S 2.481 Planning the use of Exchange for Outlook Anywhere
With Outlook Anywhere users can access Exchange via the internet. This is a server-side delivery service and not a client software. Since data traffic on the internet is more susceptible to attacks than data traffic within an intranet, it is recommendable to select a security strategy involving as many security options as possible.
Use of SSL for Outlook Anywhere
If Outlook Anywhere is to be used for accessing Exchange information via the internet, a valid SSL certificate (Secure Sockets Layer) must be installed, whereby this certificate must have been issued by a certificate authority (CA) that is trustworthy for the operating system of the client computer.
Use of the SSL shift for Outlook Anywhere
When using an SSL proxy assuming SSL encryption of the data traffic directed towards the client access server, the so-called SSL shift must be configured correctly for Outlook Anywhere. In doing so, the SSL connection establishment is performed completely using the SSL proxy in order to save valuable bandwidth and resources.
Configuration of the authentication for Outlook Anywhere
The authentication method for Outlook Anywhere must be selected. Default authentication and integrated Windows authentication should not be configured at the same time, with the latter being more secure.
The specific implementation of these requirements for version 2010 is as follows, for example:
- Regarding the secure use of Outlook Anywhere, the information provided on the Microsoft Technet websites in "Understanding Security for Outlook Anywhere: Exchange 2010 Help" must be taken into consideration. The configuration settings are documented in "Managing Outlook Anywhere: Exchange 2010 Help". The focus mainly is on activation, deactivation, authentication, SSL encryption, and certificate management.
Review questions:
- Is a valid SSL certificate used when using Outlook Anywhere?
- Is the SSL shift configured correctly for Outlook Anywhere?
- Was exactly one authentication method selected and configured for Outlook Anywhere?