Saturday, January 21, 2006

Exchange Connections 2006 - Security for Exchange: Assessment, Auditing, and Hardening session

I am presenting a full-day session at the Exchange Connections 2006 conference in Orlando (April 9 - 12) and again at the Exchange Connections - Europe conference in Nice (April 25 - 28), France. Here is a brief outline of some of the topics that will be covered. I'm hoping that this session will nicely mesh with an eBook I am currently working on for realtimepublishers.com. Hope to see some of my regular readers either in Orlando or Nice.


Security for Exchange: Assessment, Auditing, and Hardening
Protecting your Exchange services, data, and users

Keeping the Exchange data secure, allowing access to Exchange serves both remotely and locally, protecting users from malicious e-mail content, reducing the amount of spam users receive, and keeping the Exchange services available is a significant part of the typical Exchange administrator’s job. In this tutorial, we will cover the following topics:

  • The common (and uncommon) vulnerabilities including many that a typical administrator may not think about until it is too late.
  • Best practices for Exchange administration with security and stability in mind
  • How to implement auditing of Exchange to learn the most about typical activities and to diagnose potential intrusions.
  • The Exchange antivirus API, virus detection methodologies, multi-layer virus detection, and some common approaches to preventing viruses from disrupting a user’s daily routine.
  • Real-world solutions for fighting spam including multiple approaches to content inspection, spam detection, and preventing false positives. Approaches such as white-listing, grey listing, black-listing, sender address verification technologies, Sender Id (SPF), and Domain Keys will be covered.
  • Using a Managed Provider for inbound SMTP message hygiene.
  • Discuss the top antivirus and anti-spam 3rd party and Microsoft solutions on the market and the pros and cons of each.
  • How to most securely provide Exchange services to users outside of your corporate network whether they use the Outlook client, Outlook Web Access, mobile devices, or a POP3/IMAP4 client.
  • Understanding PKI and S/MIME for providing end-to-end protection of e-mail content.
  • Examining Enterprise Rights Management for use with messaging systems.
  • Best practices for Exchange server security and content security

2 Comments:

At 6:25 PM, Blogger Julio Anguita said...

May I ask you a question? I had a problem with a user who didn't forward a message from his inbox mail. May I discover where the mail was send it? On the server Exchange, I didn't have any auditing software. I really like to know where "someone" send it; to what mail.
Also if you know what software I could use for this problems that you can know help me, I would be very glad to know about it. Thank you very much and sorry if is not the place to put this kind of questions. Thanks any way.

 
At 11:22 PM, Blogger Victor Osten said...

Enjoy surfing the internet for hours at a time.
If you’re anything like me then you enjoy surfing the internet for hours at a time. There is so much information available I just seem to get wrapped up in it all. Of course, this means picking up bugs that can literally ruin my computer and cause it to run too slow. To take care of my PC I’ve been searching for a good scan to keep it bug free. I tried many different ones but I like Orbasoft Antispyware the best. With the antispyware solution from Orbasoft (www.orbasoft.com) I get one of the best scans I’ve ever used at a great low price. This is exactly what I’ve been searching for.

 

Post a Comment

<< Home