How to Optimize MS Outlook Exchange Traffic Over SSL



Similar documents
Setting Up SSL on IIS6 for MEGA Advisor

MAPI Acceleration. Exinda ExOS Version Exinda, Inc

Aspera Connect User Guide

Hosted Microsoft Exchange Client Setup & Guide Book

Wavecrest Certificate

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Hosted Microsoft Exchange Client Setup & Guide Book

Generating a Certificate Signing Request (CSR) from LoadMaster

Deploying the Barracuda Load Balancer with Microsoft Exchange Server 2010 Version 2.6. Introduction. Table of Contents

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Update Instructions

Chapter 2 Editor s Note:

etoken Enterprise For: SSL SSL with etoken

How To Export Data From Exchange To A Mailbox On A Pc Or Macintosh (For Free) With A Gpl Or Ipa (For A Free) Or Ipo (For Cheap) With An Outlook 2003 Or Outlook 2007 (For An Ub

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Installation Procedure SSL Certificates in IIS 7

MadCap Software. Upgrading Guide. Pulse

Client Configuration Secure Socket Layer. Information Technology Services 2010

Cisco SSL Encryption Utility

Using etoken for Securing s Using Outlook and Outlook Express

Configuring the Outlook 2003 RPC over HTTP Client

Kaseya Server Instal ation User Guide June 6, 2008

Enable SSL for Apollo 2015

Entrust Managed Services PKI. Configuring secure LDAP with Domain Controller digital certificates

Cloud Attached Storage

App Orchestration 2.5

How to Install Microsoft Mobile Information Server 2002 Server ActiveSync. Joey Masterson

Internet Explorer Settings for use with Privia

client configuration guide. Business

How to set up Outlook Anywhere on your home system

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000


GFI Product Manual. Web security, monitoring and Internet access control. Administrator Guide

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Update Instructions

RSA Security Analytics

SILVER PEAK ACCELERATION WITH EMC VSPEX PRIVATE CLOUD WITH RECOVERPOINT FOR VMWARE VSPHERE

RoomWizard Synchronization Software Manual Installation Instructions

Implementing PCoIP Proxy as a Security Server/Access Point Alternative

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

How to Secure a Groove Manager Web Site

Version 1.0 January Xerox Phaser 3635MFP Extensible Interface Platform

BT Office Anywhere Configuring Mobile Outlook Synchronisation with Exchange Server

Account Create for Outlook Express

How To Send Mail From A Macbook Access To A Pc Or Ipad With A Password Protected Address (Monroe Access) On A Pc (For Macbook) Or Ipa (For Ipa) On Pc Or Macbook (For

CA NetQoS Performance Center

Omniquad Exchange Archiving

MailStore Outlook Add-in Deployment

Step-by-step installation guide for monitoring untrusted servers using Operations Manager ( Part 3 of 3)

QUANTIFY INSTALLATION GUIDE

Web Filter. SurfControl Web Filter 5.0 Installation Guide. The World s #1 Web & Filtering Company

e-cert (Server) User Guide For Microsoft IIS 7.0

How do I set up a branch office VPN tunnel with the Management Server?

SSL Intercept Mode. Certificate Installation Guide. Revision Warning and Disclaimer

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

Using Microsoft s CA Server with SonicWALL Devices

Configuring IPsec VPN with a FortiGate and a Cisco ASA

How To Configure SSL VPN in Cyberoam

USING SSL/TLS WITH TERMINAL EMULATION

HOW TO CONFIGURE SQL SERVER REPORTING SERVICES IN ORDER TO DEPLOY REPORTING SERVICES REPORTS FOR DYNAMICS GP

App Orchestration 2.0

Aspera Connect User Guide

Conference Controller Deployment Guide

Using RPC over HTTP with Exchange Server 2003 SP1

Erado Archiving & Setup Instruction Microsoft Exchange 2007 Push Journaling

Basic Exchange Setup Guide

Update Instructions

Set Up Setup with Microsoft Outlook 2007 using POP3

Aspera Connect User Guide

Table of Contents. Chapter 1: Installing Endpoint Application Control. Chapter 2: Getting Support. Index

Setup Guide. network support pc repairs web design graphic design Internet services spam filtering hosting sales programming

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

SSL Insight Certificate Installation Guide

Clearswift Information Governance

Creating a User Profile for Outlook 2013

SSL Decryption Certificates

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2007

DataCove PST Import Tool

Configuring your client to connect to your Exchange mailbox

2X ApplicationServer & LoadBalancer Manual

DESKTOP CLIENT CONFIGURATION GUIDE BUSINESS

NSi Mobile Installation Guide. Version 6.2

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v9.x with Microsoft IIS 7.0 and 7.5

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2010

TechNote. Contents. Overview. Using a Windows Enterprise Root CA with DPI-SSL. Network Security

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Connecting to Delta College Exchange services off-campus

NETWRIX EVENT LOG MANAGER

Installing your certificate on your Windows PC

F-Secure Messaging Security Gateway. Deployment Guide

Configuring Windows 2000/XP IPsec for Site-to-Site VPN

DEPLOYMENT GUIDE. Deploying F5 for High Availability and Scalability of Microsoft Dynamics 4.0

HTTP Server Setup for McAfee Endpoint Encryption (Formerly SafeBoot) Table of Contents

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

Network Configuration Settings

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Transcription:

How to Optimize MS Outlook Exchange Traffic Over SSL All Silver Peak appliances are equipped with patented Network Memory TM technology for WAN deduplication. Network Memory inspects all inbound and outbound WAN traffic in real-time, while storing a single local instance of data on each appliance. Repetitive information is delivered locally rather than sent across the WAN, improving application performance, WAN utilization, and security. Network Memory TM technology also provides deduplication for Secure Socket Layer (SSL) encrypted WAN traffic, including Microsoft s Outlook Anywhere or RPC over HTTPS. With SSL encrypted traffic, Silver Peak decrypts, optimizes, and then re-encrypts the traffic before it moves onto the WAN. When traffic reaches the other side of the network, the process repeats with the decryption, decoding, and then re-encryption for delivery. This bidirectional optimization ensures that the network is encrypted end-to-end, from Outlook clients to the Exchange server and back. Two activities are necessary to configure SSL optimization: You must enable Microsoft s Outlook Anywhere (RPC over HTTPS) in Outlook, and You must provision an SSL server (host) certificate across the Silver Peak appliances Both are described herein. To get started, you ll need to export your SSL certificate(s) from Exchange. Clear instructions are available at the following links: Microsoft Support -- HOW TO: Export, Install, and Configure Certificates to Internet Security and Acceleration Server Digicert -- PFX Export/Import Explained May 2013 Page 1 of 8

Enabling Outlook Anywhere (RPC over HTTPS) in Outlook To take advantage of this SSL optimization, the Outlook client must be configured to use Microsoft s Outlook Anywhere technology. You can enable this feature in one of two ways: individually configure the Outlook settings on each client, or configure the feature in a Group Policy Each has its advantages and disadvantages. METHOD #1: Enable Outlook Anywhere on Individual Clients The first method is optimal when Silver Peak appliances are not ubiquitous and when only certain Outlook clients will benefit from Network Memory TM technology. To enable Outlook Anywhere: 1 From the Outlook Client, access Tools > Account Settings. 2 Select the Exchange account and click Change. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 2 of 8

3 Select More Settings. 4 Navigate to the Connection tab and select Connect to Microsoft Exchange using HTTP. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 3 of 8

5 In the Security tab, make sure that the encryption option is unchecked. Although this precludes MAPI encryption, the data is still encrypted with SSL. With the provisioned SSL host certificate, Silver Peak is able to decrypt, optimize, and re-encrypt the traffic, enabling it to leverage its Network Memory TM technology for deduplication. METHOD #2: Enable Outlook Anywhere via Active Directory Group Policy The previous solution works well for a single user or a handful of users, but in some cases it would be best to make this configuration via a Group Policy. However, these settings are missing from the default administrative ADM template. The following information will help you: This issue is discussed in Microsoft s Knowledge Base Article # 961112,where it describes how to obtain an ADM with these settings. To configure this via group policy, you must be using Microsoft Office 2007 Service Pack 1 with Hotfixes 941275 and 950282 or later (Note: Service Pack 2 should include both Hotfixes.). Download Microsoft s custom Article-961112.adm package now. Now, you ll use the Group Policy Object Editor to add the Article-961112.adm file: 1 Right-click Administrative Templates, and click Add/Remove Templates. 2 In the Add/Remove Templates dialog box, click Add. 3 In the Policy Templates dialog box, locate and select the Article-961112.adm file. 4 Click Open. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 4 of 8

5 In the Add/Remove Templates dialog box, click Close. This shows the downloaded file s final location. This ADM file allows you to edit various settings related to Outlook Anywhere. This includes check boxes for Connect to Microsoft Exchange using HTTP, as well as Connect using SSL only. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 5 of 8

Enabling HTTPS Optimization for Outlook in Silver Peak To enable Network Memory TM technology for SSL encrypted applications like Outlook Anywhere you can use the Silver Peak GMS (Global Management System) to provision server certificates across an entire distributed network of Silver Peak appliances, or just a group of appliances. Additionally, you can use the GMS to drill down into individual appliances for specific configuration, monitoring, and management of SSL certificates. Note The same certificate and key that are shared by the server (or the HTTPS service) needs to be installed on all peer appliances. To install a host certificate Before installing the certificates, you must bidirectionally enable IPSec on the tunnels (for deduplication) and TCP acceleration must be selected. After selecting the relevant appliances, or group: If you need to change the tunnel mode, go to the Configuration menu and select Tunnel > Manage Originating and Terminating. When the Tunnel Report appears, select Action > Modify. As a rule, TCP acceleration is enabled by default. To verify that TCP acceleration is enabled on the affected appliances, click the group and select Configuration > Manual Policy Management > Optimization. The Optimization Map Report appears. There, you can verify and modify the configuration. 1 In the GMS, simply select the target group or individual appliances you wish to configure, and then select Add Host Certificate. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 6 of 8

The configuration dialog box launches. Silver Peak supports X509 Privacy Enhanced Mail (PEM), Personal Information Exchange (PEX), and RSA 1024-bit and 2048-bit certificate formats: For PEM certificates, browse to select the Outlook Anywhere certificate and key files. Browse to select the certificate and key files. If the PEM key file has an encrypted key, enter the pass phrase needed to decrypt it. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 7 of 8

For certificates that are in the PFX format, click PFX Certificate File and complete the password fields accordingly. Browse to select the certificate and key files. Enter the password needed to import the PFX file If the key file has an encrypted key, enter the pass phrase needed to decrypt it. 2 Finally, click Start to begin the installation. The results of the operation appears in the Job Status area. All keys and certificates are transmitted securely and stored in an encrypted vault on the appliance. May 2013 How to Optimize MS Outlook Exchange Traffic Over SSL Page 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information