MS Exchange Design

Contact us to discover the best way to enable S/MIME Support, Digital Signatures, and Email Encryption in your Exchange environment. Microsoft Exchange consumes PKI derived certificates (don’t be tempted to leave the self-signed certificates in place) for the: Hub Transport Server, the Client Access Server, the Edge Transport Server, the Mailbox Server and Unified Messaging.

Direct Access Design

DirectAccess requires a Public Key Infrastructure (PKI) to provide X.509 certificates for security. DirectAccess requires a range of certificates, including server and client certificates, IPsec certificates. Certificates for Microsoft Forefront Unified Access Gateway (UAG) etc.

The design also has requirements for Autoenrolment and manual enrolment. There are additional requirements for internal and external CRL publication points. Further consideration should be given to use suit B cryptographic algorithms etc.

BitLocker and EFS Design

We are fully aware of the problems that can arise when either Microsoft Bitlocker or Microsoft Encrypting File System (EFS) is deployed in the enterprise in an ad hoc manner.It is essential to have a strategic plan for data recovery and key management before rolling out these encryption technologies.

Microsoft Services

Primarily our approach to the Microsoft Distributed Enterprise is through solid security underpinning usually based on sound regulatory compliance that fits the business that we are consulting for.

Compliant PKI infrastructure is one thing, but we are equally at home designing, deploying and commissioning the full range of Microsoft Enterprise Products; this means that we can offer an extended service that is not just confined to PKI.