If SSL is used in conjunction with other security products such as the IAG, this reduces
the risks by introducing policies that are related to certain rules that are created by
the corporate security practices.
NOTE
Windows NT Challenge/Response (NTLM) is the authentication protocol
utilizing the integrated single sign-on mechanism, also known as the
Integrated Windows Authentication.
338 Chapter 9 ??? Using Outlook Web Access through the Intelligent Application Gateway
With the Integrated Windows Authentication, the user name and password
(credentials) are hashed before being sent across the network. When you enable
Integrated Windows Authentication, the client browser proves its knowledge of the
password through a cryptographic exchange with your Web server, involving hashing.
However, all of the information transmitted over HTTP is sent in the clear, and
OWA is no exception.
The problem is that most information contained within an organization??™s e-mail
system is sensitive and confi dential and should be encrypted. The username and password
are just the tip of the iceberg.
Users simply do not understand that e-mail is a fundamentally insecure communication
method. In my experience as a System Engineer, I have witnessed users sending sensitive
information such as their credit card information and social security numbers over e-mail,
and then argue with System Administrators when they tried to inform them that e-mail was
not secure method for transmitting such information.
Pages:
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340