Tip

Third-party security products to the rescue

Part 1 of 2 parts

By its very nature, Microsoft Exchange Server is one of the applications that is the most prone to security breaches.

But it isn't so much that there are more security holes in Exchange than there are in other products. Instead, the problem resides in Exchange's basic architecture.

For example, we all know that there are security vulnerabilities in Windows Server and in Internet Information Server. Exchange rides on top of Windows and requires the server to also have IIS installed. As such, any vulnerabilities that exist in Windows or IIS could potentially effect Exchange as well.

The other reason why Exchange is inherently insecure is because of its purpose. Exchange is designed to receive packets from the Internet. Sure, there are a lot of techniques that you can use to shield Exchange from being directly connected to the Internet. Setting up a firewall and a front end/back end configuration goes a long way toward helping Exchange be less prone to attack. Even so, an attacker can still get malicious code into your Exchange server by simply e-mailing it to someone who has an account on the server.

Although Microsoft is making strides to help make Exchange more secure, the fact is that Exchange is not secure by itself.

Fortunately, there are an abundant number of third-party products that can help make your Exchange Server a much less dangerous place.

The third-party software

    Requires Free Membership to View

products cover three basic areas:

 

  • Anti-virus

  • Anti-spam

  • Patch management

This article will look at some products in the anti-spam area. Part 2 tomorrow will look at anti-virus and patch management products.

I've selected these products because I am familiar with them and think they do a good job. This article does not represent an endorsement of these products and doesn't mean that there aren't others out there that also are good selections for you.

Anti-spam

There are about as many anti-spam products on the market as there are anti-virus products, and it's really tough to find a good one. I personally like GFI's Mail Essentials.

Mail Essentials works primarily on the basis of checking the message header and checking for key phrases in the message's subject and body. Since keyword checking has become less effective over the last year or two, GFI has also incorporated Bayesian analysis. Bayesian analysis works by comparing an inbound message against known spam and known legitimate mail. The comparison yields a statistical probability of whether or not the message is considered to be spam.

Any time that you have a program automatically weed out the spam, you alwasy run the risk that legitimate messages will be deleted. One of the things that I especially like about Mail Essentials is the way that it makes use of black lists and white lists. Just about every anti-spam software package lets you black list known spammers or create a white list of the E-mail addresses of friends, family and co-workers. With Mail Essentials, any time that you send an e-mail to someone, the recipient's address is automatically added to the white list. The benefit of this is that the recipient's reply to your message will not be flagged as spam.

Microsoft is currently working on its own anti-spam filter for Exchange Server 2003, called Exchange Intelligent Message Filter. The filter will reportedly compare each in-bound message against almost half a million different criteria to determine whether or not the message is spam or not. It remains to be seen whether or not this product will get the job done, but I have been hearing very good things about it from insiders at Microsoft. You can read more about this upcoming product at http://www.microsoft.com/exchange/techinfo/security/imfoverview.asp

Click here to read part two,/a>, where we'll look at some of the offerings for antivirus and patch management third-party products.

Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies, and numerous other technology companies. You can visit Brien's personal Web sites at http://www.brienposey.com and http://www.relevanttechnologies.com.


This was first published in March 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.