Well, not the uber expensive RSA tokens, but similar. -- ME2
On Mon, Mar 16, 2009 at 5:21 PM, Micheal Espinola Jr <michealespin...@gmail.com> wrote: > +1 > > -- > ME2 > > > > On Mon, Mar 16, 2009 at 4:17 PM, Cameron Cooper <ccoo...@aurico.com> wrote: >> Our users, those that have access to OWA, use RSA SecurID tokens. Works >> well, cause then all the user needs to do is enter in their username and >> then a PIN + the six numbers that show up on the token. >> >> >> >> _____________________________ >> >> Cameron Cooper >> >> IT Director - CompTIA A+ Certified >> >> Aurico Reports, Ine >> >> Phone: 847-890-4021 Fax: 847-255-1896 >> >> ccoo...@aurico.com >> >> >> >> From: Don Andrews [mailto:don.andr...@safeway.com] >> Sent: Monday, March 16, 2009 3:04 PM >> >> To: MS-Exchange Admin Issues >> Subject: RE: question on Delivery Restrictions >> >> >> >> If you’re worried about that, you might consider some additional security on >> your OWA access (2 factor authentication or whatever) >> >> >> >> ________________________________ >> >> From: Thomas Gonzalez [mailto:tgonza...@girlscouts-swtx.org] >> Sent: Monday, March 16, 2009 12:56 PM >> >> To: MS-Exchange Admin Issues >> Subject: RE: question on Delivery Restrictions >> >> >> >> Ok, I just set the user initiated sync to disable. Let me try that and see >> what the logs state for this user. >> >> >> >> All I’m trying to do is protect our environment, because from what I have >> seen in the CISCO side, is plain text, (at least that’s what I see) when the >> RIM connects. >> >> >> >> I’ve been explaining or trying to justify that if we allow the devices to >> connect, then we need the BES so we can have access to them for wipe / >> delete. I’m by no means a BES expert and like most of you all, I’m a one man >> shop. I never knew staff was using their personal RIMs to gain access to the >> email server. This was by stumble and I just want to ensure we (GS) are safe >> and sound. I don’t want to appear on the news with girl info stolen. :0 >> >> >> >> From: Sherry Abercrombie [mailto:saber...@gmail.com] >> Sent: Monday, March 16, 2009 2:49 PM >> To: MS-Exchange Admin Issues >> Subject: Re: question on Delivery Restrictions >> >> >> >> You can disable Outlook Mobile Access and User Initiated Synchronization, >> and still leave OWA enabled on the AD account properties. >> >> On Mon, Mar 16, 2009 at 2:44 PM, Thomas Gonzalez >> <tgonza...@girlscouts-swtx.org> wrote: >> >> You are correct Michael, however, on a staff of 60 we only have 4 members >> who are accessing the mail server using BIS. Since I have been monitoring >> the W3SVC logs, the ips appear to be static. >> >> I'm going to test with one of the staff that has their personal RIM >> connecting to get the email. If I see good information generated in the >> logs, then I'll add the other ips as well. >> >> >> Thanks, >> >> Thomas >> >> -----Original Message----- >> From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] >> Sent: Monday, March 16, 2009 2:40 PM >> To: MS-Exchange Admin Issues >> >> Subject: Re: question on Delivery Restrictions >> >> Blocking the correct range of IPs will block them, like it would anyone >> else. >> >> What do you hope to secure that isnt wide-open via OWA or anything >> else that can utilize OWA connectivity, etc? You're gonna have a lot >> of IPs to block. >> >> A LOT. >> >> -- >> ME2 >> >> >> >> On Mon, Mar 16, 2009 at 3:28 PM, Thomas Gonzalez >> <tgonza...@girlscouts-swtx.org> wrote: >>> *****Bump***** >>> >>> >>> >>> From: Thomas Gonzalez >>> Sent: Monday, March 16, 2009 11:50 AM >>> To: MS-Exchange Admin Issues >>> Subject: question on Delivery Restrictions >>> >>> >>> >>> Our environment is as follows: Windows 2003 sp1 with Exchange 2003 >>> 6.5.7638.1 with Ninja as our line of defense. >>> >>> >>> >>> So I am trying to prevent our RIM BIS users from connecting up to our >>> server >>> via OWA, which I see is the source to allow them to retrieve their email. >>> My >>> question is this: if I set under the ESM à Global Settings à Message >>> Delivery (Properties) à Connection Filtering à Global Accept and Deny >>> List >>> Configuration à Deny and put the RIM IP, will that stop that device from >>> connecting? >>> >>> >>> >>> We really do not have a said wireless PDA policy in place, but we are >>> discussing this issue as being a security hole since the device is not >>> maintained for wipe / delete through OMA. My thoughts are to be proactive >>> and try to prevent these users from accessing their email through their >>> personal RIM product till we put the wireless PDA policy in the employee >>> handbook. >>> >>> >>> >>> (I know I can disable OWA through the AD Plugin and remove the access but >>> these users still need OWA.) >>> >>> >>> >>> >>> >>> TIA, >>> >>> >>> >>> Thomas Gonzalez >>> >>> Technology Manager >>> >>> Girl Scouts of Southwest Texas >>> >>> 210.349.2404 phone >>> 210.403.1586 DID >>> >>> 210.349.2666 fax >>> >>> www.girlscouts-swtx.org >>> >>> tgonza...@girlscouts-swtx.org >>> >>> >>> >>> >>> >>> This email and any attached files are confidential and intended solely for >>> the intended recipient(s). If you are not the named recipient you should >>> not >>> read, distribute, copy or alter this email. Any views or opinions >>> expressed >>> in this email are those of the author and do not represent those of the >>> Girl >>> Scouts of Southwest Texas. Warning: Although precautions have been taken >>> to >>> make sure no viruses are present in this email, Girl Scouts of Southwest >>> Texas cannot accept responsibility for any loss or damage that arise from >>> the use of this email or attachments. >>> >>> >>> >>> >>> >>> This email and any attached files are confidential and intended solely for >>> the intended recipient(s). If you are not the named recipient you should >>> not >>> read, distribute, copy or alter this email. Any views or opinions >>> expressed >>> in this email are those of the author and do not represent those of the >>> Girl >>> Scouts of Southwest Texas. Warning: Although precautions have been taken >>> to >>> make sure no viruses are present in this email, Girl Scouts of Southwest >>> Texas cannot accept responsibility for any loss or damage that arise from >>> the use of this email or attachments. >>> >>> >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> This email and any attached files are confidential and intended solely for >> the intended recipient(s). If you are not the named recipient you should not >> read, distribute, copy or alter this email. Any views or opinions expressed >> in this email are those of the author and do not represent those of the Girl >> Scouts of Southwest Texas company. Warning: Although precautions have been >> taken to make sure no viruses are present in this email, the company cannot >> accept responsibility for any loss or damage that arise from the use of this >> email or attachments. >> >> ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ >> ~ http://www.sunbeltsoftware.com/Ninja ~ >> >> >> -- >> Sherry Abercrombie >> >> "Any sufficiently advanced technology is indistinguishable from magic." >> Arthur C. Clarke >> >> >> >> This email and any attached files are confidential and intended solely for >> the intended recipient(s). If you are not the named recipient you should not >> read, distribute, copy or alter this email. Any views or opinions expressed >> in this email are those of the author and do not represent those of the Girl >> Scouts of Southwest Texas. Warning: Although precautions have been taken to >> make sure no viruses are present in this email, Girl Scouts of Southwest >> Texas cannot accept responsibility for any loss or damage that arise from >> the use of this email or attachments. >> >> >> >> >> >> >> >> >> >> > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~