Information Technology Enterprise Security Removal of Unsecured Protocols and Services (Remote Access/IMAP/POP3) June 2009 Background Unsecured remote access is being eliminated and replaced with VPN (Virtual Private Network) access. All users that currently use unsecured remote access have been notified to request a VPN account to use for future remote access after this date. The use of a VPN account provides a secure channel between a user’s local computer and the computer at the remote location, therefore providing a ‘private’ network over an otherwise ‘public’ network. This change will be implemented during preventive maintenance on June 19, 2009. Further Securing the Enterprise As part of our ongoing efforts to further secure our environment, we are continuing to eliminate the use of many unsecured protocols by closing the associated ports on the enterprise firewall. The use of Unsecured IMAP and POP3 will be eliminated as part of these efforts. IMAP (Internet Message Access Protocol) is a standard protocol for accessing email from a mail server. Currently port 143 IMAP is open on the Internet firewall. This version of IMAP is not secure and allows not only the users userid and password to transmit in clear text but also the mail itself. Using secure IMAP – IMAP4 port 993, encrypts the data between the mail server and mail application so that it cannot be intercepted or sniffed during transmission. Similar to the IMAP issue we will also be eliminating the use of unsecured POP3 (Post Office Protocol 3) port 110. Users that use POP need to switch to the secure version, POP3s that utilizes port 995. These changes will occur as part of our preventive maintenance period on September 18, 2009. Announcements will be made prior to removal of any protocols and/or services that may affect our user community.
Pages to are hidden for
"Elimination of Unsecured Remote Access IMAP POP3 - University of "Please download to view full document