RE: Exchange 2K3 and Server 2K3 versus SUN One Pros/Cons and Security Pros/Cons

["Michael Dunn" <MDunn () sscincorporated com>]

Todd,

A recent security bulletin came out regarding the latest version of exchange and OWA (web mail).  As I recall, kerebos 
authentication as implemented by Microsoft does not work with non-windows clients.  Their implementation of kerebos has 
been, er..., extended.

Since you have a requirement for non-windows clients to be able to access e-mail via web browser, I'd look closely into 
the implications of disabling kerebos authentication.

Regards,

-Mike

-----Original Message-----
From: tawilson () speakeasy net [mailto:tawilson () speakeasy net]
Sent: Wednesday, November 26, 2003 9:54 AM
To: security-basics () securityfocus com
Subject: Exchange 2K3 and Server 2K3 versus SUN One Pros/Cons and
Security Pros/Cons


Hello everyone,

Our IS group is a current SUN Iplanet shop. We have Win2K3 AD running and the majority of the server infrastructure is 
running on Win2K.

We are looking to upgrade our Email infrastructure. Our current SUN Iplanet implementation is about 3 years old. At the 
time of deployment it was perfect for our environment. We needed to deploy web mail and at that time there was/is no 
question that MS Exchange was not mature enough in the web client. 

Our environment still has a HIGH demand for a web based client due to our customer base.

We are now talking with SUN about upgrading the infrastructure and moving to their new Email infrastructure. We are 
also looking to determ if Microsoft has come of age and does it now fit in to our environment better then the SUN 
solution.

SUN and Microsoft are preparing presentations as well as presenting SOWs for our review and interactive discussion. I 
am interested in security issues or design issues with either platform. We have users that need to access our email 
infrastructure from around the world. Our clients use UNIX (all flavors), MACs, Win2K/XP and some older MS OSs as well.

So let me have it hit me with the good the bad and the ugly about E2K3 and Win2K3 as well as any SUN items you can come 
up with. Security is my primary focus but I will addressing questions from all aspects to presentation teams.

I have not had a chance to see the new outlook client and the new "secure" way it connects to E2K3 so if anyone has 
input to this I would really love to hear that.

Thanks in advance for any inputs I look forward to reading them.


-Todd




---------------------------------------------------------------------------
----------------------------------------------------------------------------