4 Business benefits of moving to the cloud 4/5/2017Business benefits of moving to the cloudCut operational and technology costsGet up and running quickly and easilyGive people the tools to be productive
5 Announcing Microsoft Office 365 BRINGING TOGETHER CLOUD VERSIONS OF OUR MOST-TRUSTED COMMUNICATIONS AND COLLABORATION PRODUCTS WITH THE LATEST VERSION OF OUR DESKTOP SUITE FOR BUSINESSES OF ALL SIZES. Microsoft Office 365 delivers the power of cloud productivity to businesses of all sizes, helping to save time and money and free up valued resources. Office 365 combines the familiar Office desktop suite with cloud-based versions of next-generation communications and collaboration services from Microsoft: Exchange Online, SharePoint Online, and Lync Online. Office 365 is simple to use and easy to administer – all backed by the robust security and guaranteed reliability you expect from a world-class service provider. (Access from mobile devices depends on WiFi capability or mobile network availability.)Office 365:Microsoft Office Professional PlusThe world’s leading productivity tool now seamlessly connected and delivered with cloud services – for the best productivity experience across the PC, phone, and browser.Exchange OnlineCloud-based , calendar, and contacts with always-up-to-date protection from viruses and spam.SharePoint OnlineCloud-based service for creating sites to connect colleagues, partners, and customers.Lync OnlineCloud-based instant messaging, presence, and online meeting experiences with PC-audio, video conferencing and screen sharing.Key Office 365 Benefits:Anywhere-access to , documents, contacts, and calendars on nearly any device.Work seamlessly with Microsoft Office and the other programs your users already count on every day.Business-class features including IT-level phone support, guaranteed 99.9% uptime, geo-redundancy, and disaster recovery.Pay-as-you-go pricing options that give you predictability and flexibility for all or part of your organization.Office 365 for enterprises brings together cloud versions of our trusted communications and collaboration software with our familiar Office Professional Plus desktop suite. It is designed to help meet your IT needs for robust security, 24/7 reliability, and user productivity.
6 Business ChallengesHow can I keep pace with the ever-growing quantity of in my inbox?How do I give my employees access to their and calendars from everywhere?How do we maintain the security and compliance of our messaging environment?Businesses rely on as a backbone for their communications and an essential tool for getting things done. But in today’s world, can present challenges for users, IT and organizations as a whole. Hear are some common themes we hear as we talk to our customers:The volume of data continues to increase, causing users to experience information overloadUsers expect to be able to access their mailboxes from wherever they are, from a growing array of devicesOrganizations must keep up with increasingly burdensome compliance requirements and maintain the security of their systemsMeeting these challenges requires an system that was designed for the needs of today’s businesses.
7 PROTECTION & COMPLIANCE Business-class , calendar, and contacts for your organizationANYWHERE ACCESSPROTECTION & COMPLIANCEVISIBILITY & CONTROLExchange Online is a solution to these challenges. It delivers the capabilities of Exchange Server, the world’s leading server for , calendar, and contacts, to help your business succeed.With Exchange Online, organizations get the same familiar and powerful Exchange features that millions of users rely on todayCustomers benefit from the Exchange team’s 15+ years of experience in businessWith Office 365, they also get the most up-to-date capabilities of that platform (Exchange Server Service Pack 1)The benefits of Exchange Online fall into the following three categories:For users: Anywhere AccessFor your organization: Protection and ComplianceFor the IT department: Visibility and ControlLet’s take a closer look at each of these areas.
9 Anywhere Access Rich client access via Outlook Premium Web experienceMobile access from a wide range of phonesVoic in your inboxLarge mailbox sizes (25GB)CalendarContactsTasksCompany DirectoryVoicExchange Online lets users connect to their mailboxes with a consistent experience across PC, web, and mobile.The service is designed to work with Outlook, so it provides an unmatched Outlook experience without the need for a VPN connection, including features in cached mode such as the offline address book.Outlook Web App provides a premium online access experience that matches the look and feel of the full Outlook client.Mobile access is available from a wide range of devices that connect directly to Exchange via the ActiveSync protocol.Hosted voic services integrate with your on-premises phone system, giving users voic and in a unified inboxLarge 25GB mailboxes mean that users don’t waste time cleaning out their mailboxes to make space, or moving to offline PST files that can’t be accessed from web browsers or mobile devices. All their data is available to them, wherever they go.Best of all, Exchange Online allows users to continue to work as they do now, you have the freedom to “swap out” your back-end infrastructure with minimal disruption.PCsBrowsersPhones
10 Protection and Compliance Integrated archiving with a familiar user experienceMulti-mailbox search for efficient e-discoveryPolicies to automatically preserve or expirePremium anti-spam and antivirus protectionExchange Online provides built-in archiving features and protection against spam and viruses, so that your employees can be productive and your organization can maintain the highest levels of security and compliance.A personal archive that gives you the opportunity to move away from using PST files for storing oldWeb-based multi-mailbox search makes it easy and efficient to search through mailboxes if the need arisesFlexible retention policies allow you to automatically expire out unnecessary while allowing employees to retain what’s important. Per-user legal hold allows you to preserve for compliance purposes.Forefront Online Protection for Exchange is built-in at no extra cost, providing premium anti-spam and anti-virus protection.These features, plus additional capabilities not shown on this slide (such as MailTips, transport rules, disclaimers, and Transport Layer Security) provide the ability to meet diverse compliance requirements.Multi-mailbox searchBuilt-in archive
11 Visibility and Control Simple, web-based administrationAdvanced management and automation via PowerShellRole-based access controlBuilt-in auditing reportsExchange Control PanelExchange Online lets you host your on Microsoft’s geo-redundant servers, while maintaining control over your environment.A Web-based management interface called the Exchange Control Panel gives you deep levels of control over mailboxes, groups, settings, and permissions. It is an easy to use but powerful administration tool.You have the ability to manage advanced policies and settings using Remote PowerShell, as well as automate repetitive tasksA highly flexible permissions model allows you to delegate tasks such as multi-mailbox search to responsible users in your organization, lessening the burden on your IT organization and reducing help desk costsAuditing reports let you track of changes to settings and permissions, as well as track non-owner access to mailboxes, which is important in delegate and shared mailbox scenariosAuditing reportsRemote PowerShell
12 Migrating to Exchange Online Transitioning from your current system to Exchange Online is fast and easy.Free cloud-based tools built in to the Exchange Online service allow you to:Migrate from all platforms that support IMAPMigrate , calendar, and contacts from Exchange Server 2003, 2007, or 2010During the migration process, users stay connected to their mailboxes and continue working without disruptionAfter data replication is complete, you can perform a fast, all-at-once cutover. Or, you can move users to the cloud in stages.For larger organizations, rich hybrid capabilities allow for a seamless transition to the cloud, including free/busy calendar sharing between online and on-premises users.Move mailboxes to Exchange Online with cloud-based toolsUsers stay connected to their mailboxes while data is migratingSwitch to Exchange Online over a weekend, or move users in stages
13 PROTECTION & COMPLIANCE The robust and familiar capabilities of Exchange, delivered from the cloudANYWHERE ACCESSPROTECTION & COMPLIANCEVISIBILITY & CONTROLExchange Online is Exchange Server, delivered as a hosted service. It is the world’s leading server, delivered in a cloud form factor.This isn’t just a matter of branding -- It is the same code, the same bits as Exchange Server. It is not a lite version, not some other product Microsoft acquired, not a consumer product converted for business use.This means organizations get the same familiar and powerful Exchange features that they rely on in their on-premises systems today.Customers benefit from the Exchange team’s 15+ years of experience in business , going back many generations of Exchange, starting with the release since Exchange 4.0 in 1996With Office 365, they also get the most up-to-date capabilities of that platform (Exchange Server Service Pack 1)The benefits of Exchange Online fall into the following three categories:For users: Anywhere AccessFor your organization: Protection and ComplianceFor the IT department: Visibility and ControlLet’s take a closer look at each of these areas.
14 Anywhere Access Rich and familiar Outlook experience Gives users a full-fidelity Outlook experienceSupports Outlook 2010 features including Conversation View, MailTips, and Meeting Room FinderConversation View in Outlook 2010MailTips in Outlook 2010Exchange Online includes full-featured support for Outlook 2007 and Outlook 2010.The experience is familiar to your users, so they can work just as they do todayBecause Exchange Online is running the latest version of Exchange, the new features in Outlook that require Exchange 2010 (including Conversation View, MailTips, and Meeting Room finder) are available to help your users be more productive
15 Anywhere Access Premium web experience IE, Firefox, Safari, Chrome supportEnhanced search, filters, favoritesIntegrated IM and presenceSide-by-side calendar viewOutlook Web App (OWA) helps your users be productive from wherever they can log in via a web browser.The premium OWA experience is available in Internet Explorer, Firefox and SafariIM and presence integration with Lync Online or Lync Server on-premises lets users chat from right within the OWA experience.Delegate mailbox access has been addedSearch had been enhanced, as well as filters and favorites so you can manage your mail more easilyYou can view two calendars side-by-side in OWAThe nickname cache is shared between OWA and Windows mobile, so the names of people you frequently will appear in a drop down list when you create new messages in either place.IM and presence integration with Lync Online or Lync Server
16 Anywhere Access Mobile messaging Seamless mobile access through Exchange ActiveSyncSupport for popular mobile devicesSelf-service remote device wipeExchange Online supports the Microsoft Exchange ActiveSync protocol. Exchange ActiveSync provides synchronization of mailbox data between mobile phones and Exchange Online, so users can access their , calendar, contacts, and tasks on the go.Exchange ActiveSync is supported by a wide range of mobile devices, including Microsoft Windows Mobile® and Windows Phone, Nokia E and N series devices, Palm devices, Apple iPhone and iPad, and certain Android phones. Implementation of the specific features of Exchange ActiveSync varies by device and manufacturer.With Exchange ActiveSync, you can enforce security policies, such as PIN lock, on the devices that connect to your Exchange Online environment. In the event that a mobile device is lost or stole, users or administrators can remotely wipe the device back to its factory settings, from OWA.You can also control which phones can connect to Exchange Online by creating block/allow lists. Using a Web-based interface, you can create approved device lists for their organization as well as block any particular device they believe should not be allowed. You can also set exceptions at the individual level. Any devices not listed in the block or allow lists can be quarantined, enabling administrators to decide later if they should be allowed to connect. A customizable quarantine allows administrators to explain to users why their device has been quarantined.Windows® PhoneApplePalm/HPNokia
17 Anywhere Access Robust collaboration features Large mailbox sizes (25 GB) and message limits (25 MB)Restricted, moderated, and dynamic distribution groupsGlobal address list and shared contactsShared mailboxesModerationGlobal Address ListSituationThe ability to collaborate effectively can provide companies with a competitive advantage.Slide objectiveShow that Exchange Online provides the powerful and familiar collaboration features that Exchange Server is known forTalking pointsCollaboration features in Exchange Online include:The Global Address List, or company directory.Group management capabilities, like personal distribution lists and shared distribution lists.Shared contacts, for people like consultants and contactors who don’t have mailboxes on your system, but still need to appear in your global address list.Support for shared mailboxes, which allows multiple people to connect to a mailbox (like and send messages with the identity of that mailboxSupport for delegate access to mailboxes and calendars, which is essential for executive assistants and others who manage shared resources.Distribution groups, including advanced capabilities like restricting who can send to a large distribution group, moderation of messages that are sent to a distribution group, and dynamic distribution groups.Distribution groups
18 Anywhere Access Enterprise-class calendaring Calendar sharing and publishingConference roomsFederated free/busy sharing (org to org)Calendar delegationExchange Online provides the same shared calendaring features as Exchange Server 2010 SP1. These include:Free/busy sharing between users in your organization, with the option for users adjust calendar permissions to share details of their calendars with others.Organization-to-organization federated free/busy sharing; so you can share free busy data with trusted business partners (the other organization must be running Exchange 2010 or be hosted on Exchange Online or Outlook Live forThe ability for individual users to publish calendars via the iCal standard to users outside of your organization, and subscribe to calendars published in the iCal format.Conference room support, with a resource booking attendant that can automatically accept or decline meeting requests. These conference rooms come as part of the service, and do not require separate licenses.Out of Office auto-responses, including the ability to schedule separate internal and external OOF messages, and to schedule OOF messages in advance.Scheduling AssistantDelegate access
19 Anywhere Access Hosted voicemail Integrates with your on-premises phone systemGives users a single inbox for and voicRemoves the need to manage voic infrastructureProvides the latest features of Exchange Unified MessagingInline playerVoic previewExchange Online provides hosted unified messaging and voice mail services. Organizations can connect their on-premises PBX phone systems to cloud-based voice mail services provided by Exchange Online, using simple, Internet-based network connectivity.That’s a win for the IT department, because it allows them to take advantage of the efficiency and cost-savings that come from a centralized voic infrastructure, retiring legacy voic systems that are expensive to maintain and back up. That’s also a win for users, because it gives users a single inbox for both and voice mail messages, which could be accessed from Outlook, Outlook web access, mobile devices, and even a standard telephone through Outlook Voice Access. And, Exchange 2010 adds new features to the core capabilities of Exchange UM, like text preview of voic messages, personal auto attendant capabilities, and message waiting indicator.The new features that Exchange 2010 added to the Exchange 2007-based UM are also available in a cloud environment, including a text preview of voic s messages, personal auto-attendant capabilities via call answering rules, RMS-protection of voic s, and MWI interoperability with PBX systems.Caller ID
20 Protection and Compliance Premium anti-spam and antivirus protection High-accuracy spam filteringMultiple virus-scanning enginesIncluded with Exchange Online subscriptionAdmin center provides advanced policy rules and reportingExternalSituationOrganizations need robust antivirus and anti-spam solutions in place, to keep their users from being burdened with malicious messages.Slide objectiveDescribe the enterprise-class anti-spam and antivirus capabilities of Forefront that are built into the service and require minimal effort for the administrator to configure and maintain.Talking pointsForefront Online Protection for Exchange is included as part of the Exchange Online subscription, to help block malware from reaching your users’ inboxes. This is an enterprise-class antivirus and anti-spam service.The service uses proprietary anti-spam technology to achieve high accuracy rates.Forefront uses multiple and complementary anti-virus engines help catch -borne viruses and other malicious code.It covers both incoming, outgoing, and internal messages. This helps protect your organization from malicious content that originates from behind your firewall.All of this is built-in to your service. No configuration is necessary to start or maintain the filtering technology.
21 Protection and Compliance Native Exchange archiving Allows easy migration to a managed archive solutionUser experience for managing mailbox does not changeProvides a way to centralize data currently stored in PST filesArchive can be searched with familiar toolsArchive appears alongside a user’s primary mailboxContent can be dragged from PSTs to the archiveSituation :One of the key challenges relating to compliance is how to centrally manage and control all data, including PSTs residing on user’s desktops. Unlike mail stored on the server, PSTs on individual desktops cannot be easily and quickly discovered; litigation holds and corporate expiration policies cannot be enforced. Meanwhile, from the IWs perspective, managing PST quotas can be frustrating, including diminishing Outlook performance as PST folders grow. Move PSTs to a network share and a new set of problems arise: increased PST corruptions and a degraded search experience.Feature Talking PointsWith the introduction of a native archiving feature in Exchange Online, customers can move easily from an unmanaged to a managed solutionThe “archive” is a separate mailbox, managed and controlled by the administratorUsers can drag and drop PSTs to an archive folder within their inbox or schedule auto-move of messages to archive through Folder or Item policy tagsPSTs are now discoverable; legal holds can be easily applied and performance is not compromised for large mailboxes ( GB)The mailbox experience does not change within the archive: users can view, read and navigate mail the same as todaySlide Objective – The audience should walk away understanding that the new Exchange archive feature offers a simple way to centrally store and manage PSTs – while maintaining the familiar mailbox management experience for users.
22 Protection and Compliance Retention policies and legal hold Custom policies automatically delete or archive contentIntegrates with personal archiveLegal hold policy captures user edits and deletionsPolicies apply to all s within a folder by defaultUser can select retention policy for a specificSituation :The explosive growth of regulatory compliance and corporate governance requirements has made it challenging for administrators and compliance officers to provide end users with simple tools for managing retention policies of the high volume of messages being sent and received daily. It is impractical for a small group of people to police to this end directly, so tools which enable end users to apply retention policies which are defined by the organization and tools which automatically apply such policies without IT intervention are required to effectively mitigate the risk associated with compliance and governance.Talking Points:Retention policies can be applied to any individual or folder rather than just a restricted set of managed foldersPolicies are defined centrally and pushed to the client, exposed directly to users in the UI for selection or notificationThese policies have great integration with the archiving features from the last slide.Transport rules can be designed to automatically apply default policies for select groups of users or based on select attributes ofYou can use legal hold to preserve all mailbox content for certain users or your entire organization, so that a copy of every message is retained for compliance reasons. Deleted messages are hidden from the users’ view, but they are still searchable via Exchange’s multi-mailbox search tools.User can view expiration date
23 Protection and Compliance Multi-mailbox search Web-based search capabilities can be delegated to specialistsEmpowers legal and compliance staff to conduct e-discoverySearch works across on-premises and online mailboxesPreview of search resultsSituation:Traditional systems require complex access control policies and provide hard to use tools in order to meet the growing needs of eDiscovery and requirements of Human Resources departments relative to searching corporate communication throughout the infrastructure. Those responsible for these tasks are non-IT users who are unfamiliar with administration tools and do not have access to the servers. These compliance officers and HR representatives are having to follow complex processes and use complex tools, aided by IT, to handle what is already a complex problem due to legal and corporate governance. Solutions are required which empower these individuals to go about their business without IT intervention and which ensure that only those assigned by the organization to perform such tasks are able to.Talking Points:Cross-mailbox search user interface enables compliance officers and HR to perform searches based on select attributes across the entire mail infrastructureRoles based administration allows for easy delegated access to this tool with no complex Access Control RequirementseDiscovery processes may be followed without IT intervention and only by those authorizedCompliance officers and HR representatives use familiar and easy-to-use tools within the existing UI of Outlook and Outlook Web AccessSlide Objective:The audience should see that Exchange goes beyond traditional administration models to empower delegation of tasks associated with compliance away from the administrator and put these tasks into the hands of those responsible with easy-to-use toolsRich search criteria and targeting optionsResults stored in specialized mailbox
24 Protection and Compliance Transport rules Structured like Inbox rulesApply to all messages sent inside and outside the organizationConfigured with simple Web-based GUIIf the message...Is from a member of the group ‘Executives’And is sent to recipients that are 'Outside the organization' And contains the keyword ‘Merger’ConditionsDo the following...Redirect message to:ActionsSituationUnderstanding transport rules is important to understanding how IPC works in Exchange.Slide objectiveExplain how transport rules are configured.Talking PointsExchange Online supports transport rules. Transport rules inspect every piece of mail tha tflows through your Exchange Online environment. Even from one mailbox to another mailbox in the same server goes through the transport server role.Transport rules are configured just like Outlook rules using a simple GUI to apply conditions, actions and exceptions:Conditions identify specific criteria such as sender, receiver and keywords within a message.Actions are applied to messages that match these conditions.Exceptions identify messages to which a transport rule action shouldn't be applied, even if the message matches a transport rule condition.Transport rules are flexible: Scan for specific keywords or regular expressions such as social security numbers; create ethical walls that block mail between specific users; automatically modify messages with disclaimers…Over 50 conditions and actions can be selected to create a ruleExceptionsExcept if the message...Is sent to
25 Protection and Compliance Flexible mail routing InternetOutboundSituationSome customers may want to route mail to specialized appliances on premises.Slide objectiveExplain how FOPE Connectors enable custom outbound routing.Talking pointsFOPE Connectors can be configured in the Admin Console for SmartHost Routing of outbound mailThis allows outbound can be securely routed through on-premises gateway.The most common scenario for this is when a 3rd party DLP appliance or service needs to scan all outbound mail.This configuration can also be used to perform custom processing on outbound mail (such as address rewrite)If you are implementing a hybrid deployment of Exchange Server and Exchange Online, FOPE connectors can be used to ensure that all (inbound and outbound) flows through you on-premises infrastructure, so you can maintain complete control.FOPE Connectors can also be used to enabled Forced TLS (inbound and outbound) to help secure the traffic channelYou have the option to check for valid certificate and domain from destination for additional protectionRoute outbound through on-premises server or other hosted serviceAllows use of third-party appliances for encryption and data leakage prevention (DLP)Messaging Server or Appliance
26 Protection and Compliance Integration with IRM services AD RMS Server(On-premises)Exchange OnlineKey ImportExchange Online can be integrated with on-premises AD RMSThis activates advanced Exchange 2010 IRM features, including:IRM in OWA, IRM search, and Protected VoicTransport Protection Rules and Outlook Protection RulesSituationExchange 2010 offers advanced AD RMS integration, and customers who run RMS servers on-premises want to know if they can get these features by integrating the RMS server with Exchange Online.Slide objectiveExplain how customers can use leverage their AD RMS cluster on premises to leverage IRM support features in Exchange Online. (transport protection rules, IRM in OWA, etc.)Talking points[Build 1] Tenant must import a Trusted Publishing Domain from their AD RMS cluster into Exchange Online.*Exchange Online tenants get all IRM capabilities, except for Pre-licensingKeys stored securely via Distributed Key Management (DKM) within Datacenter and only accessible to Exchange ServiceAfter setup, all RMS transactions in Datacenter executed within Datacenter*To configure: On RMS cluster, go to Trusted Publishing domain; Export to XML file; Run import-rms trustedpublishingdomain; Configure what RMS drop down you want to appear.The XML file contains the RMS private key, the currently defined RMS templates, and data about the RMS cluster. NOTE: Exchange is not required to send/receive IRM-protected messages in Outlook. Therefore, no TPD Import is required if you only need to send/receive IRM protected messages in Outlook (and have no need for advanced features like IRM in OWA or transport protection rules.
27 Visibility and Control Exchange Control Panel Powerful Web-based tool for managing your online environmentCapabilities such as multi-mailbox search and group management can be delegated to non-IT usersPowerful web-based management capabilities introduced in Exchange 2010, called the Exchange Control Panel, augment the capabilities of the Microsoft Online Portal giving you the ability to:Search delivery reports to help troubleshoot message delivery issuesConfigure many types of resource mailboxes, not just conference roomsAccess the “mail settings” screens in OWA on behalf of a user, to help troubleshoot issues for them (very useful for help desk personnel).Manage many other capabilities shown previously in this presentation, like transport rules, journaling, UM settings, and multi-mailbox searchThese new administration capabilities are web-based and controlled via the new Role Based Access Control (RBAC) capabilities in Exchange 2010, so they can be delegated to non-IT users. These non-IT business specialists can access these screens directly from OWA or Outlook, based on their Exchange Online credentials,.
28 Visibility and Control Remote PowerShell Allows scripting and automation of routine tasksLets you update settings without calling supportGives you to access to raw data for reportsPowerShell has become a common way to manage the latest generation of Microsoft Server products, including Windows Server 2008., Exchange Server 2007, and Exchange Server With Exchange Online, PowerShell becomes another item your adminstrative toolbox, giving you greater control over the Online environment.You use Windows PowerShell on a local computer to connect to your Exchange Online organization and perform management tasks that aren't available or practical in the Web management interface. You just install Windows PowerShell on your client machine, and you are off and running. Like EMC, Remote PowerShell connects to the datacenter using standard protocols to allow easier management through firewalls.RBAC integration means you can delegate PowerShell management capabilities in a scoped way within your IT org. The datacenter is effectively delegating permission to you to manage aspects of your hosted Exchange forest, without giving you permission to manage things like back-end databases. You can further delegate specific abilities within your org.Remote PowerShell is useful for creating scripts to automate routine tasks, and for batch processing. For example, you can create or update many user accounts at one time.You use the same commands and syntax as PowerShell administration for other Windows Server products on-premises, so the time invested in building PowerShell skills pays dividends in both the Online and on-premises worlds.Another example:To allow users to set up inbox rules to enable server-side forwarding, and automatic reply messages (these are off by default today), you could run this command:set-remotedomain -AutoReplyEnabled true -AutoForwardEnabled trueNew-DynamicDistributionGroup-Name "Florida Sales and Marketing"-IncludedRecipients MailboxUsers-ConditionalDepartment Sales, Marketing-ConditionalStateOrProvince Florida
29 Visibility and Control Role Based Access Control Delegate administrative tasks within IT and beyondGranular control over scope and permissionsAndy RyanSystems AdministratorJoanna RybkaTier 1 Support (Europe)Donna ScottCompliance OfficerOrganization ManagementHelp DeskDiscovery ManagementNew Role-Based Access Controls (RBAC) in Exchange Online give you the ability to delegate administrative tasks within your IT org, as well as to end-users in your organization.These RBAC controls apply whether you are managing the environment via the web-based Exchange Control Panel interface, Remote PowerShell, or the Exchange Management Console (in cross-premises coexistence).In the examples shown here, you might use RBAC to give a systems administrator complete control over your Exchange Online environment, while giving Tier 1 support staff a more limited set of capabilities, scoped only to the users in Europe. You could also give a compliance officer self-service capabilities to conduct multi-mailbox searches.Create usersSet legal holdEdit retention policiesEdit mobile security policiesCreate transport rulesManage dynamic distribution listsConfigure UMTrack messagesMobile device wipeView-only recipientsManage groupsMulti-mailbox searchSet legal holdAll employeesAll employees in EuropeAll employees in the U.S.
30 Visibility and Control Auditing reports Track delegate access and see which users have logged in to shared mailboxesFind out who changed configuration settings and administrative permissionsExtract data for long-term storage or to build custom reportsExport log data for long-term retention or custom reportsTrack mailbox access: delegates, shared mailboxes, etc.Many people ask: Does Exchange Online have the ability to provide granular reporting on who accessed what mailbox when? The answer is “yes.”Administrators can run reports to see:Access to mailboxes by users other than the owner. This data is useful for tracking access by multiple users to shared mailboxes. It also can be used to track access when a person (such as an executive) delegates permission to their mailbox to an assistantChanges to litigation hold status. This allows you to see who was put on litigation hold (or taken off litigation hold) to verify compliance with requirements to preserve information when a lawsuit is filed.Changes to administrative roles and groups. If an administrator changes roles and gains broader permissions, you can see it in this report.Changes to other configuration settings. This allows you to track a variety of configuration settings made to your online environment by your administrators.Track configuration changes: RBAC, settings, etc.
31 Deployment Flexibility Web-based Exchange and IMAP migration tools Free tools for rapid migrationMigrate , calendar, contacts and tasks from Exchange 2003, 2007, or 2010No software to installMigrate from all platforms that support IMAPExchange Online provides quick, low-impact options for migrating to the cloud from Exchange 2003, Exchange 2007, and any messaging system that supports IMAP. These web-based migration tools are designed for customers who want to migrate their on-premise mailboxes into Exchange Online and who do not have advanced requirements like free/busy calendar federation, off-boarding, etc.Customers can migrate their users and corresponding data from on-premise Exchange servers to Exchange Online with ease and with as little change as possible on their environment, and can do an “all at once” cutover of users to the cloud.
32 Deployment Flexibility Rich hybrid capabilities Connect your Exchange Server to the cloud for smooth migration or long-term coexistenceShare free/busy data between cloud and on-premises usersMigrate users to the cloud with native Exchange toolsGive users a seamless transition, with no OST re-syncEasily move mailboxes back on-premisesOrganizations interested in the smoothest migration experience, or organizations that want to have permanent coexistence, with a mix of some users on-premises, and others in the cloud, would choose rich Exchange coexistence.” In this scenario, an Exchange 2010 SP1 server is deployed on-premises, and acts as a gateway to the cloud (for redundancy purposes, larger organizations will typically deploy 2 servers).With the Exchange 2010 server in place, administrators can:Manage both their local Exchange forest, and their Exchange Online forest, from the Exchange Management ConsoleMove users to the cloud using PowerShell or the Exchange Management ConsoleEnable seamless calendaring, including free busy and full calendar sharing, between hosted and on-prem usersConfigure cross-premises mailflow so that all mail truly looks and feels like it is internal to the company. And, if desired, configure all inbound and outbound mail to flow through the local servers.Move mailboxes back on-premises if the need arisesAlthough an Exchange 2010 server is deployed on-premises, there is no need to upgrade mailboxes to Exchange prior to moving them to the cloud. The Exchange 2010 server has the ability to act a proxy or bridge, between older Exchange 2003/2007 environments and Exchange Online, without the need to migrate on-premises Exchange mailboxes to Exchange 2010.Once an organization reaches 100% of mailboxes in the cloud, they would typically remove the Exchange 2010 server. The Directory Sync tool and ADFS server would remain in place so to connect on-premises AD infrastructure to the cloud.Note: The Directory Sync tool, and ADFS federation for enterprise single sign-on would also be deployed to connect on-premises AD infrastructure to the cloud and power Single-sign on, easy provisioning, and a unified directoryExchange 2010 SP1 “coexistence” serverExchange Server 2003 or 2007
33 Deployment Flexibility Exchange Web Services FlexibleWorks with Exchange OnlineWorks with Exchange ServerWorks in hybrid environmentsEasy to Use.NET-based EWS Managed API 1.0Full Visual Studio supportExchange Online supports Exchange Web Services (EWS). EWS is a unified API for accessing Exchange mailbox data that has existed since Exchange 2007 and the original launch of Exchange Online.EWS offers three main benefits:It is the richest, most functional, and most versatile API for Exchange. It supports all new features Exchange 2007 and 2010 offers. The one API can be used in the various application models: you can build the Exchange information into your own client application, you can mash Exchange information into your Web portals, or you can even use Exchange data into your processes.Examples of the first are Entourage for the Mac or Apple’s iMail in Snow Leopard. Or the display of free/busy information in Communicator, or how Communicator can store conversations into your Conversation folder in Exchange.Examples of the second are Webparts, like used in SharePoint or Dynamics CRM, or various University portals ofExamples of the third are Google using EWS to synchronize the contact list with their Android based mobile phones, or the displays Microsoft conference rooms have showing who has reserved such conference room. Also Dynamics uses EWS to sync its data with Exchange 2010.It is easy to use, for any Visual Studio developer will feel familiar with the two major programming paradigms supported:Web Services.NET.In Exchange 2010 we have added a full implementation of the EWS API in Managed code, supporting .NET 3.5 SP1. Using this API increases productivity tremendously for you need less lines of code and have full support of IntelliSense in Visual Studio, with autocomplete and inline help.The last benefit is that given Exchange always use Web Services to communicate with the server, even if you implement the application in the EWS Managed API, it is the same code that can be run against an on-prem implementation as well as against an online implementation. Applications can reside locally on the CAS server or can connect via the Intranet or via the Internet.Rich FunctionalityCreate custom portals and applicationsEnhance line of business apps with calendar data and workflow
34 Deployment Flexibility Kiosk user subscription Low-cost offering for lightweight usersMailbox access via the regular version of Outlook Web AppPOP access500 MB mailboxSame antivirus and anti-spam protections as regular subscriptionPowerShell has become a common way to manage the latest generation of Microsoft Server products, including Windows Server 2008., Exchange Server 2007, and Exchange Server With Exchange Online, PowerShell becomes another item your adminstrative toolbox, giving you greater control over the Online environment.You use Windows PowerShell on a local computer to connect to your Exchange Online organization and perform management tasks that aren't available or practical in the Web management interface. You just install Windows PowerShell on your client machine, and you are off and running. Like EMC, Remote PowerShell connects to the datacenter using standard protocols to allow easier management through firewalls.RBAC integration means you can delegate PowerShell management capabilities in a scoped way within your IT org. The datacenter is effectively delegating permission to you to manage aspects of your hosted Exchange forest, without giving you permission to manage things like back-end databases. You can further delegate specific abilities within your org.Remote PowerShell is useful for creating scripts to automate routine tasks, and for batch processing. For example, you can create or update many user accounts at one time.You use the same commands and syntax as PowerShell administration for other Windows Server products on-premises, so the time invested in building PowerShell skills pays dividends in both the Online and on-premises worlds.Another example:To allow users to set up inbox rules to enable server-side forwarding, and automatic reply messages (these are off by default today), you could run this command:set-remotedomain -AutoReplyEnabled true -AutoForwardEnabled true
35 What’s Next Visit www.office365.com to: 1 2 3 Sign up for the Office 365 Beta2Learn more about Exchange Online3Evaluate if Exchange Online is right for your business
38 Which Exchange Server Features Are Not Available in Exchange Online? Client AccessOutlook 2003 supportOWA login: public/private radio buttonsAdministrationAutomated PST import and exportProvision users in multiple datacentersMultiple on-premises AD forestsResource forest topologiesDirectoryHierarchical address bookGlobal Address List segmentationCompliance/ArchivingExchange 2007-style Managed FoldersGUI for creating Retention PoliciesThird-party add-ins for transport rulesVoice mailSpeech-enablement of directory and auto-attendantSecurityS/MIME in OWAS/MIME certificate syncApplicationsMAPI/CDO accessServer-side code, .dlls, transport agentsCustom OWA themes, logos, add-insPublic folders
39 Anywhere Access Hosted voicemail architecture Session Border Controller (SBC) at customer site connects PBX to Exchange OnlineCalls are securely routed from local PBX to hosted UM serversIntegration with Lync Server 2010 also availableCustomer owns and maintains PBX and SBC/gateway on-premisesInternetExchange Online hosts Exchange UM servicesThe architecture of hosted unified messaging is similar to the consolidated UM approach that many large enterprises companies are doing today with Exchange Server 2007 or Exchange Server In this scenario, PBXs and phone systems in offices scattered across many locations connect to UM servers in one or more centralized datacenters. IP gateways at the network edge of each branch office provide connectivity to the main datacenter.Hosted unified messaging works the same way, but instead of using private networks for the connectivity between the PBX and the UM server, which most enterprises use for their internal UM deployments, the VOIP connection is over a public network (the Internet). To provide secure VoIP communications between on-premise PBX and hosted UM, a Session Border Controller is installed at the perimeter of your network. These SBCs are hardened to resist denial of service attacks. They do network address translation and SIP-aware proxying, so you have a public IP address on one side and a private IP address on the other, and don’t expose internal corporate IP addresses to the Internet.Note that Exchange UM is not providing PBX services in the cloud – your PBX, whether VOIP or traditional TDM, remains on-premises and handles phone calls. It is only when a phone call goes to voice mail, that the call is handed off from the on-premises PBX to the UM infrastructure in the cloud.Hosted UM is also available to organizations who are using an on-premises Communications Server “14” environment for voice services. In this case, Edge Servers in the Communications Server environment provide connectivity to Exchange Online, so an SBC device is not required.PSTNPBX and Office Phones