Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
Exch-HB-215 | Exch-HB-215 | Exch-HB-215_rule | Low |
Description |
---|
This configuration controls the maximum number of simultaneous outbound connections to a domain, and works in conjunction with the Maximum Outbound Connections Count setting as a delivery tuning mechanism. If the limit is too low, connections may be dropped. If too high, some domains may use a disproportionate resource share, denying access to other domains. Appropriate tuning reduces risk of data delay or loss. By default, a limit of 100 simultaneous outbound connections from a domain should be sufficient. The value may be adjusted downward if justified by local site conditions. Note: Transport configuration settings apply to the organization/global level of Exchange by checking and setting them at the Hub server the setting will apply to both Hub and Edge roles. |
STIG | Date |
---|---|
Microsoft Exchange 2010 Hub Transport Server Role | 2012-05-31 |
Check Text ( C-_chk ) |
---|
Obtain the Email Domain Security Plan (EDSP) and locate the value for " Maximum Domain Connections". Open the Exchange Management Shell and enter the following command. Get-TransportServer -Identity <'ServerUnderReview'> | Select Name, Identity, MaxPerDomainOutboundConnections If the value of "MaxPerDomainOutboundConnections" is set to 100 or less, this is not a finding. If the value of "MaxPerDomainOutboundConnections" is set to more than 100, and has signoff and risk acceptance in the EDSP, this is not a finding. |
Fix Text (F-_fix) |
---|
Open the Exchange Management Shell and enter the following command. Set-TransportServer -Identity <'ServerUnderReview'> -MaxPerDomainOutboundConnections 100 or other value as identified by the Email Domain Security Plan. |