Page 1
Audio: (800) 618-7506 : Pin 6405
24 Hours of Exchange Server 2007 24 Hours of Exchange Server 2007 (Part 15 of 24): Using Internet (Part 15 of 24): Using Internet Security and Acceleration (ISA) Security and Acceleration (ISA) Server 2006 for Secure Exchange Server 2006 for Secure Exchange Server PublishingServer Publishing
Harold [email protected] /haroldwong
Audio: please try Streaming Internet Audio firstIf that doesn’t work, use:
(800) 618-7506: Pin 6405
Page 2
Audio: (800) 618-7506 : Pin 6405
What We Will CoverWhat We Will Cover
• MicrosoftMicrosoft®® Internet Security and Acceleration Internet Security and Acceleration (ISA) Server 2006 overview(ISA) Server 2006 overview
• Sending and receiving e-mailSending and receiving e-mail
• MicrosoftMicrosoft®® Exchange Server Exchange Server client access client access
Page 3
Audio: (800) 618-7506 : Pin 6405
AgendaAgenda
• ReviewReview
• Sending and Receiving E-mailSending and Receiving E-mail
• Publishing Exchange Server Client AccessPublishing Exchange Server Client Access
Page 4
Audio: (800) 618-7506 : Pin 6405
AntiVirus Features of Exchange AntiVirus Features of Exchange Server 2007Server 2007
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Content filteringContent filtering
4.4. Attachment filteringAttachment filtering
Which spam filtering technology played an early role in virus protection?
Page 5
Audio: (800) 618-7506 : Pin 6405
AntiVirus Features of Exchange AntiVirus Features of Exchange Server 2007Server 2007
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Sender ID filteringSender ID filtering
4.4. Sender reputation filteringSender reputation filtering
Which type of filtering allows the Edge Transport server to look up IP addresses in a list of known virus hosts?
Page 6
Audio: (800) 618-7506 : Pin 6405
AntiVirus Features of Exchange AntiVirus Features of Exchange Server 2007Server 2007
1.1. Connection filteringConnection filtering
2.2. Sender filteringSender filtering
3.3. Content filteringContent filtering
4.4. Attachment filteringAttachment filtering
Which filtering mechanism moves e-mail messages into the spam quarantine mailbox?
Page 7
Audio: (800) 618-7506 : Pin 6405
AntiVirus Software and ServicesAntiVirus Software and Services
1.1. Edge Transport serverEdge Transport server
2.2. Hub Transport serverHub Transport server
3.3. Mailbox serverMailbox server
4.4. Desktop client computersDesktop client computers
Which system should not run e-mailantivirus scanning according to Exchange Server 2007 best practices?
Page 8
Audio: (800) 618-7506 : Pin 6405
AntiVirus Software and ServicesAntiVirus Software and Services
1.1. FiveFive
2.2. SixSix
3.3. SevenSeven
4.4. EightEight
What is the maximum number of antivirusscanning engines that can be configured forForefront?
Page 9
Audio: (800) 618-7506 : Pin 6405
AntiVirus Software and ServicesAntiVirus Software and Services
1.1. OneOne
2.2. TwoTwo
3.3. ThreeThree
4.4. FourFour
What is the minimum number of antivirusengines you can configure when using Microsoft Exchange Hosted Filtering?
Page 10
Audio: (800) 618-7506 : Pin 6405
AgendaAgenda
• ReviewReview
• Introducing ISA Server 2006Introducing ISA Server 2006
• Publishing Exchange Server Client AccessPublishing Exchange Server Client Access
Page 11
Audio: (800) 618-7506 : Pin 6405
ISA Server 2006ISA Server 2006
InternetInternet
Page 12
Audio: (800) 618-7506 : Pin 6405
Client authentication method
Authentication validation method
Authentication delegation Access method
HTML forms-based authentication
Windows (Active Directory®)
LDAP (Active Directory®)
RADIUS
Basic
Negotiate (Kerberos/NTLM)
Microsoft® Office Outlook® Web Access
Outlook Anywhere
ActiveSync®
HTML forms-based authentication RSA SecurID RSA SecurID
Outlook Web Access(OWA)
ActiveSync®
SSL client certificate authentication
Windows (Active Directory®)
Kerberos constrained delegation
Outlook Web Access(OWA)
ActiveSync®
AuthenticationAuthentication
Page 13
Audio: (800) 618-7506 : Pin 6405
Internet
Sending and Receiving E-MailSending and Receiving E-Mail
Exchange Server 2007
ISA Server 2006 Internal Client
Page 14
Audio: (800) 618-7506 : Pin 6405
Introducing ISA Server 2006Introducing ISA Server 2006
1.1. Connect and secure remote branchesConnect and secure remote branches
2.2. Securely publish content for remote accessSecurely publish content for remote access
3.3. Prevent employees from sending SPAMPrevent employees from sending SPAM
4.4. Defend against external and internal Web-Defend against external and internal Web-based threats based threats
Q1: Which scenario is not a way ISA Server 2006 can be used to secure communications?
Page 15
Audio: (800) 618-7506 : Pin 6405
Introducing ISA Server 2006Introducing ISA Server 2006
1.1. Outside the firewallOutside the firewall
2.2. Between the Exchange Server and clientsBetween the Exchange Server and clients
3.3. At each remote locationAt each remote location
4.4. Between the Internet and the Exchange Between the Internet and the Exchange Server Server
Q2: Where is ISA 2006 located to secure the e-mail communications?
Page 16
Audio: (800) 618-7506 : Pin 6405
Introducing ISA Server 2006Introducing ISA Server 2006
1.1. A DNS resource record of servers accepting A DNS resource record of servers accepting incoming e-mail messagesincoming e-mail messages
2.2. A DNS resource record of Internet serversA DNS resource record of Internet servers
3.3. A DNS resource record of e-mail messages in A DNS resource record of e-mail messages in the domainthe domain
4.4. A record on the ISA ServerA record on the ISA Server
Q3: What is a mail exchanger (MX) record?
Page 17
Audio: (800) 618-7506 : Pin 6405
AgendaAgenda
• ReviewReview
• Introducing ISA Server 2006Introducing ISA Server 2006
• Publishing Exchange Server Client AccessPublishing Exchange Server Client Access
Page 18
Audio: (800) 618-7506 : Pin 6405
Client Access OptionsClient Access Options
Outlook Web AccessOutlook Web Access
Outlook AnywhereOutlook Anywhere
Exchange ActiveSyncExchange ActiveSync
Page 19
Audio: (800) 618-7506 : Pin 6405
ISA Configuration
Install server certificate
Update public DNS
Exchange Configuration
Enable Outlook Anywhere
Install server certificate
Require SSL communications
Publish Exchange Client AccessPublish Exchange Client Access
Forms-based authentication not selected
Page 20
Audio: (800) 618-7506 : Pin 6405
Configuring Client Access
Configure Exchange Server 2007Configure Exchange Server 2007 Configure ISA Server 2006 Configure ISA Server 2006 Configure DNSConfigure DNS
demonstrationdemonstration
Page 21
Audio: (800) 618-7506 : Pin 6405
Link Translation
SSL Bridging and Link SSL Bridging and Link TranslationTranslation
HTTP S
SSL BridgingScenario 1 Scenario 2HTTP to HTTPS Redirection
Mail.Contoso.comMail.Contoso.com SEA-EXC-01.Contoso.comSEA-EXC-01.Contoso.com
Page 22
Audio: (800) 618-7506 : Pin 6405
Publishing Exchange Server 2007
Create a Web listenerCreate a Web listener Create an Exchange Web Client AccessCreate an Exchange Web Client Access
publishing rule publishing rule Enable HTTP to HTTPS redirectionEnable HTTP to HTTPS redirection
demonstrationdemonstration
Page 23
Audio: (800) 618-7506 : Pin 6405
Publishing Exchange Client Publishing Exchange Client AccessAccess
1.1. Outlook AnywhereOutlook Anywhere
2.2. Outlook Mobile AccessOutlook Mobile Access
3.3. Outlook Web AccessOutlook Web Access
4.4. Exchange ActiveSyncExchange ActiveSync
Q1: Which access method is not available in Exchange Server 2007?
Page 24
Audio: (800) 618-7506 : Pin 6405
Publishing Exchange Client Publishing Exchange Client AccessAccess
1.1. FourFour
2.2. TwoTwo
3.3. ThreeThree
4.4. TenTen
Q2: How many configuration steps are needed on the Exchange Server for secure publishing?
Page 25
Audio: (800) 618-7506 : Pin 6405
Publishing Exchange Client Publishing Exchange Client AccessAccess
1.1. At the clientAt the client
2.2. At the Exchange ServerAt the Exchange Server
3.3. At the domain controllerAt the domain controller
4.4. At the ISA ServerAt the ISA Server
Q3: Where is HTTP to HTTPS redirection performed?
Page 26
Audio: (800) 618-7506 : Pin 6405
Session SummarySession Summary
• Better togetherBetter together
• Secure e-mail with ISA Server 2006Secure e-mail with ISA Server 2006
• Provide enhanced user experienceProvide enhanced user experience
Page 27
Audio: (800) 618-7506 : Pin 6405
Questions and AnswersQuestions and Answers
• Submit text questions using the “Ask” button. Submit text questions using the “Ask” button. • Don’t forget to fill out the survey.Don’t forget to fill out the survey.• For upcoming and previously live webcasts: For upcoming and previously live webcasts:
www.microsoft.com/webcasts
• Got webcast content ideas? Contact us at: Got webcast content ideas? Contact us at: http://go.microsoft.com/fwlink/?LinkId=41781
• Today's webcast was presented using MicrosoftToday's webcast was presented using Microsoft®® Office Live Meeting. Get a free 14-day trial by Office Live Meeting. Get a free 14-day trial by visiting: visiting: www.microsoft.com/presentlive
Page 28
Audio: (800) 618-7506 : Pin 6405