CYA: Securing Exchange Server 2003 & Outlook Web Access

CYA: Securing Exchange Server 2003 & Outlook Web Access

by Syngress
4.5 out of 5 stars  See all reviews (4 customer reviews)

Price: $7.99
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
In Stock.
Ships from and sold by
Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Special Offers and Product Promotions

Product Description

Product Description

A highly portable, easily digestible road-map to configuring, maintaining and troubleshooting essential Exchange Server 2003 features. The book is organized around the 11 "MMCs" (Microsoft Management Consoles) that contain the configuration menus for the essential features. The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. Readers will also appreciate the "Reality Check" sidebars throughout, which present valuable cost/benefit analyses of situations where there is no single "right" answer.

* Walks the reader through step-by-step configurations to assure they have been thorough and responsible in their work
* Clearly identifies those features of Exchange Server 2003 that represent the highest risk factors for attacks, performance degradation and service failures
* CYA comes right out and says what most IT Professionals are already thinking --This text refers to the Paperback edition.

About the Author

Henrik Walther is a Senior Microsoft Server Consultant working for an IT outsourcing services company in Copenhagen, Denmark. Henrik has over 10 years of experience in the industry. He specializes in migrating, implementing, and supporting Microsoft Windows Active Directory and Microsoft Exchange environments. Henrik is a Microsoft Exchange MVP (Most Valuable Professional). He runs website and writes Exchange-related articles for both and He also spends time helping his peers in the Exchange community via forums, newsgroups, and mailing lists.

Patrick J. Santry (MCSE, MCSA, MCP+SB, A+, i-NET+, CIW CI) is the Microsoft Practice Lead for Sogeti USA in Cleveland, Ohio. He specializes in developing web solutions, and supporting infrastructure. Patrick has written on several books and magazine articles on Microsoft technologies. In addition, he has been awarded the Microsoft Most Valuable Professional (MVP) Award in the field of ASP/ASP.NET for the past three years and runs a popular website for ASP.NET web developers (

--This text refers to the Paperback edition.

Product Details

Customer Questions & Answers

Customer Reviews

4.5 out of 5 stars
4.5 out of 5 stars
Share your thoughts with other customers
Most Helpful Customer Reviews
13 of 16 people found the following review helpful
4.0 out of 5 stars Empowering Tidbits, Somewhat Incomplete November 30, 2004
This book is stock full of potent tidbits that are darn hard to find anywhere; I know because I was scavenging the net, MS articles, several books, etc. for eons and I couldn't find any adequate material that can help me secure Exchange 2k3. Thus far, thanks to this book, I was able encrypt IMAP, POP, and OWA (Outlook Web Access) traffic. I am still working on the RPC over HTTP bit, but definitely a lot further along in the process thanks to this book.

Though despite my delight with the book, there are some short-comings that I would like to highlight:

IMAP/POP configuration


- no coverage of client configuration

- no mention of secure ports used (non-obvious to us newbies)

- no mention how to get rid of pesky Un-trusted cert message in Outlook

- public folders no longer accessible after turning on SSL/TLS (IMAP only issue as POP cannot access folders in general)

- no mention of SPA for IMAP/POP and Exchange 2k3 setup (maybe not possible)

OWA configuration


- works like a charm, but should mention that port 443 needs to be opened on the firewall if applicable (though this is a no-brainer)

RPC over HTTP configuration


- instructions not completely applicable to Exchange 2k3 SP1 as this portion is now integrated into Exchange UI, rather than IIS

- mention of configuring RPC ports for GC, DS, Store is for "multiserver Exchange environment" according to authors. However, MS's "Exchange Server 2003 RPC over HTTP Deployment Scenarios" has this as a requirement for single server setup.
Read more ›
Comment | 
Was this review helpful to you?
15 of 20 people found the following review helpful
5.0 out of 5 stars A few lines from the author of the book... July 11, 2004
When I wrote CYA: Securing Exchange Server 2003 & Outlook Web Access the idea were to provide you with a relatively short, very concise, very pedagogy book that teaches you how to configure Exchange 2003 with security in mind. Though the book isn't intended to be a complete reference book on Exchange 2003 Security, as well as it won't teach you everything you need to know about this topic, it will provide you with the most important information.
Also note that CYA: Securing Exchange Server 2003 & Outlook Web Access isn't for true Exchange gurus, instead the book focuses on Exchange Admin's who are relatively newbie's when it comes to Exchange 2003 security.
If you want to read an excerpt from the book (chapter 5) or want to see some of the other stuff I've written, I recommend you give a visit (click Author > Henrik Walther).
Comment | 
Was this review helpful to you?
4 of 6 people found the following review helpful
5.0 out of 5 stars Its all there February 17, 2005
Great book. You made it simple to read complex information.

Say what you want, screen shots do make a difference. I would rather see your step by step instructions in conjunction with written directives, then spend the time reading 10 pages trying to understand what you are trying to say. Meat and potatoes book. I love it.It was my one stop book for Exchange Security

Thanks Guys.
Comment | 
Was this review helpful to you?
5 of 8 people found the following review helpful
4.0 out of 5 stars Very precise and informative August 25, 2004
Well-written book which covers the important security aspects of the Exchange 2003 product. The book covers a wide area of security topics and is a "must have" if you're starting to look into Exchange & OWA security in general.

Now that I have a good insight into Exchange 2003 security (and my bag full of neat "reality checks"), I can move on to one of the more hardcore Exchange books :)
Comment | 
Was this review helpful to you?
Search Customer Reviews

Look for Similar Items by Category