Chapter 13. Securing Messaging Traffic
IN THIS CHAPTER
Messaging has moved from the realm of a "nice to have" service to a business-critical application that serves as the communications lifeblood for many organizations. It no longer is acceptable for email services to be unavailable for lengthy periods of time or for performance from the email system to be slow and unresponsive. At the same time, the demands for new and better methods of getting to email keep increasing, putting additional strain on messaging administrators who are tasked with providing secure, reliable access.
In tandem with the growth of the capabilities and reach of messaging are the security concerns associated with providing access to these resources. Along with the need to pro vide for "anytime, anywhere" access to email comes the risks of opening up the messaging environment to prying eyes.
In response to these threats, ISA Server 2004 provides for a comprehensive set of tools to secure messaging platforms, with built-in knowledge to inspect and protect mail traffic to and from email systems through advanced Application-layer filtering and publishing rules.
This chapter focuses on the best practice approaches to securing email-related services (other than OWA) with ISA Server 2004. Specific step-by-step examples of using ISA to secure OMA, SMTP, MAPI, POP, IMAP, RPC over HTTP, and ActiveSync are illustrated and defined. Outlook Web Access (OWA) deployment scenarios are covered in Chapter 12, "Securing Outlook Web Access (OWA) Traffic." The examples in this chapter focus on a deployment scenario with ISA as an edge firewall or inline firewall to an additional firewall product.