<div>
We currently run OWA using SSL and many of the phones use OWA to fetch calendar and mail.
</div>


We currently run OWA using SSL and many of the phones use OWA to fetch calendar and mail.

<div>
Exchange 2010 SP1 does support the FIPS Algorithms.<br />
<br />
You can confirm it here: <a href="http://www.networksteve.com/?p=2841" rel="ugc">http://www.networksteve.com/?p=2841</a>
</div>


Exchange 2010 SP1 does support the FIPS Algorithms.

You can confirm it here: http://www.networksteve.com/?p=2841 [http://www.networksteve.com/?p=2841]

<div>
This wil be useful and I understand exchange is using rdp for comms and even outlook anywhere which encapsulate it by http which is secured with ssl/tls. As for ssh, I have reservagion as it does not seems to fall within the supported list stated in the link.<br />
&nbsp;<a href="http://technet.microsoft.com/en-us/library/cc750357.aspx" rel="ugc">http://technet.microsoft.com/en-us/library/cc750357.aspx</a>
</div>


This wil be useful and I understand exchange is using rdp for comms and even outlook anywhere which encapsulate it by http which is secured with ssl/tls. As for ssh, I have reservagion as it does not seems to fall within the supported list stated in the link.
 http://technet.microsoft.com/en-us/library/cc750357.aspx [http://technet.microsoft.com/en-us/library/cc750357.aspx]

<div>
Any data on configuring it? We have Exchange Sp1 running, with SSL 1024, but I know this is not the same. Am I going to need specific hardware before anything is configured? Having a difficult time finding resources on configuring Exchange to meets FIPS requirements as well as OWA and all phones that use it.
</div>


Any data on configuring it? We have Exchange Sp1 running, with SSL 1024, but I know this is not the same. Am I going to need specific hardware before anything is configured? Having a difficult time finding resources on configuring Exchange to meets FIPS requirements as well as OWA and all phones that use it.

<div>
The link I posted has a couple of links, did you have a look at them?<br />

</div>


The link I posted has a couple of links, did you have a look at them?


<div>
<div class="content wysiwyg-content">
We have a new client that will nto begin trasnmission of data until we can assure them we meet FIPS compliance for email and FTP.<br />
<br />
We run exchange 2010 on server 2008 R2. Our FTP server is running SSH ( will this count for FIPS)?
</div>
</div>


We have a new client that will nto begin trasnmission of data until we can assure them we meet FIPS compliance for email and FTP.

We run exchange 2010 on server 2008 R2. Our FTP server is running SSH ( will this count for FIPS)?

How do I enable FIPS on Exchange 2010 running on Server 2008 R2

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.

Exchange

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.