Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 6 Planning and Deploying Messaging Security.

Published byAmos Gallagher Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 6 Planning and Deploying Messaging Security."— Presentation transcript:

1 Module 6 Planning and Deploying Messaging Security

2 Module Overview Designing Message Security Designing Antivirus and Anti-Spam Solutions

3 Lesson 1: Designing Message Security Defining Message Security Requirements Designing Restrictions to Message Flow Designing SMTP Connector Security Designing Secure Message Routing Between Partner Organizations Designing Client-Based Messaging Security

4 Defining Message Security Requirements Is confidential business information sent by using e- mail? Is private customer information sent by using e- mail? Are recipients and senders internal, or is e-mail sent externally? Are confidential e-mails sent primarily to a limited number of external organizations, or to a variety of recipients? If e-mail is secured using policies or technical solutions, analyze the effectiveness and satisfaction with the solution To collect information required to analyze message recipients and senders, ask: To collect information required to analyze e-mail message contents, ask:

5 Designing Restrictions to Message Flow Transport rules can restrict message flow or modify message contents for messages in transit Restrict message flow with transport rules Implement Hub Transport rules Implement Edge Transport rules Implement message classifications

6 Designing SMTP Connector Security Configure authentication for SMTP Receive connectors Configure authentication for SMTP Send connectors TLS SMTP connector Options for providing additional security for SMTP e-mail:

7 Designing Secure Message Routing Between Partner Organizations Generate a request for TLS certificates on the Edge Transport server 1 1 Configure outbound Domain Security 3 3 Configure inbound Domain Security 4 4 Test Domain-secured mail flow 5 5 Import and enable the certificate on the Edge Transport server 2 2 Domain Security uses TLS with mutual authentication to provide session-based authentication and encryption To set up partner security:

8 Designing Client-Based Messaging Security Exchange servers S/MIME encrypted S/MIME provides message-level authentication, non- repudiation, data integrity, and message encryption AD RMS is a technology that works with RMS-aware applications to help protect documents and e-mail from unauthorized use

9 Lesson 2: Designing Antivirus and Anti-Spam Solutions Overview of Antivirus and Anti-Spam Solution Requirements Options for Implementing Antivirus and Anti-Spam Solutions in Exchange Server 2010 Designing Anti-Spam Solutions Recommendations for Monitoring the Anti-Spam Solution Designing Antivirus Solutions Managing Antivirus Solutions

10 Overview of Antivirus and Anti-Spam Solution Requirements How often are antivirus and anti-spam filters updated, and are the processes automated? How does the anti-spam solution provide a balance between false positives and reducing as much spam as possible? What options does the solution provide for quarantining potentially malicious messages? What management and monitoring tools does the solution provide? How well does the solution integrate with your current system? Critical factors to consider when evaluating antivirus and anti-spam solutions include:

11 Options for Implementing Antivirus and Anti-Spam Solutions in Exchange Server 2010 Connection filtering Sender filtering Recipient filtering Sender ID Content filtering Sender reputation Attachment filtering Forefront Protection 2010 for Exchange Server Office Outlook Junk e-mail filtering Exchange Server 2010 provides a number of antivirus and anti-spam solutions:

12 Designing Anti-Spam Solutions Consider implementing Edge Transport servers as SMTP gateway servers Configure filter agents to reject messages Scan messages for spam before scanning for viruses Scan for spam at the messaging gateway/Edge Server Implement safelist aggregation Implement automatic anti-spam updates Increase the filtering level over time Scan for spam on the Hub Transport server

13 Recommendations for Monitoring the Anti-Spam Solution Monitor for false positives Monitor for filtering effectiveness Monitor the quarantine mailbox Collect user feedback on the spam filter effectiveness Identify administrators, and provide monitoring tools Establish guidelines regarding when to monitor the system Establish a change control process for modifying spam filters Exchange Server 2010 enables anti-spam stamps to help you diagnose spam-related problems As part of the monitoring process design, you should: As part of the monitoring process, you should:

14 Designing Antivirus Solutions Scan both incoming and outgoing e-mail Strip attachments of certain file types Delete rather than clean infected messages Implement a defense-in-depth approach Consider implementing Forefront Security for Exchange Server

15 Managing Antivirus Solutions Monitor daily statistics Regularly monitor antivirus software sites Automate as many processes as possible Develop clearly defined policies and processes Develop a user education process Consider using Microsoft Exchange Hosted Services

16 Lab: Planning and Deploying Messaging Security Exercise 1: Designing Message Security Exercise 2: Designing Antivirus and Anti-Spam Solutions Exercise 3: Implementing Message Security Logon information Estimated time: 60 minutes

17 Lab Scenario You are a messaging engineer for the A. Datum Corporation, an enterprise-level organization with multiple locations. You have been tasked with undertaking an analysis of the organization’s message security requirements. After you complete the analysis, you must update the necessary documentation. After you have completed the message security analysis, you will investigate the organization’s antivirus and anti-spam requirements, and update the necessary documentation with your planned changes. Finally, you will implement S/MIME within the A. Datum organization, as per the security requirements document.

18 Lab Review In exercise 3, you configured S/MIME by deploying a suitable certificate to all users in the Adatum.com domain. Using this method, could you exchange S/MIME-secured messages with partner organizations? What alternatives could you use instead of S/MIME to secure communications between partner organizations?

19 Module Review and Takeaways Review Questions Best Practices

Download ppt "Module 6 Planning and Deploying Messaging Security."

Similar presentations

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Overview of Server Roles in Exchange Server 2010 In Exchange Server 2010, servers are installed with specific functional roles: Mailbox Server role Edge.

Overview of Server Roles in Exchange Server 2010 In Exchange Server 2010, servers are installed with specific functional roles: Mailbox Server role Edge.
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Module 10 Planning Microsoft® Exchange Server 2010 Monitoring and Troubleshooting.

Module 10 Planning Microsoft® Exchange Server 2010 Monitoring and Troubleshooting.
Module 11 Maintaining Microsoft Exchange Server 2010.

Module 11 Maintaining Microsoft Exchange Server 2010.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.

FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.
What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 2 WatchGuard Training.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.

Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
Guide to Operating System Security Chapter 10 E-mail Security.

Guide to Operating System Security Chapter 10 Security.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Implementing Exchange Server Security Ward Solutions.

Implementing Exchange Server Security Ward Solutions.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.
Www.sophos.com Sophos anti-virus and anti-spam for business OARNET October 13, 2004.

Sophos anti-virus and anti-spam for business OARNET October 13, 2004.

Similar presentations

Ads by Google