Applying Microsoft Security Guidance II

Target Audience
This hands-on lab allows students to apply information and guidance that can help in implementing and managing security in a network based on Microsoft Windows and that includes Microsoft Exchange Server, Microsoft Internet Security and Acceleration (ISA) Server 2004 or Microsoft Identity Integration Server 2003.

Pre-Requisites
Before attending this course, students must have the following pre-requisites:Hands-on experience with Windows NT 4.0, Windows 2000, or Windows Server 2003.Experience with Active Directory and Group Policy.

Purpose
After completing this course, students will be able to implement secure access to Internet resources; implement secure Internet client access to internal servers; implement secure VPN access to an internal network; monitor ISA Server 2004; analyze an Exchange server using the Microsoft Baseline Security Analyzer (MBSA) and Exchange Best Practices Analyzer; configure Exchange Server to secure SMTP messages using Secure Sockets Layer/Transport Layer Security (SSL/TLS); configure Exchange Server 2003 using Real Time Block List; implement Exchange Intelligent Message Filter; implement certificate authentication on an OWA Web site; configure ISA Server to secure client connections to Exchange Server; configure ISA Server to secure SMTP messages; encrypt communication between network clients by using IPSec; configure MIIS 2003; implement identity changes and deprovisioning by using MIIS; manage passwords by using MIIS.

Course outline

1. Securing the Perimeter Using ISA Server 2004
2. Exchange Server Security
3. Securing Exchange Server Using ISA Server 2004 and IPSec
4. Identity and Access Management

Module 1:Securing the Perimeter Using ISA Server 2004

• In this lab, you will implement secure access to Internet resources, implement secure Internet client access to an organization's internal servers, implement secure virtual private network (VPN) access to an organization's internal network, and monitor Microsoft Internet Security and Acceleration (ISA) Server 2004.

• Implementing Internet Access with ISA Server 2004.
  
• Implementing Web Publishing with ISA Server 2004.
  
• Implementing VPN Client Access on ISA Server 2004.
  
• Monitoring ISA Server 2004.
  

Module 2:Exchange Server Security

• In this lab, you will use the tools and obtain the skills needed to analyze a Microsoft Exchange Server 2003 infrastructure and to configure it to be as secure as possible. This lab also shows how to increase the security of e-mail that flows through an organization's Exchange servers and to other Simple Mail Transfer Protocol (SMTP) servers. Also, this lab shows how to configure Exchange Server 2003 to reduce the amount of unwanted e-mail.

• Analyzing and Configuring Exchange Server Security.
  
• Securing SMTP Messages with SSL/TLS.
  
• Implementing Real-Time Block List Support.
  
• Implementing Exchange Server Intelligent Message Filter.
  

Module 3:Securing Exchange Server Using ISA Server 2004 and IPSec

• In this lab, you will implement certificate authentication on an Outlook Web Access (OWA) Web site, configure ISA Server to secure client connections to Exchange Server, configure ISA Server to secure SMTP messages, and encrypt communication between network clients by using Internet Protocol Security (IPSec).

• Implementing Certificate Authentication for OWA.
  
• Configuring ISA Server to Secure Client Access to Exchange Server.
  
• Implementing SMTP Message Security.
  
• Implementing IPSec to Secure Network Traffic.
  

Module 4:Identity and Access Management

• In this lab, you will configure Microsoft Identity Integration Server (MIIS) to provide identity management, implement identity integration by using MIIS, implement user account provisioning and deprovisioning with MIIS, understand how changes are propagated throughout the MIIS structure, and, if time permits, manage passwords by using MIIS.

• Configuring MIIS to Provide Identity Integration and Provisioning.
  
• Implementing Identity Integration Using MIIS.
  
• Enabling Provisioning with MIIS.
  
• Implementing Identity Changes and Deprovisioning Using MIIS.
  
• Managing Passwords Using MIIS 2003.