Secure Messaging with Microsoft Exchange Server 2000

Secure Messaging with Microsoft Exchange Server 2000

  • ただいまウェブストアではご注文を受け付けておりません。 ⇒古書を探す
  • 製本 Paperback:紙装版/ペーパーバック版/ページ数 406 p.
  • 言語 ENG
  • 商品コード 9780735618763
  • DDC分類 005.713769

Full Description


Computer viruses and spam messages cost businesses and consumers billions of dollars every year. This book delivers the critical information that administrators, security architects, and messaging designers who work with Microsoft Exchange need to know to combat email viruses and spam. Written with assistance from the Microsoft Exchange team, it delivers critical information organizations of all sizes should know and practice. The book includes information not found in books about Exchange administration or Microsoft Windows. security and covers client-server, server-Internet, and server-client security.

Table of Contents

Acknowledgments                                    v
Introduction xvii
PART I Security Fundamentals
Security Buzzwords 3 (12)
What Does Security Mean? 3 (1)
Authentication 4 (1)
Access and Resource Control 5 (2)
Auditing 7 (1)
Data Integrity 7 (1)
Confidentiality and Privacy 8 (3)
Confidentiality Versus Privacy 8 (1)
Protecting Confidentiality 9 (1)
Protecting Privacy 10 (1)
Malicious Code 11 (2)
Types of Malicious Code 12 (1)
How Malicious Code Does Its Work 12 (1)
Summary 13 (1)
Additional Reading 13 (2)
Security Protocols and Algorithms 15 (26)
Why Do I Need to Know This? 15 (1)
Secret-Key Encryption 16 (4)
How Secret-Key Encryption Works 16 (1)
Secret-Key Algorithms 17 (3)
Public-Key Encryption 20 (6)
Digital Certificates 21 (2)
Plumbing for Digital Certificates 23 (1)
How Public-Key Encryption Works 24 (1)
Public-Key Algorithms 25 (1)
Digital Signatures 26 (3)
How Digital Signatures Work 26 (2)
Digital Signature Algorithms 28 (1)
Protocols 29 (10)
The Secure Sockets Layer (SSL) and 30 (1)
Transport Layer Security (TLS) Protocols
The Internet Protocol Security 30 (4)
Extension (IPsec) Protocols
The Secure Multipurpose Internet Mail 34 (1)
Extensions (S/MIME)
Authentication-Only Protocols 35 (4)
Summary 39 (1)
Additional Reading 40 (1)
Windows and Exchange Security Architecture 41 (18)
Learning the Right Lingo 42 (1)
Authentication 43 (4)
Built-In Accounts and Groups 43 (3)
What Happens When You Log On? 46 (1)
Access Control and Permissions 47 (10)
How Exchange Modifies the Access 48 (1)
Control Process
Understanding Exchange-Specific 49 (3)
Permissions
Permissions and Roles 52 (2)
Permissions and Mailboxes 54 (3)
Summary 57 (1)
Additional Reading 57 (2)
Threats and Risk Assessment 59 (14)
Types of Security Threats 60 (4)
What Makes a Target? 61 (1)
Attack Versus Defense 62 (1)
Classifying Threats 62 (2)
Models for Risk Assessment 64 (7)
The Stave Model 65 (2)
The Stride Model 67 (2)
Asset and Threat Assessment for 69 (2)
Exchange (or, What Would You Like to
Not Lose Today?)
Summary 71 (1)
Additional Reading 71 (2)
Physical and Operational Security 73 (10)
Physical and Operational Threat Assessment 74 (1)
Beefing Up Your Physical Security 75 (4)
Securing the Environment 75 (2)
Securing Your Hardware 77 (1)
A Few Words About Laptops 78 (1)
Strengthening Operational Security 79 (1)
Keeping Your Secrets Secret 79 (1)
Summary 80 (1)
Additional Reading 80 (3)
PART II Exchange Server Security
Windows 2000 Server Security Basics 83 (34)
Taking the First Step: Patch Management 83 (17)
Where Patches Come From 83 (2)
Figuring Out What Needs Patching 85 (1)
Using the Microsoft Baseline Security 86 (7)
Analyzer (MBSA)
Using MBSA From the Command Line 93 (4)
Automating Patch Distribution 97 (3)
Securing What's Most at Risk: A Checklist 100 (10)
Step 1: Patch 101 (1)
Step 2: Set Strong Policies 102 (5)
Step 3: Lock Down IIS 107 (3)
Tightening Things Further 110 (4)
Summary 114 (1)
Additional Reading 115 (2)
Installing Exchange with Security in Mind 117 (22)
Designing an Active Directory Structure 118 (2)
for Exchange
Designing a Group Structure 119 (1)
Installing Exchange 120 (6)
Preparing to Migrate 120 (1)
Preparing Your Organization and Domains 121 (3)
Performing the Actual Installation 124 (1)
Upgrading Servers 124 (1)
Other Installation-Related Tasks 125 (1)
Delegating Control 126 (9)
Applying the Finishing Touches 135 (2)
Summary 137 (1)
Additional Reading 137 (2)
SMTP Relaying and Spam Control 139 (22)
Understanding Relaying 139 (3)
Understanding SMTP Store-and-Forward 139 (1)
Protocol
What Relaying Is 140 (1)
Why Relaying Is Necessary Sometimes 141 (1)
How Relaying Can Get You in Trouble 141 (1)
Controlling Relaying 142 (10)
Controlling Access for SMTP Virtual 143 (6)
Servers
Controlling Who Can Relay 149 (1)
Configuring Relaying on SMTP Connectors 150 (1)
Verifying Your Relaying Configuration 151 (1)
Understanding Spam 152 (4)
Common Spam-Blocking Tactics 153 (3)
Using Exchange's Spam Control Features 156 (2)
Creating a Domain or Sender Filter 156 (2)
Activating the Filter 158 (1)
Evaluating Third-Party Antispam Products 158 (2)
Questions About Cost 159 (1)
Questions About Capability 159 (1)
Summary 160 (1)
Additional Reading 160 (1)
Content Control, Monitoring, and Filtering 161 (16)
Adding Disclaimers 162 (2)
Getting to the Message 162 (1)
Rolling Your Own Sink 162 (1)
Using a Commercial Product 163 (1)
Filtering Inbound and Outbound Content 164 (2)
Evaluating Filtering Products 165 (1)
Reading Other People's Mail 166 (3)
Using Message Journaling 167 (1)
Granting Permission to Other Mailboxes 168 (1)
Using Message Tracking 169 (2)
Setting Up Message Tracking: A Quick 170 (1)
Review
Tracking a Specific Message 171 (1)
Searching the Store for Specific Content 171 (4)
Searching Mailboxes with Exmerge 172 (3)
Summary 175 (1)
Additional Reading 175 (2)
Antivirus Protection 177 (14)
Understanding Virus Protection Principles 177 (3)
Finding Viruses 178 (2)
Cleaning Up Viruses 180 (1)
Designing Defense in Depth 180 (6)
Perimeter Protection 180 (2)
Desktop Protection 182 (1)
Exchange Server Protection 182 (4)
Everything Else 186 (1)
Summary 187 (1)
Additional Reading 187 (4)
PART III Communications Security
Securing Internet Communications 191 (30)
Using TLS/SSL with SMTP 191 (10)
Requesting an SSL Certificate 192 (7)
Enabling STARTTLS 199 (2)
Using IPsec 201 (14)
Understanding the Windows IPsec 204 (3)
Implementation
Creating IPsec Policies 207 (8)
Publishing MAPI RPCs with ISA Server 215 (3)
Creating the Publishing Rules 216 (1)
Allowing the Exchange Server to Proxy 217 (1)
Authentication Traffic Configuring 218 (1)
Outlook
Summary 218 (1)
Additional Reading 219 (2)
E-Mail Encryption 221 (38)
Understanding the Exchange-PKI Combination 221 (1)
Planning Your Encryption Infrastructure 222 (19)
Detailing Your Specific PKI Goals 222 (3)
Designing Your CA Infrastructure 225 (7)
Diving in to Digital Certificates 232 (4)
Understanding Enrollment 236 (1)
Understanding the Exchange KMS 237 (1)
Understanding Revocation 238 (2)
Server Performance Guidelines 240 (1)
Installing Certificate Services 241 (10)
Installing Certificate Services 242 (2)
Using Web Enrollment 244 (2)
Using the Exchange KMS 246 (5)
Configuring and Managing Certificate 251 (4)
Services
Delegation and Segregation 251 (1)
Building Trusts and Trust Lists 252 (1)
Backing up and Restoring the CA 253 (1)
Fine-Tuning CA Security 254 (1)
Summary 255 (1)
Additional Reading 255 (4)
PART IV Client Security
Securing Outlook 259 (24)
Understanding Outlook's Security Features 259 (6)
The Outlook Security Update 260 (1)
Attachment Security 260 (3)
Address Book and Object Model Security 263 (1)
Security Zone Changes 263 (1)
S/MIME Security 264 (1)
Customizing the Outlook Security Update 265 (7)
Installing the Security Package 265 (1)
Installing the Trusted Code Control 266 (1)
Creating a Public Folder for Security 266 (1)
Settings
Filling out the Template 267 (4)
Deploying Outlook Security Settings 271 (1)
Customizing Settings for End Users 272 (1)
Using S/ MIME 273 (6)
Managing Certificates 273 (3)
Setting S/MIME Options 276 (2)
Signing or Encrypting a Message 278 (1)
Reaching into Outlook's Toolbox 279 (2)
Converting Inbound HTML Mail to 279 (1)
Plaintext
Encrypting RPC Traffic 280 (1)
Summary 281 (1)
Additional Reading 281 (2)
Securing Outlook Web Access 283 (40)
Understanding Outlook Web Access 283 (5)
Front-End and Back-End Servers 283 (2)
Understanding Outlook Web Access 285 (3)
Authentication
Controlling Access to Outlook Web Access 288 (9)
Controlling Access to Servers 289 (1)
Setting Permissible Authentication 289 (2)
Methods
Using Form-Based Authentication 291 (3)
Controlling Access for Specific Users 294 (1)
Using Outlook Web Access Segmentation 294 (3)
Using SSL with Outlook Web Access 297 (7)
Enabling SSL for OWA 298 (1)
Automatically Redirecting Non-SSL 298 (1)
Requests
Enabling Password Changes Through 299 (3)
Outlook Web Access
Load Balancing SSL Traffic with Outlook 302 (1)
Web Access
Controlling Content Caching 303 (1)
Securing Outlook Web Access with Firewalls 304 (9)
Opening the Correct Firewall Ports 306 (3)
Protecting FE/BE Communications 309 (4)
Publishing Outlook Web Access with ISA 313 (5)
Server
Creating the Web Listener 314 (1)
Creating the Outlook Web Access 315 (2)
Destination Set
Creating the Web Publishing Rule 317 (1)
Applying the Finishing Touches 318 (3)
Shutting Down the Information Store 318 (1)
Minimizing Running Services 319 (2)
Summary 321 (1)
Additional Reading 321 (2)
Securing POP and IMAP 323 (10)
Understanding POP and IMAP 323 (1)
Controlling User Access to IMAP and POP 324 (2)
Choosing an Authentication Method 324 (1)
Controlling Access by IP Address 325 (1)
Regulating Who Can Use the Protocol 325 (1)
Server
Using POP and IMAP with SSL 326 (3)
Summary 329 (1)
Additional Reading 329 (4)
PART V Advanced Topics
Instant Messaging Security 333 (14)
Understanding Exchange Instant Messaging 333 (3)
Why Bother? 335 (1)
Controlling User Access to IM 336 (3)
Controlling Access for Individual Users 336 (1)
Setting User Privacy Properties 337 (1)
Controlling Access for Groups 338 (1)
Controlling Access Using Internet 339 (1)
Information Services
Controlling the IM Client Through Group 339 (2)
Policies
Controlling IM Traffic 341 (4)
Blocking Inbound Traffic 341 (1)
Blocking Outbound Traffic 342 (1)
Restricting File Transfers 343 (1)
Using Firewalls with Exchange IM 343 (2)
Filtering, Archiving, and Monitoring IM 345 (1)
Traffic
Summary 346 (1)
Additional Reading 346 (1)
Security Logging 347 (40)
Understanding Security Logging 347 (2)
How Windows 2000 Auditing Works 348 (1)
What Windows 2000 Puts in the Event Logs 348 (1)
Using Auditing in Windows 2000 349 (8)
What's in the Log Entry? 349 (1)
Controlling What Gets Audited 349 (5)
Automated Analysis Tools 354 (3)
What to Audit and Why 357 (3)
Account Management Events 357 (1)
Account Logon Events 358 (1)
Logon Events 359 (1)
Privilege Use 359 (1)
Summary 360 (1)
Additional Reading 360 (3)
PART VI Appendixes
A The Ten Immutable Laws 363 (14)
The Ten Immutable Laws of Security 363 (6)
The Ten Immutable Laws of Security 369 (8)
Administration
B Permissions Guide 377 (10)
Permissions on Objects in the Exchange 378 (3)
Configuration Tree
Permissions on the Server Object and 381 (1)
Its Children
Permissions on Other Objects in the 382 (1)
Configuration Tree
Permissions Set on Public Key Services 383 (1)
Objects
Permissions on Objects in the Domain 384 (3)
Naming Context
Index 387