The document discusses security features in Exchange Server 2007 and options for securing email communications, including: 1. Exchange Server 2007 includes improved built-in antivirus and anti-spam protection, and can be enhanced with Forefront Security for Exchange Server and Internet Security and Acceleration Server 2006. 2. Options for filtering spam and viruses include on-premise protection with Exchange Server 2007 features or hosted email security services. 3. ISA Server 2006 helps provide secure remote access to Exchange features like Outlook Web Access while enhancing security and reducing costs compared to exposing services directly in the DMZ.

1. Understanding Security and Exchange Server 2007 Harold Wong [email_address] blogs.technet.com/haroldwong

15. Anti-spam Feature Comparison by Exchange Release Anti-spam Feature Exchange 2003 RTM Exchange 2003 SP1 Exchange 2003 SP2 Exchange 2007 RTM IP Allow And Deny Lists Yes Yes Yes Yes IP DNS Block Lists Yes Yes Yes Yes Recipient Filtering Yes Yes Yes Yes Sender Filtering Yes Yes Yes Yes Content Filtering (Smartscreen) Yes Yes Yes Content Filter Updates (Smartscreen) Bi-weekly Daily Sender ID Yes Yes IP Safe Lists (aka Bonded Sender) Yes Outlook Postmark Validation Yes Protocol Analysis Data Gathering Yes Protocol Analysis Sender Reputation Yes Open Proxy Validation Yes Dynamic Spam Data Update Service Yes Per User/OU Spam Settings Yes Admin Quarantine Yes Automatic DNS block lists Yes

16. How Spam is Filtered Connection filtering Real Time Block Lists Global accept / deny and exception lists SMTP Filtering Layer Sender and Recipient Filtering Sender ID SMTP Command Tar-pitting Content Filtering Outlook Safe List Aggregation Anti-Spam/Anti-Phishing SCL Per-user/OU Spam preferences International Domain Support Outlook Postmark Validation Quarantine and Spam Reporting Incoming Internet E-mail Outlook Mailbox Inbox Junk E-mail 1 Connection Filtering 3 Content Filtering 2 Sender & Recipient Filtering 1 2 3 1 3 2

19. Security enhancements with Internet Security and Acceleration Server 2006

20. Securing Exchange Server 2007 with ISA Server 2006 External Web Server Intranet Web Server Exchange Active Directory SharePoint Administrator DMZ User Internet ISA 2006 Appliance HEAD QUARTERS Internal Network Integrated Security Improved idle-based time-outs for session mgmt NEW Smartcards & one-time password support NEW Customized logon forms for most devices & apps NEW LDAP authentication for Active Directory NEW Authentication delegation (NTLM, Kerberos) NEW Efficient Management Web publishing load balancing NEW Exchange & SharePoint publishing tools NEW Enhanced certificate administration NEW Fast, Secure Access Single sign-on for multiple resource access NEW Automatic translation of embedded internal links NEW

26. Appendix June 1, 2009

28. Enterprise Topology Enterprise Network Other SMTP Servers Routing Hygiene Routing Policy I N T E R N E T Applications OWA Protocols ActiveSync, POP, IMAP, RPC / HTTP … Programmability Web services, Web parts Mailbox Public Folders Voice Messaging Fax PBX or VoIP Edge Transport Hub Transport Client Access Mailbox Unified Messaging