Advanced security provides data integrity, proof of origin, and confidentiality. By using digital signatures, a person can "sign" a message so that the recipient can be sure that the message came from the indicated source and wasn't changed during transit. By using data encryption, a user can scramble data to ensure that only the intended recipient of the message can read it.
To enable advanced security features for Secure/Multipurpose Internet Mail Extension (S/MIME)-compatible clients and to use advanced security features of Microsoft Exchange Server, you can install the key management component on servers in your organization. This component is called the Key Management server (KM server). The KM server monitors all advanced security tasks.
It is recommended that you have only one KM server per organization even though you can configure advanced security on more than one server in your organization.
Setting up and maintaining advanced security involves: