Exchange 2007 Encryption

Need some general email encryption information/advice.  
We are running Exchange 2007 and have a large (several thousand) customer base .  The decision makers in the company want to investigate exchanging keys as a way to be able to send out encrypted email.  My argument to this is that every customer would have to generate a public/private key pair and send us the public key, which we would then have to keep up with and manage.  I see this as an administrative nightmare and a completely unreasonable expectation to place on our customer base.  Can anyone help with information and advice here?  More evidence for or against?  What I am looking for is concrete information why this would not be a good idea (if my assumptions are correct).  My preference would be to use an  appliance (hardware) that would automatically encrypt outgoing email and manage the process for us.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Why you do  not just use TLS on your Exchange server?
Here is a good article about the topic:

ID based encryption is your second choice: in this method no need for key management as the email itself is the public key:

If you want to implement encryption by hardware you should use IPSEC on your Routers and switches.
rstorm1Author Commented:
I can still use answers about why the key exchange process is not a good idea.

Because our entire customer base (several thousand customers) is not using TLS, which only works, from what I was able to gather, if servers on both ends of the message are running TLS.  Also, it seems to be intended for communicating with a very small number of remote offices or organizations, as most of what I have seen recommends a dedicated connection on each end of the communication.  This is what I found from Clifton Hughes:
"If you require secure SMTP mail communication between two separate Exchange Organizations, you can use Transport Layer Security (TLS) to accomplish this requirement.
Note: Some of these steps are summarized, and will refer to existing documentation where applicable; this document can be used for Exchange 2000, and/or Exchange 2003. Or to configure Exchange 200x, to support TLS for a third party SMTP Server.
In order to secure mail flow using TLS, you will need to add an additional IP address, SMTP Virtual Server, and SMTP Connector, on each of the Bridgehead servers for each of Exchange 200x Organizations, between which you wish to have secured mail flow. This will also require that certificates be installed on these new SMTP Virtual Servers. Ideally you would want to make sure that no other connectors are configured between the other Exchange 200x Organization, to prevent unsecured mail flow between them."

The ID based encryption may work-investigating that now.  

So are you convinced with ID based encryption?
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

rstorm1Author Commented:
My original question asked for reasons as to why or why not to use key exchange as a method of email encryption.  While the ID based encryption is one possible solution, is does not address the reasons that I need for convincing management that a "free" solution is not always the best way to go.  I thank you for the ID based encryption solution, as it seems to be very cost effective, but I really need the other documentation that I asked for originally.
As a final advise I can give is to check the Voltage Security solution for IDBE. I am sorry because I am writing in short, if you want more information you will need the consultancy of an IT security officier :-)
Dave HoweSoftware and Hardware EngineerCommented:
Yes, key management is a nightmare under s/mime - which is the exchange preferred solution.

the more open system - openpgp - relies on a sequence of trust decisions and public facing keyservers that is little easier to set up, isn't natively supported under outlook (although there are plenty of add-ins to do this for you) and again, requires your recipients to generate keys.

An identity based solution is less secure, but usually secure enough and certainly easier to implement. It is less secure because there is always a window of opportunity between an identity recipient receiving the (unencrypted) initial introduction and establishing a further token (usually a password) with the server so that future exchanges can be better determined to be with the same individual.

the cisco CRES (ironport PXE) solution is the variant I am most used to, but there are really only two choices in crypto - either the key is generated by the recipient, or it is generated and held by someone else (for pxe, you and cisco) and your entire security solution is dependent on their password unlocking that key via some website (rather than a securely held local key *they* are responsible for). This is because, for each encrypted email, there *must be* a key, and if that key was not created by the recipient, then it must be sent securely to the recipient by some means - this is why takeup of encrypted email is so poor - key management is painful.


Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rstorm1Author Commented:
Thanks, Dave, I really appreciate the info.  By the way, Ironport is the hardware solution that I am pushing for, due to its reputation and pricing.  Is there any way I could contact you directly for a few minutes and get your opinion of the product?  I don't know of anyone else running it that I can ask.  Don't want to take up much of your time or bug you, so if you don't have time, please just let me know.  Thanks!
Dave HoweSoftware and Hardware EngineerCommented:
its a very good product - but then, given my employer is the biggest reseller for ironport in england, its not too surprising I would think that. :)

I don't consider its encryption one of the strongest points though, as (as I say) it requires an ongoing contract with cisco to host your email, full web access for all recipients (so they can visit the website for decryption) and there are some significant issues with outlook web access 2007 until microsoft release the patch for that - hopefully later this month. My opinion is that there are currently *no* good solutions for email encryption, so while cisco's method isn't the greatest, it is head and shoulders ahead of the alternatives.

feel free to throw me a query by email - dave howe at g mail dot com - but I suspect a phone call from the USA to england wouldn't be cost effective for either of us :)
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.