• No results found

ENTERPRISE VAULT 9.0 FEATURE BRIEFING

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "ENTERPRISE VAULT 9.0 FEATURE BRIEFING"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

ENTERPRISE VAULT 9.0 FEATURE BRIEFING

Enterprise Vault 9.0

Exchange Archiving Updates

This document is for internal and partner use only. Do not distribute copies of this document to customers.

If you have any feedback or questions about this document please email them to[email protected]

(2)

Table

 

of

 

Contents

 

Feature Description ... 1 

Exchange Server 2010 SP1 Support ... 2 

Business Value ... 2 

Underlying Principles ... 2 

Test Drive ... 3 

Licensing and Support Restrictions ... 3 

Exchange Server 2010 Journal Archiving Updates ... 4 

Business Value ... 4 

Underlying Principles ... 4 

Test Drive ... 4 

Licensing and Support Restrictions ... 5 

Microsoft Exchange Server 2010 Outlook Web App Updates ... 6 

Business Value ... 6 

Underlying Principles ... 6 

Test Drive ... 6 

Licensing and Support Restrictions ... 6 

(3)

Feature Descriptions

Enterprise Vault 9.0 offers new features and improvements for archiving from Microsoft Exchange Server 2010 SP1. This section will provide a summary of these features. For more in-depth information, please review each feature’s section. The new features for Enterprise Vault 9.0 include:

Microsoft Exchange Server 2010 SP1 Support

Enterprise Vault 9.0 will provide support for archiving from mailboxes and public folders on Exchange Server 2010 SP1.

Microsoft Exchange Server 2010 Journal Archiving Support

Enterprise Vault 9.0 will support Exchange native Journal Report Decryption.

Microsoft Exchange Server 2010 Outlook Web App Support

Enterprise Vault 9.0 will provide support for Outlook Web App 2010.

(4)

Exchange Server 2010 SP1 Support

Business Value

Microsoft offers customers many new features and an enhanced client experience with the latest release of their Exchange Server 2010 product. Enterprise Vault 9.0 offers support for Exchange Server 2010 SP1 Mailbox, Journal and Public Folder Archiving.

Underlying Principles

Exchange Server 2010 introduces a number of architectural changes including Database Availability Groups (DAG) and Client Access Server (CAS) proxying for clients.

Database Availability Groups are defined as a group of Exchange Servers hosting a set of Exchange Mailbox databases. Only one database can be active at a time, and DAGs can spread geographic locations to provide disaster recovery.

To support the DAG architecture the Exchange 2010 Client Access Server is used to proxy all client connections. Clients no longer connect directly to the Exchange Mailbox servers, and similarly Enterprise Vault will no longer have direct communication with the Exchange Mailbox servers.

The below diagram shows the client connections terminating at the Client Access Servers.

In a DAG environment a mailbox can be hosted on any of the Exchange Mailbox Servers within the group, and the CAS server will direct the client connection to the mailbox server hosting the active copy of the database where the mailbox resides. This client re-direct is seamless, without having to change the Outlook profile the user can be redirected in the event of a failover.

Enterprise Vault will still target the Mailbox servers in the Vault console, but the Outlook MAPI profile on the Vault server will be configured to connect to the CAS server. This change in functionality introduces a number

(5)

Test Drive

In order to archive from an Exchange 2010 environment the following pre-requisites are required:

Minimum version of Outlook on the Enterprise Vault Server

Outlook 2007 SP2 + KB968858 is the minimum supported Outlook version on the Enterprise Vault server when targeting Exchange Server 2010 SP1.

Vault Service Account requires a mailbox with throttling disabled.

The account used to run the archiving tasks (typically the Vault Service Account) will require an associated mailbox. Previously this mailbox was optional, and generally used for testing.

New to Exchange 2010 are throttling policies which can be used to control the Exchange resources used by a client, this policy must be disabled for the account under which the archiving task runs. A PowerShell script is provided with the Enterprise Vault media that will set the policy setting “RCAMaxConcurrency” to $Null, effectively disabling throttling.

If using PowerShell 2.0 the script can be run remotely, alternatively copy the EVThrottlingPolicy.ps1 to the Exchange 2010 server.

In the Exchange Server 2010 management shell run:

“SetEVThrottlingPolicy.ps1 –user <domain\username>”

Where domain\username is the account that runs the tasks. To succeed, the script must be run by a member of the “Organization Management” role group. By default, members of the “Exchange Organization Administrators” Active Directory security group are members of this role group.

When the cmdlet has been run successfully a new throttling policy will be created with the name "EnterpriseVault_D0F41A15-9E91-D111-84E6-0000F877D428"

New Permission requirments for Vault Service Account

Exchange Server 2010 updates the Active Directory schema with a new permission model. As a result of these changes the permissions for the account that runs the archiving tasks needs to be updated.

A PowerShell script is provided with the Enterprise Vault media that will automatically apply the appropriate permissions. The script has the following usage:

SetEVExchangePermissions.ps1 -User <domain\username> Server <ExchangeServerName>] [-Action {Add | Remove}] [-Level {All | Provisioning}] [-Verbose {True | False}]

For example:

“SetEVExchangePermissions.ps1 -User mydomain\vsa”

This script must be run from Exchange Server 2010 (or Exchange 2007) Management Shell. It can also be run remotely using PowerShell v2.0 and providing the –Server parameter pointing to an Exchange 2010 server. The script must be run as a user who has sufficient permissions to execute the Add-ADPermission, Get-ExchangeServer and Get-OrganizationConfig Exchange cmdlets.

Licensing and Support Restrictions

Enterprise Vault 9.0 will only support Exchange Server 2010 SP1, there will be no support for the original release of Exchange Server 2010.

(6)

Exchange Server 2010 Journal Archiving Updates

Business Value

Exchange Server 2010 provides Information Rights Management (IRM), a new feature that allows Outlook and Outlook Web App users to protect their messages. Exchange Server 2010 also offers the ability to decrypt the IRM protected messages when Journaling is enabled, this feature is known as Journal Report Decryption. Enterprise Vault supports the archiving and indexing of the clear text attachment stored in the Journal Mailbox when Journal Report Decryption is enabled.

Underlying Principles

If Journal Report Decryption is enabled, both the original, protected copy and the unprotected, clear-text, copy of the message are captured in the Journal reports but only the clear text copy is used to build the index for that item. The clear text message is shown when message preview is enabled, and will also be used in Discovery Accelerator Export. The protected message will be archived and will increase the Storage requirements for the item. Depending on the use of IRM within the company this could have a substantial impact on Vault Store and SQL storage requirements.

With Journal Report Decryption disabled only the protected messages will be archived and only the metadata will be indexed.

Test Drive

The below example shows a Journal message when Journal Report Decryption is enabled, both protected and clear text copy of message is the attached.

(7)

By default Enterprise Vault does not require any additional configuration to support Journal Report Decryption. The following option appears in the Vault Console under the Advanced properties of the Exchange Journal Policy.

The option “Treat as Primary” will enable full indexing of RMS Protected items.

Selecting “Treat as Secondary” will stop the body of the message from being indexed, and will not be retrieved via the normal process.

Licensing and Support Restrictions

The Enterprise Vault E-Discovery bundle is required for Exchange Server 2010 Journaling support, which is no different from previously supported versions of Exchange.

Note that not every customer will have Exchange Journal Report Decryption enabled as this is only available when using Microsoft Exchange Enterprise Client Access licenses, it’s not offered on the Standard Client Access license.

(8)

Microsoft Exchange Server 2010 Outlook Web App Updates

Business Value

Enterprise Vault 9.0 supports the new Outlook Web App 2010 interface on Exchange Server 2010 SP1.

Underlying Principles

Outlook Web App 2010 support is configured by installing the Enterprise Vault Outlook Web App extensions on the Exchange server hosting the Client Access Server role. The install package is an MSI file, similar to Exchange 2007 no installation or configuration is required on the Exchange Mailbox Servers.

Test Drive

Follow the standard installation steps in the MSI file to install the Enterprise Vault OWA extensions on the Client Access Servers. No configuration steps post installation is necessary.

The Enterprise Vault new icons are highlighted in the screenshot below, as per previous versions the client functionality is controlled in the Exchange Desktop Policy settings.

Licensing and Support Restrictions

(9)

Appendix A – Exchange Server 2010 Permission Requirements

Permissions for account running the Exchange Archiving Tasks

- Container: CN=Configuration -> CN = Services -> CN=Organization -> CN=Administrative Groups -> Databases Permission: Mailbox Access Permissions (This object and all descendant objects)

- Container: CN=Configuration -> CN = Services -> CN=Organization -> CN=Administrative Groups -> Servers (if in mixed server mode)

Permission: Mailbox Access Permissions (This object and all descendant objects)

Permissions for account running the Exchange Archiving and Provisioning Tasks

- Container: CN=Configuration -> CN=Services -> CN=Microsoft Exchange Permission: Read

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> CN =Transport Settings Permission: Read

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> CN =Transport Settings -> CN= Rules Permission: Read

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> Organization -> CN = ELC Folders Container Permission: Read (with inheritance)

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> Organization -> CN = Global Settings Permission: Read (with inheritance)

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> Organization -> CN= Transport Settings ->CN = Rules -> CN= Journaling

Permission: Read (with inheritance)

- Container: CN=Configuration -> CN=Services -> CN= Microsoft Exchange -> Organization -> CN= Transport Settings -> CN= Rules -> CN= JournalingVersioned

Permission: Read (with inheritance)

Permissions for Enterprise Vault System Mailbox

As per previous versions of Exchange the administrator will still be required to grant Send As permission to Enterprise Vault System Mailboxes. This can be done manually via the Exchange Management console, or by running the following Exchange PowerShell command:

References

Download now ( PDF - 9 Page - 426.74 KB )

Related documents

Veritas Enterprise Vault. Setting up Exchange Server Archiving

Selective and group journaling provide very limited filtering capabilities and are only available with Exchange Server journal mailbox archiving; the same filtering is applied to

HUAWEI OceanStor S5500T Exchange Server 2010 Solution with Users

This solution is intended for medium-to-large enterprise that is planning to deploy Microsoft Exchange Server 2010 on HUAWEI storage and would like to leverage the Exchange Server

Enterprise Vault. For Microsoft Exchange Server. Installing and Configuring Version 5.0

• Create the Vault Service account for the Enterprise Vault site, give it permissions on the Microsoft Exchange Server computer.. You must also create a SQL login for the

Created on May 20, 2015

Exchange 2010 SP1 Microsoft Windows Server 2008 R2 Standard Edition x86-64 Exchange 2010 SP2 Microsoft Windows Server 2008 R2 Enterprise Edition x86-64 Exchange 2010 SP2

HOSTED 25 GB of storage space per user, business-class , and shared calendars, powered by Exchange Online. Use your own domain name.

Microsoft Exchange Online Archiving is a Microsoft Office 365 cloud-based, enterprise-class archiving solution for organizations that have deployed Microsoft Exchange Server 2013 or

Veritas Enterprise Vault for Microsoft Exchange Server

Enterprise Vault offers Virtual Vault (Figure 1) technology to enable users to seamlessly access their archived information, and it allows them to manage their information whether

Regulatory Compliance Requirements with VERITAS Enterprise Vault and Microsoft Windows Server Technologies

Microsoft Exchange Server 2003, Microsoft SharePoint Portal Server 2003, and VERITAS Enterprise Vault software with Discovery Accelerator can provide a solid foundation to

Enterprise Vault Whitepaper

In conclusion, the White Paper has focused on how to configure Enterprise Vault 10.0 to archive a Journal archiving stream from an on premises Exchange server