Evaluated Product - Details

Return to the EPL index

Exchange Server 2010 Enterprise (English) 64-bit

Product type: Other Devices and Systems
Product Status: Archived
Assurance Level: EAL1+

Version: (English) 64-bit

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2010)
Certificate Details: 2010/68
Certification Method: CC
Crypt Evaluation: Not Required
Evaluation Facility: stratsec
Manufacturer/Vendor/Distributor: Microsoft Corporation

Microsoft Corporation

One Microsoft Way
Redmond WA 98052 United States
Website: http://www.microsoft.com
Product Website: http://www.microsoft.com/exchange/2010/en/us/default.aspx


Amy Blumenfield
Senior Program Manager Exchange Server Group

Phone: +1 (425) 706-7625
Email: amyblu@microsoft.com


Security Target
Certification Report

Microsoft Exchange Server 2010 Enterprise (English) 64-bit (known as Exchange 2010) is an e-mail and collaboration server that provides secure access to personal and shared data for a variety of clients using various protocols.

The evaluation scope includes the following security functions and features:

  • Connection filtering. Protects from unwanted spam or unsolicited commercial e-mail (UCE) by blocking messages from specified IP addresses.
  • Message filtering. Filters potential spam messages based on administrator-configured SMTP filters, including local and third party block/allow lists.
  • Attachment filtering. Provides a mechanism to filter potentially harmful attachments from external networks.
  • Transport filtering. Allows the administrator to define mail policies to prevent specific internal and/or external users from emailing each other.
  • Access control. Protects mailboxes and public folders from unauthorized access.
  • Identification and authentication. Provides identification and authentication mechanism for the Outlook Voice Access functionality in cases where Outlook Voice Access is not secured by the use of the TLS protocol.
  • Distribution group restriction. Requires users sending mail to a distribution group to be successfully authenticated and to be authorized.
  • Remote device wipe. Provides the ability for an administrator to issue a command to wipe a managed Windows Mobile device in the event that the device may have been compromised.