Thursday, February 16, 2006

Exchange Connections 2006 - Florida and France

Currently, I am working on a full-day session for the Exchange Connections conferences in Orlando (April 13) and in France (Nice) on April 24. The session is called Security for Exchange: Assessment, Auditing, and Hardening

As I have started adding content to this session, I realized that I'm pretty much putting together an outline of how I do a Exchange Server Security Audit for which I normally charge a minimum of $4,000 (well, THAT includes a final report, too). There should still be spaces available for both the session in Nice and in Orlando. Topics include:

  • Best practices for Exchange administration with security and stability in mind
  • How to implement auditing of Exchange to learn the most about typical activities and to diagnose potential intrusions.
  • The Exchange antivirus API, virus detection methodologies, multi-layer virus detection, and some common approaches to preventing viruses from disrupting a user’s daily routine.
  • Real-world solutions for fighting spam including multiple approaches to content inspection, spam detection, and preventing false positives. Approaches such as white-listing, grey listing, black-listing, sender address verification technologies, Sender Id (SPF), and Domain Keys will be covered.
  • Using a Managed Provider for inbound SMTP message hygiene.
  • Discuss the top antivirus and anti-spam 3rd party and Microsoft solutions on the market and the pros and cons of each.
  • How to most securely provide Exchange services to users outside of your corporate network whether they use the Outlook client, Outlook Web Access, mobile devices, or a POP3/IMAP4 client.
  • Understanding PKI and S/MIME for providing end-to-end protection of e-mail content.
  • Examining Enterprise Rights Management for use with messaging systems.
  • Best practices for Exchange server security and message hygiene

I am working on a series of checklists that will make this process easy to go back to your own servers and confirm that you are following best practices.


At 8:45 AM, Blogger Ravendog said...

Not a follower of blogs, but found you blog very very good, I've been working with messaging for over 10 years, ccmail, lotus,exhange before outlook, with DMS and PKI security. I now have your blog saved to my favorites and hope to continue to track your thoughts and reviews.

At 11:21 PM, Blogger Victor Osten said...

Rid of those pesky bugs you pick when surfing the net.
One of the first things that I learned when I got my new computer was that if you own a PC then you better have a good antispyware scanner to help get rid of those pesky bugs you pick when surfing the net. Otherwise, your computer won’t keep running like new for very long. It will begin to slow down and eventually get so sluggish you won’t even be able to use it. I tried a variety of different scans before I ran across Orbasoft Antispyware at So far I have been very happy with the antispyware solution from Orbasoft and very glad that I gave it a try.


Post a Comment

<< Home