html5-img
1 / 50

Archiving in the cloud with Exchange Online Archiving

EXL301. Archiving in the cloud with Exchange Online Archiving. Bharat Suneja Sr Technical Writer | Exchange Microsoft Corporation. Archiving and Compliance. Storage Management Balance mailbox size demands with available storage resources

osmond
Télécharger la présentation

Archiving in the cloud with Exchange Online Archiving

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EXL301 Archiving in the cloud withExchange Online Archiving Bharat Suneja Sr Technical Writer | Exchange Microsoft Corporation

  2. Archiving and Compliance • Storage Management • Balance mailbox size demands with available storage resources • Reduce the proliferation of PST files stored outside of IT control • Improve overall application and network performance • Data Retention • Meet industry and regulatory email data retention requirements • Support ongoing compliance, litigation or personnel matters • Preserve valuable intellectual property and corporate assets • Discovery • Respond to strict timelines for legal discovery orders • Reduce costs involved in searching for and retrieving data • Report on email communications as part of auditing procedures

  3. Before Exchange 2010 • Transport Journaling to feed journaling mailboxes or 3rd party archiving systems/service • Journaling agent on Hub Transport applies Journal Rules, generates journal reports (message + metadata) • More at aka.ms/journaling

  4. Exchange In-Place Archiving & Compliance Exchange In-Place Archiving & Compliance 3rd Party Archiving & Compliance • Consolidated storage - data resides in Exchange • Rich end-user experiences – Native rich archive access with Office client tools • Simplified management – Single & unified IT & compliance management tools End User End User IT Admin IT Admin 3rd Party Archive

  5. Archive User Experience • PST-like experience in OWA and Outlook • Drag and drop messages to move/copy to archive • Online-onlyaccess from Outlook • Move to archive MRM policy to move items to archive • Also, Inbox rules to move messages or apply move policy • Archive Admin Experience • Second mailbox associated with user, not cached • Shares same Active Directory user object as primary mailbox • Same HA, Migration concepts as primary mailbox

  6. demo Archive Experience Name Title Group

  7. Cloud Deployment Scenarios Fully Hosted Cross-premises Co-Existence Primary Archive Primary Archive Primary Archive Primary Archive On-Premises Exchange Online Archiving (EOA) On-Premises *Cross-premises and EOA scenarios require Exchange 2010 SP1 On-Premises

  8. Exchange Online Archiving Overview • Ability to host primary on-prem and archive in the cloud • Per-user setting, tenant can have mix of users with on-premand cloud-based archives • Unlimited Quota • Simplified on-prem storage management • Seamless user compliance spanning on-prem primary and cloud archive • MRM Move to archive • Hold • eDiscovery • Auditing • All management actions on-prem – very little cloud management • Requires hybrid configuration

  9. Mechanics of Exchange Online Archiving Office 365 AD On-Premises Exchange Exchange Online Forward Sync DirSync DirSync WriteBack AD AD AD FS

  10. Mechanics of Exchange Online Archiving Provisioning is asynchronous Office 365 1 AD Provision new cloud-based archive Enable-Mailbox user1 –remotearchive Get-Mailbox user1 –archive Provision archive mailbox 3 Forward Sync DirSync DirSync WriteBack AD AD 2 Active Directory object created AD FS On-Premises Exchange Exchange Online

  11. Mechanics of Exchange Online Archiving Provisioning is asynchronous Office 365 1 AD Provision new cloud-based archive Enable-Mailbox user1 –remotearchive Get-Mailbox user1 –archive Provision archive mailbox 3 4 Forward Sync DirSync DirSync Cloud-based Archive created 5 WriteBack AD AD 2 Active Directory object created AD FS On-Premises Exchange Exchange Online

  12. Managing the archive • Exchange mailbox management tools to manage archive • Create a cloud-based archive (New mailbox) • Enable the archive (Existing mailbox) • Move an on-premises archive to the cloud (Shell only) • Move a cloud-based archive to on-premises (Shell only) • Disable the archive • Reconnect a disabled archive

  13. demo EOA Management

  14. Exchange Online Archiving: Client Access On-Premises Exchange Exchange Online • Clients should be configured to point to on-premises CAS • Outlook gets AutoDiscover response and communicates directly with EOA • OWA relies on on-prem CAS to proxy traffic to EOA 2 OWA Proxy CAS CAS 1 2 Auto Discover request Auto Discover response OWA Request (HTTPS) 1 3 Direct archive access (Outlook Anywhere) P A

  15. Diagnosing Archive mailbox AutoDiscovery 3 Select XML tab to view AutoDiscover response 1 CTRL + right-click Outlook icon in system tray 2 Select Test E-mail AutoConfiguration

  16. Exchange Online Archiving – setupSubset of Hybrid Configuration Wednesday@1:30PM- EXL303 Configuring Hybrid Exchange the Easy Way – Ben Appleby Office 365 Directory Sync w/ WriteBack Archive Provisioning HTTPS [TCP 443] AD FS Outlook Archive Single Sign On OWA remote archive access Exchange Server 2010 SP1 CAS/Hub Exchange Server 2010 SP1 CAS/Hub eDiscovery, x-prem, MRM MTA Exchange Server 2010 SP1 MBX

  17. EOA Setup 1 2 3 4 5

  18. EOA Setup 5 6 Exchange 2010 SP2 Hybrid Wizard Replaces these steps 7 8 9 http://aka.ms/eoasetup

  19. EOA Deployment steps in EDAExchange Deployment Assistant Steps http://aka.ms/exdeploy

  20. IW and IT Pro Experience Move and DELETE Policy

  21. Message Retention: Overview • Use Retention Policies to manage email lifecycle • Archive (Move) Policy: automatically moves mail to the archive • End User Impact: Keeps Mailbox under quota • Like Outlook Auto-Archive – without PSTs • Implemented using Move DPT • Delete Policy: automatically deletes mail • End User Impact: Unwanted mail is removed from view • End User Impact: Keeps Mailbox under quota • Delete Policies apply whether in primary or archive • Per item policies take precedence over folder policies • Policy properties are preserved so message retention is respected in third party systems. http://aka/ms/retention

  22. Move and Delete Concepts • Retention Tags • Name, Action (Move | Delete), Time period • Admin mandated (Default Folders (RPT) | Entire Mailbox (DPT)) • All items in mailbox moved to archive in 2 years • All items in mailbox deleted in 7 years • All items in Junk Mail folder deleted in 14 days • User applied (Personal Tags) – folder or message • Never delete items in Reference folder • Retention Policies • Group retention tags • Policies span to groups of users like ‘Accounting’ • Deterministic: User has one retention policy

  23. EMC MRM Configuration • Organization Configuration > Mailbox > Retention Policy Tags • Organization Configuration > Mailbox > Retention Policies

  24. Retention Policies in Outlook 2010 and OWA Policies can be applied directly to an email Policies can be applied to a folder Delete policies Archive policies Expiration date stamped directly on email

  25. Preserve: Optional Retention Tags • Additional policies for special projects or roles (e.g. HR) • Tags not part of Retention Policy, users select from ECP Delete Policy Archive Policy

  26. How retention policy is applied • Retention policy applies to mailbox user • Same policy applies to primary and archive mailboxes • Archive & delete policies independent of each other • Item can have both archive and delete policies • Item moved to archive in X days, deleted in X+Y days • What if: Retention age in delete policy < archive policy? • The delete policy stamped on item preserved when moved to archive • Precedence rule: • Policy tag that is closest scope to a mail item wins

  27. Configuring MRM Mailbox Assistant • MRM Mailbox Assistant, aka “Managed Folder Assistant” • Runs as a background process to crawl mailboxes and take action on “expired” mail items • Exchange 2010 RTM – Specify a schedule • start, end time and frequency (e.g. daily 1:00 AM – 6:00 AM) • Can result in processing being forever behind • Exchange 2010 SP1 – Specify a workcycle • Assistant runs throttled to not compete with critical mailbox processes • Workcycle –how often to process mailboxes (e.g. every 48 hours). • On-prem default: 1 day. Use Set-MailboxServerto modify • In Office 365 cycle is 7 days (no admin config required)

  28. Retention Hold • Administrator override to pause all message retention policy actions (e.g. when employee on vacation) Set-Mailbox –Identity bsuneja–RetentionHoldEnabled $true –RetentionUrl “http://intranet/holdpolicy” -StartDateForRetentionHold6/10/2012 -EndDateForRetentionHold 7/5/2012

  29. Migrating Retention Policies to Cloud • MRM policies not automatically migrated or synced to cloud • Scripts shipped to automate export and import of Retention Policies & Retention Tags between on-premises and cloud-based orgs * • Export-RetentionTags.ps1 • Import-RetentionTags.ps1 • Do this before provisioning/moving archives to the cloud Import Export Import-RetentionTags.ps1 Export-RetentionTags.ps1 .xml MRM Policy A A P P On-Premises Cloud • *Location: %Program Files%\Microsoft\Exchange Server\V14\Scripts

  30. Legal Hold, Single Item Recovery & Recoverable Items store PRESERVE: Hold Policy

  31. Preserve: Legal HoldOverview • Preserve items for recovery and discovery for an finite or indefinite period of time without impacting end user experience • Captures deletes and edits (copy-on-write) • User workflow is unchanged, items captured in Recoverable Items Store 2.0 • Multi-Mailbox Search can search items indexed in Recoverable Items • Users can receive notification they’re on hold; eliminates manual process • No end-user impact

  32. Preserve: Legal HoldConfiguration Set legal hold to capture all changes indefinitely Captured e-mail data found in multi-mailbox search results • Provides separate settings to enable single item restore • Optional alert message for users with Outlook 2010 and OWA

  33. Preserve: Hold PolicyUser Experience User is told how to comply (no action needed for e-mail) URL links to additional info

  34. Rolling Hold Preserve user data for a rolling window of time irrespective of user actions • Achieved using Single Item Recovery (SIR) • SIR captures all edits for a specified time period Set-Mailbox -Identity asummers-SingleItemRecoveryEnabled $true • Off by default on-premises • On by default in Exchange Online with default window of 14 days. • Changing time window requires a support call.

  35. Hold Management & the Cloud • Manage Legal Hold against current location of the primary mailbox • Setting hold on user on-premises applies to EOA automatically • Archives (on-premises or cloud-based) have their own Recoverable Items 2.0 store • Items deleted from archive • Original copies of modified items

  36. Configuration Audit and Mailbox Audit Auditing & Reporting

  37. Auditing • Compliance Configuration All the configuration changes made by the administrators from any of the UIs • Was litigation hold ever removed from this mailbox? • Who has been running Discovery searches? • What was the old value of retention period? • Non-Owner Mailbox Access Mailbox data access actions performed by Administrators/Delegates/Owners • Who is reading my emails? • Who really sent that email

  38. Audit: Configuration Audit • Logs all state changing cmdlets against Exchange • set-*, new-*, enable-*, (optional) test-* • Set-AdminAuditConfig –AdminAuditLogEnabled $true • Configured per tenant organization in Office 365 (ON by default) • On-prem audit events logged in arbitration mailbox • EOA audit logged to online tenant arbitration mailbox • Results can be searched/exported using • New-AdminAuditLogSearch • Search-AdminAuditLog • ECP UI

  39. Audit: Mailbox Audit • Captures all non-owner access to a mailbox • Captures all operations performed on that mailbox. • Includes access by Admin & Delegate users • Configured per user using set-mailbox • Logged to special Audit folder in user mailbox • Results can be searched/exported using • Search-MailboxAuditLog • New-MailboxAuditLogSearch • ECP UI

  40. Audit: Reports in ECP UI Export Audit Logs Audit Reports: 1. Non-Owner MBX Access 2. Hold Admin Activity 3. Roles membership

  41. Discovery Console in ECP and PowerShell search Discover: Multi-Mailbox Search

  42. Discover: Multi-Mailbox Search • Performs distributed search across end user mailboxes located on multiple servers. • Searches all user data (archive included automatically) • User’s EOA data also searched • Ability to view keyword statistics & copy results to discovery search mailbox on-premises • Ability to annotate items with metadata for review. • Admins by default do not have access to search mailboxes, Discovery Management RBAC role is required • Search is throttled and parallelized

  43. Session Objectives and Takeaways • Session Objective(s): • Overview of Exchange Online (EOA) • Setup and deployment of EOA • Compliance features in EOA • Key Takeaways • Exchange Online Archive allows customers to consolidate email and simplify on-premises storage management • Exchange Online Archive enables simplified compliance management

  44. Related Content • EXL303 Configuring Hybrid Exchange the Easy Way EXL11-HOL Microsoft Exchange Server 2010 Compliance: Archiving & Retention Demos and questions at Microsoft Exchange booth Find Me Later At… Exchange booth, @bsunejaon Twitter Follow us on Twitter! @MSFTExchangehash tags: #MSExchange

  45. Track Resources Exchange Online (aka.ms/eo) – Price and plans • Understanding Exchange Online Archiving (aka.ms/eoa) • Configure Exchange Online Archiving (aka.ms/eoasetup) Exchange Server Deployment Assistant (aka.ms/exdeploy) – Hybrid Config

  46. Resources Learning TechNet • Connect. Share. Discuss. • Microsoft Certification & Training Resources http://europe.msteched.com www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers • http://microsoft.com/technet http://microsoft.com/msdn

  47. Evaluations Submit your evals online http://europe.msteched.com/sessions

  48. Required Slide • *delete this box when your slide is finalized • Your MS Tag will be inserted here during the final scrub. MS Tag Scan the Tag to evaluate this session now on myTechEd Mobile

  49. © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related