IT tutorials
 
Applications Server
 

Securing an Exchange Server 2007 Environment : Securing Your Windows Environment (part 1) - Windows Server 2003 Security Improvements , Windows Vista Security Improvements

10/24/2014 3:16:30 AM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

At its basic components, a Microsoft Exchange environment can be reduced to four main components:

  • Server operating system— Microsoft’s latest server operating system (OS), and the one that Exchange Server 2007 is designed to run on, is Microsoft Windows Server 2003 R2.

  • Server messaging system— Exchange Server 2007 is the current messaging system from Microsoft. Exchange 2007 provides messaging, calendaring, mobile access, and unified communications for the enterprise.

  • Client operating system— Microsoft’s latest client operating systems are Microsoft Windows Vista and Microsoft Windows XP Service Pack 2 (SP2). Although Exchange Server 2007 can work with older versions of client software.

  • Client messaging application— Microsoft’s latest client messaging application is Microsoft Office Outlook 2007. Again, although Exchange can work with older versions of Outlook

Both the server messaging system and the client messaging application are only as secure as their underlying operating systems. Fortunately, Microsoft Windows Server 2003, Windows Vista, and Microsoft Windows XP are very secure by default, and with a little knowledge and experience can be made exceptionally secure.


The concept of securing Windows Vista and Windows XP can best be grasped if it is broken down into smaller components.

  • Authentication

  • Access control

  • Patch management

  • Communications

Windows Server 2003 Security Improvements

Even from the default installation, Windows Server 2003 is significantly more secure than its predecessors. Previous versions installed with most features defaulting to an enabled state, counting on the administrator to disable them if they were not going to be used. This left a lot of openings for malicious intruders, especially in an environment where the administration staff was not well versed in hardening an underlying operating system.

In Windows Server 2003, many of the features and services are installed, but disabled by default, making it more difficult for unauthorized users to exploit vulnerabilities. This is one way of improving server security, known as “reducing the attack surface.”

Some of the changes in Windows Server 2003 include the following:

  • After a default installation, many services are disabled, rather than enabled.

  • Internet Information Services (IIS), the built-in web server, has been completely overhauled and is no longer installed by default. In addition, group policies can be implemented that prevent the unauthorized installation of IIS in your environment.

  • Access control lists (ACLs) have been redefined and are stronger by default.

  • Security can be defined by server and user roles.

  • Public Key Infrastructure (PKI) Certificate Services has been enhanced and includes advanced support for automatic smart card enrollment, certificate revocation list (CRL) deltas, and more.

  • Wireless security features, such as IEEE 802.1X, are supported.

  • The Security Configuration Wizard, included in Windows Server 2003 Service Pack 1 (SP1), can further lock down security based on server role and function.

Windows Vista Security Improvements

Windows Vista complements Windows Server 2003 from the client perspective by supporting the security features embedded in Windows Server 2003. The following are among the more notable security features in Window Vista:

  • Core system files and kernel data structures are protected against corruption and deletion.

  • Software policies can be used to identify and restrict which applications can run.

  • Wireless security features, such as IEEE 802.1X, are supported.

  • Sensitive or confidential files can be encrypted using Bitlocker encryption as well as Encrypting File System (EFS).

  • Communications can be encrypted using IP Security (IPSec).

  • Kerberos-based authentication is integrated in the core logon process.

  • Enhanced security devices such as smart cards and biometric devices are supported.

All of the security improvements are supported with Group Policy enhancements to the Windows Vista operating system, providing centralized policy setting and management.

Windows Firewall Protection

In today’s messaging environments, users often have to be able to access their emails from noncorporate locations. Gone are the days of accessing email only from the office computer; many users now access their mail from hotels, client sites, or wireless network “hot spots” such as the local coffee house.

Supporting this “anytime, anywhere” availability is important, but organizations must work to minimize potential security risks that can come with enhanced functionality.

Because remote users are often utilizing equipment that is not configured by their organization’s security administrators, this equipment can be more susceptible to viruses and intrusions. To minimize security risks, client computers should have the Windows Firewall installed and operating.

Windows Firewall provides a protective boundary that monitors information traveling between a computer and a network (including the Internet). Windows Firewall blocks “unsolicited requests,” which are often the result of external users located on a network trying to access your computer. Windows Firewall also helps protect you by blocking computer viruses and worms that try to reach your computer through a network connection.

The Windows Firewall uses stateful packet inspection to monitor all communications to and from the computer and records the outbound connections made from the protected system. Windows Firewall can also be customized to allow exceptions based on an application or port as well as to log security events.

 
Others
 
- Securing an Exchange Server 2007 Environment : Client-Level Secured Messaging - Exchange Server 2007 Client-Level Security Enhancements
- Microsoft Exchange Server 2010 Requirements : Additional Requirements
- Microsoft Exchange Server 2010 Requirements : Software Requirements (part 2) - Windows Server Roles and Features
- Microsoft Exchange Server 2010 Requirements : Software Requirements (part 1) - Additional Software
- Microsoft Exchange Server 2010 Requirements : Getting the Right Server Hardware (part 3) - Disk Requirements
- Microsoft Exchange Server 2010 Requirements : Getting the Right Server Hardware (part 2) - Memory Recommendations, Network Requirements
- Microsoft Exchange Server 2010 Requirements : Getting the Right Server Hardware (part 1) - The Typical User , CPU Recommendations
- Upgrading to Sharepoint 2013 : Upgrading Service Applications
- Upgrading to Sharepoint 2013 : Upgrading Site Collections
- Upgrading to Sharepoint 2013 : Upgrading Content (part 4) - Attaching the Content Database
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- Is possible to just to use a wireless router to extend wireless access to wireless access points?
- Ruby - Insert Struct to MySql
- how to find my Symantec pcAnywhere serial number
- About direct X / Open GL issue
- How to determine eclipse version?
- What SAN cert Exchange 2010 for UM, OA?
- How do I populate a SQL Express table from Excel file?
- code for express check out with Paypal.
- Problem with Templated User Control
- ShellExecute SW_HIDE
programming4us programming4us