Foi recentemente disponibilizado pela Microsoft o whitepaper Using IPsec to Secure Access to Exchange.
Brief Description
This white paper will walk you through setting up IPsec for access to Exchange 2010 and configuring Forefront TMG and Forefront UAG to work with IPsec.
Overview
By allowing remote access to Microsoft Exchange to users who are based outside the safety of the corporate network, an organization enables its employees to take full advantage of the technology their company provides. When considering remote access, an organization must also consider how to secure their corporate information. There are several different ways to secure access to corporate information, including VPNs, Direct Access, and IPsec. When enabling and requiring IPsec on the endpoint that’s used to publish Exchange to the Internet, only machines with the right credentials can establish a connection.
Microsoft offers two software-based options for publishing Exchange to the Internet: Microsoft Forefront Threat Management Gateway 2010 and Microsoft Forefront Unified Access Gateway 2010. Both options offer publishing wizards and security features to provide secure access to Exchange when it is accessed from outside the safety of the corporate network and both work well with an IPsec based security solution. This white paper will walk you through setting up IPsec and configuring Forefront TMG and Forefront UAG to work with IPsec.