Locking Down Mission-Critical Exchange Servers

This chapter discusses the various threats to exchange security and the available countermeasures. This will have a definite impact on the overall design of the organization's security infrastructure. The data and services in the infrastructure must be available for the people and business processes that rely on them. Unsuspecting users may inadvertently execute programs they receive in email. These programs infect systems and cause enormous amounts of damage that cost organizations dearly. The data on the Exchange server and other servers must be maintained in such a manner that no one can gain unauthorized access to the information. An attacker forging messages to appear as if they came from someone or somewhere else can spread false information throughout an organization or, in worse cases, trick users into releasing sensitive information. The Windows Server security features that impact Exchange can be loosely categorized into two key areas of Windows authentication and authorization Windows Services security. Careful research, planning, pilot testing, and deployment of rock-solid security measures will help ensure that the Exchange deployment provides maximum reliability.