Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Chapter 11 Outline

advertisement 
Chapter 11, Internet-Based Client Access
|1|
Chapter Overview
Support for Internet Protocols
Configuring Virtual Protocol Servers
Chapter 11, Lesson 1
|2|
Support for Internet Protocols
|3|
1.
Simple Mail Transfer Protocol (Port 25)
A.
B.
C.
|4|
2.
Post Office Protocol Version 3 (Port 110)
A.
B.
C.
|5|
|6|
3.
B.
4.
POP3 commands and responses are described in RFC 1939.
The three POP3 session states are referred to as Authorization,
Transaction, and Update.
The POP3 server is for reading mail, and the SMTP server is for
sending mail. They don’t necessarily need to be the same server.
Internet Mail Access Protocol Version 4 (Port 143)
A.
|7|
Sending messages using SMTP
SMTP Service Extensions (ESMTP)
1.
Defines a set of commands that are supported during an SMTP session
(which are described in RFC 821)
2.
Extends the commands to include support for setting message size limits
on incoming messages and for delivery/read requests on sent messages,
(which are described in RFC 1869)
Name resolution
1.
Active Directory performs name resolution between Microsoft Exchange
2000 servers in the same organization.
2.
The Domain Name System (DNS) is used for name resolution when
using the Internet through the use of mail exchanger (MX) records.
a.
MX records are DNS entries that define the mail servers within an
organization.
b.
Multiple MX records can exist within an organization, providing
round-robin load balancing and fault tolerance.
The four IMAP4 session states are referred to as Non-Authenticated,
Authenticated, Selected, and Logout.
Commands and responses are described in a series of RFCs, most
importantly RFC 2060.
Network News Transfer Protocol (Port 119)
A.
B.
C.
Newsgroups are public folders that contain discussion threads and are
replicated throughout the USENET.
Newsreaders are client software used to read the posts within a
newsgroup. Outlook Express is a good example of a newsreader.
A newsfeed is a connection to your ISP or USENET that is a request for
a copy of a particular public folder or newsgroup.
1.
2.
3.
|8|
5.
Hypertext Transfer Protocol (Port 80)
A.
B.
|9|
|10|
6.
Push feeds are initiated by the ISP with update intervals set by the ISP.
By default, the ISP will include as many newsgroups as it chooses.
Pull feeds are initiated by the local host with update intervals set by the
local host. Pull feeds allow you to select the newsgroups that will be
included in the feed.
In both types of feeds, the data is stored in the public store on the
Exchange server.
Types of Uniform Resource Identifiers (URIs)
1.
A Uniform Resource Locator (URL) identifies a resource through its
location, or path, on the network.
2.
A Uniform Resource Name (URN) identifies a resource by its globally
unique distinguished name.
Microsoft Exchange 2000 Web Storage System
1.
Web Distributed Authoring and Versioning (WebDAV) allows users to
access documents stored on the Exchange server by providing the URL
for the document in their Web browser.
2.
Exchange Installable File System (ExIFS) allows users to access their
mailbox and public folders using most applications just as they would
access any other shared network drive.
Lightweight Directory Access Protocol (Port 389)
A.
B.
|11|
LDAP features
1.
Basic Encoding Rules (BER) is used at the transport (Transmission
Control Protocol, or TCP) layer to provide security for directory
lookups.
2.
LDAP supports the X.500 distinguished name model, making LDAP a
perfect match with Exchange 2000 Server.
3.
Exchange 2000 Server offers support for LDAP, version 3.
LDAP and Microsoft Windows 2000 Active Directory Directory Service
1.
The default LDAP port, TCP port 389, will search Active Directory
domain controllers, thereby returning search results from the home
domain only.
2.
The port used to search the Global Catalog is TCP port 3268 and returns
results from the entire forest.
Chapter 11, Lesson 2
Configuring Virtual Protocol Servers
|12|
1.
Protocol Virtual Server Configurations
A.
B.
C.
D.
2
A default virtual server exists for each protocol.
Additional virtual servers can be created when you have different
security requirements or message format requirements for your users.
A unique IP address and port number combination must exist for each
protocol virtual server.
Metabase and Active Directory directory service
Outline, Chapter 11
Microsoft Exchange 2000 Server Implementation and Administration
1.
2.
3.
|13|
2.
Authentication Methods
A.
B.
C.
D.
3.
B.
C.
|15|
4.
Anonymous Access is supported for public folders through HTTP and
NNTP.
1.
Enable anonymous access at the protocol using Exchange System
Manager.
2.
Make sure there is an anonymous account listed. The default is
IUSR_<SERVERNAME>.
3.
You must define what the permissions are for anonymous users on each
folder.
Basic Authentication allows your users to access Exchange 2000
resources over the Internet with not-so-secure password encoding. This
is turned on by default, but, if possible, it should be turned off.
Digest Authentication is typically turned on through a Group Policy
when you support Instant Messaging users who access their home
server using an HTTP proxy.
Integrated Windows Authentication offers support for NTLM or, if the
client is using Windows 2000 with a supported Web browser, Kerberos
authentication.
Setting Security Options
A.
|14|
Internet Information Services (IIS) stores configuration information in
the metabase.
Exchange 2000 Server stores configuration information in Active
Directory.
Because the metabase update service overwrites Active Directory
changes into the metabase, be sure to configure your Internet protocols
from within Exchange System Manager when possible. Some
configuration changes can be made only in IIS.
Secure Sockets Layer (SSL) resides just above the transport layer.
1.
Uses X.509 certificates obtained from either a local or an online
certificate authority (CA) to establish a secure communication channel
2.
Allows for basic authentication to occur over an encrypted channel
You can install a security certificate on the server by using the Access
tab on the POP3, IMAP4, SMTP, and NNTP virtual servers.
Enforcing a secure communication
1.
You can map a certificate to a particular NNTP user on the
Authentication button of the Access tab for the virtual server properties.
2.
You can map a certificate to a particular HTTP user on the Web site’s
Directory Security tab in Internet Services Manager.
Configuring NNTP Virtual Servers
A.
Newsgroups
1.
Hierarchies are created using Exchange System Manager either in the
Default NNTP Virtual Server container or in the Folders container in
Internet Newsgroups under Public Folders. They can be accessed using
Outlook or any newsreader, such as Internet Express.
Outline, Chapter 11
Microsoft Exchange 2000 Server Implementation and Administration
3
2.
B.
C.
D.
E.
|16|
Set message size limits on the Settings tab of the default NNTP virtual
server.
3.
Configure the properties for the public folder in the Public Folder Store.
4.
Configure newsgroup public folders in Outlook once you give yourself
the Owner role in the properties for the public folder in the Public Folder
Store.
5.
Setting up moderated newsgroups allows you to monitor the posts to the
newsgroup. Only the specified moderators have permission to write to
the newsgroup.
a.
Configure the newsgroup in Exchange System Manager.
b.
Configure the public folder in Outlook.
Newsfeeds
1.
Creating newsfeeds
a.
Peer is the typical setting for USENET.
b.
Master is the setting for a server that accepts changes, assigns an ID
to them, and then replicates to the slave servers.
c.
Slave is the setting to choose if you want users to connect to this
server but you don’t want new articles to be sent here.
2.
Manage your newsfeedsthrough the property pages of the newsfeed.
3.
Control inbound newsgroups by deselecting Enable Feed on the General
tab.
Age limits
1.
Use Newsgroup Expiration Policies in the NNTP virtual server.
2.
Set at the Information Store. Age limits set at the Information Store
override Expiration Policies.
By creating virtual directories, you can store news content across
multiple directories.
Users can be disconnected using the Current Sessions container in the
virtual server.
Chapter Summary
Support for Internet Protocols
Configuring Virtual Protocol Servers
4
Outline, Chapter 11
Microsoft Exchange 2000 Server Implementation and Administration
Related documents
Network Services
Network Services
Chapter 2 - Mercer University
Chapter 2 - Mercer University
reading
reading
SharedFolderX`s Server User Manual
SharedFolderX`s Server User Manual
HW4
HW4
Faculty Directory Information Form
Faculty Directory Information Form
Membership Enrollment Form
Membership Enrollment Form
File-Directory
File-Directory
Network News Transfer Protocol (NNTP)
Network News Transfer Protocol (NNTP)
The dynamics of mass interaction
The dynamics of mass interaction
KSAF-TUUCNNTPT-10
KSAF-TUUCNNTPT-10
Download
advertisement