What’s New in Active Directory Auditing and Recovery
TABLE OF CONTENTS
Windows Server 2008: What’s New in Active Directory® Auditing and Recovery
Active Directory Auditing 3
What’s New in Windows Server 2008 4
Remaining Challenges for the Native Toolset 4 NetPro: Extending Windows Server 2008 Active Directory Auditing Capabilities 5 Simplified, Automated Reporting and Analytics for Microsoft
Audit Collection Services (ACS) 5
Active Directory Backup and Recovery 7
What’s New in Windows Server 2008 7
Remaining Challenges for the Native Toolset 8 NetPro: Extending Windows Server 2008 Active Directory
Backup and Recovery Capabilities 8
Immediate Online Restores and Rollbacks of Deleted Objects 8 Advanced Recovery Capabilities for GPOs 9 Optimizing Active Directory: Other Areas for Consideration 10
Microsoft Windows Server 2008 brings a number of new technologies, and major improvements, to your infrastructure. Improvements in auditing, monitoring, backup, recovery, and more are all designed to enhance management and administration.
These improvements benefit a wide range of organizations working under a broad set of operational requirements. But Windows Server 2008 is not intended to be a “one size fits all” solution. That’s why Microsoft relies on third-party solutions for domain-specific expertise that enhances and extends Windows Server 2008 to accommodate specific industry and operational requirements—including enterprise-class auditing, backup and recovery, and more.
That’s where NetPro steps in, intelligently filling the gap between what Windows Server 2008 provides, and what you and your organization need to succeed.
In this paper, we’ll focus on two key areas for Active Directory operations:
(1) Auditing and (2) Backup and Recovery, or business continuity. These two areas encompass many of the operations impacted by most industry and legislative compliance efforts, and are obviously two very important areas for general Active Directory management. We’ll also look at other important areas of consideration, and help you understand where the Windows Server 2008 toolset leaves off, and where the NetPro solution can provide broader coverage and enhanced management capabilities.
ACTivE DiRECTORy AuDiTiNg
Auditing—whether used for troubleshooting, compliance audits, internal security requirements, or other purposes—is one of the most important capabilities for any organization using a directory services platform such as Active Directory. From a technical perspective, auditing consists of two main functions: (1) generating an audit trail based on user interaction with the directory services, and (2) using that audit trail to create reports, locate specific audit events, and so forth. Windows has always provided built-in native capabilities for generating an audit trail, but the native tools provided for using audit events have been limited to the fairly primitive Windows Event Viewer application. And experts have recognized a few specific weaknesses in Windows’ auditing capabilities:
n Auditing requires a significant amount of overhead on Active Directory domain controllers (DCs). Enabling full auditing on a DC can impose such a heavy additional load, in fact, that auditing becomes a significant consideration in capacity planning and can require additional DCs in order for organizations to meet operational requirements in conjunction with auditing. n Audit events go into a single log file on each DC. This means that the enterprise’s total audit
trail is widely distributed, and events are not wellcategorized, making it difficult to locate specific audit events when needed.
n Audit events tend to be overly technical and somewhat cryptic, and do not provide “before and after” values. They typically indicate only that something has changed, with difficult-to-use internal identifiers difficult-to-used in place of actual object names and descriptions.
n Windows auditing doesn’t natively cover everything that can happen in the directory, and often doesn’t provide a sufficient level of detail. Changes to a Group Policy object (GPO), for example, are merely listed as a change to the GPO, with no detail about what changed. Changes to registry configurations affecting the directory often aren’t captured at all. What’s New in Windows Server 2008
The Directory Services (DS) auditing system in Windows Server 2008 addresses some of the problems from previous versions of Windows. First, there are four new audit sub-categories for
DS auditing: DS Access, DS Changes, DS Replication, and Detailed DS Replication. So if you want to just audit directory changes, you don’t have to wade through all of the read and replication events as you would in Windows Server 2003.
However, if you want to include object deletions in your audit log (and who wouldn’t?), you have to enable DS Access, which will generate messages for all DS object accesses, so you’re sort of back to where you started in terms of generating lots of unneeded messages. And it is still up to you to properly configure the security descriptors to generate the audit messages that you want for the objects that you care about.
The audit messages have been substantially cleaned up so that they are both readable and contain the data that you need. In particular, directory changes generate audit log entries that contain the old and new values of changed attributes. This is a huge improvement. The only downside now is that the old and new values appear in separate audit log entries, so you have to go through the effort of correlating them to really understand the change that was made in the directory. Many add-on audit-log collection products, including Microsoft’s own Audit Collection Services (ACS, part of System Center Operations Manager) support this kind of correlation.
Remaining Challenges for the Native Toolset
Many traditional challenges still remain: the native auditing system still generates a tremendous amount of overhead on DCs, and audit events still aren’t entirely plain-English. Manual correlation of events—or the use of an add-on product—is still required to create a complete audit “picture.” Logs are also still highly distributed, requiring some form of consolidation (usually provided by an addon product), and the native auditing still doesn’t provide the high level of detail and broad coverage that most security auditors require. Finally, the native toolset doesn’t provide robust alerting capabilities, meaning administrators have to go looking for events, rather than having the operating system proactively inform them of selected events. While Windows Server 2008 does provide improved native auditing capabilities, there are still gaps which will affect larger enterprises, as well as businesses facing various industry or regulatory security compliance requirements.
NetPro: Extending Windows Server 2008 Active Directory Auditing Capabilities NetPro addresses the gaps in the native toolset and effectively extends and enhances Windows Server 2008 capabilities with:
n Real-time auditing of Active Directory and related Windows subsystems.
n Real-time auditing that directly taps the native Active Directory architecture, rather than relying on Windows event logs.
n Consolidation of enterprise-wide events into a secure central database.
n Complete auditing of the entire Active Directory “picture,” including supporting registry entries, GPOs, and other elements.
n Translation of event data into plain-English, and correlated “before and after” values for changes.
n Robust built-in and custom reporting that leverages SQL Server Reporting Services (SRS) for self-service reporting, automated report generation and delivery, and other advanced features.
n Real-time alerts that can notify administrators or other personnel when specified events occur, helping to reduce troubleshooting, or reduce the amount of time the environment is misconfigured.
Simplified, Automated Reporting and Analytics for Microsoft Audit Collection Services (ACS) NetPro also integrates with Microsoft Audit Collection Services and SQL Server Reporting Services (SRS) for automated report generation and delivery, using the consolidated event database created by ACS. A built-in report library covers most needs, while full custom report creation allows specific business reporting requirements to be met quickly and easily.
Here’s a quick summary of how NetPro solutions help provide the “missing piece” between Windows Server 2008 native capabilities and full enterprise auditing requirements:
event logs are highly distributed.
Event data is uncorrelated and technically complex.
No built-in reporting.
Not all relevant events are captured in detail.
Auditing must be manually configured on directory objects.
Auditing imposes a high level of server overhead.
Event logs are subject to tampering.
No robust native alerting capability.
hoW netPro helPs
netPro automatically consolidates events into a centralized database.
NetPro translates event data into plain English, provides “before and after” views of changes, and automatically correlates related events.
NetPro provides SRS-based reporting with numerous built-in reports and the ability to quickly create custom reports.
When using Microsoft ACS, NetPro provides built-in and custom reporting capabilities, based on SRS, for the event data captured by ACS.
NetPro captures a wide range of events from all subsystems impacting directory security and functionality, using a greater level of detail. NetPro automatically captures all directory-related events, eliminating the need to manually configure auditing.
NetPro taps the directory architecture, directly bypassing the native auditing mechanisms and providing a more robust, lower-overhead means of capturing an audit trail. The central database in NetPro is tamper-proof and completely securable.
NetPro can be configured to alert selected personnel when specified events are audited.
ACTivE DiRECTORy BACkuP AND RECOvERy
As a critical part of your enterprise infrastructure, Active Directory backup and recovery is obviously an important set of capabilities. Traditionally, Windows has provided fairly primitive backup and recovery support. Using the native graphical toolset, only a complete backup and restore of the directory was possible, and even that typically required taking one DC offline to perform recovery. Singleobject restore was possible through a complex and unintuitive command-line interface, and was rife with complexities, caveats, and complications. Few organizations, in fact, relied on the native toolset simply because it lacked sufficient flexibility and robustness to meet enterprise needs. What’s New in Windows Server 2008
The entire backup and restore mechanism has been revamped in Windows Server 2008 with some particular ramifications for Active Directory. The native Windows Server Backup is a volume-based backup solution, meaning that it backs up entire disk volumes at a time. It also
SCENARiO: ACTivE DiRECTORy AuDiTiNg uSiNg NATivE
WiNDOWS SERvER 2008 TOOLS vS. NETPRO REAL-TiME AuDiTiNg An organization uses GPOs, deployed through Group Policy, to configure secure communications, using IP Security (IPSec), on selected computers. This secure communications configuration is required for the organization’s industry compliance needs, and must be correctly configured on all selected computers in order for those computers to be able to communicate at all.
One of the GPOs containing the IPSec configuration is inadvertently mis-configured, effectively turning off secure communications for a subset of the computers that require it. The immediate effect is that the mis-configured computers are now unable to communicate with their peers, resulting in an operational failure and potential downtime. This is exhibited as applications simply being unable to contact, for example, a database server; the symptoms are somewhat removed from the actual cause and can require extensive and laborious troubleshooting in order to correct. A longer-term problem is that the organization’s compliance posture is now diminished. This could potentially result in fines from industry oversight or in the unintentional disclosure of sensitive data to unauthorized parties—which itself can cause a cascade of managerial and financial problems.
NetPro captures the GPO change as soon as it is made. Because NetPro was configured to watch for changes to this particular GPO (due to its sensitive nature), it immediately alerts an administrator to the problem. A quick look at a NetPro report confirms who made the change and what the details of the change were so the problem can be immediately corrected, restoring both operational capability and ensuring organizational compliance. Downtime is limited, no actual troubleshooting is required, and any penalties associated with the out-of-compliance situation are avoided. Had the problem originated from a malicious change, NetPro would still have detected it and alerted someone: its database is secure and tamper-proof, unlike the native Windows event logs.
only backs up to disk (or disk-like) devices; there is no tape support. Because Windows Server Backup backs up volumes rather than files, versions of Windows Server 2008 prior to Release Candidate Zero (RC0) didn’t even have a system state backup option. The only way to back up a domain controller was to back up each of the volumes that contained critical system information. This could require backing up as many as five separate volumes: the boot volume, the system volume, the volume containing SYSVOL, the volume containing the Active Directory database (DIT), and the volume containing the Active Directory log files.
In the RC0 release of Windows Server 2008, Microsoft added a system state backup option to the Wbadmin command-line backup utility. By using the Wbadmin start systemstatebackup command, you can now create a backup image containing all the critical system files necessary to restore Active Directory on a domain controller. There are still potentially as many as five volumes in the backup set, but they only contain the files needed for a system state restore. Performing a system state restore is just as simple: restart the DC into Directory Services Restore Mode, and run the Wbadmin start systemstaterecovery command. The result is a non-authoritatively restored database, on which you can non-authoritatively restore specific objects using the Ntdsutil command-line utility, just as you did in Windows Server 2003. This is still a highly manual and unintuitive process, however.
Another change in the DS backup capabilities is the ability to use the Volume Shadow Copy service to create point-in-time snapshots of Active Directory. When you create a snapshot using Ntdsutil, the Volume Shadow Copy service saves the “before” image of each disk block in the Active Directory database before it is overwritten by an update operation. By combining the saved “before” images with the current version of the database, the Volume Shadow Copy service can construct a complete snapshot of the database with very little overhead; a typical snapshot takes a few seconds to create, regardless of the size of the database. By itself, this is an interesting capability, but not all that useful.
However, in Windows Server 2008, Active Directory includes a command-line utility called Dsadmin that mounts the snapshot image in read-only mode. This provides you a standalone LDAP server, much like an Active Directory Lightweight Directory Services (ADLDS) instance that contains the contents of your directory at the time of the snapshot. You can browse the directory using the Ldp utility, or other LDAP tools, and retrieve versions of directory objects from an earlier point in time. Remaining Challenges for the Native Toolset
Some of the traditional challenges remain in Windows Server 2008. While the new operating system provides new ways to create backups, the recovery capabilities—including the all-important single-object restore—are still very manual and somewhat limited, and still require a domain controller to be taken offline in order to use Directory Services Restore Mode. In addition, complex object recovery involving dependent objects—for example, recovering a user account from a deleted organizational unit (OU)—still requires administrators to manually restore the dependent objects in order for the overall recovery to be successful. Finally, one significant challenge remains unchanged. While system state backups contain information about GPO links—that is, which directory objects a GPO is “attached” to—the system state does not capture the GPO files themselves, nor does it offer a means of restoring individual GPOs, comparing backed-up GPOs, and so forth. GPOs are still a major missing piece of the native toolset, despite their absolutely mission-critical nature with regard to both system configuration and security.
NETPRO: ExTENDiNg WiNDOWS SERvER 2008 ACTivE DiRECTORy BACkuP AND RECOvERy CAPABiLiTiES
NetPro fill the gaps between the native backup and recovery capabilities and real-world enterprise requirements with:
immediate Online Restores and Rollbacks of Deleted Objects
NetPro makes Active Directory backup and recovery both simple and intuitive. Rather than creating a new user interface to learn, it simply extends the native Active Directory graphical tools, providing additional capabilities in a familiar environment. These capabilities include:
n Online, scheduled backups of the entire directory.
n Online restore of the entire directory or single objects, without taking a single DC offline. n Automatic recovery of dependent directory objects.
n Centralized backups from across the enterprise. n Recovery or rollback of individual object attributes.
n Full backup, including application partitions such as directory-integrated DNS.
n Full backup and recovery capabilities for Active Directory Lightweight Directory Service (ADLDS). n Intuitive searching and filtering to help locate deleted objects.
Advanced Recovery Capabilities for gPOs
NetPro operates as an extension of the familiar Microsoft Group Policy Management Console (GPMC). Its capabilities include:
n Complete backup and recovery of GPO files.
n Automated version control for GPOs that captures a backup each time a GPO is changed. n The ability to quickly compare GPOs, even across domains, including backed-up GPOs.
SCENARiO: ACTivE DiRECTORy BACkuP AND RECOvERy uSiNg NATivE WiNDOWS SERvER 2008 TOOLS vS. NETPRO RECOvERy SOLuTiON
When testing a Windows PowerShell® script, an OU full of user and group accounts is accidentally deleted, as well as several sub-OUs. This occurs early in the morning, just as users are beginning to show up for work and are attempting to log in. The Help desk begins to receive numerous calls from users who are unable to log in.
Using the native toolset, a DC would need to be taken offline—during a busy logon-processing period—to effect the recovery. Because the native single-object restore capability doesn’t recursively restore child objects, each deleted object would have to be restored manually—and it would be difficult to ensure they were all done properly. The overall process could take an hour or more.
But with NetPro, simply use the Recycle Bin to select the deleted OU and restore it, recursively restoring all child objects. The authoritative restore would take effect immediately, and within a few moments—as soon as directory replication is completed— users would again be able to log in. The entire process would take just a few minutes.
Together these two products significantly enhance and extend the native Windows Server 2008 toolset:
single-object restore is manual and complicated.
Recovery requires a DC to be taken offline.
Limited backup options
Individual attribute recovery is not possible.
Limited user interface (primarily command-line)
No built-in reporting
hoW netPro helPs
netPro restores single objects easily, and can automatically recover dependent objects or recursively restore child objects. netPro can also recover individual gPos, and can roll back to prior versions of individual gPos.
NetPro provides online recovery capabilities, ensuring a higher level of availability.
NetPro offers automated, centralized backup capabilities, including incremental directory backups and automated version-control backups for GPOs.
NetPro can recover (or roll back) individual object attributes, eliminating the need to restore the entire object just to restore a given attribute.
Extends the native graphical toolset to provide new capabilities using familiar metaphors, including a “directory objects Recycle Bin.”
Extensive built-in reporting ensures you know the status of your backups, and provides robust comparison of individual GPOs down to the setting level.
OPTiMiziNg ACTivE DiRECTORy: OThER AREAS FOR CONSiDERATiON
In addition to extending Windows Server 2008 native auditing and backup and recovery capabilities, NetPro enhances several other important areas of functionality within Windows Server 2008: n Windows event log management is enhanced with NetPro by automatically and securely
consolidating Windows native event logs for centralized log management and reporting. NetPro improves upon the native event log searching capabilities, providing more robust log querying and instant search for a variety of troubleshooting, forensic, and auditing purposes. n Identity access management automation and enforcement is enhanced because NetPro
simplifies and centralizes access control to files, Active Directory, the registry, shared folders, and other securable resources throughout the enterprise. Role-based management allows permissions to be mapped directly to your organization’s job roles, simplifying long-term permissions management. Enhanced reporting provides at-a-glance answers to auditing questions such as “who has access to this resource,” “what resources does this person have access to,” and “who has had access to this resource in the past”—all common questions for security management and auditing.
n Streamlined compliance and security reporting is provided by NetPro with an enhanced reporting solution that utilizes native Windows data to provide more than 200 built-in reports, with the ability to create custom reports. Perfect for many security auditing scenarios as well as general directory management reporting, NetPro integrates with SQL Server Reporting Services (SRS) to provide selfservice reporting, automated report delivery, and other enhanced reporting services.
n Security and policy management for Active Directory is provided by NetPro allowing you to create top-level management policies that define your desired directory security configuration, and then applying and enforcing those policies automatically across the enterprise. Built-in policies representing industry best practices and specific compliance requirements provide a jump-start to a more secure environment, and powerful reporting provides at-a-glance reports that show your exact level of policy compliance.
n Self-service password management gives users the ability to enroll in a selfservice password reset and unlocking Web portal. You control which users are permitted to use the portal, and define the security questions users must answer in order to reset or unlock their passwords when needed. NetPro reduces incoming help desk calls by a significant percentage by providing users with selfservice options for one of the most common help desk call types.
Windows Server 2008 provides a substantial number of improvements in Active Directory. Taken together, these improvements will substantially improve the security and manageability of Active Directory, and the best thing is that integrating Windows Server 2008 into your Active Directory environment is an easy and incremental process; no massive migration is required.
However, Microsoft’s goal with Windows Server 2008 is to provide a set of improvements that offer broad benefits to a wide range of organizations working with a vast variety of operational requirements. In other words, Windows Server 2008 itself cannot be a “one size fits all” solution. Microsoft relies on thirdparty partners such as NetPro to provide additional domain-specific expertise to enhance and extend Windows Server 2008 for specific industry and operational requirements, including enterprise-class auditing, backup and recovery, and more. NetPro does this by providing solutions that wrap around the Windows Server 2008 native toolset and capabilities, fulfilling specific requirements and making Windows Server 2008 a stronger and more suitable platform for a broader range of organizations.
infrastructure optimization software experts since 1991, netPro drives security and compliance by
netPro u.s. headquarters 4747 N. 22nd St., Suite 400 Phoenix, AZ 85016
ThE NETPRO SOLuTiON
For years, NetPro has offered intelligent solutions to enhance and enable directory
management, and specializes in solutions for Active Directory and identity management. In this paper, you’ve learned how NetPro streamlines Active Directory management by enhancing and extending the native Windows toolset.
NetPro extends Windows Server 2008 with:
n Real-time auditing of Active Directory and related Windows subsystems.
n Simplified, automated reporting and analytics for Microsoft Audit Collection Services. n Immediate online restores and rollbacks of deleted objects.
n Advanced recovery capabilities for GPOs. NetPro enhances Windows Server 2008 with: n Windows event log management.
n Identity access management automation and enforcement. n Streamlined compliance and security reporting.
n Security and policy management for active Directory. n Self-service password management.
for exChange server – solved!
Messaging, in the form of Microsoft Exchange Server, continues to become an ever-more critical part of your business. A file server may go offline for a few minutes without anyone noticing, but if e-mail becomes unavailable for even a moment, look out! Aside from the obvious operational concerns, this heavy reliance on messaging has created some significant business challenges. Dealing with the operational overhead of Exchange, making sure that Exchange meets your industry and legislative compliance requirements, making sure that Exchange’s performance remains acceptable – these are all major challenges. NetPro helps simplify and sustain Exchange through a highly-integrated and complementary solution set designed specifically to address your most common business concerns.
Top Ten Challenges for exChange server — solved!
1. exchange is hard to audit
Exchange Server’s native tools make it an exceedingly difficult product to properly audit. Determining who has what permissions, how the server configuration has changed over time, and who has been accessing which mailboxes is difficult – and in some cases, impossible.
2. exchange is hard to properly secure
Highly-granular permissions split between Exchange itself and the supporting Active Directory infrastructure make Exchange Server one of the most difficult Microsoft products to secure. Add in complex security requirements (like assistants accessing their bosses’ mailboxes) and you’ve got a recipe for inconsistency.
3. Message recovery is a high-overhead Task
Dig out the backup file. Restore it. Search for message. Didn’t find it? Dig out the next backup file… and repeat. And repeat. And repeat. Even though your disaster recovery solution promises “single message recovery,” actually doing it isn’t easy – and it’s something that some Exchange administrators spend most of their day doing. What a waste.
4. performing ediscovery is Increasingly difficult
Exchange doesn’t provide a way to search across all your Exchange content – archive, backup files, tracking logs – to get a preview of what you might want to recover. Finding and recovering messages is incredibly time-consuming – but courts are increasingly demanding faster response times to eDiscovery requests.
5. Message retention and good performance are Mutually exclusive
Your compliance requirements demand that you retain messages for several years – but your production Exchange infrastructure is buckling under the load of multi-gigabyte message stores. Simply dumping information into backup files and deleting it isn’t a great solution unless you enjoy wasting time when you finally need to access some of those archived messages.
6. analyzing exchange performance is Tough
Any good performance solution can report on statistics like CPU utilization and message queue length – but simple performance statistics aren’t the whole picture. When performance starts to fall, the only way to maintain your SLAs is to find out where performance is failing, and that requires a detailed look inside Exchange to see where each and every message is going.
7. analyzing exchange storage is difficult
How much have you spent on Exchange storage? How much will you spend in the years to come? Who in your company consumes that storage? Who consumes the most throughout the messaging infrastructure? The answers to these questions are critical for capacity planning and for actually paying for that capacity, but it’s often easier to ask the questions than it is to get the answers.
8. Keeping Up with the latest exchange Technologies can be difficult
Ready for Exchange Server 2007? You better be, because Microsoft’s already hard at work on Exchange v14. Each new version offers fantastic new features, better performance, and better tools – but migrating can be the riskiest and costliest move you’ll ever make. Even phased migrations – which may seem safer at first – carry risks, such as leaving you with two parallel Exchange systems that don’t properly pass data between them.
9. exchange Makes it hard to Meet Compliance requirements
Who’s been accessing your CEO’s mailbox? Who has permission to do so? Who had permission to do so… last week? What configuration changes has Exchange seen in the past month? Are the right e-mail messages being retained for the right period of time? Has any e-mail containing sensitive data left the organization? These are all questions you’re likely to hear from a compliance auditor, yet they’re really tough ones to answer.
10. exchange Management solutions require a lot of ongoing Maintenance You’ve been around the block a few times – you know the drill. Every problem can be solved with a third-party management solution – which introduces its own overhead, challenges, and problems. Workload scheduling, report generation, learning a new set of interfaces for every different tool and, worst of all, ongoing software maintenance – including keeping those distributed agents patched. It’s enough to make you wonder if the cure isn’t worse than the disease.
infrastructure optimization software experts since 1991, netpro drives security and compliance by extending and enhancing Microsoft technologies to simplify your iT infrastructure better for less. from
netpro u.s. headquarters
4747 N. 22nd St., Suite 400 Phoenix, AZ 85016 InTrodUCIng The neTpro exChange solUTIons
NetPro simplifies Exchange management through a highly-integrated and complementary set of solutions designed to address your common business concerns. You’ll secure, audit, control, and migrate your Exchange infrastructure to meet compliance and legal requirements while improving performance. Combined with powerful reporting, modern operational features, and detailed Exchange integration, the NetPro Exchange Solution provides everything to properly manage this mission-critical asset.
real-Time Change auditing
Audit critical changes related to Exchange, including non-owner mailbox access, server configuration, and all Exchange permissions. Built-in alerting and reporting provides real-time insight into what’s happening across your Exchange infrastructure – including Active Directory, a critical part of Exchange – and helps meet industry and legislative compliance requirements for e-mail access and auditing. Auditing includes “who, what when, where, and why” of changes, and includes “before and after” values for easier correction of improper changes.
automated role-Based provisioning
Secure your messaging infrastructure by using centralized, automated role-based permission management and reporting for Exchange Server and Active Directory. The ready-to-use built-in reportbuilt-ing built-includes current and historical permission settbuilt-ings. Automated enforcement of permission policies ensure that the correct permissions stay in place at all times.
simplified exchange archiving, discovery, and analysis
NetControl for Exchange speeds eDiscovery, guarantees compliance, and optimizes performance - all in a single, integrated solution. Archive e-mail in a tamper-proof repository to keep data secure and accessible. Search and discover e-mail from archive, backups, tracking logs, PST files, and attachments. Analyze capacity trends, departmental usage, and Exchange health. automated, safe exchange-to-exchange Migration
Wizard-driven migration solution packs the expertise of a team of Exchange migration consultants into a standalone, automated product for moving between Exchange versions. Includes complete “dry run” and rollback capabilities that lower migration risks. Specifically designed for phased migrations where multiple versions of Exchange need to co-exist, and ensures full communication between Exchange versions, including calendar and free/busy data as well as message routing.
SIMPLIFIED EXCHANGE MANAGEMENT