Advanced Security

Advanced security provides data integrity, proof of origin, and confidentiality. By using digital signatures, a person can "sign" a message so that the recipient can be sure that the message came from the indicated source and wasn't changed during transit. By using data encryption, a user can scramble data to ensure that only the intended recipient of the message can read it.

To enable advanced security features for Secure/Multipurpose Internet Mail Extension (S/MIME)-compatible clients and to use advanced security features of Microsoft Exchange Server, you can install the key management component on servers in your organization. This component is called the Key Management server (KM server). The KM server monitors all advanced security tasks.

It is recommended that you have only one KM server per organization even though you can configure advanced security on more than one server in your organization.

Setting up and maintaining advanced security involves:

• Selecting the server to manage the key management archive database.
• Installing and starting the key management component software and a Microsoft Certificate Server computer.
• Configuring advanced security on user mailboxes and the site.
• Viewing security logs.
• Backing up and maintaining the key management archive database.