module 6 planning and deploying messaging security
TRANSCRIPT
![Page 1: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/1.jpg)
Module 6
Planning and Deploying Messaging Security
![Page 2: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/2.jpg)
Module Overview
• Designing Message Security
• Designing Antivirus and Anti-Spam Solutions
![Page 3: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/3.jpg)
Lesson 1: Designing Message Security
• Defining Message Security Requirements
• Designing Restrictions to Message Flow
• Designing SMTP Connector Security
• Designing Secure Message Routing Between Partner Organizations
• Designing Client-Based Messaging Security
![Page 4: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/4.jpg)
Defining Message Security Requirements
• Is confidential business information sent by using e-mail?
• Is private customer information sent by using e-mail?
• Are recipients and senders internal, or is e-mail sent externally?
• Are confidential e-mails sent primarily to a limited number of external organizations, or to a variety of recipients?
If e-mail is secured using policies or technical solutions, analyze the effectiveness and satisfaction with the solution If e-mail is secured using policies or technical solutions, analyze the effectiveness and satisfaction with the solution
To collect information required to analyze message recipients and senders, ask:
To collect information required to analyze e-mail message contents, ask:
![Page 5: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/5.jpg)
Designing Restrictions to Message Flow
Transport rules can restrict message flow or modify message contents for messages in transitTransport rules can restrict message flow or modify message contents for messages in transit
• Restrict message flow with transport rules
• Implement Hub Transport rules
• Implement Edge Transport rules
• Implement message classifications
![Page 6: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/6.jpg)
Designing SMTP Connector Security
• Configure authentication for SMTP Receive connectors
• Configure authentication for SMTP Send connectors
• TLS
SMTP connector
SMTP connector
Options for providing additional security for SMTP e-mail:
![Page 7: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/7.jpg)
Designing Secure Message Routing Between Partner Organizations
Generate a request for TLS certificates on the Edge Transport server11
Configure outbound Domain Security33Configure inbound Domain Security44Test Domain-secured mail flow55
Import and enable the certificate on the Edge Transport server22
Domain Security uses TLS with mutual authentication to provide session-based authentication and encryptionDomain Security uses TLS with mutual authentication to provide session-based authentication and encryption
To set up partner security:
![Page 8: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/8.jpg)
Designing Client-Based Messaging Security
Exchange servers
S/MIME encrypted
S/MIME provides message-level authentication, non-repudiation, data integrity, and message encryption S/MIME provides message-level authentication, non-repudiation, data integrity, and message encryption
AD RMS is a technology that works with RMS-aware applications to help protect documents and e-mail from unauthorized use
AD RMS is a technology that works with RMS-aware applications to help protect documents and e-mail from unauthorized use
![Page 9: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/9.jpg)
Lesson 2: Designing Antivirus and Anti-Spam Solutions
• Overview of Antivirus and Anti-Spam Solution Requirements
• Options for Implementing Antivirus and Anti-Spam Solutions in Exchange Server 2010
• Designing Anti-Spam Solutions
• Recommendations for Monitoring the Anti-Spam Solution
• Designing Antivirus Solutions
• Managing Antivirus Solutions
![Page 10: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/10.jpg)
Overview of Antivirus and Anti-Spam Solution Requirements
• How often are antivirus and anti-spam filters updated, and are the processes automated?
• How does the anti-spam solution provide a balance between false positives and reducing as much spam as possible?
• What options does the solution provide for quarantining potentially malicious messages?
• What management and monitoring tools does the solution provide?
• How well does the solution integrate with your current system?
Critical factors to consider when evaluating antivirus and anti-spam solutions include:
![Page 11: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/11.jpg)
Options for Implementing Antivirus and Anti-Spam Solutions in Exchange Server 2010
• Connection filtering
• Sender filtering
• Recipient filtering
• Sender ID
• Content filtering
• Sender reputation
• Attachment filtering
• Forefront Protection 2010 for Exchange Server
• Office Outlook Junk e-mail filtering
Exchange Server 2010 provides a number of antivirus and anti-spam solutions:
![Page 12: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/12.jpg)
Designing Anti-Spam Solutions
Consider implementing Edge Transport servers as SMTP gateway servers
Configure filter agents to reject messages
Scan messages for spam before scanning for viruses
Scan for spam at the messaging gateway/Edge Server
Implement safelist aggregation Implement automatic anti-spam updates Increase the filtering level over time
Scan for spam on the Hub Transport server
![Page 13: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/13.jpg)
Recommendations for Monitoring the Anti-Spam Solution
• Monitor for false positives
• Monitor for filtering effectiveness
• Monitor the quarantine mailbox
• Collect user feedback on the spam filter effectiveness
• Identify administrators, and provide monitoring tools
• Establish guidelines regarding when to monitor the system
• Establish a change control process for modifying spam filters
Exchange Server 2010 enables anti-spam stamps to help you diagnose spam-related problemsExchange Server 2010 enables anti-spam stamps to help you diagnose spam-related problems
As part of the monitoring process design, you should:
As part of the monitoring process, you should:
![Page 14: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/14.jpg)
Designing Antivirus Solutions
Scan both incoming and outgoing e-mail
Strip attachments of certain file types
Delete rather than clean infected messages
Implement a defense-in-depth approach
Consider implementing Forefront Security for Exchange Server
![Page 15: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/15.jpg)
Managing Antivirus Solutions
Monitor daily statistics
Regularly monitor antivirus software sites
Automate as many processes as possible
Develop clearly defined policies and processes
Develop a user education process Consider using Microsoft Exchange Hosted Services
![Page 16: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/16.jpg)
Lab: Planning and Deploying Messaging Security
• Exercise 1: Designing Message Security
• Exercise 2: Designing Antivirus and Anti-Spam Solutions
• Exercise 3: Implementing Message Security
Logon information
Estimated time: 60 minutes
![Page 17: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/17.jpg)
Lab Scenario
You are a messaging engineer for the A. Datum Corporation, an enterprise-level organization with multiple locations. You have been tasked with undertaking an analysis of the organization’s message security requirements. After you complete the analysis, you must update the necessary documentation.
After you have completed the message security analysis, you will investigate the organization’s antivirus and anti-spam requirements, and update the necessary documentation with your planned changes.
Finally, you will implement S/MIME within the A. Datum organization, as per the security requirements document.
![Page 18: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/18.jpg)
Lab Review
• In exercise 3, you configured S/MIME by deploying a suitable certificate to all users in the Adatum.com domain. Using this method, could you exchange S/MIME-secured messages with partner organizations?
• What alternatives could you use instead of S/MIME to secure communications between partner organizations?
![Page 19: Module 6 Planning and Deploying Messaging Security](https://reader035.vdocuments.us/reader035/viewer/2022062301/56649e965503460f94b9a13d/html5/thumbnails/19.jpg)
Module Review and Takeaways
• Review Questions
• Best Practices