Emory Enterprise Exchange 2007 Tech Talk

1
Emory Enterprise Exchange 2007Tech Talk
2
Emory Email Components

• Email Team
• General mail flow
• Active Directory
• Exchange 2003
• Enterprise Exchange 2007
• Exchange Email Archiving

3
Email Team

• Jay Flanagan, Manager (also IDM, Security)
• James Reed, Lead
• Exchange, Active Directory, LearnLink, Meeting
  Maker
• Greg Cooper, Lead
• Exchange, Active Directory
• Terry Markert, Senior
• LearnLink, Exchange, Meeting Maker, Exchange
  Email Archiving
• Learning Exchange 2007, Active Directory
• David Gottschalk, Senior
• Eagle Mail, Mail Relays, Postini
• Wes Blalock (entry level)
• Meeting Maker, Exchange Email Archiving
• Learning Windows, Unix, Postini, Eagle Mail, Mail
  Relays, Exchange, Active Directory

4

• General Mail Flow

5
(No Transcript)
6

• Mail Flow

7
Inbound Enterprise Exchange 2007 Mail Flow
8
Outbound Enterprise Exchange 2007 Mail Flow
9
Internal Exchange Mail Flow
10

• Active Directory

11
(No Transcript)
12
Active Directory (contd)

• All Windows 2003 Native mode
• Required for Exchange to operate
• Emory University AD
• Root Domain Emory.Edu (EmoryAD)
• 2 Servers (AD1, URI)
• Child Domain EU.Emory.Edu (EmoryUnivAD)
• 5 Sites based upon firewall Core
• Admin Site (AD13, AD14, AD15)
• DMZ Site (AD10, AD11, AD12)
• Academic Site (AD2, Batman, Robin)
• ResNet Site (Pasteur)
• HIPAA Site (AD6, AD7)
• Emory Enterprise Resource Forest
• Domain Enterprise.Emory.Net (Enterprise)
• 2 Sites based upon role seclusion - HIPAA Core
• FSMO Site (ADRF1, ADRF2)
• APPS Site (ADRF3, ADRF4, ADRF5)

13

• Exchange 2003

14
(No Transcript)
15

• Enterprise
• Exchange 2007

16
History of Project

• Started November 2006
• Design Started January 2007
• Implementation Started ____________________
• Currently Testing with EHC IS
• Delays

17
Enterprise Exchange 2007
18
AD Layout for Enterprise Exchange 2007
19
Enterprise Exchange 2007 AD Layout

• Resource AD Forest
• One way trust between EHC AD
• Two way trust between EU AD
• (two way needed for MOM)
• All accounts from both ADs will be created
• Can be used for other MS applications
• Office Communicator Suite
• SharePoint

20
Client Access for Enterprise Exchange 2007
21
Enterprise Exchange 2007 Client Connectivity

• Outlook 2003 and 2007 Outlook 2007 required for
  full functionality
• Macintosh examples include Entourage
• IMAPS clients examples include Mozilla,
  Thunderbird, MacMail,Eudora, Outlook Express,
  other IMAPS clients
• Outlook Web Access IE 7 required for full
  functionality (lightweight version available for
  other browsers, i.e. FireFox, IE6 and lower,
  Safari, etc.)
• Mobile Devices currently ActiveSync and
  GoodLink Blackberry pending governance approval

22
Client Functionality Matrix
  Windows Exchange Clients Outlook 2003/2007 Outlook Web Access IMAPS clients
Send/Receive Email Y Y Y
Send/Receive Calendar Invitations Y Y N
Use Global Address List Y Y Y
Public Folder Access Y Y Y
Server-based contacts Y Y N
Auto-Archiving Y N N
Group Calendar Y Y N
Recover Deleted Items Y Y N
Work Offline Y N Y
Most IMAPS clients will be able to read and
post data to public folders, however, there may
be some which do not include this functionality
Information provided from University of
Connecticut Web Site
23
Client Functionality Matrix
  Macintosh Exchange Clients Entourage X Outlook Web Access IMAPS clients
Send/Receive Email Y Y Y
Send/Receive Calendar Invitations Y Y N
Use Global Address List Y Y Y
Public Folder Access Y Y Y
Server-based contacts Y Y N
Auto-Archiving N N N
Group Calendar N Y N
Recover Deleted Items N Y N
Work Offline Y N Y
Most IMAPS clients will be able to read and
post data to public folders, however, there may
be some which do not include this functionality
Information provided from University of
Connecticut Web Site
24
Client Functionality Matrix
Linux Exchange Clients Outlook Web Access IMAPS clients
Send/Receive Email Y Y
Send/Receive Calendar Invitations Y N
Use Global Address List Y Y
Public Folder Access Y Y
Server-based contacts Y N
Auto-Archiving N N
Group Calendar Y N
Recover Deleted Items Y N
Work Offline N Y
Most IMAPS clients will be able to read and
post data to public folders, however, there may
be some which do not include this functionality
Information provided from University of
Connecticut Web Site Ximian current release
only supports Exchange 2003, no current TBA from
vendor on updates
25
Enterprise Exchange 2007

• Secure
• Located in HIPAA core firewall zone
• Remote access given only on as required basis
• RSA Keyfob access required for VPN (giving 2
  factor auth)
• Managed security / management policies
• To be presented for formal approval to HIPAA
  steering committee in Fall
• Client connectivity via SSL
• Except from EHC Citrix VDT

26
Enterprise Exchange 2007 (contd)

• Highly Available
• Redundant Hardware
• Clusters for Mailbox servers
• Multiple redundant nodes for other server roles
  (CAS/HUB/EDGE)

27
Enterprise Exchange 2007 SAN

• SAN Storage
• Symmetrix DMX 3, RAID 1, 300GB
• Dedicated spindles for Exchange
• 96 x 110GB Databases (12 x active server)
• 96 x 43GB Log volumes (12 x active server)
• 4 x 34GB Public Folders DB/Logs (2 x cluster)
• 8 x 172GB Recovery Volume (1 per active server)
• 8 x 51GB - Edge Server DB / Logs (2 x server)
• 8 x 94GB - Hub Server DB / Logs (2 x server)

28
Enterprise Exchange 2007 Storage
29
Enterprise Exchange 2007 Backups

• Backups
• Designed for User self restoration
• Recover Deleted Items
• Databases for Disaster Recovery
• Full backup every x days (TBD, worst case 2 days)
• Differential (w/log rollup) daily
• Using EMC snap software and VSS management
• Using EMC Legato Networker to backup to CDL
• Up to 17TB CDL storage dedicated for Exchange
  backups
• 1 full backup with no compression estimated 9TB

30

• Exchange Email Archiving

31
Exchange Email Archival Overview

• Archive product selection under review
• Provides Exchange archiving / tiered storage
• Quota based archiving
• Attachment based archiving
• Stub attachments and messages
• Quick retrieval of full message and attachments
• Stores stub in plain text for minimal footprint
• End user restorability of deleted messages
• No storage limits for archived messages (300MB
  active mailbox limit)
• Seamless recovery of archived messages

32
Exchange Email Archival Overview (contd)

• Search ability
• Future Compliance searching
• Currently allows end user search ability to own
  archive
• Retention policies
• Can be used to manage compliance minimums (may
  eventually come for HIPAA or Sarbanes Oxley)
• Can expire messages after maximum retention
  periods

33
Exchange Email Archival Overview (contd)

• Targeted Clients
• Entourage (Macintosh) support
• Outlook
• Outlook Web Access
• IMAP User Access (TBD)

34
Enterprise Exchange 2007 Server Layout

• Servers
• 12 Mailbox Servers
• MS Cluster 1 4 Active, 2 Passive
• CMS Names Exchange10, Exchange11, Exchange12,
  Exchange13
• Contains 6 physical nodes
• MS Cluster 2 4 Active, 2 Passive
• CMS Names Exchange20, Exchange21, Exchange22,
  Exchange23
• Contains 6 physical nodes

35
Enterprise Exchange 2007 Server Layout (contd)

• Servers
• 4 Hub Servers
• MTA Role
• 4 CAS Servers (Client Access Server)
• OWA, AccessAnywhere (RPC over HTTPS),
  ActiveSync, MAPI/RPC, IMAPS
• 4 Edge Servers (border hygiene)
• Put in place for potential Mail Relay retirement
  (no ETA)
• Non Domain joined for security

36
Enterprise Exchange 2007 Resource Accounts

• Resource accounts available for
• Rooms - assigned to a meeting location, such as a
  conference room, auditorium, or training room
• Equipment - assigned to a resource that is not
  location specific, such as a portable computer
  projector, or microphone
• Requires designated owner(s)
• Owners responsible for assigning delegate access
  for management

37
Enterprise Exchange 2007 Sponsored/Department
Accounts

• Current
• Departments can be approved to have group
  accounts available for shared group access
• Sponsored users cannot have personal accounts
  however, they can use approved departmental
  account for department communications
• Sponsored account limitations
• Smaller quota
• Some limited functionality
• New Update

38
Enterprise Exchange 2007 Calendaring

• Meeting Maker will be decommissioned in August
  2008
• Outlook Calendaring provides Free/Busy status of
  both people and resources
• Assisted scheduling of meetings within Outlook or
  OWA client
• Resource Calendars Rooms, Equipment

39
Enterprise Exchange 2007 Existing Data Migration

• Eagle Mail server side data migration
• IMAP mail client local data user side migration
  (eg. Contacts, Distribution Lists, Distribution
  Groups, etc.)
• Exchange 2003 server side data migration
• LearnLink POP3 user side migration (will remain
  in use for student interactive services and
  maintain separate quotas)
• Departmental Email server department dependant
  migration options

40
Timeline

• TBD awaiting on EHC migration completion

41
Questions?