Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Does Exch 2010 ssl cert encrypt messages sent via internet as well as inhouse?

Status
Not open for further replies.
techseek

techseek

MIS
Nov 5, 2010
97
US
A prospective consultant told me it only encrypts the "connection" and that I need a third party like PGP to enccrypt the actual data sent
???
 
Sort by date Sort by votes
Correct. Exchange will encrypt the session. If you need to also encrypt the data itself, you'll need a third party solution. This will require public and private keys on both sides of the conversation.

Do you have your Tek-Tips.com Swag? I've got mine!

Stop by the new Tek-Tips group at LinkedIn.
 
Upvote 0 Downvote
Thank you sniper
I am having a problem understanding what "encrypted connection" means.
or, rather, what protection that offers. What do HTTPS: sites offer on top of the encrypted connection for protection of the sensitive data?
Am I understanding correctly though, that in the LAN (domain), the client server comm is encrypted (so that interoffice email content is encrypted) out of the box?

Thank you very much for helping me understand this
 
Upvote 0 Downvote
>What do HTTPS: sites offer on top of the encrypted connection for protection of the sensitive data?

Not a lot, actually. They try to guarantee that the site you think you are connected to is indeed the site you are connected to. Of course that doesn't in itself gaurantee that it is a secure site.
 
Upvote 0 Downvote
In contrast, message encryption ensures that the message cannot be read until it reaches the destination server. It could not be looked at in the queue on a Barracuda somewhere, for example.

TLS/SSL only encrypts the conversation between your server and the server it first communicates with when sending out your message. That's not always the destination server, although it sometimes is.

Dave Shackelford
ThirdTier.net
TrainSignal.com
 
Upvote 0 Downvote
Communication between Outlook and Exchange Server is encrypted by default. You can deselect this, but I don't know why anyone would.

TLS will encrypt the data between the two internet end points (i.e. SMTP gateway, such as an Edge Transport server. Even products such as Zix do not encrypt the message all the way to the mailbox. I would be surprised if a company would allow the use of an encryption product that could prevent management from being able to read an employee's email. Using TLS or a third-party product such as a Zix gateway should provide adequate message security. Zix is used by a number of US Government agencies.


When all else fails, read the book!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

T
  • Locked
  • Question
How to use third party mail security gateway to scan internal/inter-domain mails in Exchange On-Premise?
Replies
3
Views
1K
DrB0b
DrB0b
PatrickRoggers
  • Locked
  • Helpful tip
Safest Way to Import PST file into Exchange Online
Replies
0
Views
1K
PatrickRoggers
PatrickRoggers
stanlyn
  • Locked
  • Question
How to do Certificates on MultiDomain Exchange with Least Cost
Replies
1
Views
1K
Wesaf
Wesaf
ComputersUnlimited
  • Locked
  • Question
Migrating to Exchange 2019
Replies
0
Views
1K
ComputersUnlimited
ComputersUnlimited
Brent Fletcher
  • Locked
  • Question
Exchange rule to remove "✉" icon when it appears in a subject title from a supplier
Replies
0
Views
1K
Brent Fletcher
Brent Fletcher

Part and Inventory Search

Sponsor

Back
Top