Home
Topics
Exchange Server Security

Replacing Forefront TMG: Alternate reverse-proxy opt...

With the discontinuation of Forefront TMG, Exchange admins are left wondering what to do moving forward. The available options may surprise you.
Exchange 2013 anti-malware protection: Will you need...

Trusting native Exchange 2013 anti-malware protection to protect your environment is an option, but that doesn't necessarily mean it's the best one.
Microsoft Exchange 2013 Poison Message Queue

Microsoft Exchange 2013 Poison Message Queue is a queue that exists specifically to hold messages deemed harmful to the deployment after a transpor...
Preventing denial-of-service attacks on virtualized ...

Denial-of-service attacks pose a serious security threat to virtualized Exchange servers. Discover what you can do to mitigate potential intrusions.

Exchange Security

Spam and virus protection
Email Compliance
Email Encryption
Email Policy Management
ISA Server and Firewalls
Password Management
Microsoft Exchange Server Permissions
Phishing and Email Fraud Protection
User Authentication for Outlook and OWA
Virtual Private Networks (VPNs)

Email Alerts

Register now to receive SearchExchange.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Does Exchange 2013 need an edge transport server?

Though server roles were consolidated in Exchange 2013, one reader wonders if an edge transport server should still be included. Our expert weighs in.Answer
edge transport server

Edge transport server is an Exchange Server 2010 role that helps route Internet email as well as protect the Exchange organization from viruses and spam.Definition
Six commonly overlooked Exchange security vulnerabilities
An overview of Forefront Protection 2010 for Exchange Server
Exchange Server spam and virus tool considerations

Spam and virus tools go a long way toward supplementing native Exchange security features. Get insight into special considerations, common oversights and more before plunking down serious bucks.guide
Eight steps to better securing Exchange Server 2010

Properly protecting Exchange Server 2010 means maintaining top-notch security. Perform the tasks on this checklist regularly to keep your deployment safe and sound.Tip
How to secure Exchange Server 2010 post deployment

So you’ve deployed Exchange 2010, but are you confident in its security? If you’re unsure, make certain you’ve checked off these seven items.Tip
All Outlook 2010 Trust Center settings are not created equal

The Outlook 2010 Trust Center offers plenty of security settings to administrators. That doesn’t mean they’re all important though.Tip
Don’t overlook security add-ons when troubleshooting Outlook issues

Third-party add-ons are supposed to aid and protect Outlook, right? They may be hurting more than they’re helping if not properly configured.Tip
An overview of Forefront Protection 2010 for Exchange Server

Take a deep dive into Forefront Protection 2010 for Exchange Server and see how it helps defend Exchange 2010 from spam and malware attacks in multiple types of environments.Tip
VIEW MORE ON : Spam and virus protection

How to create Exchange 2013 data loss prevention policies

While data loss prevention policies are a cool new feature in Exchange 2013, you must understand how to build them before you can use them.Tip
Hosted Exchange Server prep work: Archiving and compliance suggestions

Proper preparation is crucial before moving to hosted Exchange Server. How you'll remain compliant and your archiving setup are aspects to plan for.Feature
Exchange server 2007 advances with unified communications
Exchange 2013 data loss prevention (Exchange 2013 DLP)

Exchange 2013 data loss prevention is a feature in Exchange Server 2013 that allows administrators to manually enforce message content rules within their Exchange 2013 organization.Definition
Email archiving and e-discovery best practices for Microsoft Exchange
Hosted Exchange Server security considerations

Trying to decide which hosted Exchange provider makes sense for your company? Make sure you're satisfied with the answers to these six security questions before signing on the dotted line.Tip
Data Loss Prevention feature in Exchange 2013 improves compliance

Improving compliance was a major goal when building Exchange Server 2013. Read why the new data loss prevention feature is a step in the right direction.Feature
How Exchange Online retention policies aid records management

A move to the cloud eliminates certain administrative chores. One task you must still handle is records management. Read about Exchange Online retention policies and the PowerShell you’ll need here.Tip
Built-in security tools help defend Exchange Server 2010

Exchange 2010 includes more built-in security tools than previous server versions. This tip examines some common vulnerabilities and which native tools protect against them.Tip
Exchange Insider e-zine

Exchange Insider offers a comprehensive look at Exchange Server administration, including setting up and overseeing proper email archiving policies and procedures, migrating to Exchange Server 2007, ensuring Exchange security througout your organization and information on unified communications deployment.Ezine
VIEW MORE ON : Email Compliance

Public or private CA: PKI deployment options for Exchange

Deciding which PKI deployment option to go with for digital certificates can be tough. Weigh the pros and cons of each before moving forward.Tip
Examining your Exchange Server SSL configuration options

Few organizations spend much time weighing their Exchange SSL options. Familiarize yourself with the different choices before making a decision.Tip
Is full email encryption the solution to Exchange security?
Examining AD RMS and Exchange 2010 IRM's cryptographic modes

Does IRM and AD RMS’s relationship confuse you? What about their different cryptographic modes? It’s definitely a perplexing topic; our expert aims to demystify it.Answer
How to secure Exchange Server 2010 post deployment

So you’ve deployed Exchange 2010, but are you confident in its security? If you’re unsure, make certain you’ve checked off these seven items.Tip
Your guide to our Exchange explained series

Unsure about what hosted Exchange is, or what it means to virtualize an Exchange server? Our Exchange explained series dissects those topics and more.guide
All Outlook 2010 Trust Center settings are not created equal

The Outlook 2010 Trust Center offers plenty of security settings to administrators. That doesn’t mean they’re all important though.Tip
Protecting Outlook 2010 with group policy security settings

Your Exchange servers may be secure, but neglecting to protect Outlook 2010 puts your company at risk. Learn some group policy security settings that prevent security disasters.Tip
Are Exchange wildcard certificates worth the risk?

Wildcard certificates offer Exchange shops flexibility and financial savings, but with those benefits come risks. Here are some wildcard certificate pros and cons to consider.Tip
How to add certificates to Exchange Server 2010

Are you trying to import a new certificate into Exchange 2010? Check out these simple steps.Tip
VIEW MORE ON : Email Encryption

How to create Exchange 2013 data loss prevention policies

While data loss prevention policies are a cool new feature in Exchange 2013, you must understand how to build them before you can use them.Tip
Three ways to tighten OWA 2010 security

As more users log onto corporate networks with smartphones and tablets, stout OWA 2010 security is vital. Three techniques limit potential risks.Tip
An overview of the Exchange 2010 ActiveSync Quarantine feature

Underused but important, the Exchange 2010 ActiveSync Quarantine feature helps restrict which devices connect to Exchange. Here's what you need to know.Tip
Hosted Exchange Server security considerations

Trying to decide which hosted Exchange provider makes sense for your company? Make sure you're satisfied with the answers to these six security questions before signing on the dotted line.Tip
What's the best way to set Exchange mailbox size limits?

Get tips and expert advice on the best way to set Exchange mailbox size limits for users.Answer
Custom email filtering with Forefront Protection 2010 for Exchange

ForeFront Protection 2010 for Exchange helps keep spam and viruses at bay. But did you know you can also use its custom email filters to enforce corporate email policies?Tip
RPC over HTTP

RPC over HTTP (Remote Procedure Call over HTTP) is a protocol that allows a client on the Internet to connect securely to a Microsoft Exchange Server without having to log into a virtual private network (VPN) first.Definition
Exchange Server 2010 message security explained

Exchange Server 2010 addresses the emergence of email as a vital yet vulnerable business tool by increasing message security. Find out which features Microsoft has enhanced.Feature
Exchange user doesn't have to enter a password when logging on

If an Exchange user doesn't need to enter a password when logging on, is it a problem? Learn the difference between implicit and explicit logon behavior.Ask the Expert
FSW will remove Exchange and hop on Gmail

If they can do it so can we, says one non-profit that will follow in the footsteps of Los Angeles and boot Exchange for Gmail.Article | 12 Jan 2010
VIEW MORE ON : Email Policy Management

Guide: Tightening Exchange Server security

Exchange Server is susceptible to a range of different security threats. We’ve compiled our top tips to help protect you from these vulnerabilities and risks.guide
Requirements for connecting mobile devices to Exchange 2003

Take a look at the different requirements for mobile devices such as an iPhone or Blackberry to connect to Exchange Server 2003.Ask the Expert
Top 5 Exchange mobile tips of 2008

Why Exchange ActiveSync fails with NAT firewalls, avoiding Exchange 2007 Direct Push failures and how to decide between OWA Light and Exchange ActiveSync were just some of the top mobile tips that caught our readers' eyes in 2008.The Year in Review
Microsoft Exchange Server security dos and don'ts

Microsoft Exchange Server email security threats, such as spam and viruses, are a constant concern. What is the best method for protecting an Exchange Server organization against these email threats? Which antivirus and antispam products offer the most complete protection? Read these Exchange Server security practices to get answers and effectively deal with spam and virus email threats.Checklist
Windows SBS and Exchange Server security configuration best practices

Discover how to maximize Microsoft Exchange Server security on Windows SBS with or without ISA Server as a network firewall security feature.Ask the Expert
Why Exchange ActiveSync fails with NAT firewalls

Discover why Exchange ActiveSync fails when Exchange Server 2003 sits behind a network address translation (NAT) firewall.Tip
Deploying ISA Server as a firewall for Exchange Server mobile devices

Read about deploying ISA Server 2006 as a firewall to secure, authenticate and encrypt ActiveSync synchronization with Exchange 2003 or 2007 mobile devices.Tip
Adjust your firewall to avoid Exchange 2007 Direct Push failures

Read how Direct Push works with Exchange Server 2007 and how to adjust firewall session timeout periods to avoid mobile device connection failures.Tip
OWA stops working from external network connection

When Outlook Web Access users have trouble accessing OWA from an external network connection, follow this troubleshooting advice from our expert.Ask the Expert
Enhance OWA logon security using Microsoft ISA Server

Learn how to enhance Outlook Web Access logon security using Microsoft ISA Server to prevent users from accessing other users' Exchange 2003 mailboxes..Ask the Expert
VIEW MORE ON : ISA Server and Firewalls

Implementing Exchange ActiveSync mailbox policy best practices

Exchange ActiveSync mailbox policy implementation is different for every organization, but that doesn't mean there are no best practices to follow.Tip
How to change an Office 365 password policy using PowerShell

Though not obvious, you must use PowerShell to change an Office 365 password policy. Learn about the required connections steps and cmdlets you will need.Tip
How to change Office 365 user passwords via PowerShell

Sorry if you’re a bit weary of hearing reasons why PowerShell is so important. Here’s one more: you’ll need it for password management in Office 365.Tip
Guide: Tightening Exchange Server security

Exchange Server is susceptible to a range of different security threats. We’ve compiled our top tips to help protect you from these vulnerabilities and risks.guide
Four reasons why Outlook passwords are not being saved

There are several potential reasons why your users’ Outlook passwords for Exchange are not being stored. Our expert examines the top four and their fixes.Answer
Who's reading your email?

With more business being conducted via email and an increasing reliance on messages, concerns about mail server security, accessibility and admin privileges (or excessive privileges) are completely valid. Volume 10 of the Exchange Insider e-zine dissects two types of Exchange 2010 auditing and explains why you should use them.E-Zine
Six commonly overlooked Exchange security vulnerabilities

Think you’re taking the steps needed to fully secure Exchange? Think again.Tip
Exposing SMTP and IMAP’s security vulnerabilities in Exchange Server

Even though SMTP and IMAP have built-in features to protect Exchange’s external mail transmissions, both protocols are still susceptible to security vulnerabilities. See how easily both can be compromised.Tip
Analyzing Exchange Server security risks and vulnerabilities

Knowing which security risks and threats can harm your Exchange Server environment is great, but having a plan in place to combat them is even better.Podcast
Exchange user doesn't have to enter a password when logging on

If an Exchange user doesn't need to enter a password when logging on, is it a problem? Learn the difference between implicit and explicit logon behavior.Ask the Expert
VIEW MORE ON : Password Management

How to create Exchange 2013 data loss prevention policies

While data loss prevention policies are a cool new feature in Exchange 2013, you must understand how to build them before you can use them.Tip
Restoring Exchange 2010 administrative permissions after a migration

One admin lost permissions after an Exchange 2010 upgrade. See why it happened, and get two fixes as we revisit our popular Ask the Expert program.Answer
Eight steps to better securing Exchange Server 2010

Properly protecting Exchange Server 2010 means maintaining top-notch security. Perform the tasks on this checklist regularly to keep your deployment safe and sound.Tip
Guide: Tightening Exchange Server security

Exchange Server is susceptible to a range of different security threats. We’ve compiled our top tips to help protect you from these vulnerabilities and risks.guide
All Outlook 2010 Trust Center settings are not created equal

The Outlook 2010 Trust Center offers plenty of security settings to administrators. That doesn’t mean they’re all important though.Tip
Exchange 2010 role based access control explained

Exchange 2010’s new permissions model, role based access control, is helpful but can be daunting due to the number of roles and groups available. Start with the basics in this tip.Feature
Who's reading your email?

With more business being conducted via email and an increasing reliance on messages, concerns about mail server security, accessibility and admin privileges (or excessive privileges) are completely valid. Volume 10 of the Exchange Insider e-zine dissects two types of Exchange 2010 auditing and explains why you should use them.E-Zine
Role group management commands for Exchange Server 2010

Role group management has changed in Exchange Server 2010. Take a look at which EMS commands you'll need to use to create role groups, add and remove members and more.Tip
Why it pays to know Exchange Server 2007 administrative controls

Step up your knowledge of Exchange Server 2007 administrative roles before diving into Microsoft's new Exchange Server 2010 administrative model and groups.Tip
Exchange users receiving email addressed to legacy users

Find out the best way to prevent email addressed to Exchange legacy users from flooding your inbox.Ask the Expert
VIEW MORE ON : Microsoft Exchange Server Permissions

Eight steps to better securing Exchange Server 2010

Properly protecting Exchange Server 2010 means maintaining top-notch security. Perform the tasks on this checklist regularly to keep your deployment safe and sound.Tip
Guide: Tightening Exchange Server security

Exchange Server is susceptible to a range of different security threats. We’ve compiled our top tips to help protect you from these vulnerabilities and risks.guide
All Outlook 2010 Trust Center settings are not created equal

The Outlook 2010 Trust Center offers plenty of security settings to administrators. That doesn’t mean they’re all important though.Tip
Custom email filtering with Forefront Protection 2010 for Exchange

ForeFront Protection 2010 for Exchange helps keep spam and viruses at bay. But did you know you can also use its custom email filters to enforce corporate email policies?Tip
Protecting Outlook 2010 with group policy security settings

Your Exchange servers may be secure, but neglecting to protect Outlook 2010 puts your company at risk. Learn some group policy security settings that prevent security disasters.Tip
An overview of Forefront Protection 2010 for Exchange Server

Take a deep dive into Forefront Protection 2010 for Exchange Server and see how it helps defend Exchange 2010 from spam and malware attacks in multiple types of environments.Tip
Six commonly overlooked Exchange security vulnerabilities

Think you’re taking the steps needed to fully secure Exchange? Think again.Tip
Information Rights Management protection in Exchange 2010 SP1

Nearly all organizations send and receive sensitive information via email. And although they exist, corporate policies alone won’t protect you. Enter Information Rights Management.Tip
Securing Exchange Server communications via SMTP and IMAP

IMAP and SMTP have built-in security features to protect Exchange Server's external mail transmissions. Do these legacy protocols offer enough protection?Tip
Built-in security tools help defend Exchange Server 2010

Exchange 2010 includes more built-in security tools than previous server versions. This tip examines some common vulnerabilities and which native tools protect against them.Tip
VIEW MORE ON : Phishing and Email Fraud Protection

Guide: Tightening Exchange Server security

Exchange Server is susceptible to a range of different security threats. We’ve compiled our top tips to help protect you from these vulnerabilities and risks.guide
Is NTLM a smart way to authenticate to Exchange Server 2010?

Microsoft discontinued support for NTLM in Exchange 2010 RTM, then reinstated it in Exchange 2010 SP1. But is it a good way to authenticate to Exchange?Answer
Vouch by Reference (VBR)

Vouch By Reference (VBR) is a protocol for adding third-party certification to email. The first part of the protocol requires the sender to add information to their email header by creating a field called VBR-Info.Definition
Lock down direct file access and protect OWA users

Built-in OWA security features may not be enough to secure direct file access. If you can't disable the feature, what's the next best security measure?Tutorial
Obtaining and verifying SSL certificates in Exchange Server

Many security features in Exchange Server rely on SSL. Obtaining trusted certificates can tighten security and boost performance for SSL-based applications, including OWA and Exchange mobile devices.Tip
Top 5 Outlook Web Access (OWA) tips of 2008

Based on your views, here are the top five Microsoft Outlook Web Access (OWA) tips of 2008. Discover how to customize an OWA authentication logon, fix message size limits, repair damaged virtual directories and more with this collection of top tips.The Year in Review
Manage user rights and access to Outlook Web Access (OWA) mailboxes

Configure Exchange System Manager settings to limit Outlook Web Access (OWA) mailbox access on Exchange 2003 so users must enter a username and password.Ask the Expert
Create a secure Microsoft Outlook Web Access (OWA) redirect page

Incorrectly typing the URL for your Microsoft Outlook Web Access (OWA) page will result in an error message. Because users may mistakenly type HTTP instead of HTTPS to access OWA, you can easily create an OWA redirect page that doesn't sacrifice secure sockets layer (SSL) security. This tip explains the steps to create your own secure OWA redirect page so that users can still access an SSL-enabled OWA website, even after typing HTTP.Tip
Why does a security alert pop up when accessing Outlook Web Access?

Find out how to prevent security alerts when users access Outlook Web Access (OWA) from Internet Explorer.Ask the Expert
OWA won't load after applying Exchange 2007 SP1 security patch

Microsoft's security patch, Update Rollup 2 for Exchange Server 2007 SP1, can break the Client Access server. When this occurs, logging into Outlook Web Access (OWA) returns a blank screen. Find out how to fix this OWA issue and also how to avoid future patching problems.Tip
VIEW MORE ON : User Authentication for Outlook and OWA

Exchange admins, is it time to retire your VPN?

VPNs have proven a solid way to safely access Exchange mailboxes remotely, but are they still necessary? That depends on your company's needs.Feature
VPN setup requirements for Microsoft Exchange Server

Before setting up a virtual private network (VPN) to connect remote users to Microsoft Exchange Server, find out what VPN hardware and software is needed.Step-by-Step Guide
Sober strike set for January

VeriSign's iDefense group has spotted what could be a new Sober variant set to strike early next year. While the warning may thwart the attack, it's clear that mass-mailer worms aren't going away quietly.Article | 13 Dec 2005
Forcing Outlook to use local vs. domain credentials

Ask the Expert
How to set up a VPN for Windows XP Professional

Ask the Expert
Step-by-Step Guide: How to set up a VPN

A VPN is extremely useful to an organization with a lot of remote users, but it can be somewhat complicated to set up. This guide will walk you step-by-step through the process.Tip
Step-by-Step Guide: How to set up a VPN

VPN technology is extremely useful in organizations with a lot of remote users, but it can be somewhat complicated to set up. This guide will walk you step-by-step through the process.Article | 20 Mar 2005
Step 6: Create a remote access policy

Step-by-Step Guide: How to set up a VPN, part 6Article | 20 Mar 2005
Step 1: Setup requirements

Step-by-Step Guide: How to set up a VPN, part 1Article | 20 Mar 2005
Step 3: Create an enterprise certificate authority

Step-by-Step Guide: How to set up a VPN, part 3Article | 20 Mar 2005
VIEW MORE ON : Virtual Private Networks (VPNs)

About This Topic

Constant threats from spam, phishing, and viruses and the increase in email compliance and e-discovery requirements mean messaging administrators need to be well-versed on a variety of email security issues. Discover tools, tips and tutorials that will help secure and protect email in a Microsoft Exchange Server environment. You'll learn how to configure policies and encyption, set up a VPN or firewall, manage user passwords and permissions, and more.

Latest Headlines

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Guides

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

The Microsoft Messaging Exchange

Exchange Security

Email Alerts

About This Topic

More from Related TechTarget Sites