1 Integrating ISA Server and Exchange Server. 2 How email works.

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Module 5: Configuring Access to Internal Resources.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
1 Configuring Virtual Private Networks for Remote Clients and Networks.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 7 HARDENING SERVERS.
Securing the Perimeter – Exchange and VPN Access with ISA Server 2004 Jamie Sharp CISSP Security Advisor Amit Pawar National Technology Specialist Microsoft.
1 Enabling Secure Internet Access with ISA Server.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
Securing Exchange Server Session Goals: Introduce you to the concepts and mechanisms for securing Exchange Examine the techniques and tools.
Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Securing Data at the Application Layer Planning Authenticity and Integrity of Transmitted Data Planning Encryption of Transmitted Data.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Securing Microsoft® Exchange Server 2010
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite
Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Module 4 Planning and Deploying Client Access Services in Microsoft® Exchange Server 2010 Presentation: 120 minutes Lab: 90 minutes After completing.
Types of Electronic Infection
Module 11: Implementing ISA Server 2004 Enterprise Edition.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Overview of Microsoft ISA Server. Introducing ISA Server New Product—Proxy Server In 1996, Netscape had begun to sell a web proxy product, which optimized.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Module 7: Advanced Application and Web Filtering.
Security fundamentals Topic 10 Securing the network perimeter.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Module 10: Windows Firewall and Caching Fundamentals.
More Power Out: Empowering your mobile workforce Damir Bersinic IT Pro Advisor Microsoft Canada Rick.
SEC304 Enhancing Exchange, OWA and IIS Security with ISA Server Feature Pack 1 Steve Riley Microsoft Corporation
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
Securing the Network Perimeter with ISA Server 2004 Ravi Sankar IT Professional Evangelist Microsoft.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
VIRTUAL SERVERS Chapter 7. 2 OVERVIEW Exchange Server 2003 virtual servers Virtual servers in a clustering environment Creating additional virtual servers.
Security fundamentals
Chapter 40 Internet Security.
Chapter 5 Electronic Commerce | Security Threats - Solution
TMG Client Protection 6NPS – Session 7.
Working at a Small-to-Medium Business or ISP – Chapter 8
Configuring Windows Firewall with Advanced Security
CAN A DATABASE REALLY BE SECURE?
Securing the Network Perimeter with ISA 2004
Chapter 5 Electronic Commerce | Security Threats - Solution
Module 8: Securing Network Traffic by Using IPSec and Certificates
Server-to-Client Remote Access and DirectAccess
Module 8: Securing Network Traffic by Using IPSec and Certificates
Presentation transcript:

1 Integrating ISA Server and Exchange Server

2 How works

3 Mail server An mail server is typically a combination of processes running on a server with a large storage capacity – a list of users and rules, and the capability to receive, send and store s and attachments Mail server software: Mdeamon, Exchange server 2003,…

4 Why use Exchange 2003 Backup and restore High availability Help migrating from older systems Security improvements Protection of

5 Exchange 2003 Outlook Web Access (OWA)

6 Exchange 2003 Mobile Capabilities ISAFirewall Wireless Network OWA clients (HTTP/HTML ) Pocket PC, Smartphone, third-party sync (HTTP/HTML) Outlook Mobile Access WAP 2.0, iMode (xHTML, cHTML ) Outlook clients (RPC/HTTP) Exchange 2003 Servers

7 The goal of attack Steal data Blackmail Launch bed for others attack Bragging rights Vandalism Demonstrate vulnerability/satisfy curiosity Damage company reputation Others?

8 Exchange 2003 and ISA 2006 Securing SMTP Traffic: SMTP-based attacks: – Invalid, overly long, or unusual SMTP commands to attack a mail server or to gather recipient information – Attacks against recipients by including malicious content, such as worms ISA Server protects mail servers by: – Enforcing compliance of SMTP commands with standards – Blocking disallowed SMTP commands – Blocking messages with disallowed attachment types, content, recipient or sender ISA Server can stop attacks before they reach your mail servers!! ISA Server can stop attacks before they reach your mail servers!!

9 Exchange 2003 and ISA 2006 RPC and Firewalls: Traditional Firewall – Open every port that RPC might use for incoming traffic ISA Firewall – Initial connection Only allows valid RPC traffic Blocks non-Exchange queries – Secondary connection Only allows connection to port used by Exchange Enforces encryption Traditional firewalls can’t provide secure RPC access ISA Server enables secure remote access using Outlook

10 OWA and Traditional Firewalls Web traffic to OWA is encrypted – Standard SSL encryption – Security against eavesdropping and impersonation Limitation – Default OWA implementation does not protect against application layer attacks Exchange Web Server OWA Traffic Password Guessing Web Server Attacks SSL Tunnel Internet

11 How ISA Protects OWA Authentication – Unauthorised requests are blocked before they reach Exchange – Optional forms-based authentication prevents caching of credentials Inspection – Invalid HTTP requests or requests for non-OWA content are blocked – Inspection of SSL traffic before it reaches Exchange server Confidentiality – Ensures encryption of traffic over the Internet – Can prevent the downloading of attachments to client Web Server Attacks Password Guessing Exchange Server OWA Traffic SSL Tunnel Inspection Authentication Internet

12 Publishing Exchange Server with ISA 2006

13 Enabling SSL support for OWA

14 Understanding the Need for Third- Party CAs can buy a certificate from a third-party certificate authority such as Verisign, Thawte, or one of many other enterprise certificate authorities validate that their customers are really who they say they are, and to generate the digital certificates that validate this for digital communications that require encryption, such as SSL

15 Installing a Third-Party CA on an OWA Server

16 Type of CA Enterprise root CA: highest-level certificate authority for an organization Enterprise subordinate CA: subordinate to an existing enterprise root CA, and must receive a certificate from that root CA to work properly Stand-alone root CA:similar to an enterprise CA, in that it provides for its own unique identity and can be uniquely configured

17 Create certificate

18 Create certificate

19 Create certificate

20 Create certificate

21 Create certificate

22 Exporting and Importing the OWA Certificate to the ISA Server On OWA server

23 Exporting and Importing the OWA Certificate to the ISA Server On ISA server, open MMC console

24 Exporting and Importing the OWA Certificate to the ISA Server

25 Exporting and Importing the OWA Certificate to the ISA Server

26 Creating Web Listener

27 Creating Web Listener

28 Creating Web Listener

29 Creating Exchange Publishing Rule

30 Creating Exchange Publishing Rule

31 Creating Exchange Publishing Rule

32 Creating Exchange Publishing Rule

33 Creating Exchange Publishing Rule

34 Testing the Solution In Remote Client

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.