Presentation is loading. Please wait.

Presentation is loading. Please wait.

Преходът към Office365 – различни сценарии, но винаги полезни

Similar presentations


Presentation on theme: "Преходът към Office365 – различни сценарии, но винаги полезни"— Presentation transcript:

1 Преходът към Office365 – различни сценарии, но винаги полезни
Sofia Event Center 21-22 ноември 2013 г. Преходът към Office365 – различни сценарии, но винаги полезни Христо Христов Service Centrix Ltd.

2 Agenda Introducing the FastTrack Deployment Methodology
10968B Agenda 1: The Office 365 Deployment Challenge Introducing the FastTrack Deployment Methodology Microsoft Consulting Services Customer scenarios: Prista Oil, Contoso Ltd. Additional tools and information Q&A This first module provides the students a brief refresher on Office 365, identifying the updates in the latest refresh of this cloud service. However, you are not expected to explain the service in depth or go into detail about the individual components. You then move on to compare and contrast the old and new deployment methodologies and emphasize the difference in time in getting to the position where the first customer mailbox is deployed. Finally, you get the students to review the initial design factors that they need to evaluate before starting the pilot process, including identifying any possible problems that could potentially cause issues later in the deployment process. The key to this module is that you emphasize how radically different the FastTrack approach is to the original plan/prepare/migrate process. Highlight the huge reduction in time to getting a working pilot, the fact that the pilot can seamlessly migrate into production, and that the point at which a customer has the first working mailbox goes from weeks to days. However, you should prepare for a degree of incredulity from the students, particularly those with a strong consultancy background, who might consider the FastTrack approach reckless. A key factor in gaining acceptance of the FastTrack approach is to emphasize that you are not removing the planning aspect, but rather, you are doing it at a different point in the deployment process. So you do not plan for hybrid Exchange before beginning the pilot; you plan for it at the point at which it becomes a deployment option in the Enhance phase.

3 Introducing the FastTrack Deployment Methodology
10968B Introducing the FastTrack Deployment Methodology 1: The Office 365 Deployment Challenge The FastTrack Phases In this lesson, it is vital that you really carry the class with your enthusiasm for the new FastTrack deployment method. There will be students from traditional consulting backgrounds who may be completely overwhelmed with this approach and the difference between a cautious, box-ticking, don’t-do- anything-without-checking-every-eventuality process and this more modern and dynamic approach that starts migrating users into the pilot program on the first day. To sell this new approach, you must constantly emphasize that they are migrating organizations into a built and reliable environment, so the risks are already known and understood. You should acknowledge the concerns of the students but reassure them that the methodology itself mitigates risk and ensures that the planning becomes part of the deployment process, rather than having to be front-loaded onto the project.

4 Traditional Deployment Methodology
10968B Traditional Deployment Methodology 1: The Office 365 Deployment Challenge Pre-Deployment Plan Prepare Migrate Post-Deployment Point out that the numbers represent the number of weeks for the project duration. 1 2 3 4 5 6 7 8 9 10 11 12 …. Pre Plan Prepare Migrate Post Note: Timeline in Weeks

5 Disadvantages of the Traditional Approach
10968B Disadvantages of the Traditional Approach 1: The Office 365 Deployment Challenge Pre-Deployment Plan Prepare Migrate Post-Deployment Point out that the first mailbox appearing after typically 8–12 weeks is just too long. Customers need to see the benefits of Office 365 much earlier. 1 2 3 4 5 6 7 8 9 10 11 12 …. Pre Plan Prepare Migrate Post First Mailbox Note: Timeline in Weeks Do not treat a cloud deployment like an on-premises deployment

6 The FastTrack Deployment Process
10968B The FastTrack Deployment Process 1: The Office 365 Deployment Challenge Pilot Deploy Enhance Gain real world benefits Achieve production use This is just an introduction—you go into the detail later in the lesson. Experience value early; discover cloud advantage Implement full features; meet organizational needs

7 Advantages of the FastTrack Approach
10968B Advantages of the FastTrack Approach 1: The Office 365 Deployment Challenge No throw-away effort on a production pilot Full Office 365 user experience with minimal on- premises requirements Reduced time to value against effort invested Multiple data migration methods: New mailbox, self-service, and IT managed Range of identity options: Cloud IDs, synchronized IDs, password sync, and federated IDs Deployment portal with prescriptive guidance Take the students through each point in the slide and emphasize the value of what the FastTrack delivers compared to the traditional approach. You may still get some resistance at this point—if you do, acknowledge their concerns and tell them that you expect to answer their objections as they become more familiar with the process. Please read the deployment portal with prescriptive guidance at the following link:

8 Components and Scenarios of Office 365 solutions
10968B Components and Scenarios of Office 365 solutions 1: The Office 365 Deployment Challenge Core Components of Office 365 Core Identity Scenarios with Office 365 Core Messaging Scenarios with Office 365 Core Lync Scenarios with Office 365 Core SharePoint Scenarios with Office 365 Core Client Scenarios with Office 365 Office 365 Capability Matrix per Deployment Step This first module provides the students a brief refresher on Office 365, identifying the updates in the latest refresh of this cloud service. However, you are not expected to explain the service in depth or go into detail about the individual components. You then move on to compare and contrast the old and new deployment methodologies and emphasize the difference in time in getting to the position where the first customer mailbox is deployed. Finally, you get the students to review the initial design factors that they need to evaluate before starting the pilot process, including identifying any possible problems that could potentially cause issues later in the deployment process. The key to this module is that you emphasize how radically different the FastTrack approach is to the original plan/prepare/migrate process. Highlight the huge reduction in time to getting a working pilot, the fact that the pilot can seamlessly migrate into production, and that the point at which a customer has the first working mailbox goes from weeks to days. However, you should prepare for a degree of incredulity from the students, particularly those with a strong consultancy background, who might consider the FastTrack approach reckless. A key factor in gaining acceptance of the FastTrack approach is to emphasize that you are not removing the planning aspect, but rather, you are doing it at a different point in the deployment process. So you do not plan for hybrid Exchange before beginning the pilot; you plan for it at the point at which it becomes a deployment option in the Enhance phase.

9 Core Components of Office 365
10968B Core Components of Office 365 1: The Office 365 Deployment Challenge Again, the students should already know most of this information. Do not labor the point; just make sure that they all have a common understanding of the services in Office 365. Highlight the link to the service descriptions for the latest version of Office 365. Exchange Online SharePoint Online Lync Online Office 365 ProPlus Windows Azure Active Directory

10 Core Identity Scenarios with Office 365
Cloud Identity Single identity in the cloud Suitable for small organizations with no integration to on-premises directories Windows Azure Active Directory Webform or Upload On-Premises Identity DirSync/ PasswordSync Directory Synchronization  Single identity suitable for medium and large organizations without federation Windows Azure Active Directory Federated Identity On-Premises Identity Federation Single federated identity and credentials suitable for medium and large organizations Windows Azure Active Directory Directory Sync

11 Office 365 Capability Matrix per Deployment Step
Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend Identity Sign On Cloud IDs Corporate AD user account with same password via Password Sync Corporate AD user account and password via ADFS Option for Integration with “Works with O365” Identity Providers Option for Shibboleth Integration Active Directory Remediation Not applicable IdFix Dirsync Error Remediation Tool Custom Engagement

12 Core Messaging Scenarios with Office 365
No Coexistence Exchange Online Service Generated Namespace New NameSpace Mail routing between on-premises and Office 365 Shared Namespace Simple Coexistence Exchange Online Federated Coexistence Onboarding/Offboarding Exch Federation Exchange Online Calendar Sharing

13 Office 365 Capability Matrix per Deployment Step
Microsoft Office365 Office 365 Capability Matrix per Deployment Step 4/2/2017 Exchange Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend Global Address List Cloud Users Dirsync Users Dirsync users FIM 2010 via O365 connector Calendar Free/Busy sharing Dirsync Users (req. Ex 2010 SP3) Exchange Federation to other O365 or Exchange Corporate Yes via “connected accounts” Yes via Corporate Domain add a Data Migration Options User driven migrations via connected accounts (mail only) User driven PST import (mail/calendar/contacts) User Driven IT Driven via Staged Migration or Hybrid Exchange (req. Ex 2013) Hybrid Exchange for and 2010 or 2007 on- premises IBM Notes Migration Option OWA / Full Outlook Mobile via Active Sync Cloud Address (Send From) Corporate Address Option for BlackBerry BCS © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Core Lync Scenarios with Office 365
Basic Features Lync Online IM & Presence Enterprise Features Lync Online IM & Presence Lync External Federation AV Conferencing Advanced Features Lync Hybrid Lync Online PBX Integration

15 Office 365 Capability Matrix per Deployment Step
Lync Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend IM & P a Online Meetings Video Conferencing PC and Application Sharing Mobile Lync Clients Skype Federation (Summer ‘13) Lync External Federation Lync Hybrid Option Lync Hybrid Voice Option

16 Core SharePoint Scenarios with Office 365
User Sites SharePoint Online News Feeds SkyDrive Pro Basic Web Page SharePoint Online External Web Page Site Collections/Team Sites SharePoint Online Site Collection Team Sites Sub Sites

17 Office 365 Capability Matrix per Deployment Step
SharePoint Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend Team Sites a Sky Drive Pro External Sharing Office Web Apps Public Site with Corporate DNS SharePoint Solutions (BCS, Duet) Click-to-Run Office 2013 Pro Plus Self-Serve for Pilot Users Self-Serve for Dirsync Users IT Managed Deployment

18 Core Client Scenarios with Office 365
Web Based Clients Browser Based Outlook Web Access Lync Web Access Office Web Apps Office Pro Plus – self service optional Office Pro Plus All Clients Browser Based + Office 2007/2010/2013 Lync

19 MCS Customer scenario: Prista Oil

20 Customer Information PRISTA OIL GROUP is a holding structure, with two main activities: Production and trading of motor and industrial oils, greases and special fluids  Battery Business – part of the MONBAT structure (one of the blue chips on Sofia Stock Exchange) PRISTA OIL has its own production facilities in Bulgaria, Turkey and Hungary PRISTA OIL HOLDING EAD is operating in more than 20 countries in Central and Eastern Europe, Near and Middle East, as well as in Ukraine, Georgia, Kazakhstan and others

21 Existing Environment Two locations in Bulgaria with several hundreds of users Several locations with less than 100 users AD was partially deployed in Prista Oil Different mail services (Qmail) and mail address spaces were implemented in Bulgarian locations Variety of clients are currently used – Outlook, Outlook Express and Thunderbird An existing trial of Office 365 service was used Business location outside Bulgaria have heterogeneous systems - Exchange, MDaemon, cloud based and etc.

22 Project Objectives and Team
Design and optimization of IT infrastructure services Design and implementation of Active Directory services Provide Exchange Online Services Develop unified workstations images with management Provide a new solution services for pilot users Project team includes experts from: Microsoft Consulting Services Service Centrix Prista Oil IT department

23 Project Scope – Exchange Online Services
Subscription to Office 365 service and verification of the SMTP domains for Prista Oil in Office 365. Implementation of Office 365 Directory synchronization and PasswordSync Configuration of coexistence with Office 365. Establish mail flow between Qmail Servers on-premises and Exchange Online. Configure coexistence and changes in domain name system (DNS) and firewalls. Migration of pilot mailboxes to Exchange Online.

24 Directory Synchronization – Objects Flow
Microsoft Office365 Directory Synchronization – Objects Flow 4/2/2017 Sync Cycle Stage 1: Import Users, Groups, and Contacts from on-premises On-premises Office 365 Sync Cycle Stage 4: Export “Write Back” attributes Sync Cycle Stage 2: Import Users, Groups, and Contacts from Office 365 Sync Cycle Stage 3: Export Users, Groups, and Contacts to Office 365 Authentication Platform Active Directory Exchange Windows Azure Active Directory User Object Mailbox-Enabled ProxyAddresses: SMTP: Logon Enabled User Mail-Enabled (not mailbox-enabled) ProxyAddresses: SMTP: smtp: smtp: TargetAddress: SMTP: Exchange Online SharePoint Online Directory Synchronization Provisioning Web Service Lync Online © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Password Synchronization
Introduced with DirSync in June 2013 Benefits of using Password Sync as an alternative to Federated Authentication “Single set of credentials” to access both on-premises and online resources Managed in the customer’s Active Directory and is synchronized with Office 365 (username + password) Fully integrated in the DirSync appliance No requirement for Active Directory Federation Services. Keeps the deployment simple and eliminates IT costs associated with AD/FS DirSync version and above. DirSync change log:

26 Email Migration Factor Triage
10968B Migration Factor Triage 4: Planning the Deploy Phase – Part 2 Third-party Exchange Server Exchange 2000 or earlier POP3 or proprietary What is the current system? Which Exchange Server Version? How do clients connect? Can it be configured for IMAP? IMAP Yes No Exchange 2003 or later Is there any need for long-term mail co-existence? PST migration or 3rd party migration tool IMAP migration Hybrid Exchange Staged Exchange or IMAP migration Cutover Exchange migration How many users are there? 2,000 or over Under 2,000 Want more than just folders Coexistence Cross-Premises Coexistence Rich Simple Temporary Migration How many users are there? Take the students through some of the options and show, for example, how an organization with under 2,000 users, Exchange 2007, and no requirement for long-term coexistence would perform a cutover Exchange migration. Point the students to the diagram in the content if the project image is too small.

27 IMAP Migration Prepare for IMAP Migration
Create a CSVs for IMAP Migration Create IMAP Migration Endpoint Create IMAP Migration Batch Start IMAP Migration Batch Configure MX Record Pointing to Office 365 Delete IMAP Migration Batches

28 IMAP Migration Process
Prepare for IMAP Migration Configure IMAP server to accept connections from Office 365 (port TCP/143 or TCP/993) Add and verify domain in Office 365 Create users and mailboxes in Office > Manual/Bulk/DirSync Best practices Reconfigure MX record TTL to 15 mins Create a dedicated migration admin user Add permissions to the migration admin If not possible: collect user passwords

29 IMAP Migration Process
Create IMAP Migration Batch Start IMAP Migration Batch User list is defined in CSV files Multiple migration batches CSV file limits: 50,000 rows, max 10 MB Best practices Keep CSV files at secure location Newly arriving s land where MX record points to - no redirection Client software reconfiguration (pointing to ExO)

30 MCS Customer scenario: Contoso Ltd.

31 Customer Information Contoso Ltd. is part of international group and offers broad range of telecommunications services Operates in Bulgaria Provides hosting services for group companies and partners

32 Existing Environment Two locations in Bulgaria with several hundreds of users Several locations with less than 100 users Existing Active Directory forest with multiple domains Messaging infrastructure based on Exchange Server 2007 Unified Communications based on Lync Server 2010

33 Project Objectives and Team
Enable Office 365 services for Contoso users Demonstrate the benefits of using Microsoft Online services Drive business agility Improve operational effectiveness of users and IT staff Project team includes experts from: Microsoft Consulting Services Service Centrix Contoso Ltd. IT department

34 Project Scope – Exchange and Lync Online Services
Subscription to Office 365 service and verification of the SMTP domains for Contoso in Office 365. Establishment of federation trust with Office 365 Implementation of Office 365 Directory synchronization. Configuration of hybrid coexistence with Exchange Online Configuration of hybrid coexistence with Lync Online Migration of pilot users to Exchange and Lync Online.

35 Federated Identity Windows Azure Active Directory On Premises
OAuth2 SAML-P WS-Federation Metadata Graph API Authentication Office 365 Admin Portal Office Activation Service Authorization Exchange Mailbox Access Active Directory Federation Services One way trust Active Directory DirSync On Premises

36 Exchange Hybrid Overview
Microsoft Exchange Exchange Hybrid Overview 4/2/2017 Federation trust Integrated admin experience Native mailbox move Secure mail flow Delegated authentication for on-premises/cloud web services Enables free/busy, calendar sharing, message tracking & online archive Online mailbox moves Preserve the Outlook profile and offline folders Leverages the Mailbox Replication Service (MRS) Manage all of your Exchange functions, whether cloud or on- premises from the same place: Exchange Admin Center Authenticated and encrypted mail flow between on-premises and the cloud Preserves the internal Exchange messages headers, allowing a seamless end user experience Support for compliance mail flow scenarios (centralized transport) © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37 Exchange Hybrid Server Roles
On-premises Exchange organization Existing Exchange environment (Exchange 2007 or later) Office 365 Active Directory synchronization Exchange 2013 client access & mailbox server Office 365 User, contacts, & groups via DirSync Secure mail flow Mailbox data via Mailbox Replication Service (MRS) Sharing (free/busy, Mail Tips, archive, etc.) Active Directory Federation Services Office 365 Federated Trust

38 Exchange 2013 hybrid deployment
From an existing Exchange 2007 or 2010 environment—no Edge Transport server Prepare Install Exchange SP and/or updates across the ORG Prepare AD with E2013 schema Deploy Exchange 2013 servers Install both E2013 MBX and CAS servers Set an ExternalUrl and enable the MRSProxy on the Exchange Web Services vdir Obtain and deploy Certificates Obtain and deploy certificates on E2013 CAS servers Publish protocols externally Create public DNS A records for the EWS and SMTP endpoints Validate using Remote Connectivity Analyzer Switch autodiscover namespace to E2013 CAS Change the public autodiscover DNS record to resolve to E2013 CAS Run the Hybrid Configuration Wizard Move mailboxes Clients Office 365 autodiscover.contoso.com mail.contoso.com 5 5 EWS SMTP 1 1 2 2 4 4 E2013 CAS E2013 MBX E2010 or 2007 Hub E2010 or 2007 CAS Exchange 2010 or 2007 Servers 3 3 SP3/RU10 SP3/RU10 6 6 7 E2010 or 2007 MBX Internet-facing site Intranet site

39 Lync 2013 Hybrid Coexistence
Office 365 Lync Online Exchange Online Lync Federation Edge Interoperability—IM/P, Federation, OWA, UM SharePoint Online Microsoft Federation Gateway Directory sync Sign-on and authentication Edge Integration between local IT systems and the cloud Lync Pool Directory Sync Slide Objective: Explain Hybrid Coexistence. Notes As said earlier, there are two prerequisites for Hybrid deployment to work: Deploy DirSync to have user provisioning and GAL managed in the cloud based on the admin operations performed on-premises (user creation, modification, removal) Deploy AD FS to enable users to use their corporate credentials for accessing cloud services On this diagram, where we say Lync pool, this could be 2010 (with appropriate cumulative updates) or 2013. Federation must use a Lync Federation Edge, which must route traffic to a Lync pool. If the company is only using OCS 2007 R2, it will have to deploy Lync 2010 or Lync 2013 to be able to federate with Office 365 (in case the company wants to deploy a Hybrid scenario or migrate existing on-premises users to the cloud). When looking at this type of architecture, redundancy is important. Edge, as well as the next-hop pool, must be redundant to ensure that flow between on-premises and online deployments will not stop in case of a single-server failure. AD FS v2 DirSync—Provisioning, GAL Same as Exchange Federation for SSO Active Directory Legacy OCS 2007 R2 Lync 2010 Pool Lync Hybrid Interoperability

40 Lync Hybrid—Checklist
Task Details Deploy DirSync on-premises Lync 2013 tenants created in Office 365 Need to provision new Lync 2013 tenants Add vanity domains for hybrid Create TXT/CNAME record that Office 365 completes verification Activate for vanity domain for DirSync Activate step in the tenant admin experience Certificates for on-premises AD FS Get necessary certificates for AD FS to work against Office 365: SN: sts.<vanitydomain> SAN: additional sts, one for each vanity domain Domain Name Server (DNS) records for AD FS Publish A record for <sts.vanitydomain> pointing to on-premises AD FS Slide Objective: Checklist for Split Domain. Notes This slide describes the required steps for deploying a Split-Domain infrastructure: Deploy DirSync on the company premises: At this time, the server is prepared but the DirSync Configuration wizard is set to not run Get a Lync 2013 tenant in Office 365 Add the SIP domains to the list of approved domains in Office 365 Enable Directory Synchronization for the tenant: This will allow DirSync to synchronize data from corporate Active Directory to Office 365 Deploy and configure AD FS: AD FS and AD FS Proxy Servers must be deployed. Also, certificates with correct entries must be deployed on these servers as well as DNS entries

41 Office 365 Tools https://portal.microsoftonline.com/Tools
OnRamp - https://onramp.office365.com/onramp/ Office 365 Best Practices Analyzer for Exchange Server 2013 (beta) Microsoft Connectivity Analyzer Exchange Online PowerShell IdFix DirSync Error Remediation Tool Lync Online Transport Reliability IP Probe (TRIPP) Tool Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Toolkit Microsoft Outlook Configuration Analyzer Tool (OCAT) Windows Azure Active Directory Module for Windows PowerShell

42 Office 365 Resources Office 365 FastTrack Deployment Center
10968B Office 365 Resources 1: The Office 365 Deployment Challenge Office 365 FastTrack Deployment Center Office Ignite Readiness TechNet Center for Office 365 TechNet Center for the new Office Office IT Pro Blog Office 365 Trust Center Office 365 Service Descriptions Service Updates for Office 365 for Enterprises Microsoft Planning Services You might want to show the links for some of these resources.

43 Customer Immersion Experience (CIE)
If you would like to implement the technologies that you just saw in your organization, then join us for a Customer Immersion Experience (CIE), a hands-on introduction to Windows 8 and the new Office, new servers for business productivity as well as a variety of other Microsoft technologies, including Windows Phone, and Dynamics CRM. A CIE is not a generic demo about all the features Microsoft products offer. It's a true-to-life user experience that takes you through common work-related scenarios such as staying productive while mobile, using social networking to get work done, and connecting in real time with coworkers. It also gives you a first-hand look at the fast and fluid experience of Windows 8 and the exciting features of the new Office across a variety of devices, including tablets, PCs, and smartphones. If you are interested please fill in the feedback form by choosing CIE workshop. Thank you!

44 и участвайте в томболата за HTC 8S и други награди!
Споделете вашата обратна връзка за тази сесия и за цялостната организация на конференцията и участвайте в томболата за HTC 8S и други награди!

45 Hybrid mail flow enhancements
Enhanced Secure Mail feature Certificate based attribution for mail flow connectors - no more static IP address lists Explicit TLS certificate selection avoids certificate conflicts Remote domains no longer required for secure mailzSimpler configuration and troubleshooting Centralized Transport feature supports more mail flow paths Edge Server support – Edge Transport Server 2010

46 Secure Mail Exchange Online Protection Internet
On-premises organization You can choose to route outbound on-premises mail via EOP MX is switched to Exchange Online Protection Outbound Exchange Online traffic is delivered direct MX resolves to on-premises gateway External recipient Third Party Security System Secure Mail Exchange Online Protection DAVID On-premises mailbox Encrypted & authenticated mail flow Exchange Online Exchange CHRIS Cloud mailbox

47 Things to remember about Secure Mail
All between Exchange on-premises and Exchange Online is encrypted and authenticated Internal mail flow going from Exchange to Exchange must go direct and not through 3rd party gateways External (Internet) mail can be routed to wherever you choose – on premises, 3rd party service, EOP The MX record for the domain controls where inbound external is received The hybrid wizard’s “OnPremisesSmartHost” property controls the flow of internal mail from Exchange Online to Exchange on-premises The FQDN defined within OnPremisesSmartHost can be: A single Exchange 2013 CAS or 2010 Edge server Multiple round robin Exchange 2013 CAS or 2010 Edge servers Multiple load balanced Exchange 2013 CAS or 2010 Edge servers (recommended) If you want outbound from on-premises to the Internet to go through EOP you need to create an extra “*.*” send connector that forwards all mail to EOP

48 Secure Mail Exchange Online Protection Internet
On-premises organization MX resolves to on-premises gateway All in and out of the Exchange Online tenant must go via on-premises MX is switched to Exchange Online Protection External recipient Third-party security system Secure Mail Exchange Online Protection DAVID On-premises mailbox Encrypted & authenticated mail flow Exchange Online Exchange CHRIS Cloud mailbox

49 Things to remember about Centralized Transport
It is built on top of Secure Mail You cannot enable Centralized Transport without it All in and out of Exchange Online is routed via on-premises Unless you have a business requirement to route mail via on-premises you do not need to enable it You can now route inbound Internet to Exchange Online Protection even when Centralized Transport is turned on No more need for FOPE “duplicate domains”, multiple FOPE companies. It simply works out of the box


Download ppt "Преходът към Office365 – различни сценарии, но винаги полезни"

Similar presentations


Ads by Google