Malware Protection Feature in Exchange 2013

Exchange 2013 brings you a new feature Malware Protection which can help in protecting our spams emails, Malware is comprised of viruses and spyware which inspects each and every mail in our exchange server.

There are several anti-malware protection options in Exchange 2013:

Build In Anti Malware Protection for Exchange 2013

We can use the Exchange malware protection feature in order to help you combat malware this basic anti-malware protection can be turned off, replaced, or paired with a cloud-based service (such as Microsoft Exchange Online Protection
or Microsoft Forefront Online Protection for Exchange) to provide a layered defense.

Cloud Based Anti Malware Protection

Microsoft Forefront Online Protection for Exchange (FOPE) which is hosted Filtering service which is used for cloud based solution ( Exchange Online Protection) EOP.

Third Party Solutions

We can also disable the build in malware protection and install a third party anti malware for our Exchange Server

During our Exchange 2013 Setup it will prompt you to enable the Malware feature,

10

Lets start with Our Current Anti-Malware Protection Feature which is in our On-Premises

Login to the EAC Console

Navigate to Protection Settings

32

33

Malware Detection Response

When Malware is detect with any attachment you can chose the following settings to delete messages or delete attachments or to allow custom text from for the email.

Notifications

Its also allow you to send a notification to both internal and External Senders for undelivered Messages

You can create a dedicated Mailbox to monitor the Emails which is undelivered.

Now we need to check the regular update if we have enable the Malware Protections

  • We cannot perform this task from Exchange Administration Console
  • We need to use Exchange Management Shell to update the latest engine of malware protection
  • To download updates, we must be able to access the Internet and be able to establish a connection on TCP port 80 (HTTP).

To download engine and definition updates, run the following command

Open the EMS go to scripts folder

Update-MalwareFilteringServer.ps1 -Identity  <FQDN of server>

34

Now how do we know that its got update with the latest Update or not

Open the Event Viewer Under the Application Logs

Filter the current logs and Select FIPS ( Filter Engine Update Process)

You will see an event ID 6033

MS Filtering Engine Update process performed a successful scan engine update.

Scan Engine: Microsoft

Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate

Engine Version: 1.1.8601.0

Signature Version: 1.131.2169.0

Default Limit size on Exchange 2013 Mailbox Database

Exchange 2013 mailbox database is stored in .EDB file. Exchange 2013 also have same limit for each mailbox capacity which is 2 GB

You can check  Mailbox database properties for limit

From the EAC Console Navigate to Server

Select the Database TAB  –> Select the Database –> Click the pen symbol to check the Properties

  •  General
  • Maintenance
  • Limits
  • Client Settings

Under the limit you can see the following default settings for Mailbox database settings

5

  • Issue warning at (GB)                             1.9 GB
  • Prohibit send at (GB)                              2 GB
  • Prohibit send and receive at (GB)        2.3 GB
  • Keep deleted items for (days)               14 days
  • Keep deleted mailboxes for (days)       30 days
  • Don’t permanently delete items until the database has been backed up

The last option which means

We ned to Select this check box to prevent mailboxes and email messages from being deleted until after the mailbox database has been backed up.

Outlook Anywhere for Exchange 2013

Outlook anywhere previous known as RPC over https was disable by default in Previous versions of Exchange.

By default its enable in Exchange 2013 Server , because all outlook connectivity  takes place over outlook anywhere. Post installation we just need to add the SSL Certificate on client access Server.

3

 

We can Manage the Outlook Anywhere by using EAC & EMS

Outlook Connectivity test by using Tools like

  • Exchange Remote Connectivity Analyzer.
  • Test-outlookConnectivity Cmds.
  • Validate DNS entries both Local and External
  • Client Connectivty by logging in User Mailbox

Deploying Exchange 2013 on windows 2012 Server

Exchange  2013 comes up with some good features and also have reduced some of the roles like Hub-transport, Edge Server , better integration with  SharePoint & Lync, E-discovery and many more let check out the deployment process.

To deploy exchange 2013 you must have a supported operating system (such as Windows Server 2008 R2 with Service Pack 1 (SP1) or Windows Server 2012), have enough disk space, be a member of an Active Directory domain.

In this blog im going to install exchange 2013 using setup wizard , we can also install by using unattended installation  mode

Prerequisites for windows 2012 server

If we have mailbox server role on a separate server

  • Open Windows PowerShell.
  • Run the following command to install the required Windows components.

Install-WindowsFeature AS-HTTP-Activation, Desktop-Experience, NET-Framework-45-Features, RPC-over-HTTP-proxy, RSAT-Clustering, RSAT-Clustering-CmdInterface, Web-Mgmt-Console, WAS-Process-Model, Web-Asp-Net45, Web-Basic-Auth, Web-Client-Auth, Web-Digest-Auth, Web-Dir-Browsing, Web-Dyn-Compression, Web-Http-Errors, Web-Http-Logging, Web-Http-Redirect, Web-Http-Tracing, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Lgcy-Mgmt-Console, Web-Metabase, Web-Mgmt-Console, Web-Mgmt-Service, Web-Net-Ext45, Web-Request-Monitor, Web-Server, Web-Stat-Compression, Web-Static-Content, Web-Windows-Auth, Web-WMI, Windows-Identity-Foundation

We need to install the following Pre-requisites in windows 2012

  • Microsoft Unified Communication Managed API 4.0 Core Runtime 64bit
  • Microsoft Office filter pack
  • Microsoft Office filter pack Service Pack 1

Setup Wizard starts for Exchange 2013.

2

3

5

7

9

10

Malware Protection settings

Exchange Server 2013 anti-malware protection feature which helps combat malware in our email messaging environment

Click Yes to enable malware scanning.

11

I need to install unified communication managed api and filter pack with sp1

153

17

Lets start the Setup as we have completed with all the Pre-requisites

 

19

Now we are done we the setup we need to verify our deployment

Post deployment tasks

  • During the deployment we need to check the Application logs, system logs from event viewer need to make sure we are not getting any warnings or errors.
  • Exchange server create setup logs during the setup process you can find on C:\ExchangeSetupLogs\ExchangeSetup.log
  • Setup log file capture each and every task which is performed during the deployment process

21

22

 

Also verify the services are up and running

Its recommend to restart the Server

Now you can see new console to manage Exchange 2013 Exchange Admin Center

Type the following url to access the Admin center https://servername/Ecp

24

 

 

We will check more about Exchange 2013 features in my next blog thanks for viewing it !!!!!! 🙂