Exchange @ The Core with CTE Solutions


Published on

Microsoft Exchange Server 2013 brings a new rich set of technologies, features, and services to the Exchange Server product line. Its goal is to support people and organizations as their work habits evolve from a communication focus to a collaboration focus. At the same time, Exchange Server 2013 helps lower the total cost of ownership whether you deploy Exchange 2013 on-premises or provision your mailboxes in the cloud.

New features and functionality in Exchange 2013 are designed to do the following:

Whether you are an IT Professional looking for Exchange Server 2010 or Exchange Server 2013, the most comprehensive and certified training can be found at CTE Solutions.

Interested in a certification or simply learning about design, implementation, administration, and management? CTE can deliver the training in the format you need with the most experienced instructors:

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Exchange @ The Core with CTE Solutions

  1. 1. Exchange @ The Core Duration: 10:00am-12:30pm (1.5 hours) Presenter: Howard Forder . MCT, MCSE, MCDST, MODL, MCITP Are You Compliant?
  2. 2. Meet Howard Forder “25 years of consulting and training” MCT, MCSE, MCDST,MODL,A+
  3. 3. Exchange 2013 Compliance  This informative session will dive into the areas of Exchange that will help IT implement compliance features of email systems today.  Many companies have Exchange and thousands of mailboxes humming along. Use these guidelines to implement and ensure compliance.  Walk away with a better understanding of what compliance is, how it is used more effectively and how IT can drive that functionality forward with the built-in Exchange 2013 funtionality.
  4. 4. Agenda Section 1: Introduction to Exchange 2013 What’s New What is Compliance? Section 2: Implementing Compliance Desirables What is Compliance? Section 3: Related Certification Courses
  5. 5. Introduction to Exchange 2013 What’s New? What is Compliance?
  6. 6. What’s New?  Simplified Server Roles reduction from 4 roles to 2  New architecture  An expanded Administrator console completely web based.  A refined DAG that can include public folders  Data Loss Prevention (DLP)
  7. 7. What’s New? Simplified Server Roles reduction from 4 roles to 2
  8. 8. What’s New? New Architecture!
  9. 9. What’s New?
  10. 10. Are You Compliant?
  11. 11. What is Compliance? “Regulations on business that affects the flow of information, the storage of that information and the retrieval of that information to verify they are abiding by policies and laws pertaining to that organization”
  12. 12. Why Compliance?  To comply with regulations pertaining to your country and your specific industry.  To be able to produce, on demand, historical data within the legal time frame for retention.  To prove in a court of law that a piece of data exists.  To rest easier at night, knowing you are complaint!
  13. 13. Messaging Compliance Email can exist in a multitude of places.  Your mailbox databases  PST (Personal Storage Table) files or personal archives  Journaling mailbox (a copy of every email passing through)  Third party archiver (sometimes associated with the journaling mailbox.) You might not be able to get at this data when you need to!
  14. 14. Messaging Compliance “Given that Exchange 2013 can store 100+ GB per mailbox, why not just keep the data in Exchange and make it safe, searchable, and secure there?”
  15. 15. Compliance Guidelines 1) Comply with regulations for your country and your industry 2) There are no default answers when it comes to compliance. 3) Get guidance from your legal team. 4) Understand the basics of the regulation yourself. 5) Exchange provides a massive toolset. 1) Remove PSTs 2) Keep data in Exchange 3) Use built-in Search and Hold
  16. 16. Exchange 2013 as a Compliance Solution 1) Retention policies 2) Archiving 3) Discovery 4) Immutability 5) Leakage Protection
  17. 17. Exchange 2013 Functionality Journaling  Capture a copy of every item that passes through transport.  Captures entire message envelope (BCC and distribution expanded lists)  Calendar items and Lync not captured.  Can’t decrypt S/MIME emails only IRM  Many moving to In-Place-Hold instead
  18. 18. Journaling
  19. 19. Journaling Configuration
  20. 20. Exchange 2013 Functionality Transport Rules  Control over mail flow  Conditions to select mail and actions to be carried out, with exceptions if needed.  Can implement mail blocking by keyword.  Can route mail to a manager.  Transport rules can have a timeline, then expire, or test mode too.
  21. 21. Transport Rules
  22. 22. Transport Rules
  23. 23. Exchange 2013 Functionality Data Loss Protection (DLP)  New in Exchange 2013  40+ policy templates & 47 sensitive data types.  Scan deep into attachments.  User education through policy tips.  All of this can be audited.  A “Default DLP” already in place OOB.
  24. 24. Data Loss Protection (DLP)
  25. 25. Data Loss Protection (DLP)
  26. 26. Exchange 2013 Functionality Information Rights Management (IRM)  For encryption or permissions means the mail item passes through Exchange and can be decrypted by Exchange when needed such as Anti-spam or Anti-virus, unlike S/MIME.  Implemented as a transport rule or on the client side (Outlook, Office365/Exchange Online.)  Prevents leakage (printing, copying, forwarding or replying)
  27. 27. Information Rights Management (IRM)
  28. 28. Information Rights Management (IRM) From Outlook, we can see the effect of the policies in action.
  29. 29. Exchange 2013 Functionality Message Records Management (MRM)  Tags on mailboxes or folders for moving or deleting mail items.  Mandatory or personal tags.  One policy per mailbox (a default OOB)  Tasks, calendars and mail items covered.  Typically used to move inbox items to longer retention personal archives or delete.
  30. 30. Message Records Management (MRM)
  31. 31. Message Records Management (MRM)
  32. 32. Exchange 2013 Functionality In-Place Archiving  Secondary mailbox usually with longer retention and inexpensive storage  Can be the same DB or somewhere else, including the cloud.  Higher quota than primary mailbox  PST files can be manually dragged by end user or PowerShell by Administrator.  Only available online, not OSTs.
  33. 33. In-Place Archiving From OWA, we can see the normal inbox folders and the archive mailbox folders. Here we select a policy for this folder.
  34. 34. In-Place Archiving: Importing a PST New-ManagementRoleAssignment To assign the admin RBAC import permission to an administrator The end user can drag and drop, but only 20% typically do this.. New-MailboxImportRequest To import a PST file to the users archive mailbox Be compliant by getting those PST files imported into the archive mailboxes so they are searchable!
  35. 35. Exchange 2013 Functionality In-Place Hold Since 2010, litigation hold signifies data in mailboxes is immutable “Immutable databases ensure that data can never be changed once it has been committed”
  36. 36. Exchange 2013 Functionality In-Place Hold  No changes are possible to the original items.  Edits are captured and saved to versions.  The end user is not affected.  Discovery Officers have full access to the entire history.  Time-based holds (expiry time)  In Exchange 2013, not just full mailboxes, but specific data through queries.
  37. 37. In-Place Hold (litigation hold) You can place a mailbox on Litigation Hold by using the Exchange Administration Center (EAC) or the Shell (set the LitigationHoldEnabled parameter).
  38. 38. In-Place Hold (litigation hold) You can place a mailbox on Litigation Hold by using the Exchange Administration Center (EAC) or the Shell (set the LitigationHoldEnabled parameter).
  39. 39. Exchange 2013 Functionality e-discovery  After you hold large amounts of data, you need to search that data.  Need the RBAC role to search.  Provides access to web portal where a discover officer can search and preview data before exporting it.
  40. 40. Exchange 2013 Functionality e-discovery  In Exchange 2013, not just full mailboxes, but specific data through queries.
  41. 41. Administrator Audit Logging Track all actions carried out by administrators enabling control processes to be monitored and policies to be enforced. • Logs all cmdlets used by default. • You can provide a list of cmdlets, and their parameters, that you want to log. Can specify the cmdlets you want to audit by using the AdminAuditLogConfigCmdlets parameter. • You can specify full cmdlet names, such as New- Mailbox, or you can specify partial cmdlet names such as *Transport* or mix both.
  42. 42. Administrator Audit Logging Reports in the EAC  The auditing page in the EAC for compliance and administrative configuration changes.  Administrator role group report  A maximum of 3,000 entries can be returned.  If your search might return more than 3,000 entries, use the Administrator audit log report or the Search-AdminAuditLog cmdlet.  Administrator audit log This report enables you to export the audit log entries recorded within a specified timeframe to a XML file and then send the file via email to a recipient you specify. Use the The New-AdminAuditLogSearch cmdlet
  43. 43. Administrator Audit Logging
  44. 44. Exchange 2013 Functionality Mailbox Audit Logging  Monitor end user access.  Log delegate access.  Log administrator access to mail items.  Show who sent a particular item. 
  45. 45. Exchange 2013 Functionality Mailbox Audit Logging Set-Mailbox -Identity “Howard Forder" -AuditEnabled $true Set-Mailbox -Identity “Howard Forder" -AuditDelegate SendAs,SendOnBehalf -AuditEnabled $true Set-Mailbox -Identity “Howard Forder" -AuditOwner HardDelete -AuditEnabled $true Get-Mailbox “Howard Forder" | Format-List *audit*
  46. 46. Enabling Auditing Options
  47. 47. Trace a Bad Mail! Example from Paul Cunningham from We need to trace this email to the exact person who sent it. Note the time and date. We will need this when searching the audit log. This will assume you have turned on mailbox auditing for “Help Desk” already.
  48. 48. Trace a Bad Mail! Example from Paul Cunningham from Open the EAC and Run a non-owner mailbox access report.
  49. 49. Trace a Bad Mail! Example from Paul Cunningham from Select your date range as noted in the email.
  50. 50. Trace a Bad Mail! Example from Paul Cunningham from Now investigate: It’s the right email, but it doesn’t tell us who. To see more we need to use the -ShowDetails parameter.
  51. 51. Trace a Bad Mail! Example from Paul Cunningham from Sarah
  52. 52. Summary
  53. 53. Exchange Downloads
  54. 54. Exchange IT Courses
  55. 55. Core IT Course
  56. 56. Advanced IT Course
  57. 57. Exchange @ The Core Duration: 10:00am-12:30pm (1.5 hours) Presenter: Howard Forder . MCT, MCSE, MCDST, MODL, MCITP Are You Compliant?