Exchange Online Archiving Bharat Suneja Sr Technical Writer Exchange Microsoft Corporation EXL301 Archiving and Compliance Storage Management Balance mailbox size demands with available ID: 526272
Download Presentation The PPT/PDF document "Archiving in the cloud with" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1Slide2
Archiving in the cloud withExchange Online Archiving
Bharat SunejaSr Technical Writer | ExchangeMicrosoft Corporation
EXL301Slide3
Archiving and Compliance
Storage Management
Balance mailbox size demands with available
storage resources
Reduce the proliferation of
PST files
stored outside of IT control
Improve overall application and network performance
Data Retention
Meet industry and regulatory email data
retention
requirements
Support ongoing
compliance, litigation
or
personnel mattersPreserve valuable intellectual property and corporate assets
Discovery
Respond to strict timelines for legal discovery orders
Reduce costs
involved in searching for and retrieving data
Report on email communications as part of auditing proceduresSlide4
Before Exchange 2010
Transport Journaling to feed journaling mailboxes or 3rd party archiving systems/serviceJournaling agent on Hub Transport applies Journal Rules, generates journal reports (message + metadata)More at
aka.ms/journalingSlide5
Exchange In-Place Archiving & Compliance
Consolidated storage - data resides in ExchangeRich end-user experiences – Native rich archive access with Office client toolsSimplified management
– Single & unified IT & compliance management tools3rd Party Archiving & Compliance
Exchange In-Place Archiving &
Compliance
3
rd
Party
Archive
End User
IT Admin
IT Admin
End UserSlide6
Archive User ExperiencePST-like
experience in OWA and OutlookDrag and drop messages to move/copy to archive
Online-only access from OutlookMove to archive MRM policy to move items to archiveAlso, Inbox rules to move messages or apply move policyArchive Admin ExperienceSecond mailbox associated with user, not cached
Shares same Active Directory user object as primary mailbox
Same HA, Migration concepts as primary mailboxSlide7
demo
NameTitleGroupArchive ExperienceSlide8
Cloud Deployment Scenarios
Primary
Archive
Exchange Online Archiving (EOA)
On-Premises
*Cross-premises and EOA scenarios require Exchange 2010 SP1 On-Premises
Primary
Archive
Fully Hosted
Primary
Archive
Cross-premises Co-Existence
Primary
Archive
On-PremisesSlide9
Exchange Online Archiving Overview
Ability to host primary on-prem and archive in the cloud
Per-user setting, tenant can have mix of users with on-prem and cloud-based archivesUnlimited QuotaSimplified on-prem storage managementSeamless user compliance spanning on-prem primary and cloud archive
MRM Move to archive
Hold
eDiscovery
Auditing
All management actions on-prem – very little cloud managementRequires hybrid configurationSlide10
Mechanics of Exchange Online Archiving
AD
AD
AD
On-Premises Exchange
Exchange Online
Office 365
AD FS
DirSync
DirSync
Forward Sync
WriteBackSlide11
Mechanics of Exchange Online Archiving
Provisioning is asynchronous
AD
AD
AD
On-Premises Exchange
Exchange Online
Office 365
AD FS
DirSync
DirSync
Forward Sync
WriteBack
Enable-Mailbox user1 –
remotearchive
Provision archive mailbox
Get-Mailbox user1 –archive
Provision new cloud-based
archive
1
Active Directory
object created
2
3Slide12
Mechanics of Exchange Online Archiving
Provisioning is asynchronous
AD
AD
AD
On-Premises Exchange
Exchange Online
Office 365
AD FS
DirSync
DirSync
Enable-Mailbox user1 –
remotearchive
Provision archive mailbox
Get-Mailbox user1 –archive
Provision new cloud-based
archive
1
Active Directory
object created
2
Cloud-based
Archive created
4
Forward Sync
3
WriteBack
5Slide13
Managing the archive
Exchange mailbox management tools to manage archive
Create a cloud-based archive (New mailbox)
Enable the
archive (Existing mailbox)
Move an on-premises archive to the cloud
(Shell only)
Move a cloud-based archive to on-premises
(Shell only)
Disable the archive
Reconnect a disabled archiveSlide14
demo
EOA ManagementSlide15
Exchange Online Archiving: Client Access
Clients should be configured to point to on-premises CASOutlook gets AutoDiscover response and communicates directly with EOAOWA relies on on-prem CAS to
proxy traffic to EOA
A
P
CAS
CAS
On-Premises
Exchange
Exchange Online
Auto
Discover
request
1
Auto
Discover
response
2
Direct
archive
access
(Outlook
Anywhere)
3
OWA
Request
(HTTPS)
1
OWA Proxy
2Slide16
Diagnosing Archive mailbox AutoDiscovery
Select
XML tab to view AutoDiscover response
3
CTRL
+
right-click
Outlook icon
in system tray
1
Select
Test E-mail
AutoConfiguration
2Slide17
Exchange Online Archiving – setupSubset of Hybrid Configuration
Exchange Server 2010 SP1 CAS/Hub
Archive Provisioning
Office 365 Directory Sync w/ WriteBack
OWA remote archive access
AD FS
Outlook Archive Single Sign On
Exchange Server 2010 SP1 CAS/Hub
Exchange Server 2010 SP1 MBX
eDiscovery, x-prem, MRM MTA
Wednesday@1:30PM
-
EXL303
Configuring Hybrid Exchange the Easy
Way – Ben Appleby
HTTPS [TCP 443]Slide18
EOA Setup
Step
Details
Required/
Recommended
Add
your domains in the Office 365 portal
Add any primary SMTP domains (including Archive Domain)
Required
Configure Federated Identity
(
ADFS)
Single sign-on remote archive logon from OutlookHighly Recommended
Configure
DirSync
Required for remote archive provisioningRequiredEnable DirSync WritebackRequired for archive provisioning to completeRequired
WCF 3.5 P
re-Req
http://code.msdn.microsoft.com/KB982867
Required
1
2
3
4
5Slide19
EOA Setup
Step
Details
Required/
Recommended
Install Exchange Server 2010 SP1 server On-premises
On-premises Exchange Server 2010 SP1 CAS/Hub
server (also MBX role for some scenarios) required for hybrid features
Required
Configure
cloud
Autodiscover DNS record
Allows on-premises targeted
autodiscover
Outlook client to redirect to cloud without promptsRequiredPublish
MRS ProxyAllows Exchange Online Mailbox Replication Service (MRS) to connect On-Premises and perform a move to the cloudRequiredConfigure Federation Trust / Org Relationship“Federated Sharing”
Enable infrastructure for delegated Live namespace
federation.
Required for OWA remote archive access, cross-premises eDiscovery, MRM move to archiveRequired
Synchronize Retention Policies
Export Retention Policy from on-prem to cloud
(use export/import scripts that ship on-prem)
Required
Exchange 2010 SP2 Hybrid Wizard Replaces these steps
http://aka.ms/eoasetup
5
6
7
8
9Slide20
EOA Deployment steps in EDA
Exchange Deployment Assistant Steps
http://aka.ms/exdeploySlide21
Move and DELETE Policy
IW and IT Pro ExperienceSlide22
Message Retention: Overview
Use Retention Policies to manage email
lifecycleArchive (Move) Policy: automatically moves mail to the archiveEnd User Impact: Keeps Mailbox under quotaLike Outlook Auto-Archive – without PSTsImplemented using Move DPTDelete Policy: automatically deletes mail
End User Impact: Unwanted mail is removed from view
End User Impact: Keeps Mailbox under
quota
Delete Policies apply whether in primary or archive
Per item policies take precedence over folder policiesPolicy properties are preserved so message retention is respected in third party systems.http://aka/ms/retentionSlide23
Move and Delete Concepts
Retention TagsName, Action (Move | Delete
), Time periodAdmin mandated (Default Folders (RPT) | Entire Mailbox (DPT))All items in mailbox moved to archive in 2 yearsAll items in mailbox deleted in 7 yearsAll items in Junk Mail folder deleted in 14 days
User applied (
Personal Tags
) – folder or message
Never delete items in Reference folder
Retention Policies Group retention tagsPolicies span to groups of users like ‘Accounting’ Deterministic: User has one retention policySlide24
EMC MRM Configuration
Organization Configuration > Mailbox > Retention Policy Tags
Organization Configuration > Mailbox > Retention PoliciesSlide25
Retention Policies in Outlook 2010 and OWA
Expiration date stamped directly on email
Delete policies
Policies can be applied to a folder
Policies can be applied directly to an email
Archive policies Slide26
Preserve: Optional Retention Tags
Archive Policy
Delete Policy
Additional policies for special projects or roles (e.g. HR)
Tags not part of Retention Policy, users select from ECPSlide27
How retention policy is applied
Retention policy applies to mailbox userSame policy applies to primary and archive mailboxesArchive & delete policies independent of each other
Item can have both archive and delete policiesItem moved to archive in X days, deleted in X+Y daysWhat if: Retention age in delete policy < archive policy?The delete policy stamped on item preserved when moved to archivePrecedence rule: Policy tag that is closest scope to a mail item winsSlide28
Configuring MRM Mailbox Assistant
MRM Mailbox Assistant, aka “Managed Folder Assistant”Runs as a background process to crawl mailboxes and take action on “expired” mail itemsExchange 2010 RTM
– Specify a schedulestart, end time and frequency (e.g. daily 1:00 AM – 6:00 AM)Can result in processing being forever behindExchange 2010 SP1 – Specify a workcycleAssistant runs throttled to not compete with critical mailbox processes
Workcycle
–how often to process mailboxes (e.g. every 48 hours).
On-
prem
default: 1 day. Use Set-MailboxServer to modifyIn Office 365 cycle is 7 days (no admin config required)Slide29
Retention Hold
Administrator override to pause all message retention policy actions (e.g. when employee on vacation)
Set-Mailbox –Identity
bsuneja
–
RetentionHoldEnabled
$true
–
RetentionUrl “http://intranet/holdpolicy” -
StartDateForRetentionHold 6/10/2012
-EndDateForRetentionHold 7/5/2012Slide30
Migrating Retention Policies to Cloud
MRM policies not automatically migrated or synced to cloudScripts shipped to automate export and import of Retention Policies & Retention Tags between on-premises and cloud-based orgs *Export-RetentionTags.ps1
Import-RetentionTags.ps1Do this before provisioning/moving archives to the cloud
P
A
P
A
Export-RetentionTags.ps1
Import-RetentionTags.ps1
On-Premises
Cloud
Export
Import
MRM Policy
*Location: %Program
Files%\Microsoft\Exchange
Server\V14\Scripts
.
xmlSlide31
PRESERVE:
Hold PolicyLegal Hold, Single Item Recovery & Recoverable Items storeSlide32
Preserve: Legal Hold
Overview
Preserve
items for recovery and discovery for an finite or indefinite period of time without impacting end user
experience
Captures deletes
and
edits
(copy-on-write)
User workflow is unchanged
, items captured in Recoverable Items Store 2.0
Multi-Mailbox Search
can search items indexed in Recoverable Items Users can receive notification they’re on hold; eliminates manual process
No end-user impactSlide33
Preserve: Legal Hold
Configuration
Set legal hold to capture all changes indefinitely
Captured e-mail data found in multi-mailbox search results
Provides separate settings to enable single item restore
Optional alert
message for users with Outlook
2010 and OWASlide34
Preserve: Hold Policy
User Experience
URL links to additional info
User is told how to comply (no action needed for e-mail)Slide35
Rolling Hold
Preserve user data for a rolling window of time irrespective of user actionsAchieved using Single Item Recovery (SIR)SIR captures all edits for a specified time period
Set-Mailbox
-Identity
asummers
-
SingleItemRecoveryEnabled $true
Off by default on-premises
On by default in Exchange Online with default window of 14 days.
Changing time window requires a support call. Slide36
Hold Management & the Cloud
Manage Legal Hold against current location of the primary mailboxSetting hold on user on-premises applies to EOA automaticallyArchives (on-premises or cloud-based) have their own Recoverable Items 2.0 store
Items deleted from archiveOriginal copies of modified itemsSlide37
Auditing & Reporting
Configuration Audit and Mailbox AuditSlide38
Auditing
Compliance ConfigurationAll
the configuration changes made by the administrators from any of the UIsWas
litigation hold ever removed from this mailbox?
Who has been running Discovery searches?
What was the old value of retention period
?
Non-Owner Mailbox Access
Mailbox data access actions
performed by
Administrators/Delegates/Owners
Who is reading my emails?
Who really
sent that
emailSlide39
Audit: Configuration Audit
Logs all state changing cmdlets against Exchange set-*, new-*, enable-*, (optional) test-*
Set-AdminAuditConfig –AdminAuditLogEnabled $true
Configured per tenant organization in Office
365 (
ON
by default)
On-prem audit events logged in arbitration mailboxEOA audit logged to online tenant arbitration mailboxResults can be searched/exported usingNew-AdminAuditLogSearchSearch-
AdminAuditLog
ECP UISlide40
Audit: Mailbox Audit
Captures all non-owner access to a mailboxCaptures all operations performed on that mailbox.Includes access by Admin & Delegate usersConfigured
per user using set-mailboxLogged to special Audit folder in user mailboxResults can be searched/exported using Search-MailboxAuditLog
New-
MailboxAuditLogSearch
ECP UISlide41
Audit: Reports in ECP UI
Audit Reports:
1. Non-Owner MBX Access
2. Hold Admin Activity
3. Roles membership
Export Audit LogsSlide42
Discover:
Multi-Mailbox SearchDiscovery Console in ECP and PowerShell searchSlide43
Performs distributed search across end user mailboxes located on multiple servers.
Searches all user data (archive included automatically)User’s EOA data also searchedAbility to view keyword statistics & copy results to discovery search mailbox on-premisesAbility to annotate items with metadata for review.Admins by default do not have access to search mailboxes,
Discovery Management RBAC role is requiredSearch is throttled and parallelizedDiscover: Multi-Mailbox Search Slide44
Session Objectives and Takeaways
Session Objective(s): Overview of Exchange Online (EOA)Setup and deployment of EOACompliance features in EOA
Key TakeawaysExchange Online Archive allows customers to consolidate email and simplify on-premises storage managementExchange Online Archive enables simplified compliance managementSlide45
Related Content
EXL303 Configuring Hybrid Exchange the Easy Way
EXL11-HOL Microsoft Exchange Server 2010 Compliance: Archiving & Retention
Demos and questions at Microsoft Exchange booth
Find Me Later At
… Exchange booth,
@
bsuneja
on Twitter
Follow us on Twitter!
@
MSFTExchange
hash tags:
#
MSExchangeSlide46
Track Resources
Understanding Exchange Online Archiving (
aka.ms/
eoa
)
Configure Exchange Online Archiving (
aka.ms/
eoasetup
)
Exchange
Online (
aka.ms/
eo
) – Price and
plans
Exchange Server Deployment Assistant (aka.ms/exdeploy) – Hybrid ConfigSlide47
Resources
Connect. Share. Discuss.
http
://europe.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn Slide48
Evaluations
http://europe.msteched.com/sessionsSubmit your evals online Slide49
MS Tag
Scan the Tag
to evaluate this
session now on
myTechEd
Mobile
Required Slide
*delete this box when your slide is finalized
Your MS Tag will be inserted here during the final scrub. Slide50
©
2012 Microsoft
Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the
part
of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT
MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.