Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server. This module explains how Microsoft Exchange Server is a critical network service that is virtually always accessible from the Internet and how ISA Server 2004 can be used to provide security for Exchange Server and for securing client connections to Exchange. | Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server Overview Issues in E-Mail Security Configuring ISA Server to Secure SMTP Traffic Configuring ISA Server to Secure Web Client Connections Configuring ISA Server to Secure Client Connections Lesson: Issues in E-Mail Security E-Mail Security Threats Overview E-Mail Access Using Web Clients E-Mail Access Using Outlook Clients E-Mail Access Using POP3, IMAP4, and NNTP Clients SMTP Protocol-Level Exploits Unwanted and Malicious E-Mail How ISA Server 2004 Secures Exchange Server E-Mail Security Threats Overview Ensuring the security of e-mail includes: Ensuring that all e-mail client connections to the e-mail server are secure Protecting the e-mail servers from SMTP exploits Preventing unwanted or malicious e-mails from entering the organization’s network E-Mail Access Using Web Clients Outlook Mobile Access XHTML, cHTML, HTML ActiveSync Enabled Mobile Devices ISA Server Outlook Web Access Exchange Front-End Server Exchange Back-End Servers Wireless Network Outlook RPC Connections Outlook RPC over HTTP Connections E-Mail Access Using Outlook Clients Port 135 and dynamic ports Port 80 or 443 Exchange Back-End Servers Exchange Front-End Server ISA Server POP3 Connections IMAP4 Connections E-Mail Access Using POP3, IMAP4, and NNTP Clients Port 110 or 995 Port 25 Port 143 or 993 Port 25 Exchange Back-End Servers Exchange Front-End Server ISA Server SMTP Protocol-Level Exploits SMTP servers can be vulnerable to: Buffer overflow attacks when SMTP commands are sent with more than expected data, causing memory buffer overflows Mail relay attacks when an SMTP server is used to forward unwanted e-mail to Internet recipients SMTP command attacks where SMTP commands are used to compromise the server or gain information about the server or recipients on the server Unwanted and Malicious E-Mail Unwanted e-mail is unsolicited commercial e-mail that: Consumes server and network resources Reduces user productivity and . | Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server Overview Issues in E-Mail Security Configuring ISA Server to Secure SMTP Traffic Configuring ISA Server to Secure Web Client Connections Configuring ISA Server to Secure Client Connections Lesson: Issues in E-Mail Security E-Mail Security Threats Overview E-Mail Access Using Web Clients E-Mail Access Using Outlook Clients E-Mail Access Using POP3, IMAP4, and NNTP Clients SMTP Protocol-Level Exploits Unwanted and Malicious E-Mail How ISA Server 2004 Secures Exchange Server E-Mail Security Threats Overview Ensuring the security of e-mail includes: Ensuring that all e-mail client connections to the e-mail server are secure Protecting the e-mail servers from SMTP exploits Preventing unwanted or malicious e-mails from entering the organization’s network E-Mail Access Using Web Clients Outlook Mobile Access XHTML, cHTML, HTML ActiveSync Enabled Mobile Devices ISA Server Outlook Web Access Exchange Front-End Server Exchange