This information provides an overview about security for the Connector for Microsoft Outlook product. It also provides links to security topics that provide more in-depth information for configuring and administering Connector for Microsoft Outlook security.
For an overview of the features in Connector for Microsoft Outlook, see Introduction to Connector for Microsoft Outlook Software, and Connector for Microsoft Outlook Overview. For information on general security principals, such as security methods, common security threats, and analyzing your security needs, see Designing for Security. For an overview of operating system security, see Oracle Solaris Security for System Administrators. For more information on Connector for Microsoft Outlook high-level architecture, see Understanding Connector for Microsoft Outlook Deployment Process.
This section outlines the planning process for a secure installation and configuration:
This section outlines the planning process for a secure installation and describes recommended deployment topologies for the systems.
To better understand your security needs, ask yourself the following questions:
- Which resources am I protecting?
In a Connector for Microsoft Outlook production environment, consider which of the following resources you want to protect and what level of security you must provide:
- Protocols: HTTP, WMAP, SMTP, WCAP, IMAP, WABP,and LDAP
- Dependent Products: Directory Server, Messaging Server, Convergence Server (Address book Server), and Calendar Server. Be sure to check the security policies governing these dependent products.
- Calendar Server front- and back-end hosts
- Messaging Server front- and back-end hosts
- Dependent resources, such as Directory Server
- From whom am I protecting the resources?
In general, resources must be protected from everyone on the Internet. But should the Connector for Microsoft Outlook deployment be protected from employees on the intranet in your enterprise? Should the system administrators have access to all resources? Should the system administrators be able to access all data? You might consider giving access to highly confidential data or strategic resources to only a few well trusted system administrators. On the other hand, perhaps it would be best to allow no system administrators access to the data or resources.
- What will happen if the protections on strategic resources fail?
In some cases, a fault in your security scheme is easily detected and considered nothing more than an inconvenience. In other cases, a fault might cause great damage to companies or to users who use Connector for Outlook. Understanding the security ramifications of each resource help you protect it properly.
Connector for Microsoft Outlook depends on a Calendar Server and Messaging Server deployment. For more information, see the following information:
- Developing a Messaging Server Architecture
- Developing a Calendar Server Architecture
- Developing a Communications Suite Logical Architecture
The general architectural recommendation is to use the well-known and generally accepted Internet-Firewall-DMZ-Firewall-Intranet architecture. For more information on addressing network infrastructure concerns, see Determining Your Communications Suite Network Infrastructure Needs.
Connector for Microsoft Outlook is not a server by itself, but a client that communicates with the Calendar Server and Messaging Server in the back-end. So there is no deployment involved. However, to understand Connector for Microsoft Outlook Installation better, and Connector for Microsoft Outlook Pre-Installation, see Understanding Connector for Microsoft Outlook Pre-Installation.
As mentioned previously, Connector for Microsoft Outlook does not require installing infrastructure components, as it is a client which interacts with the Calendar Server, Messaging Server, Convergence Server (for Address Book support), and LDAP Server (for Corporate Directory support). For more information about how Connector for Microsoft Outlook communicates with Calendar Server and Messaging Server, see the Calendar Server and Messaging Server documentation. You can refer to the following:
Installing Connector for Microsoft Outlook consists of the following high-level steps:
- Preparing a comprehensive Deployment Plan
- Installing the Deployment Configuration Program
- Configuring end-user packages
- Deploying end user packages
See Administrator's Process Overview and Installing the Desktop Deployment Toolkit for additional information.See Getting Started with Connector for Microsoft Outlook for information about installing Connector for Microsoft Outlook Components.
The Configuration Parameters for Connector for Outlook are configured by entering details in the following tabs:
- User Profiles
- Address Book
- Single User
For information about desktop installation packages for end users, see Configuring End-User Packages. For more information about configuring parameters, see Configuring Connector for Microsoft Outlook.
For information related to post installation configuration for Connector for Microsoft Outlook, see Connector for Microsoft Outlook Administration Guide.
The following are the specific security mechanisms offered by Connector for Microsoft Outlook:
- SSL support for all the protocols, such as IMAPS, HTTPS (WABP and WCAP), SMTP +SSL, and LDAPS
- Option to not store/cache password
- SMIME support (message signing and encryption support)
- Certificate-based authentication
For more information about Certificate-based authentication as part of Connector for Microsoft Outlook Security, see Certificate-based Authentication for Connector for Microsoft Outlook 7.3 Update 1.