View
1.015
Download
6
Category
Tags:
Preview:
DESCRIPTION
Citation preview
Module 9
Configuring Messaging Policy and Compliance
Module Overview
• Introducing Messaging Policy and Compliance
• Configuring Transport Rules
• Configuring Journaling and Multi-Mailbox Search
• Configuring Messaging Records Management
• Configuring Personal Archives
Lesson 1: Introducing Messaging Policy and Compliance
• What Is Messaging Policy and Compliance?
• Discussion: Compliance Requirements
• Options for Enforcing Messaging Policy and Compliance
What Is Messaging Policy and Compliance?
Exchange Server 2010 has features that help you manage information distribution and comply with regulatory and legal requirements, such as:
• Restricting message flow
• Retaining copies of all or specific messages
• Managing messages in user mailboxes
• Searching for messages
Discussion: Compliance Requirements
• What type of business is your organization?
• What are some legislated compliance requirements for your organization?
• What additional compliance requirements does your organization have?
• How are you currently meeting these compliance requirements?
Options for Enforcing Messaging Policy and Compliance
• Transport rules
• Message journaling
• Rights management integration
• Mailbox searching
• Message retention and deletion
• Personal Archives
Lesson 2: Configuring Transport Rules
• What Are Transport Rules?
• Transport Rule Components
• Demonstration: How To Configure Transport Rules
• What Are Message Classifications?
• What Is AD RMS?
• How AD RMS Works
• How AD RMS Integration Works
• Demonstration: How to Configure AD RMS Integration
• Options for Configuring Moderated Transport
• Demonstration: How to Configure Moderated Transport
What Are Transport Rules?
Transport rules on an Edge Transport server are:
• Stored in AD LDS
• Unique to each Edge Transport server
• Used to manage inbound or outbound messages
Transport rules restrict message flow or modify message contents for messages in transitTransport rules restrict message flow or modify message contents for messages in transit
Transport rules on a Hub Transport server are:
• Stored in the Active Directory site
• Applied by all Hub Transport servers
• Used to apply compliance requirements
Transport Rule Components
• Conditions: Specify which e-mail message components are used to identify the e-mail messages
• Exceptions: Specify which e-mail messages to exclude from having an action applied
• Actions: Specify the processes to be applied to messages
• Predicates: Used by conditions and exceptions to define what part of an e-mail message will be examined
Demonstration: How to Configure Transport Rules
In this demonstration, you will see how to configure transport rules that apply:
• A disclaimer to messages sent to external recipients
• A restriction based on a regular expression
What Are Message Classifications?
Administrators can:
• View existing message classifications
• Modify existing message classifications
• Create new message classifications
• Configure Outlook 2007 to support message classifications
Message classifications mark messages with labels that provide recipients with special information about the message
Message classifications mark messages with labels that provide recipients with special information about the message
Message classifications can be applied by:
• Outlook 2007 or Outlook Web App users
• Transport rules
What Is AD RMS?
You can use AD RMS to:
• Restrict access to an organization’s intellectual property
AD RMS is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use
AD RMS is an information protection technology that works with AD RMS-enabled applications to help safeguard digital information from unauthorized use
• Limit the actions users can perform on content
• Limit the risk of content being exposed outside the organization
AD RMS components:
• AD RMS server • AD DS
• SQL Server• RMS-aware application
How AD RMS Works
RMS Server
Information Author Recipient
11
22 33
44
55
How AD RMS Integration Works
By integrating AD RMS with Exchange Server 2010, you can:
• Enable users to protect content
• Use AD RMS prelicensing
• Configure Outlook Protection rules to apply AD RMS templates automatically
• Configure Transport Protection rules to apply AD RMS templates
• Enable Journal Report Decryption
• Enable Transport Decryption
• Enable IRM in Outlook Web App
Demonstration: How to Configure AD RMS Integration
In this demonstration, you will see how to:
• Protect e-mail messages by using AD RMS
• Configure a transport rule that applies AD RMS protection
Options for Configuring Moderated Transport
In Exchange Server 2010, you can configure:
• Transport rules that require moderation
• Recipients that require moderation
Moderated transport enables the moderator to approve messages before deliveryModerated transport enables the moderator to approve messages before delivery
Demonstration: How to Configure Moderated Transport
In this demonstration, you will see how to:
• Configure a distribution group for moderation
• Configure a transport rule that enables moderation
Lesson 3: Configuring Journaling and Multi-Mailbox Search
• Message Journaling Options
• Demonstration: How to Configure Message Journaling
• Considerations for Managing the Message Journal Mailbox
• What Is Multi-Mailbox Search?
• Demonstration: How to Configure Multi-Mailbox Search
Message Journaling Options
You can configure message journaling by configuring:
• Per-recipient journaling
• Journal mailboxes per mailbox database
• Journaling as part of Messaging Records Management
Message journaling enables you to send copies of messages to any mailbox or valid SMTP addressMessage journaling enables you to send copies of messages to any mailbox or valid SMTP address
A journal report is a new message that includes the original message as an attachment A journal report is a new message that includes the original message as an attachment
Demonstration: How to Configure Message Journaling
In this demonstration, you will see how to configure a journal rule
Considerations for Managing the Message Journal Mailbox
• Consider using a SharePoint document library configuredwith an SMTP address as the messaging journal mailbox
• Use a Messaging Records Management rule to routinelyremove messages that have been backed up
• Create policies that govern access to the journaling mailboxes in your organization
• Ensure compliance by obtaining plan approval from legal representatives
• Determine what will occur if a journaling mailbox exceeds the configured mailbox quota
What Is Multi-Mailbox Search?
Multi-Mailbox Search:
• Enables cross-mailbox searches
• Uses the Exchange Control Panel
• Requires that users have discovery permissions
Demonstration: How to Configure Multi-Mailbox Search
In this demonstration, you will see how to:
• Add a user to the Discovery Management role group
• Perform a Multi-Mailbox search by using ECP
Lab A: Configuring Transport Rules, Journal Rules, and Multi-Mailbox Search
• Exercise 1: Configuring Transport Rules
• Exercise 2: Configuring Journal Rules and Multi-Mailbox Search
Logon information
Estimated time: 50 minutes
Virtual machines10135A-VAN-DC110135A-VAN-EX1 10135A-VAN-CL1
User name Administrator
Password Pa$$w0rd
Lab Scenario
You are a messaging administrator in A. Datum Corporation. Your organization has deployed Exchange Server 2010.
The legal and audit departments at A. Datum provided you with several requirements for implementing messaging policy and compliance. These requirements include applying rights protection to some messages sent inside and outside the organization, restricting message flow based on message classifications, and restricting which messages are sent to critical distribution lists. You also must ensure that you establish a separate and secure mailbox in which to retain all messages that the legal department sends and receives.
Lab Review
• In this lab, you implemented a transport rule that added a disclaimer to all messages sent to users outside the organization. What other option do you have for implementing this type of disclaimer?
• How can you verify that the Executives journal rule that you enabled in this lab is working properly?
Lesson 4: Configuring Messaging Records Management
• What Are Retention Tags and Retention Policies?
• What Is AutoTagging?
• Demonstration: How to Configure Retention Tags and Policies
• What Are Managed Folders?
• Process for Deploying Managed Folders
• Demonstration: How to Implement Managed Custom Folders and Content Settings
• Considerations for Implementing Messaging Records Management
What Are Retention Tags and Retention Policies?
• Retention Tag options include:
• Retention Policy Tags: Applied to default mailbox folders
• Default Policy Tags: Applied to all items that do not have another tag assigned
• Personal Tag: Used to set custom retention settings
• You can use managed content settings to:
• Configure retention periods
• Configure the retention expiration action
• Configure journal settings
Retention Tags assign message retention settings to messages or mailbox foldersRetention Tags assign message retention settings to messages or mailbox folders
Retention Policies group together one or more Retention Tags and apply the tags to mailboxes Retention Policies group together one or more Retention Tags and apply the tags to mailboxes
What Is AutoTagging?
• AutoTagging:
• Tracks user tagging
• Requires the user to tag at least 500 messages
• Users can:
• Enable and disable AutoTagging
• Override automatically applied tags
• Administrators can manage and monitor AutoTagging forall users
AutoTagging automatically applies Retention Tags to items based on past user behaviorAutoTagging automatically applies Retention Tags to items based on past user behavior
Demonstration: How to Configure Retention Tags and Policies
In this demonstration, you will see how to:
• Configure Retention Policy Tags
• Configure custom content settings for the Retention Policy Tags
• Configure a retention policy that groups the Retention Policy Tags
• Apply the retention policy to a user account
What Are Managed Folders?
Managed folders can include default folders and custom managed folders
Managed content settings can be used to:
Configure retention periods
Configure the retention expiration action
Configure journal settings
Managed folder mailbox policies group managed foldersand apply the settings to user mailboxes
Managed folders manage the contents of folders in user mailboxesManaged folders manage the contents of folders in user mailboxes
Users must move messages in to the custom managed folders before content settings will be appliedUsers must move messages in to the custom managed folders before content settings will be applied
Process for Deploying Managed Folders
To deploy Managed Folders:
• Specify the folders where you will apply managedcontent settings
• Specify the managed content settings for the selected folders
• Create a managed folder mailbox policy
• Apply the managed folder mailbox policy to users’ mailboxes
• Schedule the managed folder assistant to apply the changes to users’ mailboxes
Demonstration: How to Implement Managed Custom Folders and Content Settings
In this demonstration, you will see how to:
• Create a new managed e-mail folder
• Apply content settings to the managed e-mail folder
• Create a new managed folder mailbox policy
• Assign the policy to a user account
Considerations for Implementing Messaging Records Management
• Use managed custom folders for project based folders
• Use retention policies to automate messaging records management
• Ensure business and legal acceptance before configuring policies that delete messages
• Consider using journaling as a way to store messages for archival purposes
• Consider using Messaging Records Management tomanage mailbox sizes
• Plan retention policies or managed folder mailbox policiesbased on business groups with unique requirements
Lesson 5: Configuring Personal Archives
• Discussion: Options for Implementing Mailbox Archiving
• How Personal Archives Work in Exchange Server 2010
• Demonstration: How to Configure Personal Archives
• Considerations for Implementing Personal Archives
Discussion: Options for Implementing Mailbox Archiving
• Do you have any archiving requirements in your organization?
• How are you currently meeting these requirements?
How Personal Archives Work in Exchange Server 2010
The Personal Archive:
• Must be in the same mailbox database as the primary mailbox
• Appears as a folder in Outlook 2010 or Outlook Web App
• Is indexed and searchable
• Is not cached in Outlook
• Can be managed using messaging records managementpolicies
Exchange Server 2010 Personal Archives require a secondary or archive mailbox for the userExchange Server 2010 Personal Archives require a secondary or archive mailbox for the user
Personal Archives can help organizations meet legal and corporate requirements by ensuring that all messages are stored in an Exchange server mailbox
Personal Archives can help organizations meet legal and corporate requirements by ensuring that all messages are stored in an Exchange server mailbox
Demonstration: How to Configure Personal Archives
In this demonstration, you will see how to:
• Configure a Personal Archives mailbox
• Access the Personal Archives mailbox
• Manage messages with a Personal Archives mailbox
Considerations for Implementing Personal Archives
• Consider implementing Personal Archives for critical mailboxes
• Explore the option of using inexpensive storage with redundancy through continuous replication
• Apply messaging policies to Personal Archives mailboxes
• Consider removing the option of using PST files in Outlook
Implementing Personal Archives can significantly increase the storage requirements on the Exchange serversImplementing Personal Archives can significantly increase the storage requirements on the Exchange servers
Lab B: Configuring Messaging Records Management and Personal Archives
• Exercise 1: Configuring Messaging Records Management
• Exercise 2: Configuring Personal Archives
Logon information
Estimated time: 40 minutes
Virtual machines10135A-VAN-DC110135A-VAN-EX1 10135A-VAN-CL1
User name Administrator
Password Pa$$w0rd
Lab Scenario
You are the messaging administrator for A. Datum Corporation. Your organization has deployed Exchange Server 2010.
The legal and audit departments at A. Datum provided you with several requirements for implementing messaging policy and compliance. These requirements include configuring rules that will ensure that some messages are retained for an extended period, while other messages are deleted when they expire. Finally, you must enable Personal Archives for all of the users in the Executives department.
Lab Review
• Which of the following two approaches is better for ensuring that you retain a copy of specific e-mail messages: journaling rules or retention policies?
• How can you ensure that users move their PST files into their archive mailbox?
Module Review and Takeaways
• Review Questions
• Common Issues and Troubleshooting Tips
• Real-World Issues and Scenarios
• Best Practices
Recommended