Evaluated Product - Details

Return to the EPL index

Microsoft Exchange Server 2010 SP1 Enterprise (English) 64-bit

Product type: Other Devices and Systems
Product Status: Completed
Assurance Level: EAL4+ Augmented by ALC_FLR.3

Version: (English) 64-bit

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2011)
Certificate Details: 2011/72
Certification Method: CC
Crypt Evaluation: Not Required
Evaluation Facility: stratsec
Manufacturer/Vendor/Distributor: Microsoft Corporation

Microsoft Corporation

One Microsoft Way
Redmond WA 98052 United States
Website: http://www.microsoft.com
Product Website: http://www.microsoft.com/exchange/2010/en/us/default.aspx


Amy Blumenfield
Senior Program Manager Exchange Server Group

Phone: +1 (425) 706-7625
Email: amyblu@microsoft.com


Certification Report
Security Target

The target of evaluation (TOE) is Microsoft’s Exchange 2010 SP1 Enterprise (English) 64-bit (known as Exchange 2010). The TOE is an e-mail and collaboration server that provides secure access to personal and shared data for a variety of clients using various protocols.

The evaluation scope includes the following security functions and features:

  • Connection filtering. Protects from unwanted spam or Unsolicited Commercial E-mail (UCE) by blocking messages from specified IP addresses.
  • Message filtering. Filters potential spam messages based on Administrator configured SMTP filters, including local and third party block/allow lists.
  • Attachment filtering. Provides a mechanism to filter potentially harmful attachments from external networks.
  • Transport filtering. Allows the administrator to define mail policies to prevent specific internal and/or external users from emailing each other.
  • Access control. Protects mailboxes and public folders from unauthorized access.
  • Identification and authentication. Provides identification and authentication mechanism for the Outlook Voice Access functionality in cases where Outlook Voice Access is not secured by the use of the TLS protocol.
  • Distribution group restriction. Requires users sending mail to a distribution group to be successfully authenticated and to be authorized.
  • Remote device wipe. Provides the ability for an administrator to issue a command to wipe a managed Windows Mobile device in the event that the device may have been compromised.