Tip

Boost Outlook Web Access' security

Outlook Web Access is a great convenience, but since it allows access to your Exchange server through the Internet, it automatically increases the danger of security perils to that server.

While the Internet is notoriously unsafe, there are ways you can protect Exchange. One way is setting up Secure Socket Layer (SSL) encryption for your Exchange server so that when your users access it, their information will be encrypted and not subject to reading by the casual eavesdropper.

That's a good thing. Almost all the traffic on the Internet is in the clear, which means that it's sent so that anyone who intercepts it can read it. If you encrypt it using SSL, then anyone who wants to read it must have the appropriate encryption and decryption keys, or else they won't get intelligible information. They can crack the coding, but it's a long and laborious process, and unless your eavesdropper is really determined, he won't bother. So how do you go about setting this up?

First, you have to install a server certificate, which is basically a digital document that identifies your server to users as the server that you say it is. You can also get a certificate from a third party, such as

    Requires Free Membership to View

VeriSign.

Once the certificate is installed, you should require that users employ SSL to access the Exchange server. This is a recommended setting, and you set it through the Computer Management snap-in tool on your Exchange server. The other option, which will be in effect unless you change it, is to allow SSL access to the server. Make sure that user names, passwords and messages cannot be read in the clear, so the only sensible choice at this point is to require SSL use to access the server, and not leave the security of your Exchange server up to your users.

Microsoft has a five-minute security advisor on this subject that contains detailed step-by-step instructions for making sure that users must employ SSL for access. The advisor also offers instructions for automatically redirecting users from the non-secure Exchange site to the secure site that they must access using SSL.


David Gabel has been testing and writing about computers for more than 25 years.

Do you have a useful Exchange tip to share? Submit it to our monthly tip contest and you could win a prize and a spot in our Hall of Fame.

This was first published in June 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.