Exchange 2010 and RMS Protection

One of the greatly enhanced features in Exchange 2010 is the ability to automatically RMS protect messages via transport rules. For example, you could automatically encrypt all messages between HR and Legal. Or you could write a rule that searches message content and prevents forwarding if the string “company confidential” is detected. The rules you can generate are quite flexible, so you can great complex rules to apply various RMS protections.

You can also implement RMS with business partners using AD federation services, Live IDs, or use the Microsoft RMS hosting service.

In order to implement RMS and Exchange you need:

1) Windows Server 2008 R2 OS for Exchange servers
2) Exchange 2010
3) Server 2008 R2 AD RMS server

Item #3 may be a sticky point, since deploying a 2008 R2 AD server will require schema extensions. Exchange 2010 in general only needs server 2003 SP2 domain controllers, however. My advice is to NOT deploy Exchange 2010 on server 2008, but utilize server 2008 R2. Given that both products will be released late this year, I don’t think it makes much sense to use the non-R2 version of server 2008 for Exchange 2010.

Note: The requirement for Server 2008 R2 was given in TechED session SIA324 on slide 60. Ed Banti from Microsoft left a comment in my blog that it works with Server 2008 SP2 as well.

Print Friendly, PDF & Email

Related Posts

Notify of
Inline Feedbacks
View all comments