[Previous] [Next]
Windows 2000 provides security via the following security protocols:
- Kerberos version 5 The default protocol for authentication and logon.
- NTLM (Windows Challenge/Response) Provided for backward compatibility with Microsoft Windows NT 4 and earlier, including Windows 3.11.
- Digital certificates Used with a PKI deployment; especially useful for authenticating parties outside your organization. The use of digital certificates is becoming more frequent as companies attempt to secure their communications more fully.
- SSL/TLS(Secure Sockets Layer/Transport Layer Security) Appropriate for connection-oriented security, such as access to Web-based resources on the Internet.
This chapter focuses on the use of digital certificates and public and private keys to secure messages in Exchange 2000 Server. We'll begin by looking at the public-key infrastructure in Windows 2000.