Installing Exchange Server 2003 Clusters
- Managing Exchange 2003 Clusters
- Outlook Web Access Front-end Server and Load Balancing Clusters
- Summary
- Best Practices
- Backing Up the Exchange Server 2003 Environment
- Using Backup to Solve Department Challenges
- Maintaining Documentation on the Exchange Environment
- Developing a Backup Strategy
- Backing Up the Windows Server 2003 and Exchange Server 2003
- Using the Windows Backup Utility (Ntbackup.exe)
- Backing Up Specific Windows Services
- Managing Media in a Structured Backup Strategy
- Summary
- Best Practices
- Recovering from a Disaster
- Identifying the Extent of the Problem
- What to Do Before Performing Any Server-Recovery Process
- Preparing for a More Easily Recoverable Environment
- Recovering from a Site Failure
- Recovering from a Disk Failure
- Recovering from a Boot Failure
- Recovering from a Complete Server Failure
- Recovering Exchange Application and Exchange Data
- Recovering from Database Corruption
- Using the Recovery Storage Group in Exchange Server 2003
- Recovering Internet Information Services
- Recovering the Cluster Service
- Recovering Windows Server 2003 Domain Controllers
- Recovering Active Directory
- Summary
- Best Practices
- Capacity Analysis and Performance Optimization
- Examining Exchange Server 2003 Performance Improvements
- Analyzing Capacity
- Monitoring Exchange Server 2003
- Analyzing and Monitoring Core Elements
- Properly Sizing Exchange Server 2003
- Optimizing Exchange Through Ongoing Maintenance
- Monitoring Exchange with Microsoft Operations Manager
- Summary
- Best Practices
- System-level Fault Tolerance (Clustering/Network Load Balancing)
- Index
Securing Other Exchange-Supported Protocols
Examining Exchange Server 2003 transport-level security would not be complete without discussing protocols other than SMTP. In addition to SMTP, Exchange Server 2003 supports the following:
Network News Transfer Protocol (NNTP)
Post Office Protocol version 3 (POP3)
Internet Message Access Protocol (IMAP4)
Some notable security features Exchange Server 2003 provides regarding these protocols includes, but is not limited to, the following:
These protocols are not enabled by default unless the system was upgraded from a previous version of Exchange that also had these services running.
Each protocol runs as a service and the service is disabled by default.
IMAP4 and POP3 support Basic authentication over SSL or TLS as well as NTLM-based authentication.
NNTP supports anonymous (disabled by default), Basic authentication, Integrated Windows Authentication, and SSL client authentication.
Each protocol supports secure, certificate-based communications.
Each protocol can use connection controls (IP address or domain names) to grant or deny access.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.