Understanding Security for Outlook Anywhere
Applies to: Exchange Server 2007 SP3, Exchange Server 2007 SP2, Exchange Server 2007 SP1, Exchange Server 2007
Topic Last Modified: 2007-04-06
This topic describes the Outlook Anywhere security options for your Microsoft Exchange Server 2007 deployment. Outlook Anywhere lets users access Microsoft Exchange from the Internet. Because traffic on the Internet is vulnerable to interception and attack, we recommend that you consider a security strategy that involves as many security options as possible.
Using an advanced firewall server such as Microsoft Internet Security and Acceleration (ISA) Server 2006 improves security for your Outlook Anywhere deployment. ISA Server 2006 provides a setup wizard that lets you configure ISA Server 2006 for Exchange 2007 by using Outlook Anywhere. For more information, see Understanding ISA Server 2006 with Exchange Server 2007.
When you use Outlook Anywhere to access Microsoft Exchange information from the Internet, you must install a valid Secure Sockets Layer (SSL) certificate issued by a certification authority (CA) that is trusted by the client computer's operating system. For more information about how to use SSL certificates for client access, see Understanding SSL for Client Access. For more information about how to use SSL with Outlook Anywhere, see Configuring SSL for Outlook Anywhere.
When you use the Enable Outlook Anywhere Wizard to configure your Client Access server to provide Outlook Anywhere access, you must select an authentication method to use. We recommend that you use NTLM authentication for your Outlook Anywhere deployment. NTLM authentication for Outlook Anywhere is supported by ISA Server 2006. For more information, see Configuring Authentication for Outlook Anywhere.