WDTalk

What to look for in Managed Exchange Services

Is email a mission critical application to your business? Here’s an interesting observation. Seventy-five percent of a company’s intellectual property resides in its email or other messaging application versus seventy-five percent of fortune 500 litigation involves email related discovery. An even larger percentage of companies accept email messages as confirmation of transactions.

How important is email to your company?

Email is a means to an end. Essentially email is not actually a product or service you sell, rather a convenient avenue of communication outside the core competency of your business. Rather you internally host or outsource your email, it’s a very necessary infrastructure expense.

If you were to poll your employees today … this minute – I’m betting over 90% of them would consider email as either important or critical in getting their work accomplished.

Microsoft Exchange Server

Ok, your IT staff has recommended Microsoft Exchange Server versus depending on your ISP for email. I was with one company that had their email shut down for days at a time because their ISP claimed they were sending thousands of emails daily through their servers – in violation of their TOS. They actually weren’t as it was traced to a spam bot, but this took months to resolve. Needless to say, there were a lot of unhappy campers there. So you ask your IT staff – are they certified to manage Exchange Server. Clearly, Exchange has the reputation for being one of the most complex servers Microsoft has ever created. Mismanage it and you risk losing everything when it crashes. Mismanage Citrix and it’ll crash too.

What about the cost?

Of course you’ll have the initial hardware acquisition costs and Exchange licensing fees. Add CALs, anti-virus and anti-spam software, spare parts (PSUs and MOBOs), HR expenses, etc. Typically outsourcing to a managed email service allows you to avoid initial startup as well as ongoing costs. A managed exchange solution is normally significantly more reliable as hosting companies incorporate redundant infrastructure to ensure the highest level of availability. This is normally spelled out in the form of a written SLA, or Service Level Agreement.

Disaster Recovery

Hosting companies are usually better equipped to recover from any number of disasters whereas few companies have the human or hardware resources to quickly restore their data.

Compliance

Is your company subject to federal regulation concerning the security, management and retention of your email? Complying can be expensive, but company executive and IT staff may be subject to criminal penalties, including prison time, for non-compliance. Consider the fiasco Governor Blunt faced in Missouri over email issues.

Does Hostirian offer Managed Exchange Services? Absolutely!

Hostirian has three different plans, based on your requirements – the first being a shared plan and the last two being dedicated plans. They offer PC and Web access, calendaring, contacts, public (shared) folders, a meeting planner, tasks, notes, rich text and HTML messages, offline use, Outlook rules for email management, set up for archive folders, MAPI access and integration with Managed SharePoint workspaces.

Both of their dedicated management servers include a 99.9% SLA, 24×7 Server and Application Monitoring, 24×7 Tech Support, Full backups every day, Free license and download for Outlook 2000, 2002 (XP) and 2003, Remote User VPN Access, Full ActiveSync access, Connect via Outlook MAPI / Outlook Web Access / RPC, HTTP / IMAP / POP3 / SMTP, All software licensing fees for backup, Windows 2003 and MS Exchange 2003

And it’s managed by Exchange experts!

Ok, let’s face it. The Internet is game to all sorts of intruders. I told my wife I found a Trojan Horse on her laptop and her response was, “What’s that?” Clearly, protecting your data from being compromised can be a daunting task. What firewall should you incorporate? Are software or hardware firewalls better? What exactly is packet filtering and why is it important? And how do I analyze my firewall logs? Is this something better left to professionals? 

Your primary consideration is the worth of your data. If you lost it or it was compromised this minute, could you survive as a business entity? 

Let’s say you’ve done due diligence and installed a high end firewall appliance. Is anyone on your staff certified to analyze that firewall’s logs? If not, do you outsource those logs? Are you provided analysis and recommendations? Are security risks shored up? Are you compliant? 

I’m constantly reading threads in forums of compromised data, and OPs pleading for assistance after-the-fact. I was at a physician’s office a while back checking the security of her Wifi network, and while she was protected, at least a dozen other unprotected networks popped up. She had no clue she could compromise their networks as that was never her intention, but certainly it is the intention of (apparently) thousands of unscrupulous hacks on the Internet. 

Fortunately, there are firms that you can turn to that make it their business to protect your business. One of the best is Hostirian.

HostirianSt. Louis Web Hosting, Dedicated Server, Managed Hosting Provider protects your networks, hosted equipment, applications and databases from the ever-present, always-growing threats on the Internet. They have a highly secure solution that works around-the-clock to keep your business information assets safe against intrusions.

Their experienced engineers are knowledgeable regarding what Internet threats are out there and how to guard against them. And they configure, install and monitor advanced firewall hardware and software to protect your hosted equipment, with Single Availability or High Availability options. Or they can construct a Virtual Private Network for a secure link between your network and our hosting center. Whichever alternative you choose, you’re always opting for peace of mind, 24/7.

For any organization that conducts business over the Internet, it’s a vital first-line of defense that:

• protects your information and systems from compromise
• helps ensure secure, ongoing communications between your Web site and customers
• reduces the costs and disruption of intrusion-initiated downtime
• extends your in-house capabilities with Hostirian‘s specialized expertise and state-of-the art technologies

CLI versus GUI interfaces

What are some types of command line interfaces (CLI) for managing firewalls? PIX and Linux IPTables are popular examples. GUI based interfaces are more intuitive to the end user, so are presumably easier to use. They’re both designed to keep the malicious stuff out, while providing an enhanced more secure online experience.

Custom operating versus open source systems

Systems like the Cisco PIX run on a custom operating system where the source code is not available, and is updated via patches or new releases. Then there are open source systems which include Linux, OperBSD and Solaris 10.  Open source systems typically require more effort to maintain and secure your data, but patches to shore up vulnerabilities may get released faster. Closed source systems, properly configured and maintained by the user, eliminate many of the variables inherent in general operating systems, making it easier for the less experienced user to maintain.

Are you up to managing your own firewall with a CLI? (Command Line Interface)

Most firewalls require you to perform an initial configuration – things like your IP address, net mask, default gateway and possibly an administrative password, first in CLI even when using a GUI. CLIs require knowledge of the command set in your firewall appliance. For example, to config Linux’s NetFilter, you’ve have to use the IPTables CLI to set up configurations for Secure Shell (SSH), email and web traffic. What ports do you allow and which do you deny?

GUIs

There are GUIs for Linux’s IPTables firewall software. Some are web based (such as Webmin), and some are applications running on the Linux system itself (such as Firestarter). Firestarter provides a simple, easy-to-use interface for IPTables. Webmin provides a method by which the firewall can be managed through a web browser interface.

One significant benefit of a CLI over a GUI is that the CLI is available through Telnet and SSH sessions as well as connected directly to the serial port. This becomes important when considering how access to the firewall management interface will be controlled.

Management Access

Network devices such as firewalls, switches, routers and intrusion detection sensors should only be accessed  by trusted users who need to administer them. Unauthorized users, whether someone with malicious intent or not, may change the configuration or disable the device and thus compromise the security of your entire network and data.

Additional considerations must be made regarding how the firewall is accessed: Telnet, SSH, SNMP, FTP, TFTP, HTTP/HTTPS, or some proprietary management protocol.

HTTP versus HTTPS

HTTP is an unencrypted protocol that allows hackers to view communication between the client and the server. Although intruders may not necessarily be able to capture the password to your web server, they may be able to capture other information such as configuration information or possibly a valid cookie that would then allow the attacker to impersonate a legitimate user and gain access to the firewall’s administrative interface.

HTTPS uses Secure Sockets Layer (SSL) encryption technology to encrypt communication between the client and the firewall web server. This makes it impossible for an attacker to eavesdrop on a management session or intercept any information that could be used to gain access to your firewall.

Analyzing Logs

Logging is also essential for maintaining and administering a firewall. Logging enables an administrator to see all traffic blocked by the firewall as well as troubleshoot the firewall configuration when a particular function, such as Network Address Translation (NAT), is not working as expected.

No matter how the firewall logs information, it is critical that the logged information be reviewed by an administrator or outsourced professional. You cannot set up a firewall appliance and walk away from it thinking your data will remain secure forever.

Vulnerabilities

A vulnerability is a defect that might result in the potential exploitation of the firewall by an attacker to cause either a denial-of-service (DoS) attack or to gain access to your firewall. Vulnerabilities are routinely caused by a misconfiguration of the firewall itself.

A vulnerability due to a misconfiguration of the firewall can range from allowing access to Remote Procedure Call (RPC) ports on systems behind the firewall to not setting an access password on the device itself.

Due Diligence
Special care must be taken when managing a firewall because it protects your data from the world. In many cases, it represents the only security device on your network.

Disaster Recovery and Business Continuity

I cannot overemphasize the importance of remote backup even with a properly configured and maintained firewall.

Having said that, firewalls are an essential element in the defense and retention of your data. Your data is your business. If you are even remotely at loss how to configure, maintain and analyze your firewall logs, I wholly recommend outsourcing this service.

For more information on managed firewall services, click here.