introduction to exchange server 2010 microsoft schweiz gmbh stefan hagenbuch unified communications...
TRANSCRIPT
Introduction toExchange Server 2010
Microsoft Schweiz GmbHStefan HagenbuchUnified Communications Product [email protected]
Microsoft Schweiz GmbHAndre HagmannSenior Technology [email protected]
OverviewInfrastructure Fokus
High AvailabilityStorageManagement
End User ExperiencesBetter Together with Outlook 2010Outlook Web App + OCS Presence
Mobility + SecurityUnified MessagingCompliance + Security
Archiving and RetentionInformation Protection and ControlSpam and AV Protection
Agenda
“We need to deliver secure and compliant
communications tools”
- CIO
“Sales needs to easily connect with customers while on
the road”
- VP of Sales
Strategic Business Challenges
LoweringIT Costs
Increasing Productivity
Managing Risk
“I need to reduce hardware costs and
operational overhead”
- IT Manager
“How do I balance these needs in a changing workplace?”
Optimize for Software + Services
• E-mail Archiving
• Protect
Communications
• Advanced Security
• Manage Inbox
Overload
• Enhance Voice Mail
• Collaborate
Effectively
• Continuous
Availability
• Simplify
Administration
• Deployment
Flexibility
Anywhere Access
Flexible and Reliable
Protection and
Compliance
Optimized for Software + ServicesDeliver powerful productivity tools to your users, in away that best fits your business or technology needs
PC
PHONE
WEB
Consistent User Experience
On-Premises Cloud Service
• Role-based administration and user self-service
• Web-based management and remote PowerShell
• Single platform for availability, backup, and recovery
• Online mailbox moves keep users connected
• Choice of storage from SAN to low-cost DAS
• Modular server roles ease deployment
Flexible and Reliable
Continuous Availability
Simplify Administration
Deployment Flexibility
Flexibility to tailor deployment based on your unique needs and a simplified way to keep e-mail continuously available
Evolution of Continuous Replication technologyProvides full redundancy of Exchange roles on as few as two serversReduce backup frequency through up to 16 replicas of each databaseCan be deployed on a range of storage options
Continuous Availability
Mailbox
ServerDB1
DB3
DB2
DB4DB5
Recover quickly from disk and database failures
Mailbox
ServerDB1DB2
DB4DB5
DB3
Mailbox
ServerDB1DB2
DB4DB5
DB3
Replicate databases to remote datacenter
San Jose New York
Simplify mailbox resiliency with new unified solution for High Availability, Backup, and Disaster Recovery
Database Availability Group (DAG)
Mailbox Servers
Mailbox Database Copies
Active Manager
RPC Client Access Service
Active Manager Client
DB2
DB1
DB2
DB3
DB1
DB2
DB3
DB1
Active Manage
r
Active Manage
r
Active Manage
r
RPC Client Access Service
DB3
Mailbox Resiliency Components
AM Client
Database Availability Group
Mailbox Resiliency Design Example
• Single Site• 4 Nodes in a DAG• 3 Database Copies
Database Availability Group (DAG)
DB2
DB3
DB5DB4
DB7 DB8 DB1
DB2 DB3 DB4
MailboxServer 1
DB5 DB6 DB7
DB8 DB1 DB2
MailboxServer 2
MailboxServer 3
CAS NLB Farm
DB3 DB4 DB5
DB6 DB7 DB8
MailboxServer 4
DB1
DB6
• Upgrade server 1• Server 2 fails• Server 1 upgrade is done• 2 active copies die
Double resiliency
1
2 3
Select a database
View locations and status of replicated copies Take action (add copies,
change master, etc.)
Managing Availability
E-mail Client
Mailbox Server 1 Mailbox Server 2
Client Access Server
• Users remain online while their mailboxes are moved between servers−Sending messages−Receiving messages−Accessing entire mailbox
• Administrators can perform migration and maintenance during regular hours
Keep your users productive during mailbox moves and maintenance
Continuous Availability
Demo….- High Availability Management
70% reduction in IOPSSmoother IO patternsResilience against corruption
Deployment FlexibilityGreater Range of Storage Options
ThroughPerformance Enhancements
Storage Area Network (SAN)
Direct Attached w/ SAS Disks
JBOD SATA(RAID-less)
Direct Attached w/ SATA Disks
Server/Storage Hardware $/Mailbox
Reduce Costs With Cheaper Disks
• Use larger, slower, lower-cost disks—SATA (Tier 2) Disks
• Support larger mailboxes at lower cost
• Maintain reliability and performance
• Improve storage utilization
3,000 Mailboxes; 2 Node Cluster
E2003 SCC (FC SAN)
E2007 CCR (SAS DAS)
E2010 DAG (SATA DAS)
$0
$5
$10
$15
$20
$25
$30
$35 $27
$19
$13
$34
$21
$/Mailbox (500 MB) $/Mailbox (2000 MB)
Two Raided DB
Copies, Fast Recovery
Exchange 2010 Backup StrategyBuild Secure Data Protection into the Product
Long Term Data
Retention
Exchange 2010Feature Set
Mailbox Resiliency
Single Item Recovery
Personal Archive + Retention Policies
Lagged Copy
Fast recoveryData redundancy
Guaranteed item retentionCan be enabled on a per-user basis
Past point-in-time DB copy
Alternate mailbox for older data
Feature Benefits
Fast
Recovery
Data
Rete
nti
on
Data Center Failures
HW/SW Failures
Administrator Error
Mailbox Corruption
Accidentally Deleted Items
Deployment FlexibilityEase deployment and reduce
installation time with flexible server rolesEnterprise Network
ExternalSMTP
servers
Edge TransportRouting and
AV/AS
Phone system (PBX or VOIP)
Client AccessClient connectivity
Web services
Hub TransportRouting and policy
Web browser
Outlook (remote user)
Mobile phone
Outlook (local user)
Line of business application
MailboxStorage of
mailbox items
Unified MessagingVoice mail and
voice access
Compliance Officer
Human Resources
Help Desk Staff
Simplify Administration
Conduct multi-mailbox
searches for e-Discovery
Update employee
information in company directory
Manage mailbox quotas
Delegate specific tasks to specialist users
with role-based administration
Graphical Management Tools
Remote PowerShell
Role-based Access Control• Assigns permissions to specific operations with meaning in the organization• Controls features displayed in Management Tools
Exchange Management Console (EMC)• Full Exchange administration• Requires client-side installation ( 64-bit )
Exchange Control Panel (ECP)• User self-service• Specialist administrators• Web browser-based administration
Collaborate EffectivelyA familiar and rich Outlook experience across clients, devices, and platforms
Mobile Web Desktop
Anywhere Access
• Text preview of voice mail messages for faster triage
• Customizable call handling rules and menu options
• Enhanced conversation view eases Inbox navigation
• MailTips help avoid undelivered/misdirectede-mail
• Full featured experience across all “three screens”
• Federation of Free/Busy details with partners
Manage Inbox Overload
Enhance Voice Mail
Collaborate Effectively
Help users get more done with the freedom to securely access their communications from virtually any
platform, browser, or device
Manage Inbox Overload
MailTips in Outlook 2010
MailTips in Outlook Web
App
Help reduce unnecessary and undeliverable
e-mail through new sender MailTips
Manage Inbox Overload
Conversation View
Ignore Conversation
Instant Messaging
Easily organize and communicate with enhanced conversation view and
integrated IM
Demo….- Conversation View, Mail Tips- Contact Card- Calendaring in Outlook 2010- Outlook Web App
For example, assume that the response time service level agreement (SLA) for your Help desk is two hours, and you have a Help desk mailbox to which your users can submit problems. This example configures a custom MailTip for that mailbox to inform senders that they will receive a response within two hours.
Set-Mailbox -Identity "Help Desk" -MailTip "A Help Desk representative will contact you within 2 hours.“
Set-DistributionGroup -Identity “hrteam" -MailTip "This distribution group is used for Human Resources departmental communications. If you want to contact an HR representative, please e-mail [email protected].“
Configure Custom MailTips for RecipientsUse Exchange PowerShell to configure custom MailTips
Change AD Schema to replicatethumbnailPhoto to Global Catalog
Using thumbnailPhoto attribute inActive Directory to store photos
picture dimension = 96x96 pixels
picture format = jpg
picture size = 10 K
Storing thumbnails for 10,000 users would take close to 100 Mb
Offline Address Book (OAB)
Loading pictures into Active Directory with Powershell cmdletImport-RecipientDataProperty -Identity "Bharat Suneja" -Picture -FileData ([Byte[]]$(Get-Content -Path "C:\pictures\BharatSuneja.jpg" -Encoding Byte -ReadCount 0))
GAL Photos in Exchange 2010 and Outlook 2010http://msexchangeteam.com/archive/2010/03/10/454223.aspx
Graphical Photos Importer Toolhttp://www.dovestones.com/products/Active_Directory_jpegPhoto_thumbnailPhoto.asp
Office Communicator WAVE 14 will use the same Photo GAL
Configure Photos for Outlook 2010
1. Extend the Exchange Server vision by bringing voice mail to the Inbox
2. Simplify tasks and reduce administrative costs by consolidating infrastructure and training
3. Expand the reach of Exchange to the telephone to allow “anywhere access” to your Inbox, calendar, and contacts
4. Enhance Voice Mail Compliances
Voice Mail in Your Inbox
“Unified messaging provides opportunities to help our faculty and staff become more mobile and work more flexibly. Employees are no longer bound to just a phone or e-mail to conduct their projects. They have the freedom to work where and when they want.” James Reed, Lead Microsoft Exchange Server Administrator, Emory University
Voice mail: the next generation
• A great replacement for legacy voice mail
• Deep investments in UM features that will add real benefit to common scenarios− Voice Mail Preview− Call Answering Rules− Built-in Message Waiting
Indicator− Protected Voice Mail− Access to both Contacts and
Groups
• 26 languages supported• Provide the controls and protection
you need for your compliance needs
Exchange 2010 Unified Messaging
Client Access Server
Mailbox Server
Unified Messaging Server
Hub Transport Server
Active Directory
Edge/Firewall
LDAP
RPC
SMTP
Computer
Phone
PBX
Phone
Office FrontEndServer
SIP
Mediation Server
RTP
VoIPGateway
TDM
Outlook Web Access
OutlookExchange ActiveSync
Internet
HTTPS RPC/HTTPS
IP PBX
PSTNPhone
Fax
TDM SIP/RTP
PBX
VoIPGateway
Phone
TDMPartner Fax
Demo….- Enable Voice Mail
• Fax specification is published and available to all partners who wish to have a first-class integration
• TekVizion is the certification partner
• Fax messages appear to the user in a familiar fashion
• Administration is done in EMC for provisioning and de-provisioning
Rich Fax Partner Support
Integrated Experience
Partner Interoperability Program
• Partner connections are authenticated by Exchange
• Choice of hosted or on-premises partners
Flexibility and Security
Free/Busy from contact cardColor coded by user’s
availabilityChange day to see future
availabilityView Free/Busy of external
contacts
Free/Busy Information
Inline playerCall back buttonVoice Mail Preview
Unified Messaging Card
Pull common e-mail recipients:
From contactsFrom recently usedFrom inbox (To/CC)From OWA
Nickname Cache
New icons (replied, forwarded)
Action data displayed in message
Read/Reply State
Finger-friendly iconsEasy access to folders
and searchEasy access to common
actions
Upgraded User Interface
Exchange 2003 SP2 - 6 policiesExchange 2007 - 10 new policiesExchange 2007 SP1 - 29 new policiesExchange 2010 – Device Type Filtering
Policy categoriesDevice ControlNetwork ControlApplication ControlSync SettingsAuthenticationEncryption
Exchange ActiveSync Investments
Demo….- Create ActiveSync Policies- Assign Polices to User
One list with settings for each device type
Device type reported by the device
List is updatable
List shows device type
Block/Allow/Quarantine List
Device Type Status
HTC Touch Diamond Allow
iPhone_EASv2.5 Block
RoadSyncClient_EASv2.5
Quarantine
NokiaN95_EASv12.0 Allow
List Example
Block/Allow List
Person Device
Person: Is there a special case for this user?Device: Are we blocking or allowing this device?Anything Unknown: What is done when no policy applies?
Block Block
AllowAllow
Allow
No Policy
No Policy
Scenario:
Quarantine
Allow ListBlock ListCEO is specialNew device
Anything Unknown
Protection and Compliance
• Array of Informational Protection and Control tools
• Automate Rights Management policies in Transport
• Integrated archiving, retention, and discovery
• Granular retention and legal hold policies
• Multiple antivirus scanning engines with Forefront
• Choice of service or on-premises protection
E-mail Archiving
Protect Communicatio
ns
Advanced Security
Simplify and automate the process of protecting your organization’s communications and meeting regulatory
requirements
E-mail ArchivingPreserve and discover e-mail data
without changing the user or IT pro experience
Preserve Discover
• Secondary mailbox with separate quota
• Appears in Outlook and OWA
• Managed through EMC or PowerShell
Personal Archive
• Automated and time-based criteria
• Set policies at item or folder level
• Expiry date shown in e-mail message
Move and Delete Policies
• Capture deleted and edited e-mail messages
• Offers single item restore
• Notify user on hold
• Web-based UI
• Search primary, archive, and recoverable items
• Delegate through roles-based admin
Hold Policy Multi-Mailbox Search
A Familiar Personal Archive
• A specialized Exchange mailbox configured and associated with the user’s primary mailbox
• Delivers your users a familiar experience by seamlessly surfacing in both Outlook and Outlook Web App
• Your users can use the same skills and methods they already use today to interact with archive e-mail:
• “Drag and Drop” e-mail to folders
• Create folders and categorize
• Conduct searches and filter results
• Reply to messages and set flags
• Separate quotas may be set for archive and primary mailboxes
Arc
hiv
ePri
mary
Mailb
ox
E-mail Archiving Retention PolicySet granular per item retention
policies and capture all edits and deletions with legal hold
Apply Move and Delete Policies to Individual Messages
Retention Policy and Expiry Details
Policies Applied to All E-mail Within a Folder
Demo….- Enable Personal Archive
• Apply the right level of control based on the sensitivity of the data
• Maximize control and minimize unnecessary user disruptions
Benefits of Granular Controls
LESS RESTRICTIVE MORE RESTRICTIVE
Alert “Allow
delivery but add a
warning.”
Append “Allow
delivery but add a
disclaimer.”
Protect“Allow
delivery but prevent
forwarding.”
Redirect“Block
delivery and
redirect.”
Review “Block
delivery until
reviewed.”
Block“Do not deliver.”
Modify “Allow
delivery but modify message.”
Classify “Allow
delivery but apply
classification.”
Server Site Transport Rules
Conditions
Exceptions
Actions
If the message...Is from a member of the group ‘Executives’And is sent to recipients that are 'Outside the organization' And contains the keyword ‘Merger’
Do the following...Redirect message to: [email protected]
Except if the message...Is sent to ‘[email protected]
• Executed on the Hub Transport Server
• Structured like Inbox rules
• Apply to all messages sent inside and outside the organization
• Configured with simple GUI in Exchange Management Console
Easily enforce granular policies
Conditions
Specific Users Detects mail between people, distribution lists
Specific Content Inspects subject, header and body for keywords, regular expressions
Message Properties Inspect message headers and properties or type
Classifications Scans for classifications such as Attorney-Client Privileged
Attachments Scans size, name and content (Office documents)
Classifications Can now also act on No Classifications
Message Types IRM protected, auto-replies, calendaring, voice mail
Supervision Lists Allows/Blocks based on listed recipients
Management Properties
Identifies manager and applies policy
User Properties Scans for user attributes (such as department, country)
Conditions When the message contains…
Fine tune rules with detailed criteria
Actions
Block Blocks and deletes message and can send non-delivery report
Classify Applies classification such as attorney-client privilege
Modify Adds disclaimer to body or text to subject line
Reroute Adds additional recipients to cc or Bcc line or re-directs
Append Applies disclaimer per each user’s specific attributes
Review Enables review and approval of e-mail before delivery
Protect Applies rights protection to messages, attachments
Actions …do the following…
Apply the appropriate level of control
<html>
<body>
<br><br>
<p><strong>%%Company%%</strong><br>
%%department%%<br>
%%Street%% | %%postalCode%% %%City%% | %%Country%%<br>
<hr/>
%%Firstname%% %%Lastname%% | %%Title%%<br>
Phone | <a href="tel:%%Phone%%">%%Phone%%</a> |
Email | <a href="mailto:%%eMail%%">%%eMail%%</a><rb><br>
Visit our Website at <a href="http://www.microsoft.ch">www.microsoft.ch</a><br>
</body>
</html>
Create Dynamic DisclaimerUse Exchange Transport Rules Wizard or Powershell cmdlet
Demo….- Create Dynamic Disclaimer
Mail Moderation
Moderate based on sender, DL, content
Approve or Reject with option to send response
Moderator can be a specific user or sender’s manager
Enable review and approval of e-mail before delivery
Secure Distribution ListModify Distribution List
Approve by Users/Groups Reject Reject with comments
NotificationsExceptions
Sending mail to a moderated Distribution ListControl messages sent to groups and individuals based on the human approval
Advanced Security
Multiple scan engines throughout the corporate infrastructureTight integration with Exchange maximizes availability and performanceEasy-to-use admin console for central configuration and operation
Antivirus and anti-spam protection for Exchange Server 2010 Server Roles
On-Premises SoftwareHosted Service
Hub Transport Server
Mailbox Server Client Access Server
Internet SMTP
Prevent malicious software and spam from
entering into the messaging environment
10 years of support (5 years Mainstream and 5 years Extended Support) at the supported service pack level for Business and Developer products 5 years Mainstream Support at the supported service pack level for Consumer/Hardware/Multimedia products Product Lifecycle Database http://support.microsoft.com/lifecycle/
Microsoft Support LifecycleThe Microsoft Support Lifecycle policy
took effect in October 2002
Lower IT costs with a Flexible and Reliable messaging platform
Better manage risk by safeguarding your business with Protection and Compliance
Increase productivity through Anywhere Access to business communications
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Exchange ActiveSync, Forefront, Outlook, Windows Mobile, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of
this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE
INFORMATION IN THIS PRESENTATION.