Microsoft Exchange Server 2010 builds on earlier versions of Microsoft Exchange to provide a high level of messaging security. This includes integration with Internet Security and Acceleration (ISA) Server 2006 in addition to new features for client access using Microsoft Exchange ActiveSync and Outlook Web App. This topic describes the new security features that are available for Exchange 2010. The following table describes each feature and provides links to more information about each feature.
|
Feature name
|
Description
|
For more information
|
|---|
|
ISA Server 2006 integration
|
Microsoft ISA Server 2006 and Exchange 2010 work closely together in your network to provide a more secure messaging environment.
|
|
|
|
If a user's mobile device is lost, stolen, or otherwise compromised, you can issue a remote device wipe command from the Exchange server or from any Web browser by using Outlook Web App. This command erases all data from the mobile device.
|
|
-
Exchange ActiveSync policies
|
Exchange ActiveSync mailbox policies let you apply a common set of policy or security settings to a user or group of users.Exchange ActiveSync mailbox policies can be created in the Exchange Management Console or the Exchange Management Shell. You can use Exchange ActiveSync mailbox policies to manage many different settings. These include the following settings:
-
Require a password
-
Specify the minimum password length
-
Require a number or special character in the password
-
Designate how long a device can be inactive before the user is required to re-enter a password
-
Wipe a device after a specific number of failed password attempts
|
|
-
WebReady Document Viewing
|
WebReady Document Viewing lets users access file attachments in Outlook Web App. Users can access common file types such as Microsoft Office Word documents without having the application installed.
|
|
-
Access to Windows SharePoint Services document libraries and Windows file shares
|
By using Outlook Web App, you can access remote files that are stored on Windows SharePoint Services and Windows file share (also known as UNC) servers. You can configure how users interact with files on these servers by using the Allow and Block options in the Exchange Management Console. This means you can specify which servers your users can access. You can also specify the behavior for Windows SharePoint Services and Windows file share servers that haven't been specifically allowed or blocked when users try to access them by using Outlook Web App.
|
|
|
|
In addition to file access within Outlook Web App, you can also configure how users interact with files by using the Allow, Block, or Force Save options for direct file access in the Exchange Management Console. This means that you can specify the types of files that users can access. More important, you can directly specify which types of files are prohibited.
|
|
-
Segmentation of features in Outlook Web App
|
Segmentation lets you enable and disable features that are available to users in Outlook Web App. By default, any mail-enabled user in your Exchange 2010 organization can access their mailbox by using Outlook Web App. Depending on the needs of your organization, you can use segmentation to configure the following restrictions for user access:
-
Restrict access to Outlook Web App for specific users.
-
Control access to certain Outlook Web App features for specific users.
-
Disable an Outlook Web App feature completely.
|
|
|
Controlling Web beacons and HTML forms in messages
|
In Outlook Web App, an incoming e-mail message that has any content that can be used as a Web beacon prompts Outlook Web App to display a warning message to the user to inform them the content has been blocked. This occurs regardless of whether the message actually contains a Web beacon. If a user knows a message is legitimate, they can enable the blocked content. If a user doesn't recognize the sender or the message, they can open the message without unblocking the content and then delete the message without triggering beacons. If your organization doesn't want to use this feature, you can disable the blocking option for Outlook Web App.
|
|