close

Вход

Забыли?

вход по аккаунту

?

Module 07 - Exchange 2010 Transport, Routing and IPC

код для вставкиСкачать
Exchange Server 2010
Transport, Routing, and IPC
Exchange Deployment Planning Services
Exchange 2010 Transport,
Routing, and IPC Goals
The Exchange 2010 Transport and Routing
module has the following goals:
пѓ� Understanding the Hub Transport role
пѓ� Identify information protection requirements
пѓ� High level transport design and
recommendations
Exchange 2010 Transport,
Routing, and IPC Audience
Ideal audience for this workshop
пѓ� Messaging SME
пѓ� Networking SME
пѓ� Security SME
Exchange 2010 Transport,
Routing, and IPC
In this module focus on the following:
Transport and routing
Exchange Server 2010 transport key design goals
Capacity planning
High Availability and reliability
Instrumentation and reporting
Transport interoperability
Edge
Information Leakage Protection and Control
(IPC)
Transport content protection
Confidential communications
Exchange 2010 Transport,
Routing, and IPC
After this module you should have:
пѓ� Basic planning knowledge for Exchange
2010
пѓ� Basic understanding of Exchange 2010 hub
transport and routing
Exchange Server 2010
Transport
Key Design Goals
•
•
•
•
Lowering costs
Increased availability
Better administrative control
Operational excellence
Lowering Cost With Exchange
Server 2010Transport
40% of TCO is attributed to CapEx and 60% is attributed to
OpEx**
•
•
Lowering capital expenditure (CapEx)
в€’ Reduction in IOPS/msg through performance improvements
reduces number of servers required in deployment
в€’ Enable non-redundant storage (RAID0) configurations without
increased risk of data loss
Lowering operations expenditure (OpEx)
в€’ Smaller server footprint, less power and A/C
− “Disposable state” enables simple recovery actions (restart
process, restart server, rebuild database, reimage server)
в€’ Key Health Indicators (KHI) provide notification when system
needs attention
Capacity Planning
Transport Performance - Improvements
•
•
•
mail.que database improvements
в€’ Increased Extensible Storage Engine (ESE) page size to
32 KB
в€’ ESE Database (DB) page compression
в€’ ESE version store maintenance
в€’ Better use of intrinsic low voltage storage
в€’ Increase DB cache size and checkpoint depth
Decrease transport dumpster size through
truncation feedback to improve cache efficiency
Result: More than 50% reduction in IOPS (hub)
Capacity Planning
Transport Performance
Reducing Version Bucket Resource Pressure
500
450
Version Buckets
400
350
300
250
200
150
E2007
E2010
VersionBucketsHighThreshold (200)
VersionBucketsMediumThreshold (120)
100
50
0
10mb
30mb
90mb
150mb
Message Size
200mb
370mb
High Availability and Reliability
•
•
•
•
•
Overview
Stateless Hub Transport
Automated server recovery
Transport dumpster
Message Throttling
Stateless Hub Transport
Transport Redundancy, Overview
Goals
в€’ Increased reliability without increased hardware costs
в€’ Enabled by default
в€’ Shadow redundancy similar to transport dumpster
в€’ Data retained on previous hop until delivered
в€’ When failure in next hop detected, previous hop
resubmits
в€’ SMTP extensions used (create little overhead)
в€’ Ellimination of RAID overhead
− 50% IOP�s reduction for 80% Write I/O�s
How Does Transport
Redundancy Work? (1)
1. Hub (shadow) delivers message to Edge1
(primary)
Detects that Edge1 supports Transport
redundancy through XSHADOW verb
Hub moves message to shadow queue and stamps
Edge1 as current, primary owner
Hub
1
Edge1
Edge2
2
Foreign
MTA
2. Edge1 (primary) receives message
(becomes “primary owner”)
Edge1 delivers message to next hop
Edge1 updates discard status of the
message indicating delivery complete
to foreign MTA
How does Transport
Redundancy Work? (2)
Hub
1
3
4
Edge2
Edge1
2
3. Success: Hub (shadow) queries Edge1
(primary) for expiry status
Hub issues XQDISCARD command (next SMTP
Session),Edge1 checks local discard status and
responds with list of messages considered
delivered
пѓ Hub deletes messages from its shadow queue
4. Failure: Hub (shadow) queries Edge1 (primary)
discard status and resubmits
Hub opens SMTP session, issued XQDISCARD
command (heartbeat)—if Hub can’t contact Edge1
within timeout, resubmits messages in shadow
queue—resubmitted messages are delivered to
Edge2 (go to #1)
Foreign
MTA
13
Microsoft Confidential
Shadow Redundancy in Action
пѓ ehlo hub1.contoso.com
пѓџ 250-hub2.contoso.com Hello [192.168.1.102],
пѓџ 250-Size
пѓџ 250-Pipelining...
пѓџ 250-XSHADOW...
...
пѓ XSHADOW 2oXJTlaork+WHKoTaVBg5g==
пѓџ 250 tFNe8ke2k0mWPKAuQLsFHQ==
...
пѓ MAIL FROM:<ewan@contoso.com> SIZE=6004 XSHADOW=43d35a45-69ba4838-95a4-1c05e83b5e1a
...
пѓ XQDISCARD 50
пѓџ 251 OK, no discard events
...
пѓ XQDISCARD 50
пѓџ 250 43d35a45-69ba-4838-95a4-1c05e83b5e1a
Other Scenarios
•
•
Delayed acknowledgement after end of data
в€’
в€’
в€’
в€’
Mailbox Submission redundancy relies on copy of
message in sender’s “Sent Items” folder
в€’
•
SMTP submission from Exchange Server 2003/2007,
3rd party MTA / MUA, UM, POP, and IMAP
250 response delayed up to 30 seconds (default)
If transport server fails before ack, client resubmits
Mail Submission Service resubmits copy when hub doesn’t acknowledge
successful delivery of message
System generated (Journal Report, NDR) are considered
“side effects” of original message submission, tracked as
part of original delivery status
Shadow Redundancy
Configuration
Global Shadow Redundancy Configuration:
[PS] D:\>get-TransportConfig | FL Shadow*
ShadowRedundancyEnabled
: True
ShadowHeartbeatTimeoutInterval : 00:05:00
ShadowHeartbeatRetryCount
: 3
ShadowMessageAutoDiscardInterval : 2.00:00:00
Delayed Acknowledgement Timer Configuration:
[PS] D:\>get-receiveconnector | ft server,name,MaxAcknowledgementDelay -a
Server
-----HP64PIZZA50
HP64PIZZA50
Name
---Default HP64PIZZA50
Client HP64PIZZA50
MaxAcknowledgementDelay
----------------------00:00:30
00:00:30
Delayed Acknowledgement disabled on a receive connector by setting
MaxAcknowledgementDelay to 00:00:00
Shadow Redundancy
Queue
Automated Service Recovery
•
•
Exchange Server 2007 memory resource
pressure results in decreased service availability
в€’ Exchange 2010 implemented signal to generate Dr.
Watson report (determine cause of failure) and restarts
в€’ Exchange 2010 Alert can send to System Center to
further analyze resource pressure
Exchange Server 2007 queue database
corruption results in downtime until administrator
can perform manual recovery
в€’ With Exchange 2010, transport will detect queue
database corruption, move/delete DB, and continue
operation
в€’ Shadow redundancy provides data resiliency
Transport Dumpster 2007
Issues with Exchange 2007
•
•
•
Up to 200% increase in IOPS/msg on hub transport role
when using transport dumpster in Active DirectoryВ®
Domain Services (AD DS) site with many storage groups
в€’ 18 MB quota per storage group using CCR results in inefficient
JET database cache
Redelivery request from mailbox role after lossy failover
results in resubmission of entire quota
в€’ Analysis has shown that most are detected as duplicates unless
significant log replication lag exists
Cannot recover data that exceeds dumpster quota (default
18 MB) regardless of how many logs lost in DB failover
в€’ Increased quota results in decreased cache efficiency
Transport Dumpster 2010
Improvements
• Eliminate extra IOPS due to transport dumpster
• Database replication feedback from mailbox role allows
dumpster truncation on hub role
в€’
в€’
в€’
•
•
•
LastLogInspected time for each database copy retrieved from active
manager at regular interval
Timestamp of “worst” database copy in DAG used as the dumpster
watermark for each database
Items older than dumpster watermark are removed based on scheduled
feedback
Content of transport dumpster queue based on log
replication latency and frequency of feedback
− Still does not exceed the “configured size”
Redelivery requests result in resubmission of messages
newer than dumpster watermark
Redelivery requests to Hub servers in all AD DS sites
Transport Dumpster
Statistics
How many items are in the dumpster for each database ?
How much space is the dumpster consuming for each database?
PS] D:\>get-date;Get-MailboxServer | for each {get-databasecopystatus -MailboxServer
$_.identity -DumpsterStatistics | ? {$_.SummaryCopyStatus -ne 'Mounted'}} | foreach
{$_.DumpsterStatistics}
Monday, June 16, 2008 11:07:02 PM
Server
: HP64PIZZA50
OldestItem : 6/16/2008 11:06:11 PM
QueueSize
: 3645
NumberOfItems : 63
Server
: HP64PIZZA50
OldestItem : 6/16/2008 11:06:14 PM
QueueSize
: 827
NumberOfItems : 43
Message Throttling
•
Throttling of MAPI and SMTP client submissions
•
в€’ Prevent mail storms due to accidental misuse, misbehaving
software and malware
Manage using *-ThrottlingPolicy cmdlets
•
в€’
в€’
MessageRateLimit throttles rate of message submission from
authenticated user or anonymous IP address
в€’
в€’
в€’
•
Throttling policies are applied per-user
Transport settings in Default Throttling policy are disabled by default
Evaluated per-server over 1 minute period
SMTP returns transient errors when rate exceeded
Mail Submission Service defers messages in outbox once rate has been exceeded,
retries submission periodically
RecipientRateLimit throttles number of messages submitted
в€’
в€’
Evaluated over 24 hour period
Error returned to client for all submission attempts once quota exceeded
Instrumentation and Reporting
•
•
Key Health Indicators
SLA instrumentation
в€’
в€’
в€’
в€’
в€’
в€’
Measuring delivery latency
End-to-end latency
Server component latency
Historical reporting and trends
Transport scorecard
Transport dashboard
Key Health Indicators
•
•
Exchange Server 2007 Health
в€’ Service availability: measurement of process uptime
в€’ Error events: large number of error conditions that may
cause service disruption if left undetected
Exchange 2010 KHIs used to determine when user
experience impacted:
в€’ Delivery Latency to determine if delivered messages are
meeting SLA objectives
в€’ Submission Availability to determine if server is available to
accept new messages
в€’ DSN Generation to determine if server is failing to deliver
messages
в€’ Delivery Completion to determine if server is unable to
complete delivery
Measuring Delivery Latency
SLA
•
•
•
•
•
Measures latency of every component involved
with delivering message end-to-end
Intra-organizational delivery latency is measured
from point of entry into organization to mailbox
delivery or transfer to external mail system
Servers in route between org entry and exit
contribute to the end-to-end latency
Components on each server contribute to the
latency on each server
Reporting through message tracking log and
PerfMon instrumentation
Measuring Delivery Latency
Process
•
•
First Exchange 2010 (H1) Server loops over received headers for
InternalSMTPServers (H1 -> P2 -> P1):
в€’
в€’
в€’
Add Latency header for P2’s and P1’s received header
Add OriginalArrivalTime header for P1
Add InProgress header for H1
Server (H3): Loop over Received headers until we reach the previous
Exchange 2010 server (H3 -> H2 -> H1):
в€’
в€’
в€’
Add Latency header for H2’s received header
Convert H1’s InProgress header to latency header
Add InProgress header for H3
Measuring Delivery Latency
Message Tracking Log
[PS] C:\>get-messagetrackinglog –server:df-mlt-01 -messageid:
<E26375F9F42D49F3BE8C142DB50E1517@redmond.corp.microsoft.com>" | ConvertToMessageLatency.ps1 | FT -a ComponentServerFqdn,ComponentCode,ComponentName,ComponentLatency
ComponentServerFqdn
------------------msw-sfw-r03.redmond.corp.microsoft.com
tk5-exsmh-c102.redmond.corp.microsoft.com
tk5-exhub-c103.redmond.corp.microsoft.com
TK5EX14MLTC101.redmond.corp.microsoft.com
df-h14-01.exchange.corp.microsoft.com
DF-MLT-01.exchange.corp.microsoft.com
ComponentCode
------------TOTAL
TOTAL
TOTAL
TOTAL
TOTAL
TOTAL
ComponentName
ComponentLatency
---------------------------Total Server Latency
00:00:03
Total Server Latency
00:00:23
Total Server Latency
00:00:08
Total Server Latency
00:00:00
Total Server Latency
00:00:00
Total Server Latency
00:00:00
Hop 1: 3rd Party Application MTA (Previous Hop Latency)
Hops 2,3: Exchange Server 2007 (Previous Hop Latency)
Hops 4,5,6: Exchange Server 2010 (Latency Tracker)
27
End-to-End
Delivery
Latency of ~34
seconds
Server Component Latency
Message Tracking Log
Why did messages take longer than 20 seconds to deliver end to end?
[PS] D:\>get-messagetrackinglog -server:fesmoke2 -eventid:deliver | where {$_.MessageLatencyType eq "EndtoEnd" -and $_.MessageLatency.TotalSeconds -gt 20} | convertTo-messageLatency | where
{$_.Latency -gt "00:00:20" -and $_.ComponentCode -notlike "total"}
InternalMessageId : 1
MessageId
: <f8bee984-LB18.BXWLWF-dom.com>
MessageLatency
: 00:00:25.7500000
MessageLatencyType : EndToEnd
ServerFqdn
: 3859R7-LB18.BXWLWF-dom.extest.microsoft.com
ComponentCode
: SMR
ComponentName
: SMTP Receive
Latency
: 00:00:22
InternalMessageId : 3
MessageId
: <32623cfb-LB18.BXWLWF-dom.com>
MessageLatency
: 00:00:26.6180000
MessageLatencyType : EndToEnd
ServerFqdn
: 3859R7-LB18.BXWLWF-dom.extest.microsoft.com
ComponentCode
: SMR
ComponentName
: SMTP Receive
Latency
: 00:00:24
Server Component Latency
PerfMon Object
Measuring Transport Service Levels
•
Server statistics log, containing traffic summary:
ServerStatisticsLogMaxAge
: 30.00:00:00
ServerStatisticsLogMaxDirectorySize
: 250 MB (262,144,000 bytes)
ServerStatisticsLogMaxFileSize
: 10 MB (10,485,760 bytes)
ServerStatisticsLogPath
: C:\Program
Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ServerStats
•
Active user statistics log, containing summary of
user usage:
ActiveUserStatisticsLogMaxAge
: 30.00:00:00
ActiveUserStatisticsLogMaxDirectorySize : 250 MB (262,144,000 bytes)
ActiveUserStatisticsLogMaxFileSize
: 10 MB (10,485,760 bytes)
ActiveUserStatisticsLogPath
: C:\Program
Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ActiveUsersStats
Transport Statistics (1)
Transport Statistics (2)
Transport Interoperability
•
Routing version boundary change:
в€’
в€’
в€’
в€’
•
•
•
Exchange 2010 Mailbox servers can only submit to Exchange 2010 Hub
Transport servers
Exchange 2010 Hub Transport servers can only deliver to Exchange 2010
Mailbox servers
Exchange Server 2007 Mailbox servers can only submit to Exchange
Server 2007 Hub Transport servers
Exchange Server 2007 Hub Transport servers can only deliver to
Exchange Server 2007 Mailbox servers
Exchange 2010 Hub Transport servers can communicate
with Exchange Server 2007 Hub Transport servers via
SMTP (and vice versa)
Inter-site routing has no version preference
в€’
Hub role will load-balance inter-site traffic to all hubs in target site
Subscribed Edge servers:
в€’
в€’
Have no version preference when routing inbound/outbound traffic
Exchange 2010 Hub Transport will become authoritative for Edgesync
Transport Roles
Edge Transport Improvements
•
•
Better Performance for EdgeSync via Deltasync
Mode
в€’ Under this mode, each time EdgeSync service only
reads the delta change since last sync and updates the
target accordingly
Support for safe senders and blocked senders
в€’ Configurable Safe List quotas
в€’ Administrator defined blocked senders
в€’ Automatic update of Safe Sender list propagation into
Active Directory
Transport Roles
Edge Transport Improvements
•
•
•
Exchange 2010 builds upon the success of Safe
Senders by providing positive differentiation of
Safe Recipients.
Users’ blocked senders are stored as part of their
junk e-mail rule in the mailbox.
Users’ blocked senders are respected on Edge as
follows:
в€’ Junk E-mail Options Assistant propagates blocked senders lists
from mailboxes to AD DS
в€’ EdgeSync pushes blocked senders from AD to AD LDS on Edges
в€’ On Edge, the Sender Filtering agent blocks mail from blocked
senders
Edge
Faster synch of safe/blocked senders
Both Safe Sender and Blocked Sender lists now synched to the Edge in seconds
Edge
•
Enhanced EdgeSync Configuration and
Troubleshooting
в€’ Exposed Configuration Settings to Powershell
в€’ Added new log file to track EdgeSync activity
Further Transport Improvements
•
•
Exchange 2010 allows to disable TLS for
wide-area network (WAN) Accelerators
в€’ For use in geographically dispersed locations
в€’ Routing Topology must be considered
в€’ Use -UseDownGradedExchangeServerAuth setting on Hub
Server Role
Journaling improvements
в€’ Reconciliation with Long Term Archive verifying that journal
messages have been received/processed by offsite
archiving vendors
в€’ Identify BCC recipients in journal reports, distinguish
recipient type to identify BCC recipients
в€’ Improvements for Archiving messages that resulted in NDR
в€’ Allow to journal voice mail
SMTP Failover and Load
Balancing Improvements
•
•
Enhanced DNS is used to evenly load
balance when all servers are healthy, but
things become uneven when a server is
unhealthy
SP1 introduces new behavior that detects
and tracks unhealthy servers
в€’ For example, Hub1 needs to route several
messages to another site which contains Hub2,
Hub3, and Hub4. If Hub1 knows that Hub3 is
unavailable, it'll remove that server from the list
of possible targets and only route to Hub2 and
Hub4, evenly load balancing across them
Improvements in SP1
•
MailTips
в€’ Control the types of MailTips that are shared
and even designate a specific group of users
for which to return MailTips
в€’ New capabilities include changes to event log
entries, alerts, and performance monitor
counters
Improvements in SP1
•
Message Tracking
в€’ Improved error messages for delivery reports for
situations where a user attempts to access delivery
reports for a specific message but is unable to view the
report (e.g., immediately after sending it, but before the
tracking information is inserted into the logs). Messages
displayed to the users have been greatly improved,
providing explanations as to why the information isn't
available
в€’ New event log entries, alerts, and performance monitor
counters
в€’ You can now request complete logs of every operation
that was executed by a Client Access server processing
a delivery report request
Improvements in SP1
•
Throttling Enhancements
в€’ Transport servers now maintain a running average delivery cost of
messages sent by individual senders. If a user keeps sending
costly messages (e.g., those addressed to large audiences or with
large attachments), Transport servers start to give priority to other
messages with lower cost before processing messages from that
sender. For example, if a user is sending multiple messages with
10MB attachments, Transport will start processing other messages
without attachments first before handling further messages from
this particular sender.
в€’ Transport also keeps track of the RPC utilization of Mailbox
servers. If a Hub Transport server detects that a Mailbox server is
under RPC resource pressure, it'll scale back the RPC sessions it
opens to that Mailbox server. This way, interactive client
connections to the Mailbox server take precedence over message
delivery when it comes to utilizing RPC resources on a Mailbox
server.
Improvements in SP1
•
Shadow Redundancy Improvements
в€’ To address potential timeout issues, a new
feature called shadow redundancy promotion is
introduced in Exchange 2010 SP1. When faced
with a scenario where Transport issued
acknowledgement without delivery
confirmation, instead of issuing an
acknowledgment without delivery confirmation,
a Transport server now routes the message to
any other Transport server within the site so
that the message is protected by shadow
redundancy
Improvements in SP1
•
SMTP Failover and Load Balancing
Improvements
в€’ Enhanced DNS is used to evenly load balance
when all servers are healthy, but things become
uneven when a server is unhealthy
в€’ SP1 introduces new behavior that detects and
tracks unhealthy servers
в€’ For example, Hub1 needs to route several
messages to another site which contains Hub2,
Hub3, and Hub4. If Hub1 knows that Hub3 is
unavailable, it'll remove that server from the list of
possible targets and only route to Hub2 and Hub4,
evenly load balancing across them
Improvements in SP1
•
Send Connectors over Reliable Connections
в€’ Several new features were added to the Send connectors. Most
changes are to support coexistence with Exchange Online
в€’ You can have dedicated Send connectors that are responsible for
transmitting messages over well-defined communication channels
that are expected to always be available, such as a Send
connector dedicated to send messages to Exchange Online. On
such connections, many of the typical errors that are possible on
ordinary destinations on the Internet aren't expected. In this
scenario, you may want to treat any communication errors as
transient as opposed to issuing NDRs. With SP1, you can
configure a Send connector to downgrade authentication and
name resolution errors, which would normally result in an NDR, to
transient errors. In these cases, Exchange will attempt delivery
again instead of issuing an NDR.
Information Leakage and Control
Agenda
Transport Content Protection
What’s new in Microsoft® Exchange 2010?
Confidential communications
Automatic content-based privacy
Transport Pipeline decryption
IRM in OutlookВ® and OWA
Outlook Protection Rules
B2B RMS communication
What's New?
•
•
Exchange Server 2007 introduced
в€’ Secure intranet e-mail by default
в€’ Opportunistic TLS
в€’ RMS pre-Licensing
Exchange 2010 goes beyond
в€’ Automatic detection and protection of sensitive
content using RMS
в€’ Provides centralized control of e-mail protection
в€’ Enable transport agents to be "RMS aware"
в€’ Secure business communication using RMS
Information Leakage
Can Be Costly On Multiple Fronts
Legal, Regulatory and Financial impacts
Cost of digital leakage per year is measured in $Billions
Increasing number and complexity of regulations
(e.g. GLBA, SOX, CA SB 1386)
Non-compliance with regulations or loss of data can lead
to significant legal fees, fines, and more
Damage to Image and Credibility
Damage to public image and credibility with customers
Financial impact on company
Leaked e-mails or memos can be embarrassing
Loss of Competitive Advantage
Disclosure of strategic plans, M&A info potentially
lead to loss of revenue, market capitalization
Loss of research, analytical data, and other
intellectual capital
Traditional Solutions Protect
Initial Access
Authorized
Users
Information
Leakage
Access Control
List Perimeter
Unauthorized
Users
Unauthorized
Users
Firewall Perimeter
…but not ongoing usage.
Message Confidentiality?
Enforcement tools are
required—content protection
should be automated.
Exchange 2010 and RMS Overview
•
•
•
•
Automatic Protection
Streamlined User Experience
Enable IT Infrastructure
B2B RMS
What is Rights Management Services?
•
•
•
•
Windows platform information protection technology
Granular protection that travels with the data
Persistent protection
в€’ Protects your sensitive information no matter where it goes
в€’ Usage rights locked within the document itself
в€’ Protects online and offline, inside, and outside of the firewall
Granular control
в€’ Users apply IRM protection directly within an e-mail
в€’ Users can define who can open, modify, print, and forward an email
в€’ Organizations can create custom usage policy templates such as
"Confidential—Read Only"
в€’ Limit attachment access to only authorized users
Protected Content in Outlook
RMS Protection is applied both to the
message itself and to the attachments.
Saved attachments retain the relevant
protection (e.g. rights to view, print or copy
content).
Automatic Content-Based
Privacy
Eliminate Reliance On End-User
•
•
•
Protect message in transit via Transport
Rules action
Protect messages by default at Outlook
Client
Private Voice message automatically
protected by UM
Automatic Content-Based Privacy
Exchange Server 2010 provides a single point in the
organization to control the protection of e-mail
messages.
Automatic Content-based Privacy:
•Transport Rule action to apply RMS template to e-mail
message
• Transport Rules support Regex scanning of attachments
in Exchange 2010 (including content)
• Internet Confidential and Do Not Forward Policies
available out of box
Protection via Transport Rules
•
•
•
•
New Transport rule action to “RMS protect”
Transport Rules support regular expression
scanning of attachments in Exchange 2010
“Do Not Forward” policy available out of the
box
Office 2003, Office 2007, Office 2010, and
XML Paper Specification (XPS) documents
are supported for attachment protection
Protection via Transport Rules
Apply RMS policies
automatically using
Transport Rules
Apply “Do Not
Forward” or custom
RMS templates
How does it work?
Transport Rules:
Active DirectoryВ® Domain
Services (AD DS)
Outlook Protection Rules
•
•
•
Allows an Exchange administrator to define clientside rules that will protect sensitive content in
Outlook automatically
в€’ Rules can be mandatory or optional depending on
requirements
Rules look at the following predicates:
− Sender’s department (HR, R&D, etc.)
− Recipient’s identity (specific user or distribution list)
− Recipient’s scope (all within the organization, outside,
etc.)
Rules are automatically retrieved from Exchange
using Autodiscover and Exchange Web Services
Outlook Protection Rules
•
•
•
Allows an Exchange administrator to define clientside rules that will protect sensitive content in
Outlook automatically
в€’ Rules can be mandatory or optional depending on
requirements
Rules look at the following predicates:
− Sender’s department (HR, R&D, etc.)
− Recipient’s identity (specific user or distribution list)
− Recipient’s scope (all within the organization, outside,
etc.)
Rules are automatically retrieved from Exchange
using Autodiscover and EWS
Outlook Protection Rules
•
IRM Protection will be applied by Outlook
в€’ IRM protected e-mail can be shown in OWA
в€’ IRM protected e-mail can be indexed by the
content indexing engine on the mailbox server
в€’ Mail can be journaled in the clear to internal or
3rd party archives
в€’ E-discovery is able to access or retrieve these
messages within Exchange
Outlook Protection Rules
IRM protection automatically triggered
based on sender/receiver attributes
Authorized users can
turn off protection
Protection is
applied at the
client level
Can be used to
prevent e-mail
service
provider from
accessing your
e-mail
Supported attachments are
also protected
Windows Desktop Search will
index headers and subject
How does it work?
Outlook Protection Rules
Rights Management Services
Integration in Unified Messaging
•
•
•
UM administrators can allow incoming voice
mail messages to be marked as “private”
Private voice mail can be protected using
“Do Not Forward”, preventing forwarding or
copying content
Private voice mail is supported in Outlook
2010 and OWA 2010
Protected Voice Mail
(Do Not Forward)
Do Not Forward
template
Permissions applied
by sender or
required by
administrative policy
Voice mail and transcript are protected using AD RMS Protectors
How does it work?
Protected Voice Mail
Exchange 2010 and RMS Overview
•
•
•
•
Automatic Protection
Streamlined User Experience
Enable IT Infrastructure
B2B RMS
Streamlined End-User
Experience
Prevent RMS Protection from getting in user’s way
•
•
•
•
Pre-licensing enables offline and mobile
access to RMS protected messages
IRM Feature Parity between Outlook and
OWA
Conduct full-text search on RMS protected
messages in OWA
Built-in ability to create/consume RMS
protected messages with Windows MobileВ®
6.x
Rights Management Services
Integration in Outlook Web
Access
•
•
•
Create/consume RMS protected messages
natively, just like Outlook
No client download or installation required
Supports:
в€’ Mozilla Firefoxв„ў, Safari В®, MacintoshВ® and
Windows В®
в€’ Conversation View, Preview pane
в€’ Full-text search on RMS protected messages
Rights Management Services
Integration in Outlook Web
Application
How does it work?
Outlook Web App
Exchange 2010 and RMS Overview
•
•
•
•
Automatic Protection
Streamlined User Experience
Enable IT Infrastructure
B2B RMS
Transport Pipeline Decryption
•
•
•
Enables Hub Transport agents to scan/modify RMS
protected messages
в€’ Required for Antivirus scanning, Transport Rules or 3rd party
agents
Decryption Agent
в€’ Decrypts message and attachments, using RMS super-user
privileges
в€’ Only decrypts once per forest, on the first Hub, to improve
performance
в€’ Option to NDR messages that cannot be decrypted
Encryption Agent
в€’ Re-encrypts messages, message forks and NDRs with
original Publishing License
Journal Report Decryption
Server Decryption agent:
• Attaches clear-text copies of RMS
protected messages and
attachments to journal mailbox
• Requires super-user privileges, off
by default
• Stamps x-Org header to prevent
future decrypt attempts
Archive/Journal
Encryption
Journaling
3rd Party
Agents
Transport
Rules
Forefront
Security for
Exchange
Decryption
How does it work?
Transport Decryption
Journal Report Decryption
Exchange 2010 and RMS Overview
•
•
•
•
Automatic Protection
Streamlined User Experience
Enable IT Infrastructure
B2B RMS
Business to Business RMS
Securely Communicate With Partners
Available in SP1
Customers can communicate using RMS
between organizations by deploying ADFS and
setting up trusts
ADFS requires a separate trust between each partner
ADFS isn’t supported by Exchange
In Exchange 2010, customers can federate with
the Microsoft Federation Gateway instead of
each partner
A single federation point replaces individual trusts
Allows Exchange to act on-behalf-of users for decryption
Business to Business RMS
contoso.com
Create a federated trust
with Microsoft Federation
Gateway using wizard
Exchange 2010
AD DS RMS 2008
Microsoft
Federation Gateway
fabrikam.com
Create a federated trust
with Microsoft Federation
Gateway using wizard
Exchange 2010
Organizations federate
Exchange and RMS with
the Microsoft Federation
Gateway
1
contoso.com
Microsoft
Federation Gateway
fabrikam.com
Message is protected
against Contoso AD DS
RMS server
Exchange 2010
AD DS RMS 2008
Organizations federate
Exchange and RMS with
the Microsoft Federation
Gateway
User in Contoso sends
an RMS protected
message to a recipient
in Fabrikam
Exchange 2010
1
2
contoso.com
Microsoft
Federation Gateway
fabrikam.com
Organizations federate
Exchange and RMS with
the Microsoft Federation
Gateway
Fabrikam requests a
delegation SAML token
from the Federation
Gateway
Exchange 2010
Exchange 2010
Delegation SAML token
is used to authenticate
on-behalf-of the recipient
to Northwind Traders’s
RMS server
AD DS RMS 2008
1
User in Contoso sends
an RMS protected
message to a recipient
in Fabrikam
2
Fabrikam’s Exchange
server requests a
delegation SAML token
from Federation Gateway
for Contoso’s RMS server
3
contoso.com
Microsoft
Federation Gateway
fabrikam.com
Contoso validates the
signature on the
delegation SAML token
and ensures that the
recipient has rights to the
message
Northwind Traders returns
a license to Fabrikam
which can be used to
decrypt the message in
OWA and enforce rights
Exchange 2010
Exchange 2010
AD DS RMS 2008
Organizations federate
Exchange and RMS with
the Microsoft Federation
Gateway
1
User in Contoso sends
an RMS protected
message to a recipient
in Fabrikam
2
Fabrikam’s Exchange
server requests a
delegation SAML token
from Federation Gateway
for Contoso’s RMS server
3
Contoso returns license to
Fabrikam to decrypt mail
in OWA for recipient
4
Business to Business RMS
Securely Communicate With Partners
Senders can control how their data is accessed by 3rd
parties
By using federation, RMS can allow organizations and
applications to access data on-behalf-of individuals
They can specify whether recipient organizations can archive
e-mails in the clear
RMS administrator can control which 3rd parties can access
data using federated authentication (allow/block list)
Recipient organization can decrypt RMS protected
messages for OWA, Journal Report Decryption, and
Transport Pipeline decryption
Dependencies
•
•
•
Exchange 2010
в€’ Supported on Windows ServerВ® 2008 SP2 and
R2
RMS integration features require:
в€’ RMS on Windows Server 2008 SP2
в€’ RMS on Windows Server 2008 R2
B2B RMS requires:
в€’ Windows Server 2008 R2 RMS
в€’ Exchange 2010 SP1
Improvements in SP1
•
•
WebReady Document Viewing of IRM-protected
attachments in OWA
в€’ View IRM-protected attachments without having to
download them. Preview IRM-protected documents on
computers that don't have Microsoft Office installed.
Along with the cross-browser and cross-platform
support in Outlook Web App, this functionality extends
the reach of IRM to various browsers and operating
systems
IRM Logging
в€’ Enable logging of IRM features on the Mailbox, Hub
Transport, Client Access, and Unified Messaging server
roles. IRM logs contain detailed transaction and error
information, allowing administrators to easily monitor
and troubleshoot IRM features
Improvements in SP1
•
•
IRM in Exchange ActiveSync
в€’ IRM in Exchange ActiveSync allows users with
supported devices to access IRM-protected
messages without first having to activate the
device for IRM by tethering the device to a
computer – IRM available for all supported EAS
devices
Cross-organization support
в€’ IRM features supported in cross-organization
topologies for easier collaboration between two
organizations via OWA
End of Exchange 2010
Transport, Routing, and IPC
Module
Design Session
Architectural Design Session
For More Information
•
Links to follow…
В© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Документ
Категория
Презентации по английскому языку
Просмотров
42
Размер файла
3 639 Кб
Теги
1/--страниц
Пожаловаться на содержимое документа