Running Exchange Server 2003 Clusters in a Security-Hardened Infrastructure


Topic Last Modified: 2006-07-06

This topic provides conceptual information about the configurations required to run Microsoft® Exchange Server 2003 on a Microsoft Windows Server™ 2003 cluster in a secured environment. The supplemental topic How to Configure and Run Exchange Server 2003 Clusters in a Security-Hardened Environment provides procedural information related to the concepts presented in this topic. It is important that you familiarize yourself with the conceptual information before performing the procedures.

The purpose of this topic is to explain how to run Exchange 2003 clusters in an environment that has already been hardened. Therefore, before following the recommendations in this topic, be sure that you have first read the following documents:

  • Windows Server 2003 Security Guide   This guide provides you with the best information available to assess and counter security risks specific to Windows Server 2003.

  • Exchange Server 2003 Security Hardening Guide   This guide is a companion to the Windows Server 2003 Security Guide. It provides essential information about how to harden your Exchange 2003 environment. Because many of the procedures in the Exchange 2003 guide are directly related to the recommendations introduced in the Windows Server 2003 guide, it is recommended that you first read the Windows Server 2003 Security Guide.

   The recommendations and template settings in this topic were verified using the Windows Server 2003 "Enterprise Client" GPO templates. If you plan to run an Exchange cluster in an environment where the Windows Server 2003 "High Security" GPO templates are deployed, additional testing and configurations may be necessary to provide full functionality. As noted in the , the High Security templates are very restrictive, and as a result, many applications may not function correctly. For this reason, performance may be impacted, and server management will be more challenging.