Home > Sample chapters

Microsoft Exchange Server 2007 Security Basics

Security Tools Provided by Microsoft

In order to help you deploy and maintain the most secure Exchange infrastructure possible, Microsoft provides a number of tools designed to remove malware, make sure that your environment is properly configured, and help you configure a multitude of security settings.

  • Malicious Software Removal Tool The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. On a regular basis, run the Malicious Software Removal Tool on your Exchange server to make sure your system is free of threats.

  • Microsoft Baseline Security Analyzer The Microsoft Baseline Security Analyzer (MBSA) is a tool that analyzes your existing environment and, in particular, analyzes how you have configured a number of Microsoft products, including Windows 2000 SP3; Windows XP and Windows Server 2003; Office XP, 2003 and 2007; Exchange 2000, 2003 and 2007; SQL Server 2000 SP4; and SQL Server 2005. With this information, Microsoft compares your configuration against a list of best practices and provides you with a report of action items that you can take to improve the security of your environment.

  • Security Configuration Wizard Windows Server 2003 Service Pack 1 includes the Security Configuration Wizard (SCW), a tool designed to reduce the attack surface of your Windows servers. SCW helps administrators to create security policies that are consistent with the practice of least privilege. In this case, that means running the fewest possible services on a server in order to reduce the number of services that can be used to attack the computer.

  • Microsoft Exchange 2007 Anti-Spam Migration Tool The Exchange 2007 Anti-Spam Migration Tool is designed to ease the administrative burden involved in transitioning from Exchange Server 2003 to Exchange Server 2007, particularly for those administrators who have deployed Exchange Server 2003 anti-spam services and want to maintain the service configuration under Exchange Server 2007. This tool converts the Exchange Server 2003 anti-spam service settings into PowerShell commands that can be used to appropriately configure anti-spam service settings in Exchange Server 2007