Contents What's New The Exchange 2010 Security Development Lifecycle Getting Secure—Best Practices Staying Secure—Best Practices Network Port Usage and Firewall Hardening Throttling Parameters and Client Throttling Policies Role-Based Access Control Active Directory Exchange Server Accounts File System Services Certificates NTLM Considerations Dual-Factor Authentication Federation Secure/Multipurpose Internet Mail Extensions (S/MIME) Server Role Considerations Appendix 1: Additional Security-Related Documentation In early 2002, Microsoft introduced the Trustworthy Computing initiative.
The most reliable way to receive Microsoft Update is to have the updates delivered automatically to your computer by using Windows Automatic Updates.
You can turn on Automatic Updates when you sign up for Microsoft Update.
A security review was performed for each feature and component.
Carefully chosen default settings ensure a more secure deployment.
For more information about Microsoft security releases, processes, communications and tools, see the Microsoft Security Update Guide.
As mentioned in an earlier section, running Microsoft Update is a best practice.Exchange 2010 also uses the Microsoft Update infrastructure to keep the anti-spam filters up-to-date.By default, with manual updates, the administrator must visit Microsoft Update to download and install the content filter updates.The content filter update data is updated and available every two weeks.Manual updates from Microsoft Update include the Microsoft IP Reputation Service or spam signature data.For more information, see Microsoft Windows Server Update Services 3.0.