Outlook Anywhere Client Access to Exchange 2003 .Outlook Anywhere Client Access to Exchange 2003

  • View
    213

  • Download
    0

Embed Size (px)

Text of Outlook Anywhere Client Access to Exchange 2003 .Outlook Anywhere Client Access to Exchange 2003

  • Outlook Anywhere Client Outlook Anywhere Client Access to Exchange 2003 Access to Exchange 2003 over the Internetover the Internet

    Kristian AndakerKristian AndakerLead Program ManagerLead Program ManagerMicrosoft CorporationMicrosoft Corporation

    MSG304

  • Exchange 2003:Exchange 2003:Mobility In the BoxMobility In the Box

    AgendaAgenda

    Exchange Internet access technologiesExchange Internet access technologiesDesktopsDesktops

    Outlook Web Access (OWA)Outlook Web Access (OWA)Outlook: RPC/HTTPOutlook: RPC/HTTPIMAP4 and POP3IMAP4 and POP3

    Mobile devicesMobile devicesExchange ActiveSyncExchange ActiveSyncOutlook mobile accessOutlook mobile access

    Deployment and topologiesDeployment and topologiesFrontFront--End/BackEnd/Back--end? Firewalls?end? Firewalls?

    Security, security, securitySecurity, security, securityAdministrationAdministration

  • Scenarios and RisksScenarios and Risks

    Internet access to Microsoft ExchangeInternet access to Microsoft ExchangeExtranetExtranetTelecommutersTelecommutersFrom home and Internet kiosksFrom home and Internet kiosksCoCo--workerworkers offices office

    Understand risksUnderstand risksDeployment/Configuration mistakesDeployment/Configuration mistakesEE--mail contentmail content

    Sent from Internet and opened InsideSent from Internet and opened InsideSent from Inside and opened from InternetSent from Inside and opened from Internet

    EndEnd--user erroruser error

    H1

  • Slide 3

    H1 I'm not getting why Inside is cap'd. Heather, 27/05/2005

  • MailboxMailbox(a.k.a. Back(a.k.a. Back--End)End)

    Firewall/DMZFirewall/DMZ

    RPC/HTTP andRPC/HTTP andOutlook Web AccessOutlook Web AccessPOP3, IMAPPOP3, IMAP

    ExchangeExchangeActiveSyncActiveSync

    Outlook Mobile AccessOutlook Mobile Access

    ActiveSyncActiveSyncClientsClients(e.g., PPC, SP)(e.g., PPC, SP)

    Phone & PDAPhone & PDABrowsersBrowsers

    LaptopsLaptops

    FrontFront--EndEnd

    Exchange 2003 Mobile ComponentsExchange 2003 Mobile ComponentsOverviewOverview

  • Outlook Web Access (OWA)Outlook Web Access (OWA)Exchange 2003 featuresExchange 2003 features

    SpellcheckingSpellcheckingRulesRulesTasksTasksEverything we love inEverything we love inMicrosoft Office Microsoft Office Outlook 2003Outlook 2003

    Quick flagsQuick flagsRight preview pane, two line viewRight preview pane, two line viewRight click Right click mark as read/unreadmark as read/unreadSearch folders (e.g. for follow up, unread)Search folders (e.g. for follow up, unread)

    Attachment drag & dropAttachment drag & dropImproved performance (>50% vs. Exchange 2000)Improved performance (>50% vs. Exchange 2000)SecuritySecurity

    Forms based authentication, attachment blocking, external contenForms based authentication, attachment blocking, external content t blocking, S/MIME encryption/signingblocking, S/MIME encryption/signing

  • HTML HTML formform where user enters credentialswhere user enters credentialsUser chooses User chooses PremiumPremium or or BasicBasic OWAOWAUser chooses User chooses PrivatePrivate or or PublicPublicmachine machine (short versus long timeout)(short versus long timeout)

    Timed logoff: Server usesTimed logoff: Server usesencrypted cookie for session authenticationencrypted cookie for session authentication

    Logout and timeout invalidates cookieLogout and timeout invalidates cookieUser does not need to close browser to be logged outUser does not need to close browser to be logged out

    DoesnDoesnt time out while composing mailt time out while composing mailDoes time out regardless of new incoming mail or Does time out regardless of new incoming mail or remindersreminders

    Customizable logon pageCustomizable logon page

    Outlook Web AccessOutlook Web AccessForms based authenticationForms based authentication

  • Outlook Web AccessOutlook Web AccessFormsForms--Based AuthenticationBased Authentication

    Get your own OWA trial account todayGet your own OWA trial account todaySign Up: Sign Up: http://www.microsoft.com/exchange/evaluahttp://www.microsoft.com/exchange/evaluation/trial/tion/trial/online.asponline.asp

    Access OWA: Access OWA: https://https://mail.exchangetrial.commail.exchangetrial.com/exchange/exchange

  • * Outlook configuration UI can* Outlook configuration UI canbe disabled with registry keybe disabled with registry key

    RPC/HTTPRPC/HTTPOutlook from Internet without VPN/RASOutlook from Internet without VPN/RAS

    RequirementsRequirementsOutlook 2003 (Outlook 11)Outlook 2003 (Outlook 11)

    Configure in Exchange proxy settingsConfigure in Exchange proxy settingsMicrosoft Windows XP SP1 + Microsoft Windows XP SP1 + Q331320Q331320 or SP2or SP2Following servers need Following servers need Microsoft Windows Server 2003:Microsoft Windows Server 2003:

    Mailbox, front end, global catalog, Mailbox, front end, global catalog, public folderpublic folder

    OWA and Outlook can use same URLOWA and Outlook can use same URLOutlookOutlooks RPC (remote procedure call) s RPC (remote procedure call) traffic wrapped in HTTPStraffic wrapped in HTTPS

    Outlook client requests are Outlook client requests are proxiedproxiedthrough Windowsthrough Windows RPCProxyRPCProxyRPCsRPCs are unwrapped on Exchange are unwrapped on Exchange FrontFront--End server and forwarded to appropriate serversEnd server and forwarded to appropriate servers

    Switches intelligently between RPC/HTTP and RPC/TCPSwitches intelligently between RPC/HTTP and RPC/TCP

  • Exchange ActiveSync (EAS)Exchange ActiveSync (EAS)

    Windows Mobile, Windows Mobile, PalmOnePalmOne, Motorola, , Motorola, Nokia, Nokia,

    Protocol being licensed to third partiesProtocol being licensed to third partiesEE--mail, calendar and contacts mail, calendar and contacts synchronization (SP2: +tasks)synchronization (SP2: +tasks)

    In the boxIn the box with Exchange. No separate with Exchange. No separate sync server.sync server.Scheduled/Manual/UpScheduled/Manual/Up--ToTo--Date syncDate syncRich filtering and truncation optionsRich filtering and truncation options

    Sync. Attachments? Sync. Attachments? Sync. how much of body? Sync. how much of body?

    Smart reply and smart forwardSmart reply and smart forwardDelivers attachments and full message without Delivers attachments and full message without downloading to devicedownloading to device

    Desktop ActiveSyncDesktop ActiveSync integrationintegrationConfigure from device or desktopConfigure from device or desktop

    UpUp--ToTo--DateDate notificationsnotificationsE2003 RTM & SP1: SMTPE2003 RTM & SP1: SMTP-->SMS >SMS notifnotif..E2003 SP2: IP E2003 SP2: IP notifnotif..

  • Outlook Mobile Access (OMA)Outlook Mobile Access (OMA)OverviewOverview

    OWA for mobile devicesOWA for mobile devicesTriage eTriage e--mail (e.g., Accept mail (e.g., Accept MtgMtg))Find people (Contacts/AB)Find people (Contacts/AB)See your calendar See your calendar (e.g., Create meetings)(e.g., Create meetings)

    ExchangeExchanges s device reachdevice reach solutionsolutionGenerates WML, HTML, Generates WML, HTML, xHTMLxHTML and and cHTMLcHTMLmarkup for different devicesmarkup for different devicesMicrosoft .NET Framework Microsoft .NET Framework Device UpdatesDevice Updates add add device supportdevice support

    Exchange 2003 RTM contains Exchange 2003 RTM contains Device Update 2Device Update 2Device Update 4Device Update 4 available todayavailable today

  • 1.1. Firewall lets through SSL Firewall lets through SSL (port 443) only(port 443) only

    Add ports for POP3/IMAP with Add ports for POP3/IMAP with or without TLSor without TLS

    2.2. IIS on FE authenticates userIIS on FE authenticates user3.3. FE looks up which BE serves userFE looks up which BE serves user4.4. FE handles data or proxies to BEFE handles data or proxies to BE5.5. BE returns data to FE, FE returns BE returns data to FE, FE returns

    data to userdata to user

    RPC/HTTP, OWA,RPC/HTTP, OWA,OMA, EAS,OMA, EAS,

    POP3, IMAPPOP3, IMAPFrontFront--EndEnd

    MailboxMailbox(a.k.a. Back(a.k.a. Back--End)End)

    ServersServers

    FirewallFirewall

    Global CatalogGlobal Catalog(Active Directory)(Active Directory)

    Deployment BasicsDeployment BasicsTopology exampleTopology example

  • Select Select This is a FrontThis is a Front--End serverEnd server checkboxcheckboxExchange System Manager Exchange System Manager Servers Servers RightRight--click menu click menu Properties Properties GeneralGeneral tabtab

    Why use a FrontWhy use a Front--End (FE) server?End (FE) server?Offload work from Mailbox serverOffload work from Mailbox server

    SSL, OWA compression, OWA SSL, OWA compression, OWA spellcheckspellcheckSingle namespace (same URL) for all client Single namespace (same URL) for all client accessaccess

    E.g., E.g., mail.microsoft.commail.microsoft.com for all OWA, RPC/HTTP, EAS for all OWA, RPC/HTTP, EAS and OMA Microsoft usersand OMA Microsoft users

    More secure and reliableMore secure and reliableNo user data on FENo user data on FENo unauthenticated requests to Mailbox serverNo unauthenticated requests to Mailbox serverClient access services run on FrontClient access services run on Front--EndEnd

    MailboxMailboxFrontFront--EndEnd

    Internet

    Firewall

    ClientClient

    Deployment BasicsDeployment BasicsFrontFront--End serverEnd server

  • DeploymentDeploymentMustMustss about Frontabout Front--End serversEnd servers

    MustMust use Exchange 2000 Enterprise Edition use Exchange 2000 Enterprise Edition or Exchange 2003 Enterprise/Standardor Exchange 2003 Enterprise/StandardFrontFront--End End mustmust be upgraded before be upgraded before BackBack--EndEnd