Exchange Server 2010 E-Mail Archiving Alessandro Appiani Microsoft TechNet Speaker & Certified Trainer email: [email protected] Pulsar IT Founder & CEO sip/im/email: [email protected] L’eccellenza sulle tecnologie Microsoft Pulsar IT è stata tra le prime società in Italia a certificarsi sulle infrastrutture di rete Microsoft (1995) e sulle soluzioni in area Server Pulsar IT è specializzata sulle soluzioni per la comunicazione, la collaborazione e la sicurezza Le persone di Pulsar IT sono Speaker tecnici in conferenze ed eventi Microsoft da oltre 15 anni Pulsar IT è Microsoft Voice-Ready Partner specializzato nell’integrazione delle tecnologie Microsoft Unified Communications con i sistemi VoIP e legacy PBX Agenda E-mail store & archive esigenze Exchange 2010 Archiving & Retention obiettivi e design goal Exchange Personal Archive principi e funzionalità configurazione e management Archiving Policies criteri di archiviazione, conservazione e gestione dei contenuti eDiscovery search e multi-mailbox search E-MAIL STORE & ARCHIVE Introduzione e obiettivi Dove sono le e-mail? SharePoint Outlook PSTs Exchange Server Backups Webmail Third Party Archive E-mail “store” Mailbox PSTs Personal Archive • Highly Available/Reliable • Rich Client Access • Circumvent Quota • Highly Portable • Circumvent Quota • Allow Org Control Organization Archive • Keep all E-mail • Allow Org Control • Optimized for Search End User Access Exchange Outlook PSTs (MBs) (GBs) Personal Archive Org Archive (PBs) (TBs) Backup Backup • Tape/Disk Backups • Backups uncommon and Common • Item Level Backups Common hard • Users do manual backups • IT does unsupported backups Replicated Backups • Replication Common • Backups Less Common Replicated Backups • Replication Only Choice • Datasets Require Replication Le problematiche Mailbox PSTs Personal Archive Org Archive • OLK/OWA Integration • No user search for data • Issues with stubs NA Poor End User Experience • Quotas painful • Forwards to keep mail • User burden of legal hold • Only available locally • Search degraded • Data Loss (>5GB PST) Cost and Compliance Toolset for IT Pro/Records Mgr • SANs cost limits size • Backup costs limit size • High new mail inflow • SLAs hard to achieve • No org-wide mail search • No guaranteed legal hold • Info. Disclosure risk • No Discovery • No Legal Hold • Corruption caused loss • No Backup/Recovery • Manual Backups • Backup to share • >Twice CAPEX/OPEX • Delays Office upgrades • Add-in perf. problems • Backup costs limit size • No generic feature set • >Twice CAPEX/OPEX Le caratteristiche Mailbox PSTs Personal Archive End User Experience • Rich Client (OLK/OWA) • No quota • Portability • • • OLK/OWA Support (w/ stubs) Time based quota (Move/Delete) Mobile Access (Search) Cost and Compliance Toolset • Available • Reliable • Cheap – Unmanaged • • • • • • • • Discovery Message Retention • Move Policy • Delete Policy • Hold Policy Reliable with multiple copies Highly Available with Replication Role Based Access Discovery Web Service Bulk PST Import/Export Archive in the cloud Org Archive • • • • • • • • • • • • • • • Logs, WORM, Read Only Single Instancing/Compression Configuration Auditing Mailbox Auditing Journaling metadata Rogue Admin Protection Regulatory Accreditation Protected Content (signing/encryption) Federated Discovery, Retention and Reporting across content Data Mining and Visualization Case Management Archive for Bloomberg data Supervisory Tools …. …. EXCHANGE 2010 ARCHIVING & RETENTION Principi e funzionalità Exchange 2010: E-mail in Exchange SharePoint Outlook PSTs Exchange Server 2010 Webmail Backups Third Party Archive Exchange archiving, retention, discover Uniformare l’interfaccia utente e gli strumenti tra store primario ed archivio Uniformare i metodi di configurazione client, i protocolli e le modalità di accesso rete privata/geografica/internet outlook/web/mobile/... Uniformare e semplificare la gestione dello store Uniformare e semplificare l’amministrazione delle componenti di exchange con quelle dell’archiving Favorire/sensibilizzare gli utenti alle tematiche di retention (conservazione) e consentire personalizzazioni Consentire la conservazione e la consultazione di grandi volumi di e-mail Exchange 2010: conservare e trovare Archiving, message retention & discovery Conservazione Personal Archive • Archive in Outlook/OWA • Archive Mgmt with CMDLets and EMC Move & Delete Policy • Move and Delete Policies in OLK/OWA • Folder/Item Level Policy Ricerca Hold Policy • Edited/Deleted items preserved • Single Item Restore Affidabilità Multi-Mailbox Search • CMDLet and Discovery GUI Support • Role-based Access Exchange 2010 Archiving Come funziona L’amministratore abilita/crea personal archive Alla creazione dell’archive vengono automaticamente generate le folder (se configurate) L’amministratore può imporre criteri (policy) di “movimentazione” automatica di elementi archive/move/delete/hold/... Messaging Record Management le policy possono essere automatiche a livello mailbox, folder, item L’utente può spostare contenuti da PST oppure da primary mailbox ad archive e viceversa L’utente (se consentito) può variare/scegliere (non creare) quali policy applicare ad una nuova folder PERSONAL ARCHIVE Caratteristiche, funzionalità utente, management Personal Archive Architettura ed accesso Archive in Exchange 2010 è basato sul concetto di “secondary” mailbox* La sua configurazione è una proprietà dell’utente (in AD) è abilitato by-user c’è un’associazione diretta tra user mailbox (primary) e archive ogni utente/mailbox ha al più un solo archive L’archive risiede nello stesso DB della primary mailbox* L’amministratore può imporre quota differenti tra mailbox e archive L’archive è aperto automaticamente da Outlook e OWA architettura assolutamente uniforme tra mailbox e archive nessun problema per accesso interno/esterno/anywhere Non c’è offline store per l’archive * informazioni relative alla versione RTM Personal Archive Funzionalità e caratteristiche Semplice per l’utente molto simile al concetto di PST o Outlook archive, ma server-side comportamento ed interfaccia identica tra mailbox primaria ed archive stesso approccio per Outlook ed OWA PST possono essere importati nell’archive direttamente dagli utenti in modo semplice (drag-n-drop) Garantisce la persistenza e l’”ordine” della mailbox anche per gli utenti non attenti alle normative { } Exchange 2010 AD Schema User Object in AD Archive è un’estensione della mailbox Proprietà specifiche per l’archive: 1. Archive GUID 2. Archive Name 3. Archive Database 4. Archive Quota Exchange User Properties Legacy-Exchange-DN ms-Exch-ADC-Global-Names ms-Exch-AL-Object-Version ms-Exch-Configuration-Unit-BL ms-Exch-CU ms-Exch-Dirsync-ID ms-Exch-Edge-Sync-Cookies ms-Exch-Edge-Sync-Source-Guid ms-Exch-Heuristics ms-Exch-Hide-From-Address-Lists ms-Exch-Inconsistent-State ms-Exch-OU-Root ms-Exch-Provisioning-Flags ms-Exch-Recipient-Validator-Cookies ms-Exch-Replicated-Object-Version ms-Exch-Replication-Signature ms-Exch-Server-Association-BL ms-Exch-Server-Association-Link ms-Exch-Setup-Status ms-Exch-Unmerged-Atts ms-Exch-Unmerged-Atts-Pt ms-Exch-Version Show-In-Address-Book ms-Exch-Organizations-Address-Book- ms-Exch-Organizations-Global-Address- ms-Exch-Mailbox-Move-Remote-HostRoots-BL Lists-BL Name ms-Exch-Organizations-Global-Address- ms-Exch-Organizations-Template-Roots- ms-Exch-Mailbox-Move-Status Lists-BL BL ms-Exch-Mailbox-Move-Target-MDB-Link ms-Exch-Organizations-Template-Roots- ms-Exch-OWA-Allowed-File-Types-BL ms-Exch-Mailbox-OAB-VirtualBL ms-Exch-OWA-Allowed-Mime-Types-BL Directories-Link ms-Exch-OWA-Allowed-File-Types-BL ms-Exch-OWA-Blocked-File-Types-BL ms-Exch-Mailbox-Template-Link ms-Exch-OWA-Allowed-Mime-Types-BL ms-Exch-OWA-Blocked-MIME-Types-BL ms-Exch-Mailbox-Url ms-Exch-OWA-Blocked-File-Types-BL ms-Exch-OWA-Force-Save-File-Types-BLms-Exch-Max-Blocked-Senders ms-Exch-OWA-Blocked-MIME-Types-BL ms-Exch-OWA-Force-Save-MIME-Types- ms-Exch-Max-Safe-Senders ms-Exch-OWA-Force-Save-File-Types-BLBL ms-Exch-MDB-Over-Hard-Quota-Limit ms-Exch-OWA-Force-Save-MIME-Types- ms-Exch-OWA-Remote-Documentsms-Exch-MDB-Over-Quota-Limit BL Allowed-Servers-BL ms-Exch-MDB-Rules-Quota ms-Exch-OWA-Remote-Documentsms-Exch-OWA-Remote-Documentsms-Exch-MDB-Storage-Quota Allowed-Servers-BL Blocked-Servers-BL ms-Exch-MDB-Use-Defaults ms-Exch-OWA-Remote-Documentsms-Exch-OWA-Remote-Documentsms-Exch-Mobile-Allowed-Device-IDs Blocked-Servers-BL Internal-Domain-Suffix-List-BL ms-Exch-Mobile-Blocked-Device-IDs ms-Exch-OWA-Remote-Documentsms-Exch-OWA-Transcoding-File-Types- ms-Exch-Mobile-Debug-Logging Internal-Domain-Suffix-List-BL BL ms-Exch-Mobile-Mailbox-Flags ms-Exch-OWA-Transcoding-File-Types- ms-Exch-OWA-Transcoding-Mime-Types- ms-Exch-Mobile-Mailbox-Policy-Link BL BL ms-Exch-Pf-Root-Url ms-Exch-OWA-Transcoding-Mime-Types- ms-Exch-Parent-Plan-BL ms-Exch-Previous-Home-MDB BL ms-Exch-RBAC-Policy-BL ms-Exch-UM-Addresses ms-Exch-Parent-Plan-BL ms-Exch-RMS-Computer-Accounts-BL ms-Exch-UM-Audio-Codec ms-Exch-RBAC-Policy-BL ms-Exch-Server-Association-BL ms-Exch-UM-Audio-Codec-2 ms-Exch-Archive-Name ms-Exch-RMS-Computer-Accounts-BL ms-Exch-Server-Site-BL ms-Exch-UM-Enabled-Flags ms-Exch-Archive-Warnms-Exch-Server-Association-BL ms-Exch-SMTP-Receive-Defaultms-Exch-UM-Enabled-Flags-2 ms-Exch-Server-Site-BL Accepted-Domain-BL ms-Exch-UM-Fax-Id Quota ms-Exch-SMTP-Receive-Defaultms-Exch-Supervision-DL-BL ms-Exch-UM-Mailbox-OVA-Language ms-Exch-Archive-Quota Accepted-Domain-BL ms-Exch-Supervision-One-Off-BL ms-Exch-UM-Max-Greeting-Duration ms-Exch-Archive-GUID ms-Exch-Supervision-DL-BL ms-Exch-Supervision-User-BL ms-Exch-UM-Operator-Number ms-Exch-User-BL ms-Exch-UM-Phone-Provider ms-Exch-Archive-Database- ms-Exch-Supervision-One-Off-BL ms-Exch-Supervision-User-BL ms-Exch-X500-Access-Control-List ms-Exch-UM-Pin-Checksum Link ms-Exch-User-BL ms-Exch-UM-Server-Writable-Flags Garbage-Coll-Period ms-Exch-UM-Template-Link ms-Exch-Archive-Database- ms-Exch-X500-Access-Control-List ms-Exch-Availability-Org-Wide-Account- ms-Exch-Alternate-Mailboxes ms-Exch-Use-OAB BL BL ms-Exch-Approval-Application-Link ms-Exch-Availability-Org-Wide-Account- ms-Exch-Availability-Per-User-Account- ms-Exch-Archive-Database-Link BL BL ms-Exch-AutoReply ms-Exch-Availability-Per-User-Account- ms-Exch-Delegate-List-BL ms-Exch-Delegate-List-Link BL ms-Exch-Device-Access-Control-Rule-BL ms-Exch-Deleted-Item-Flags ms-Exch-Delegate-List-BL ms-Exch-Mailbox-Move-Source-MDB-BL ms-Exch-Dumpster-Quota ms-Exch-Device-Access-Control-Rule-BL ms-Exch-Mailbox-Move-Target-MDB-BL ms-Exch-Dumpster-Warning-Quota ms-Exch-Mailbox-Move-Source-MDB-BL ms-Exch-Mobile-Remote-Documentsms-Exch-ELC-Expiry-Suspension-End ms-Exch-Mailbox-Move-Target-MDB-BL Allowed-Servers-BL ms-Exch-ELC-Expiry-Suspension-Start ms-Exch-Mobile-Remote-Documentsms-Exch-Mobile-Remote-Documentsms-Exch-ELC-Mailbox-Flags Allowed-Servers-BL Blocked-Servers-BL ms-Exch-External-OOF-Options ms-Exch-Mobile-Remote-Documentsms-Exch-Mobile-Remote-Documentsms-Exch-Home-MDB Blocked-Servers-BL Internal-Domain-Suffix-List-BL ms-Exch-Home-Server-Name ms-Exch-Mobile-Remote-Documentsms-Exch-Organizations-Address-Book- ms-Exch-Mailbox-Guid Internal-Domain-Suffix-List-BL Roots-BL ms-Exch-Mailbox-Move-Flags Archive Autodiscover (4) OLK connects to the Archive (1) OLK does AutoDiscovery (3) OLK receives Archive props in Auto- Discover response AD CAS (2) Auto-Discover reads Archive props User Object Mailbox Props Archive Props MRM Props No Outlook Restart! Primary e archive store accoppiato (es: move mailbox) (6) Outlook connects to target CAS server (4) OLK does Auto Discovery CAS for Source DB Move Request Service (1) MRS starts move request E2010 Source DB Primary Mailbox Archive Mailbox (5) AutoDiscover finds new database CAS for Target DB AD User Object Mailbox Props Archive Props (3) MRS updates AD with new target database (2) MRS moves data to target E2010 Target DB Primary Mailbox Archive Mailbox { } ARCHIVING POLICIES Criteri di archiviazione, conservazione e gestione dei contenuti Archiving & Retention La gestione dei contenuti delle mailbox e l’archiviazione avviene utilizzando le tecnologie di Message Record Management di Exchange Server 2010 Retention Policy può essere associata ad una mailbox raggruppa un insieme di retention tag Retention Tag Retention policy tags (RPTs): sono quelli che si applicano alle default folders (Inbox, Sent items, Deleted Items, ...) Default policy tags (DPTs): si applicano agli item privi di altri retention tags Personal tags: sono quelli che l’utente può applicare a singoli item all’interno della propria mailbox e delle proprie folder Retention Age Limit Actions MoveToArchive, MoveToDeletedItems, DeleteAndAllowRecovery, PermanentlyDelete, MarkAsPastRetentionLimit Un esempio Archiving Policy Exchange Server Setup crea la retention policy “default archive policy” che contiene i seguenti retention tags (system tags*) Retention tag name Tag type Description Default 2 year move to archive Default Messages are automatically moved to the archive mailbox after 2 years. Applies to items in the entire mailbox that don't have a retention tag applied explicitly or inherited from the folder. Personal 1 year move Personal to archive Messages are automatically moved to the archive mailbox after 365 days. Personal 5 year move Personal to archive Messages are automatically moved to the archive mailbox after five years. Personal never move Personal to archive Messages are never moved to the archive mailbox. * Built-in retention tag gestiti separatamente dalle cmdlet (switch IncludeSystemTags) Message Retention Policy Move Policy: spostano automaticamente messaggi nell’archive aiutano l’utente a mantenere la mailbox entro le dimensioni della quota concetto simile a Outlook Auto-Archive, ma server-side ... e senza PST Delete Policy: cancellano automaticamente messaggi consentono la rimozione degli elementi da non conservare aiutano a ridurre le dimensioni delle mailbox (quota) sono regole globali, condivise tra mailbox e archive le policy con durata maggiore “vincono” Hold Policy: conservano automaticamente un messaggio trasparente per l’utente garantiscono la persistenza delle informazioni aziendali { } EDISCOVERY Ricerca dei contenuti Ricercare i contenuti Utente ha necessità di ricercare e consultare i contenuti recenti ed archiviati nella propria mailbox Auditor/Legal/HR/... ha necessità di ricercare e consultare i contenuti recenti ed archiviati in una o più mailbox la ricerca può coinvolgere grandi quantità di dati la ricerca deve normalmente essere mirata specifiche mailbox range di date keyword/contenuti specifici ... Ricerca Possibilità di definire l’ambito di ricerca includendo anche l’archive Anche la ricerca avanzata può agire su mailbox primaria ed archive eDiscovery ricerca Multi-Mailbox User Friendly flessibile e semplificata per auditor, legal, HR, ... { } IN SINTESI Riepilogo Archiving nativo in Exchange (finalmente ) semplice per l’utente semplice per il sysadmin Sfrutta la nuova architettura di Exchange I/O più leggero facilità di mantenimento e gestione di grandi masse di dati pensata per storage “large/slow/low-cost” Parte del modello di Messaging Record Management retention policy potenti sensibilizzazione degli utenti eDiscovery semplificato security integrata in Exchange (con RBAC) interfaccia semplice e familiare per multi-mailbox search Risorse (1) Understanding Personal Archives http://technet.microsoft.com/en-us/library/dd979795.aspx Managing Personal Archives http://technet.microsoft.com/en-us/library/dd776121.aspx Understanding Retention Tags and Retention Policies http://technet.microsoft.com/en-us/library/dd297955.aspx Understanding Messaging Records Management http://technet.microsoft.com/en-us/library/dd335093.aspx Understanding Legal Hold http://technet.microsoft.com/en-us/library/ee861123.aspx Understanding Multi-Mailbox Search http://technet.microsoft.com/en-us/library/dd335072.aspx Risorse (2) Microsoft Exchange Server TechCenter http://technet.microsoft.com/en-us/exchange Microsoft Exchange Team Blog http://msexchangeteam.com Microsoft Unified Communications Group Team Blog http://blogs.technet.com/uc Microsoft Unified Communications | TechNet Edge http://edge.technet.com/unifiedcommunications Microsoft Exchange Server Home http://www.microsoft.com/exchange Microsoft Unified Communications (UC) Home http://www.microsoft.com/uc Microsoft Exchange Server Italy Home http://www.microsoft.com/italy/server/exchange © 2009 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
Scarica
