For Academia
For Industry
For GovernmentNSA has developed and distributed configuration guidance for a variety of software applications. These guides are currently being used throughout the government and by numerous entities as security baselines for these applications.
As part of a change in our development strategy for security guidance, the National Security Agency does not intend to publish a separate security guide for Microsoft Exchange 2003 beyond what was produced as a cooperative effort between the vendor and the security community. The "High" security settings in the Center for Internet Security (CIS) "Exchange Server 2003 Benchmark" track closely with the security level historically represented in the NSA guidelines. It is our belief that this benchmark establishes the latest best practices for securing the product and recommend that traditional customers of our security recommendations use the CIS Exchange benchmark when securing Exchange Server 2003.
| Title | File Size | Updated |
|---|---|---|
 Oracle Application Server Security Recommendations and DoDI 8500.2 IA Controls * |
294 KB | Dec 06 |
| Oracle Application Server on Windows 2003 Security Guide * |
332 KB | Dec 06 |
| BEA WebLogic Platform Security Guide * |
840 KB | 04 Apr 05 |
| Guide to Microsoft .NET Framework Security * |
1,995KB | 11 Nov 06 |
| Microsoft Office XP/2003 Executable Content Security Risks and Countermeasures Guide * |
589KB | 10 Feb 05 |
| CIS Exchange Server 2003 Benchmark, Version 1.0 * |
2,833KB | 2005 |
| Guide to Secure Configuration and Administration of Microsoft Exchange 2000 * |
4,200KB | 15 Dec 04 |
| Microsoft Office 2000 Executable Content Security Risk and Countermeasures * |
806KB | |
| Guide to Using DoD PKI Certificates in Outlook 2000, version 2.0 * |
800KB | |
| Systems Management Server 2003 Security Guide * |
1,657KB | 01 Apr 05 |