DISA STIGS Viewer

Finding ID	Version	Rule ID	IA Controls	Severity
V-259596	EX19-ED-000109	SV-259596r961152_rule		Medium

Description

To ensure hostile insiders are unable to easily commit DoS attacks and reduce the effectiveness of mail flow throughout the environment, a second Edge server is deployed to allow for multiple paths of mail flow both internally and externally into the environment. This prevents a single point-of-failure and allows for service to continue in the event of a DoS attack targeting one Edge role.

STIG	Date
Microsoft Exchange 2019 Edge Server Security Technical Implementation Guide	2024-12-06

Check Text (C-63335r942100_chk)

Review the EDSP for current configuration. On the mailbox server, open a PowerShell prompt and run the following command: Get-EdgeSubscription If there is only one subscription on each server, this is a finding.

Fix Text (F-63243r942101_fix)

At a minimum, a second server must be deployed and subscribed to.