Since OWA is a Web-based application, it makes sense to use SSL, which is also
referred to as Transport Layer Security (TLS), which came out with Windows 2003
Server to provide the confi dentiality and security required.
Confi guring & Implementing??¦
SSL/TLS
So what exactly is SSL/TLS? The Secure Sockets Layer (SSL) protocol v.3 and
Transport Layer Security (TLS) protocol, v.2 are the same protocols with a new
name. The protocol is based on public key cryptography. SSL/TLS is used to
authenticate servers and clients and then encrypt messages between the
Continued
340 Chapter 9 ??? Using Outlook Web Access through the Intelligent Application Gateway
Securing Your OWA Connection
?– OWA sessions aren??™t encrypted by default, and the communication between the
Exchange server and the end-user browser is in clear text. Adding SSL to your
OWA sessions ensures end-to-end encryption for the duration of the session.
?– Use the SSL/TLS support that is built into most current Web-browsers. If
the user has access to a Web browser and an Internet connection they can
connect securely.
?– Establish an SSL connection between the OWA client and the ISA server fi rewall.
?– Establish an SSL connection between the ISA server fi rewall and the OWA server.
Publishing Outlook Web Access
in the Internet Application Gateway
One day you are minding your own business at your desk and your IT director
approaches you and asks you to clarify why the company should consider using the
IAG and why should they choose it over ISA 2006?
authenticated parties.
Pages:
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343