A good place to start looking at server security is with the underlying operating system. Although Exchange 2003 can run on Windows 2000 servers, security enhancements have been made in Windows 2003 Server that benefit Exchange administrators. These benefits aren't necessarily specific to Exchange, but Exchange administrators will leverage them to provide a secure server platform.
When you're installing Exchange 2003 on Windows 2003 Server, you can be assured that all the security enhancements made with this operating system release are filtered through to Exchange. By default, Windows 2003 Server provides a secure, scalable platform for Exchange through Microsoft's new mantra of "secure by design." Microsoft's mantra ensures that only required features are enabled when you first install and configure the operating system.
For Exchange administrators, this means less avenues for attack or exploitation of Exchange servers. This includes direct attacks against the servers as well as attacks using applications that run on the servers, including Outlook Web Access (OWA).
Get more "8 Exchange 2003 security tips in 8 minutes." Return to the main page.
About the authors:
David McAmis is an enterprise architect and partner in a consulting firm in Sydney, Australia. David has written a number of books and more than 100 articles that have appeared in magazines and journals.
Don Jones, MCSE, CTT+, is an independent consultant and founding partner of BrainCore.Net. Don is the author of more than a dozen books and the creator and series editor of Sams Publishing's Delta Guide series. He is also a contributing editor and columnist for Microsoft® Certified Professional Magazine, the Microsoft technology columnist for CertCities.com, and a speaker at technology conferences.
Dig Deeper on Microsoft Exchange Server 2003