UCF STIG Viewer Logo

Exchange must provide redundancy.


Overview

Finding ID Version Rule ID IA Controls Severity
V-69773 EX13-CA-000145 SV-84395r1_rule Medium
Description
Load balancing is a way to manage which Exchange servers receive traffic. Load balancing helps distribute incoming client connections over a variety of endpoints. This ensures that no one endpoint takes on a disproportional share of the load. Load balancing provides failover redundancy in case one or more endpoints fails. By using load balancing, users continue to receive Exchange service in case of a computer failure. Load balancing also enables Exchange to handle more traffic than one server can process while offering a single host name for your clients.
STIG Date
MS Exchange 2013 Client Access Server Security Technical Implementation Guide 2019-01-02

Details

Check Text ( C-70223r1_chk )
Review the Email Domain Security Plan (EDSP).

Determine if the Exchange Servers are using redundancy.

Get-ClientAccessServer | Select Name, Site

If the value returned is not at least two CAS servers, this is a finding.
Fix Text (F-75985r1_fix)
Update the EDSP.

Configure two or more CAS servers for load balancing.