Chapter 9 - Implementing Security for Hosted Services

Chapter 9

About This Chapter

Neither application service providers (ASPs) nor private companies can risk exposure of their computer networks to the Internet without at least a basic level of security. In fact, most organizations require more than basic security. Can you afford to expose your Web servers and messaging systems directly to the Internet without protection? To cope with the ever-growing sophistication of attacks, a complex arrangement of firewalls and intrusion detection systems is necessary. You also need to guard against attacks from inside your network, such as information theft and user impersonation. Firewalls don’t help at this point, but encryption and intrusion detection technology does.

Microsoft Exchange 2000 Server takes full advantage of the security features available in Microsoft Windows 2000 Server. For example, you can entirely encrypt the internal communication between your computer systems using Internet Protocol Security (IPSec). To communicate securely over public network connections, such as the Internet, you can enforce encryption by means of Secure Sockets Layer (SSL). Virtual private networks (VPNs) are an alternative if you want to fully support mobile and remote users. Exchange 2000 Server also supports advanced security features based on X.509 version 3, a well-established security standard set by the International Telecommunication Union (ITU-T). Enabled with advanced security, you can send signed and sealed messages to recipients in your own and foreign messaging environments. Signed and sealed messages allow recipients to verify originator information and message contents, and unauthorized persons do not have access to the data even if they manage to capture encrypted messages.

This chapter explains how to protect an Exchange 2000 server by means of firewalls and how to integrate this messaging platform into a public-key infrastructure (PKI) to enable Exchange 2000 users with advanced security features. Lesson 1 tackles the implementation of firewalls and other security measures to defend against attacks from the Internet. Lesson 2 continues with an explanation of advanced security features that can help to preclude unauthorized modification or theft of sensitive information.

Before You Begin

To complete the lessons in this chapter, you need to

  • Be aware of the technical features of Exchange 2000 Server, as explained in Chapter 1, "Introduction to Microsoft Exchange 2000 Server"
  • Have practical experience in administering PC-based messaging systems and be familiar with the concepts of directory synchronization, as discussed in Chapter 4, "Assessing the Current Messaging Infrastructure"
  • Know the various design elements of Exchange 2000 Server, such as administrative and routing groups, as discussed in Chapter 5, "Designing a Basic Messaging Infrastructure with Microsoft Exchange 2000 Server"



MCSE Microsoft Exchange 2000 Server Design and Deployment Training Kit(c) Exam 70-225
MCSE Training Kit (Exam 70-225): Microsoft Exchange 2000 Server Design and Deployment (Pro-Certification)
ISBN: 0735612579
EAN: 2147483647
Year: 2001
Pages: 89

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net