Understanding How Exchange 2000 Server Integrates with Windows 2000 Security

[Previous] [Next]

This section focuses on how Exchange 2000 Server uses the Windows 2000 security features. The Windows 2000 security features can be divided into two broad areas: core operating system features and additional features.

The core operating system features form the basis of a secure implementation of Windows 2000 Server. Those features include the following:

  • Active Directory services Unifies Exchange 2000 and Windows 2000 objects into one directory.
  • Kerberos authentication
  • Access control model Gives granular control over Active Directory entries and Exchange objects.
  • Microsoft Certificate Services Can be used by other applications to provide security across different layers.

Additional applications that enhance the features of the core operating system include the following:

  • IP Security (IPSec) Used for network, remote access, and virtual private networks.
  • Encrypting File System Provides additional security for mobile users.
  • Security Configuration Analyzer Ensures adherence to security policies.

Active Directory

Active Directory in Windows 2000 replaces the Security Accounts Manager (SAM) in Windows NT Server 4 as the security database. However, like an object in the SAM, each Active Directory object is given a 96-digit, pseudorandom security identifier (SID) that is globally unique.

Not all objects in Active Directory are assigned an SID. For instance, a security group has an SID, but a distribution group does not. Likewise, mail-enabled users have SIDs, but mail-enabled contacts do not. Only those objects that have SIDs can be added to the access control list (ACL) of a resource. If an object does not have an SID, it cannot be placed in the ACL. Therefore, non-SID objects cannot access resources guarded by an ACL.

Kerberos Authentication

Kerberos treats Exchange 2000 Server like a service. When a client needs to contact an Exchange server, the client first requests an Exchange service ticket from the key distribution center (KDC). The ticket is then used for authentication to the Exchange server.

The Exchange services also use Kerberos to make a service account log on to a domain controller through the local system account. This account uses computer credentials that change every seven days. The user name of the Exchange 2000 server is added to the Exchange Servers group, which is added to the ACL for the core objects.

NOTE
It is well beyond the scope of this book to cover Kerberos authentication in detail. To learn more about Kerberos authentication, what a ticket is, and how this protocol works, consult the Microsoft Windows 2000 Server Distributed Systems Guide in the Microsoft Windows 2000 Server Resource Kit (Microsoft Press, 2000).

Access Control Model

The access control model in Exchange 2000 Server follows that of Windows 2000 Server, giving us greater granularity of control for Exchange 2000 Server objects than for Exchange Server 5.5 objects. For instance, you can grant or deny access by container, by item, and at the property level. In addition, Exchange 2000 objects are based on the Windows 2000 NTFS file system and Active Directory objects. By way of illustration, if a user has access to only five out of the ten items in a public folder, the user will see only those five items. Moreover, when a user who does not have access rights to certain attributes performs a search, the user will have only the results that he or she can see.

NOTE
As you migrate public folders from Exchange 5.5 Server, the distribution lists become distribution groups, which do not have SIDs. As a result, you may need to implement new security settings. In addition, public folders created in Exchange 2000 Server will have a Windows 2000 ACL. If the folder is to be replicated to the Exchange Server 5.5 system, be sure to test the folder for access control functions, since the ACLs in Windows NT 4 Server andWindows 2000 Server are different.

IP Security

While KMS provides security on the application layer, IP Security (IPSec) provides security on the IP transport layer; hence, IPSec provides a higher level of security on a different level than KMS. In a highly secure environment, IPSec can be used to encrypt information from client to server and from server to server. IPSec works in tandem with Layer 2 Tunneling Protocol (L2TP).

With all of these different security features available, you'll need to consider which type of security you would like to implement. Table 21-8 summarizes some of the encryption and authentication methods commonly used today.

Table 21-8. Common encryption and authentication methods

Services Method Used Keys
IPSec Encryption
Authentication
Integrity
DES 128-bit
MD5 128-bit
SHA 160-bit
Kerberos
KMS Encryption
Digital signature
DES, 3DES 128-bit
RSA 512-bit
EFS Encryption DESX 128-bit



Microsoft Exchange 2000 Server Adminstrator's Companion
Microsoft Exchange 2000 Server Adminstrator's Companion
ISBN: N/A
EAN: N/A
Year: 1999
Pages: 193

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net