Exchange Deployment Planning Services Exchange 2010 Compliance, Archiving, Retention

Exchange 2010 Compliance, Archiving, and Retention Goals The Exchange 2010 Compliance, Archiving, and Retention module has the following goals:  Introduce Microsoft security architecture in Exchange 2010 World Today Archive – IW Experience Archive – IT Pro Experience Move/Delete Policy Hold Policy Multi-Mailbox Search Summary

Ideal audience for this workshop  Messaging SME  Network SME  Security SME Exchange 2010 Compliance, Archiving, and Retention Audience

Exchange 2010 Compliance, Archiving, and Retention During this session focus on the following :  How will we leverage this functionality in our organization?  What compliance requirements do we have around our messaging solution?

Why Archive ? Storage Management Balance mailbox size demands with available storage resources Reduce the proliferation of.PST files stored outside of IT control Improve overall application and network performance Data Retention Meet industry and regulatory data retention requirements Support ongoing compliance, litigation, or personnel matters Preserve valuable intellectual property and corporate assets Discovery Respond to strict timelines for legal discovery orders Reduce costs involved in searching for and retrieving data Report on communications as part of auditing procedures

Org Archive Keeps all Allows Org Control Optimized for Search World Today: Repositories Tape/Disk Backups Item Level Backups Backups uncommon and difficult Manual Unsupported backups Replication Common Backups Less Common Replication Only Size Require Replication PSTs Circumvents Quota Highly Portable Mailbox Highly Available Rich Client Access Personal Archive Circumvent Quota Allows Org Control Exchange (MBs) Org Archive (PBs) Personal Archive (TBs) Outlook PSTs (GBs) Backup End User Access Replicated Backups

In-Place Archiving Roadmap Give customers a choice by making the application archive enabled Application provides APIs for federation Federation built by Microsoft and partners. Exchange External Repository Discovery, Policy, Reporting Share Point Exchange (Archive enabled) Share Point (Archive enabled) IMs Federated Discovery, Policy, Reporting Other …

In-Place Archiving in Exchange 2010 Integrated archiving capabilities offer tools to preserve and discover data, without changing the user or IT professional experience Secondary mailbox with separate quota Appears in Outlook and OWA Managed through EMC or PowerShell Automated and time-based criteria Set policies at item or folder level Expiry date shown in message Move/Delete Policy Web-based UI Search primary, archive, and recoverable items Delegate through roles-based admin Audit Log Reports Capture deleted and edited messages Offers single item restore Notify user on hold Hold Policy Audit Policy Configuration Audit logged to regular mailbox

In-Place Archiving in Exchange 2010 SP1 Provide a richer feature set incorporating customer feedback and take archive and discovery to the cloud Archive on a separate DB Archive in the cloud Outlook 2007 Support PST Import into Archive Admin Delegation EWS Support Managed through EMC EWS Support for Archive Support for Tasks, Calendar and Voic Move/Delete Policy Search Preview De-duplication Search and Destroy Annotations Cross Premise Search CmdLet Auditing Non-Owner Auditing Automatically move content from the Primary to Archive dumpster Managed through ECP Hold Policy Audit Policy Mailbox audit Manage through ECP, cmdlets Report and exports results

PRESERVE: PERSONAL ARCHIVE IW and IT Pro Experience

Preserve: Archive and the User Goals and Assumptions −Preserve or improve the PST experience −Preserve or improve end user workflow from regulatory or storage constraints −User will have one, online only archive in E2010 −Mail is automatically moved to the archive −Delete policies created by Admin apply in archive or primary −On-Premises vs. Cloud is transparent to the user.

Preserve: Archive and the IT Pro Goals and Assumptions −Same mailbox management experience across the primary and the archive −Archive and primary share the same user account −Archive must have a primary mailbox −IT-Pro can provision only one archive per user −Similar management experience across On- Premises and Cloud

Preserve: Support for Tiered Storage SP1

Preserve: Archive and the User Delegation Support for delegating primary and archive mailbox. SP1

Preserve: Archive and the Cloud* Archive in the CloudFully Hosted Cross-premise Co-Existence On-Premises Cloud *All these deployment scenarios requires SP1 On-Premises On-Premises

On-Premises Vs. Cloud Management Symmetry of Management Tools and Experience

Preserve: On-Premises Vs. Cloud Archive Archive Provisioning sourced from on-premises whenever possible Archive property management against current primary MBX location (on-premises or cloud) Applies in hybrid cases as well: E.g. some mailboxes with archive in the cloud and some with mailbox + archive in the cloud.

Preserve: On-Premises Vs. Cloud Archive Management : Primary MBX: Archive MBX

Preserve: Archive in the cloud

Preserve: Archive Management in ECP Fully cloud based only Enable/Disable Archive

Preserve: Archive in the cloud

Preserve: Mechanics of Archive in the Cloud On-Premises Exchange Exchange Online Microsoft Online/BPOS Topology AD FS

PST Import and Export Native support for PST export and import from Exchange Same job scheduling semantics as mailbox moves Ability to import directly into the archive SP1

PST Import into Archive Assign “Mailbox Import Export” RBAC Role (restart shell) Initiate Import to Archive Wait to complete....

DISCOVER: MULTI-MAILBOX SEARCH Discovery Console in ECP and PowerShell search

Goals and Assumptions −Performs distributed search across end user mailboxes located on multiple servers. −Search is throttled and parallelized −Results are copied to discovery mailbox after search −Admins by default do not have access to search all mailboxes, specific RBAC Discovery Role is required −Partners: Enable web services access to the multi- mailbox search for partners to build discovery solutions. Discover: Multi-Mailbox Search

Discover: On-Premises Vs. Cloud Discovery Search Provide a single org-wide discovery console across on-premises and cloud

Discover: On-Premises Vs. Cloud Discovery Search : Primary MBX : Archive MBX

Compliance Policy in Exchange 2010 Integrated archiving capabilities offer tools to preserve and discover data, without changing the user or IT professional experience Secondary mailbox with separate quota Appears in Outlook and OWA Managed through EMC or PowerShell Personal Archive Automated and time-based criteria Set policies at item or folder level Expiry date shown in message Move/Delete Policy Web-based UI Search primary, archive, and recoverable items Delegate through roles-based admin Audit Log Reports Capture deleted and edited messages Offers single item restore Notify user on hold Hold Policy Multi-Mailbox Search Audit Policy Configuration Audit logged to regular mailbox

Compliance Policy in Exchange 2010 SP1 Provide a richer feature set incorporating customer feedback and take archive and discovery to the cloud Archive on a separate DB Archive in the cloud Outlook 2007 Support PST Import into Archive Admin Delegation EWS Support Personal Archive Managed through EMC EWS Support for Archive Support for Tasks, Calendar and Voic Move/Delete Policy Search Preview De-duplication Search and Destroy Annotations Cross Premise Search Cmdlet Auditing Non-Owner Auditing Automatically move content from the Primary to Archive dumpster Managed through ECP Hold Policy Multi-Mailbox Search Audit Policy Mailbox audit Manage through ECP, cmdlets Report and exports results

Preserve: Cloud Deployment Scenarios Archive in the CloudFully Hosted Cross-premises Co-Existence On-Premises Cloud *All these deployment scenarios requires SP1 On-Premises On-Premises

PRESERVE: MOVE AND DELETE POLICY IW and IT Pro Experience

Preserve: Message Retention Archive(Move) Policy: automatically moves mail to the archive −End User Impact: Keeps Mailbox under quota −Like Outlook Auto-Archive – without PSTs! Delete Policy: automatically deletes mail −End User Impact: Unwanted mail is removed from view −End User Impact: Keeps Mailbox under quota −Delete Policies apply whether in primary or archive −Per item policies take precedence over folder policies −Policy properties are preserved so message retention is respected in third party systems.

Preserve: Move and Delete Concepts Retention Tags −Name, Action, Time period −Admin mandated or User applied −All Items in Inbox are deleted in 3 years) −Items and Folders may have a 2 year Archive Policy Retention Policies −Retention tags −Policies span to groups of users like ‘Accounting’ −User has one policy and many tags applied

Preserve: Move Policy Admin Move Policies Only Primary Mailbox Message delivered (Policy applied) Deleted Items Inbox … … Messages moved 2 years after receipt Archive Mailbox Admin Created −Default Move Policy of 2 years Deleted Items Inbox … …

Preserve: Move Policy Admin + User Move Policies Primary Mailbox Deleted Items Inbox … … Messages moved 2 years after receipt Archive Mailbox Admin created −Default Move Policy of 2 years −Optional Move Policy of 5 years User applied −User Policy of 5 years applied to Project X folder (can also be applied to item only) Deleted Items Inbox … … Message moved to Project X folder Project X Message moved 5 years after receipt Project X

Preserve: Delete Policy Admin Move and Delete Policies Only Primary Mailbox Message delivered (Policy applied) Deleted Items Inbox … … Messages moved 2 years after receipt Archive Mailbox Admin Created −Default Move Policy of 2 years, Delete Policy of 10 years Deleted Items Inbox … … Messages deleted 10 years after receipt

Preserve: Move and Delete Admin + User Move and Delete Policies Primary Mailbox Deleted Items Inbox Messages moved 2 years after receipt Archive Mailbox Admin created −Default Move Policy of 2 years, Delete Policy of 10 years −Optional Move Policy of 5 years, Delete Policy of Never User applied −Optional Policy of 5 years applied to Project X folder −Optional Policy of Never applied to Item “Contract” Deleted Items Inbox Message moved to Project X folder Project X Messages moved 5 years after receipt Project X Messages deleted 10 years after receipt RE:Contract Message Never Deleted

Preserve: Retention Hold Administrator override to pause all message retention policy actions when employee on vacation Set Retention Hold Verify

Preserve: Retention Hold in EMC

Preserve: Cloud Deployment Scenarios Archive in the CloudFully Hosted Cross-premises Co-Existence On-Premises Cloud *All these deployment scenarios requires SP1 On-Premises On-Premises

Preserve: Message Retention Management & the Cloud MRM policies managed separately for on- premises and the cloud −Except when only archive in the cloud

Preserve: Message Retention Management & the Cloud

Preserve: Migrating Policy to Cloud Migrating Primary mailboxes to cloud: −MRM policy not automatically migrated or synced −Scripts shipped to automate migration and sync* −Export-RetentionTags.ps1 −Import-RetentionTags.ps1 Not required for pure archive in the cloud case. Export-RetentionTags.ps1Import-RetentionTags.ps1 On-PremisesCloud ExportImport MRM Policy *Location: %Program Files%\Microsoft\Exchange Server\V14\Scripts.xml

PRESERVE: HOLD POLICY Legal Hold, Single Item Recovery and the Dumpster

Preserve: Legal Hold Overview

Preserve: Dumpster Message Flow Exchange 2007 behavior Primary Mailbox Dumpster 1.0 Recoverable Items (1) Message delivered Deleted Items Inbox … … (2) Message Deleted (3) Message Permanently Deleted (4) Message purged by 14 day policy or by user

Preserve: 2010 Hold Message Flow Hold Period of 10 years Primary Mailbox Dumpster 2.0 Recoverable Items Deleted Items Inbox … … (1) Message delivered (2) Message Edited/Deleted (3) Message Permanently Deleted (4) Message “purged” by user Edits Purges (5) Message removed from system after Hold Period (10 years)

Preserve: Hold Policy Move and Delete policies are for end users and while Hold Policy is for Admins Hold is respected whether the message is deleted by the user by Admin or User applied delete policies Admin may configure Retention policy to delete s to the Deleted Items, Dumpster 2.0 or permanently. With Archive on a separate Database, content will be moved from primary dumpster to archive dumpster.

Preserve: Hold Management & the Cloud Manage Legal Hold against current location of the primary mailbox

Preserve: Hold Management & the Cloud

AUDITING & REPORTING Configuration Audit and Mailbox Audit

Auditing

Audit: Configuration Audit Configured per tenant organization −Set-AdminAuditLogConfig Logged to tenant arbitration mailbox Results can be searched/exported using −Search-AdminAuditLog −New-AdminAuditLogSearch −ECP UI Default retention of 90 days −Set-AdminAuditLogConfig -AdminAuditLogAgeLimit

Audit: Mailbox Audit Configure per mailbox using set-mailbox −Admin – Set-Mailbox -AuditEnabled $true –AuditAdmin −Delegate – Set-Mailbox -AuditEnabled $true –AuditDelegate −Owner – Set-Mailbox -AuditEnabled $true –AuditOwner Logged to special Audit folder in user mailbox Results can be searched/exported using −Search-MailboxAuditLog −New-MailboxAuditLogSearch −ECP UI Default retention of 90 days Set-mailbox –identity –Auditlogagelimit

End of Exchange 2010 Compliance, Archiving, Retention Module

For More Information Exchange Server Tech Center Planning services Microsoft IT Showcase Webcasts Microsoft TechNet

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.