tailieunhanh - cya securing exchange server 2003 and outlook web access phần 7

AD / tên miền của bạn, và lợi thế của bạn, một trong các tùy chọn để vô hiệu hóa truy cập HTTP cho họ. Khi bạn vô hiệu hóa truy cập HTTP cho người sử dụng, người dùng không còn có thể truy cập OWA. Bạn có thể tải ADModify trực tiếp từ trang web Microsoft Exchange Hỗ trợ sản phẩm dịch vụ FTP từ URL sau đây: | 186 Chapter 8 Exchange Protocol Client Encryption Warning Before you enable this setting you should be sure that any servers communicating with this one support TLS. If they don t they won t be able to negotiate and therefore can t deliver any e-mail messages to this server. So be very careful with this setting. 1. Click the Communications button. 2. We get the screen shown in Figure . Enable both Require secure channel and Require 128-bit encryption then click OK. Figure Enabling TLS r Notes from the Underground. Performance Load When Enabling TLS SSL Enabling TLS SSL on an SMTP Virtual Server can increase performance load on the server so depending on how overloaded your Exchange 2003 server is you might want to reconsider enabling this feature. Do you want a slow Exchange server with tight security or a less secure Exchange server that performs well The decision is yours. Exchange Protocol Client Encryption Chapter 8 187 Enabling TLS SSL for Outbound Mail If you want all outbound SMTP mail encrypted you can set that option under the Delivery tab of the SMTP Virtual Server. So with the Properties of your Default SMTP Virtual Server still open do the following Warning Enabling the TLS encryption under Outbound Security means that the SMTP Virtual Server only will or can communicate with other SMTP servers supporting TLS. Therefore remember to do thorough testing before enabling this setting. 1. Click the Delivery tab then click the Outbound Security button see Figure . Figure The SMTP Virtual Server Delivery Tab 2. On the Outbound Security screen see Figure simply put a check mark next to TLS encryption then click OK. 188 Chapter 8 Exchange Protocol Client Encryption Figure Enabling TLS Encryption on the Outbound Security Page Enabling TLS SSL for One or More Domains The last option is to use TLS SSL encryption only for SMTP communication with one or more other SMTP domains which might be a better idea than enabling it on an SMTP .