11-06-2007, 08:11 AM
Thumbs Must Hurt
Join Date: Jul 2006
Post Thanks: 0
Thanked 0 Times in 0 Posts
It all depends how you are having BIS access your Exchange server.
The connection to the BIS <-> Handhelds is always encrypted, so let's take that out of the equation.
Now the other component is how is BIS accessing your Exchange server. Three choices, OWA, POP, or IMAP. My guess, and the way it is configured by default is through OWA. Now if your OWA server requires SSL, then BIS will HAVE to use SSL just like any other user connecting. So then you have your end to end connection totally encrypted. If you don't have SSL set up on OWA then you need to get a Cert signed by a CA, and configure it. There is plenty of help on the internet to get you Exchange server setup for that...
If you are having BIS use POP or IMAP to access the Exchange server (no real reason not to use the default OWA type connection though), then you need to configure and require TLS on those services on your Exchange front-end (or single server I'm guessing). It is usually just easier to use the OWA method.
The main advantage you gain by making sure the connection between the BIS and your Exchange organization are encrypted, is that passwords are NOT sent in the clear and any email that flows within your organization stays private the entire time.