Details
This policy setting controls whether Outlook uses remote procedure call (RPC) encryption
to communicate with Microsoft Exchange servers. If you enable this policy setting, Outlook
uses RPC encryption when communicating with an Exchange server. Note – RPC encryption
only encrypts the data from the Outlook client computer to the Exchange server. It does not
encrypt the messages themselves as they traverse the Internet. If you disable or do not
configure this policy setting, RPC encryption is still used by default. This setting allows you
to override the corresponding per-profile setting. The recommended state for this setting
is- Enabled.
*Rationale*
By default, the remote procedure call (RPC) communication channel between an Outlook
2010 client computer and an Exchange server is not encrypted. If a malicious person is able
to eavesdrop on the network traffic between Outlook and the server, they might be able to
access confidential information.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
User ConfigurationAdministrative TemplatesMicrosoft Outlook 2010Account
SettingsExchangeEnable RPC encryption
Impact-Enabling this setting should not have any significant effect on users. However, there is
always a trade-off between secure communication and performance, so you should
evaluate the performance impact of encrypting every connection from the Outlook 2010
client computer and the Exchange server.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.