+612 9045 4394
 
CHECKOUT
CYA Securing Exchange Server 2003 - Mark Fugatt

CYA Securing Exchange Server 2003

Paperback

Published: 9th June 2004
Ships: 7 to 10 business days
7 to 10 business days
$107.50
or 4 easy payments of $26.88 with Learn more

A highly portable, easily digestible road-map to configuring, maintaining and troubleshooting essential Exchange Server 2003 features. The book is organized around the 11 "MMCs" (Microsoft Management Consoles) that contain the configuration menus for the essential features. The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. Readers will also appreciate the "Reality Check" sidebars throughout, which present valuable cost/benefit analyses of situations where there is no single "right" answer.

* Walks the reader through step-by-step configurations to assure they have been thorough and responsible in their work
* Clearly identifies those features of Exchange Server 2003 that represent the highest risk factors for attacks, performance degradation and service failures
* CYA comes right out and says what most IT Professionals are already thinking

About this Bookp. xvii
Introducing Exchange 2003 Securityp. 1
Exchange 2003: "Secure Out of the Box"p. 2
Exchange 2003: Secure by Designp. 4
Exchange 2003: Secure by Defaultp. 6
Outlook Web Access 2003 Security Enhancementsp. 7
Exchange 2003: Secure by Upgrade?p. 8
Your A** Is Covered If You...p. 8
Windows and Exchange 2003 Security Practicesp. 9
In this Chapterp. 9
Windows 2000/2003 Securityp. 10
Patch Managementp. 10
Microsoft Baseline Security Analyzerp. 10
Network Security Hotfix Checker (Hfnetchk)p. 12
Recommended Windows 2003 Security Readingp. 12
Keep Up to Date on New Security Bulletinsp. 13
Exchange 2003 Windows Dependenciesp. 13
Exchange 2003 Componentsp. 16
Applying Best Security Practicesp. 18
Defining Acceptable Usep. 19
Practice Safe Computingp. 20
Good Physical Securityp. 21
Installing Exchange 2003 Best Practicesp. 21
Installation Checklistp. 22
Building the Hardware Platformp. 22
Installing the Operating Systemp. 23
Installing Exchange 2003p. 23
Your A** Is Covered If You...p. 24
Delegating and Controlling Permissions in Exchange 2003p. 25
In this Chapterp. 25
Delegating Administrative Control in System Managerp. 26
Exchange Server 2003 Permissionsp. 26
Viewing Exchange Server Permissions in Exchange System Managerp. 29
Using the Exchange Administration Delegation Wizardp. 30
Exchange Full Administratorp. 31
Exchange Administratorp. 32
Exchange View Administratorp. 32
Controlling Mailbox Permissionsp. 36
Delegating Mailbox Access Through Outlook 2003p. 36
Granting Mailbox Permissions to Folders Without Using Delegationp. 39
Opening the Additional Mailboxp. 40
Granting Mailbox Permissions Through Active Directoryp. 43
Controlling Public Folder Permissionsp. 45
Creating and Setting Permissions on Public Folders in Outlook 2003p. 46
Creating and Setting Permissions on Public Folders in System Managerp. 49
Setting Permissions on Top-Level Public Folders in Exchange System Managerp. 53
Your A** Is Covered If You...p. 53
SMTP Securityp. 55
In this Chapterp. 55
Securing the SMTP Servicep. 56
SMTP Authentication Settingsp. 59
Secure SMTP Communicationp. 60
Setting Relay Restrictionsp. 62
SMTP Connectors and Relayingp. 64
Setting Mailbox Message Limitsp. 67
Setting Mailbox Message Limits Globallyp. 68
Configuring Internet Message Formatsp. 69
Setting Public Folder Limitsp. 70
Protecting Mail-Enabled Groupsp. 71
Enabling SMTP Protocol Loggingp. 72
Modifying the SMTP Bannerp. 75
Configure a Corporate Legal Disclaimerp. 79
SMTP Relayingp. 80
Open Relay Test Methodsp. 83
E-Mail Address Spoofingp. 85
Authentication and Resolving E-Mail Addressesp. 86
Reverse DNS Lookupp. 87
Internet Mail Headersp. 89
Your A** Is Covered If You...p. 92
Securing the Outlook Web Access Serverp. 93
In this Chapterp. 93
OWA Authenticationp. 94
OWA Virtual Directoriesp. 94
Authentication Methodsp. 98
Read, Write, Browse, and Execute Permissionsp. 100
Connection Limitsp. 101
Enabling SSL on OWAp. 103
Installing the Microsoft Certificate Servicep. 104
Creating the Certificate Requestp. 108
Third-Party Certificatesp. 116
Restricting User Accessp. 116
Disabling OWA Access for a Specific Userp. 117
Disabling OWA Access for a Serverp. 119
OWA Segmentationp. 119
Allowing Password Changes Through OWAp. 120
Creating the IISADMPWD Virtual Directoryp. 121
Enabling the Change Password Button in OWAp. 124
Testing the Change Password Feature in OWAp. 125
Redirecting HTTP Requests to SSL Requestsp. 127
Your A** Is Covered If You...p. 131
OWA Front-End/Back-End Deployment Scenariosp. 133
In this Chapterp. 133
Deploying a Single-Server Scenariop. 134
Deploying a Front-End/Back-End Scenariop. 136
HTTP Authenticationp. 136
Using Dual Authenticationp. 137
Using Pass-Through Authenticationp. 138
Securing a Front-End Serverp. 139
Disabling Unnecessary Front-End Servicesp. 140
Dismounting and Deleting the Mailbox Storep. 141
Dismounting and Deleting the Public Folder Storep. 143
Front-End Servers in the Perimeter Networkp. 144
Allowing RPC Traffic Through the Intranet Firewallp. 145
Disallowing RPC Traffic Through the Intranet Firewallp. 146
Using IPSecp. 148
URLScanp. 150
Front-End Servers on the Internal Networkp. 150
Exchange 2003 Behind an ISA Server 2000p. 152
Publishing the Exchange 2003 Servicesp. 153
Message Screenerp. 154
OWA 2003 Publishingp. 154
More ISA Server Informationp. 155
Your A** Is Covered If You...p. 156
Outlook Web Access Client Security Featuresp. 157
In this Chapterp. 157
S/MIME Supportp. 158
Junk E-Mail Filterp. 162
Safe Sendersp. 163
Safe Recipientsp. 164
Blocked Sendersp. 164
Web Beacon Blockingp. 166
Enhanced Attachment Blockingp. 168
Forms-Based Authenticationp. 170
Username and Passwordp. 173
Clients: Premium and Basicp. 173
Security: Public or Shared Computer and Private Computerp. 174
Your A** Is Covered If You ...p. 177
Exchange Protocol/Client Encryptionp. 179
In this Chapterp. 179
Encrypting SMTP Trafficp. 180
Configuring SMTP with TLS/SSLp. 180
Enabling TLS/SSL for Inbound Mailp. 185
Enabling TLS/SSL for Outbound Mailp. 187
Enabling TLS/SSL for One or More Domainsp. 188
Enabling IPSec Between SMTP Serversp. 188
Encrypting MAPI Information on the Networkp. 189
Encrypting POP3 and IMAP4 Trafficp. 190
Securing Clients Using S/MIMEp. 192
Using S/MIMEp. 193
Enabling S/MIME and Outlookp. 194
Configuring RPC over HTTP(S)p. 195
Requirementsp. 196
Configure RPC Over HTTP on a Front-End Serverp. 198
Specifying the RPC Proxy Portsp. 202
Disabling DCOM Support in RPC over HTTPp. 204
Configuring the Clientp. 205
Your A** Is Covered If You...p. 212
Combating Spamp. 213
In this Chapterp. 213
Client-Side Filteringp. 214
Safe Sendersp. 217
Safe Recipientsp. 218
Blocked Sendersp. 219
Server-Side Filteringp. 222
Connection Filteringp. 224
Display Namep. 225
DNS Suffix of Providerp. 225
Custom Error Message to Returnp. 227
Return Status Codep. 227
Disable This Rulep. 228
Exception Listsp. 229
Global Accept and Deny Listp. 230
Recipient Filteringp. 234
Filtering Recipients Not in the Directoryp. 235
Sender Filteringp. 235
The Intelligent Message Filterp. 237
Things Worth Noting About the IMFp. 238
Your A** Is Covered If You...p. 240
Protecting Against Virusesp. 241
In this Chapterp. 241
E-Mail Virusesp. 242
Server-Side Protectionp. 244
Exchange Serverp. 245
SMTP Gatewayp. 248
Client-Side Protectionp. 249
Educate Your Usersp. 250
Default Outlook 2003 Attachment Blockingp. 251
Cleaning Up After a Virus Outbreakp. 254
Your A** Is Covered If You...p. 260
Auditing Exchangep. 261
In this Chapterp. 261
Windows 2000/2003 Auditingp. 262
Auditing Changes to the Exchange Configurationp. 264
Exchange Diagnostics Loggingp. 266
Microsoft Operations Manager and Exchange 2003p. 269
Your A** Is Covered If You...p. 270
Appendix Planning Server Roles and Server Securityp. 271
Understanding Server Rolesp. 272
Domain Controllers (Authentication Servers)p. 275
Active Directoryp. 275
Operations Master Rolesp. 276
File and Print Serversp. 278
Print Serversp. 278
File Serversp. 279
DHCP, DNS, and WINS Serversp. 279
DHCP Serversp. 279
DNS Serversp. 279
WINS Serversp. 280
Web Serversp. 280
Web Server Protocolsp. 280
Web Server Configurationp. 280
Database Serversp. 282
Mail Serversp. 282
Certificate Authoritiesp. 282
Application Servers and Terminal Serversp. 282
Application Serversp. 283
Terminal Serversp. 285
Planning a Server Security Strategyp. 285
Choosing the Operating Systemp. 287
Identifying Minimum Security Requirements for Your Organizationp. 289
Identifying Configurations to Satisfy Security Requirementsp. 291
Planning Baseline Securityp. 292
Customizing Server Securityp. 292
Securing Servers According to Server Rolesp. 292
Security Issues Related to All Server Rolesp. 293
Securing Domain Controllersp. 297
Securing File and Print Serversp. 298
Securing DHCP, DNS, and WINS Serversp. 300
Securing Web Serversp. 301
Securing Database Serversp. 302
Securing Mail Serversp. 303
Indexp. 305
Table of Contents provided by Ingram. All Rights Reserved.

ISBN: 9781931836241
ISBN-10: 1931836248
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 352
Published: 9th June 2004
Publisher: Syngress Media,U.S.
Country of Publication: US
Dimensions (cm): 22.9 x 15.2  x 2.11
Weight (kg): 0.45