Thông tin tài liệu
Module 6: Integrating
ISA Server 2004 and
Microsoft Exchange Server
Overview
Issues in E-Mail Security
Configuring ISA Server to Secure SMTP Traffic
Configuring ISA Server to Secure Web
Client Connections
Configuring ISA Server to Secure Client Connections
Lesson: Issues in E-Mail Security
E-Mail Security Threats Overview
E-Mail Access Using Web Clients
E-Mail Access Using Outlook Clients
E-Mail Access Using POP3, IMAP4, and NNTP Clients
SMTP Protocol-Level Exploits
Unwanted and Malicious E-Mail
How ISA Server 2004 Secures Exchange Server
E-Mail Security Threats Overview
Ensuring the security of e-mail includes:
Ensuring the security of e-mail includes:
Ensuring that all e-mail client connections to the
e-mail server are secure
Protecting the e-mail servers from SMTP exploits
Preventing unwanted or malicious e-mails from
entering the organization’s network
Ensuring that all e-mail client connections to the
e-mail server are secure
Protecting the e-mail servers from SMTP exploits
Preventing unwanted or malicious e-mails from
entering the organization’s network
E-Mail Access Using Web Clients
Outlook Mobile Access
XHTML, cHTML, HTML
ActiveSync Enabled
Mobile Devices
ISA Server
Outlook Web Access
Exchange
Front-End Server
Exchange
Back-End Servers
Wireless
Network
Outlook RPC Connections
Outlook RPC Connections
Outlook RPC
over HTTP Connections
Outlook RPC
over HTTP Connections
E-Mail Access Using Outlook Clients
Port 135 and dynamic ports
Port 135 and dynamic ports
Port 80 or 443
Port 80 or 443
Exchange
Back-End
Servers
Exchange
Back-End
Servers
Exchange
Front-End
Server
Exchange
Front-End
Server
ISA
Server
ISA
Server
POP3 Connections
POP3 Connections
IMAP4 Connections
IMAP4 Connections
E-Mail Access Using POP3, IMAP4, and NNTP Clients
Port 110 or 995 Port 25
Port 110 or 995 Port 25
Port 143 or 993 Port 25
Port 143 or 993 Port 25
Exchange
Back-End
Servers
Exchange
Back-End
Servers
Exchange
Front-End
Server
Exchange
Front-End
Server
ISA
Server
ISA
Server
SMTP Protocol-Level Exploits
SMTP servers can be vulnerable to:
SMTP servers can be vulnerable to:
Buffer overflow attacks when SMTP commands are
sent with more than expected data, causing memory
buffer overflows
Mail relay attacks when an SMTP server is used to
forward unwanted e-mail to Internet recipients
SMTP command attacks where SMTP commands are
used to compromise the server or gain information
about the server or recipients on the server
Buffer overflow attacks when SMTP commands are
sent with more than expected data, causing memory
buffer overflows
Mail relay attacks when an SMTP server is used to
forward unwanted e-mail to Internet recipients
SMTP command attacks where SMTP commands are
used to compromise the server or gain information
about the server or recipients on the server
Unwanted and Malicious E-Mail
Unwanted e-mail is unsolicited commercial e-mail that:
Unwanted e-mail is unsolicited commercial e-mail that:
Consumes server and network resources
Reduces user productivity and increases
administrative effort
Can be filtered using an application-level filter
May result in exposure to legal liability
Consumes server and network resources
Reduces user productivity and increases
administrative effort
Can be filtered using an application-level filter
May result in exposure to legal liability
Malicious e-mails contain viruses or worms that:
Malicious e-mails contain viruses or worms that:
Damage data or computers or consume network and
computer resources
Increase administrative cost and effort
Increase the risk of an information leak
Damage data or computers or consume network and
computer resources
Increase administrative cost and effort
Increase the risk of an information leak
How ISA Server 2004 Secures Exchange Server
Exchange
Back-End
Servers
Exchange
Back-End
Servers
Exchange
Front-End
Server
Exchange
Front-End
Server
Mail publishing wizards
Mail publishing wizards
Filtering unwanted e-mail
Filtering unwanted e-mail
SMTP command
filtering
SMTP command
filtering
Secure access
for Outlook
clients
Secure access
for Outlook
clients
Secure access for
Web clients
Secure access for
Web clients
ISA
Server
ISA
Server
[...]... SMTP Servers Exchange Front-End Server ISA Server Exchange Back-End Servers Use SMTP application filter to filter SMTP commands SMTP Server Use SMTP message screener to filter unwanted e-mail How to Configure ISA Server to Secure SMTP Traffic To configure ISA Server to secure SMTP traffic: 1 Configure MX records on the Internet servers to refer to the computer running ISA Server 2 Use the Mail Server. ..Lesson: Configuring ISA Server to Secure SMTP Traffic How ISA Server Secures SMTP Traffic How to Configure ISA Server to Secure SMTP Traffic How SMTP Filtering Works How to Configure the SMTP Application Filter How SMTP Message Screener Works How to Implement SMTP Message Screener Integrating ISA Server and Exchange Server to Secure SMTP Traffic How ISA Server Secures SMTP Traffic Use Mail... screener server Lesson: Configuring ISA Server to Secure Web Client Connections How Does ISA Server Secure OWA Connections? How to Configure ISA Server to Enable OWA Access How to Configure Forms-Based Authentication How to Configure ISA Server to Enable Access for Other Web Clients How Does ISA Server Secure OWA Connections? Use Mail Publishing Wizard to publish OWA Servers Exchange Front-End Server. .. connection from client to ISA Server and from ISA Server to OWA server 4 Configure a Web listener for OWA publishing Choose forms-based authentication and SSL for the Web listener How to Configure Forms-Based Authentication How to Configure ISA Server to Enable Access for Other Web Clients Publishing Exchange server virtual directories for OMA and Activesync clients Practice: Configuring ISA Server for Secure... POP3 and IMAP4 Clients Multimedia: Connecting MAPI Clients to Exchange Server Through a Firewall How ISA Server Secures Outlook RPC Connections ISA Server Exchange Servers Exchange UUID=2000 Port 135 Exchange UUID=3000 Outlook Client Practice: Configuring ISA Server to Secure Outlook RPC Connections Configuring an Outlook RPC publishing rule Testing the Outlook RPC publishing rule Den-Clt-01 Den -ISA- 01... RPC over HTTP RPC over HTTP requires: Exchange Server 2003 running on Windows Server 2003 and Windows Server 2003 global catalog servers Outlook 2003 running on Windows XP Windows Server 2003 server running RPC proxy server with the Exchange and domain controller service port numbers defined in the registry A modified Outlook profile that connects to the Exchange server using HTTPS How to Configure RPC... a server in the perimeter network is most complicated to configure, but most secure To filter only inbound messages Configure ISA Server to publish the message screener server, and configure access rules for the internal SMTP servers to send e-mail to the Internet To filter inbound and outbound messages Configure ISA Server to publish the message screener server, and configure the internal SMTP servers... the computer running ISA Server Install the SMTP message screener Configure the SMTP message screener Test the SMTP message screener Gen-Web-01 Den -ISA- 01 Den-Msg-01 Den-DC-01 Internet Integrating ISA Server and Exchange Server to Secure SMTP Traffic You can deploy message screener: On the computer running ISA Server This option is the easiest to configure but least secure On an IIS server in the internal... secure user logon OWA Client Exchange Back-End Servers ISA Server Configure attachment blocking How to Configure ISA Server to Enable OWA Access To configure ISA Server to enable OWA access: 1 Install a digital certificate on the OWA server and configure IIS to require SSL connections to the OWA virtual directories 2 Use the Mail Server Publishing Wizard to publish the OWA server 3 Configure a bridging... new SMTP mail server publishing rule Configuring outbound SMTP traffic Testing SMTP traffic flow Gen-Web-01 Den -ISA- 01 Den-Msg-01 Den-DC-01 Internet How SMTP Filtering Works Is the … Command allowed? Exchange Front-End Server Command length allowed? SMTP Server Exchange Back-End Servers ISA Server EHLO contoso.com Mail from: Ben@contoso.com Rcpt to: Jay@cohovineyard.com Data How to Configure the SMTP . Module 6: Integrating
ISA Server 2004 and
Microsoft Exchange Server
Overview
Issues in E-Mail Security
Configuring ISA Server to Secure. Screener
Integrating ISA Server and Exchange Server to Secure
SMTP Traffic
How ISA Server Secures SMTP Traffic
Exchange
Back-End
Servers
Exchange
Back-End
Servers
Exchange
Front-End
Server
Exchange
Front-End
Server
Use
Ngày đăng: 27/02/2014, 05:20
Xem thêm: Tài liệu Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server pdf