Microsoft Office 365 for Enterprises Deployment Guide

Total Page:16

File Type:pdf, Size:1020Kb

Microsoft Office 365 for Enterprises Deployment Guide Deployment Guide for Enterprises Published: June 2011 Updated: September 2011 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication and is subject to change at any time without notice to you. This document is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. You may modify this document for your internal, reference purposes. This document is confidential and proprietary to Microsoft. It is disclosed and can be used only pursuant to a non-disclosure agreement. The descriptions of other companies’ products in this document, if any, are provided only as a convenience to you. Any such references should not be considered an endorsement or support by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as thorough coverage. For authoritative descriptions of these products, please consult their respective manufacturers. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. The trademarks RIM®, BlackBerry®, BlackBerry® Curve™, and BlackBerry® Pearl™ are owned by Research In Motion Limited and are registered and/or used in the U.S. and countries around the world. This document is not endorsed, sponsored, or approved by Research In Motion Limited. All other trademarks are the property of their respective owners. ©2011 Microsoft Corporation. All rights reserved. Active Directory, ActiveSync, Excel, Forefront, Internet Explorer, Microsoft, Outlook, SharePoint, SQL Server, Windows, Windows Mobile, Windows PowerShell, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. 2 Microsoft Office 365 Deployment Guide for Enterprises | September 2011 Table of Contents 1 Introduction ............................................................................................................................. 8 1.1 About Office 365 for Enterprises ................................................................................................................ 8 1.2 How to Read This Guide ................................................................................................................................ 8 1.3 Assumed Knowledge ...................................................................................................................................... 9 1.4 Document Scope and Limits ..................................................................................................................... 10 1.5 Feedback .......................................................................................................................................................... 11 2 Deployment Overview .......................................................................................................... 12 2.1 Deployment Phases ...................................................................................................................................... 12 2.2 Sample Deployment Schedule ................................................................................................................. 13 2.2.1 Deployment Checkpoints ................................................................................................................... 13 2.3 Customer Responsibilities .......................................................................................................................... 13 2.4 Microsoft Online Services Portal ............................................................................................................. 15 2.5 Administration Roles .................................................................................................................................... 16 2.5.1 Partner Delegated Administrators .................................................................................................. 17 2.6 Deployment Project Support .................................................................................................................... 17 2.7 Key Pre-deployment Considerations ..................................................................................................... 18 2.7.1 License Validation ................................................................................................................................. 18 2.7.2 Roles-Based Security and Administration .................................................................................... 18 2.7.3 Deployment Impacts to Customer Organization ...................................................................... 19 2.7.4 Assessing Service Features and Organizational Requirements ........................................... 19 2.7.5 Application Integration and Supported Interfaces ................................................................... 20 2.7.6 Migration Groups .................................................................................................................................. 20 3 Plan Phase .............................................................................................................................. 22 3.1 Key Activities Summary ............................................................................................................................... 22 3.2 Kickoff Meeting .............................................................................................................................................. 23 3.3 Customer Environment Discovery .......................................................................................................... 23 3.3.1 Office 365 Deployment Readiness Tool ....................................................................................... 24 3 Microsoft Office 365 Deployment Guide for Enterprises | September 2011 3.3.2 Microsoft Assessment and Planning Toolkit ............................................................................... 25 3.4 Pilot Deployment .......................................................................................................................................... 25 3.5 Key Planning Considerations .................................................................................................................... 26 3.5.1 Long Lead Time Items ......................................................................................................................... 26 3.5.2 Client Hardware and Software Requirements ............................................................................ 26 3.5.3 Migration Support for Existing Mail Environments .................................................................. 27 3.6 Networking and Naming Services Planning ....................................................................................... 27 3.6.1 Adding a Domain .................................................................................................................................. 28 3.6.2 External DNS Records .......................................................................................................................... 28 3.6.3 Third-Party SSL Certificates ............................................................................................................... 30 3.6.4 Ports and Protocols .............................................................................................................................. 33 3.6.5 Firewall Considerations ....................................................................................................................... 34 3.6.6 WAN Accelerators ................................................................................................................................. 34 3.6.7 Hardware and Software Load Balancing Devices ...................................................................... 34 3.6.8 Internet Bandwidth Planning ............................................................................................................ 34 3.7 User Identity and Account Provisioning Planning ............................................................................ 38 3.7.1 Adding and Provisioning User Accounts ...................................................................................... 38 3.7.2 User License Activation ....................................................................................................................... 39 3.7.3 Active Directory Synchronization ...................................................................................................
Recommended publications
  • Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University
    Toward an Automated Vulnerability Comparison of Open Source IMAP Servers Chaos Golubitsky – Carnegie Mellon University ABSTRACT The attack surface concept provides a means of discussing the susceptibility of software to as-yet-unknown attacks. A system’s attack surface encompasses the methods the system makes available to an attacker, and the system resources which can be used to further an attack. A measurement of the size of the attack surface could be used to compare the security of multiple systems which perform the same function. The Internet Message Access Protocol (IMAP) has been in existence for over a decade. Relative to HTTP or SMTP, IMAP is a niche protocol, but IMAP servers are widely deployed nonetheless. There are three popular open source UNIX IMAP servers – UW-IMAP, Cyrus, and Courier-IMAP – and there has not been a formal security comparison between them. In this paper, I use attack surfaces to compare the relative security risks posed by these three products. I undertake this evaluation in service of two complementary goals: to provide an honest examination of the security postures and risks of the three servers, and to advance the study of attack surfaces by performing an automated attack surface measurement using a methodology based on counting entry and exit points in the code. Introduction Contributions and Roadmap System administrators frequently confront the The paper makes two major contributions. First, problem of selecting a software package to perform a I undertake an in-depth discussion of the relative secu- desired function. Many considerations affect this deci- rity postures of the three major open source IMAP sion, including functionality, ease of installation, soft- servers in use today.
    [Show full text]
  • Design and Management of Email Service
    Design and Management of Email Service Source : homepage.ntu.edu.tw/~jsc/2005-mail.ppt Outline Introduction to the architecture and operation of SMTP Design of a suitable email system – Webmail solutions Postfix and simple configuration samples Spam and virus filtering Conclusion 2 Overview Electronic mail service has already evolved into one of the major Internet applications. It is not only fundamental, but also a must. Users may become impatient when mails were delayed, not to mention failed to access their emails. – Imagine we meet the situation of power failure or cut of water supply 3 Architecture of a Simple Mail System Consists of the following components – MTA - Mail transfer agent Sending and forwarding emails Server end – MDA - Mail delivery agent Delivering emails to recipients’ mailbox Server end – Pop3/Imap4 Daemons For users to download their mailboxs Server end – MUA - Mail user agent Reading and composing emails 4 Client end Architecture of a Simple Mail System Protocols Used for Mail System Protocols – For computer programs to communicate with each other – Similar to languages that human beings speak SMTP – Simple Mail Transfer Protocol – Too simple to provide any “advanced features” Authentication Authorization POP3 – Post Office Protocol version 3 – Simple IMAP4 – Internet Message Access Protocol version 4 – Fully compatible with internet message standards, e.g. MIME. – Allow messages to be accessed from more than one computer. – Provide support for online, offline, and disconnected modes. 6 – Multiple and share folders. Mail Forwarding Between Servers How to Find the Way to the Destination? How do we find the way to [email protected]? 8 DNS: The Key to All Internet Services Query DNS server by the address part of email address.([email protected]) 1.
    [Show full text]
  • Server Administration
    Server administration Remo Suppi Boldrito PID_00148466 GNUFDL • PID_00148466 Server administration Copyright © 2009, FUOC. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License" GNUFDL • PID_00148466 Server administration Index Introduction............................................................................................... 5 1. Domain name system (DNS)............................................................ 7 1.1. Cache names server .................................................................... 7 1.2. Forwarders ................................................................................... 10 1.3. Configuration of an own domain .............................................. 11 2. NIS (YP)................................................................................................. 14 2.1. ¿How do we initiate a local NIS client in Debian? ..................... 14 2.2. What resources must be specified in order to use NIS? .............. 15 2.3. How should we execute a master NIS server? ............................ 16 2.4. How should we configure a server? ............................................ 17 3. Remote connection services: telnet and ssh............................... 19 3.1. Telnet and telnetd
    [Show full text]
  • The Qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 Pages)
    < Free Open Study > The qmail Handbook by Dave Sill ISBN:1893115402 Apress 2002 (492 pages) This guide begins with a discussion of qmail s history, architecture and features, and then goes into a thorough investigation of the installation and configuration process. Table of Contents The qmail Handbook Introduction Ch apt - Introducing qmail er 1 Ch apt - Installing qmail er 2 Ch apt - Configuring qmail: The Basics er 3 Ch apt - Using qmail er 4 Ch apt - Managing qmail er 5 Ch apt - Troubleshooting qmail er 6 Ch apt - Configuring qmail: Advanced Options er 7 Ch apt - Controlling Junk Mail er 8 Ch apt - Managing Mailing Lists er 9 Ch apt - Serving Mailboxes er 10 Ch apt - Hosting Virtual Domain and Users er 11 Ch apt - Understanding Advanced Topics er 12 Ap pe ndi - How qmail Works x A Ap pe ndi - Related Packages x B Ap pe ndi - How Internet Mail Works x C Ap pe ndi - qmail Features x D Ap pe - Error Messages ndi x E Ap pe - Gotchas ndi x F Index List of Figures List of Tables List of Listings < Free Open Study > < Free Open Study > Back Cover • Provides thorough instruction for installing, configuring, and optimizing qmail • Includes coverage of secure networking, troubleshooting issues, and mailing list administration • Covers what system administrators want to know by concentrating on qmail issues relevant to daily operation • Includes instructions on how to filter spam before it reaches the client The qmail Handbook will guide system and mail administrators of all skill levels through installing, configuring, and maintaining the qmail server.
    [Show full text]
  • Esa Study Contract Report
    ESA STUDY CONTRACT REPORT ESA Contract No: Subject: Contractor: ESA ITT Number Current and Future Tech- Distributed Systems Group, AO/3-12280/07/NL/CB nologies for Collaborative Vienna University of Tech- Working Environments nology ESA CR() No: No of volumes: 1 Contractor’s Reference: This Volume No: 1 TEUN Abstract: This document reports the final, detailed result of the study on current and future technologies for collaborative working environments (CWEs). The goal of this study is to analyze current CWEs and whether they and their future trends are suitable for large- scale multinational organizations. To this end, we have analyzed the structure of large-scale organizations in general, and of ESA in particular, with respect to organization, geographical distribution, and IT environments. Requirements for CWEs used in collaborative work are presented. Based on an initial list of criteria given by ESA, we have revised and extended the list to introduce a comprehensive set of criteria for evaluating CWEs. The state-of-the- art CWEs are discussed and classified. We have selected 15 representative CWE products and evaluated and compared them in detail. From the evaluation and comparison of CWE products, we have presented our findings of current issues and future trends of CWEs. In particular, existing products provide many features required by large-scale and multinational organizations but those features are not well-integrated into a single system. Due to the complexity of collaborative work within those organizations, often many CWEs are used in parallel and it is not easy to integrate those CWEs together. The work described in this report was done under ESA Contract.
    [Show full text]
  • ECE Mail System Overview
    ECE Mail System Overview Pablo J. Rebollo ECE Network Operations Center Agenda Overview of ECE mail system How mail system works SPAM!!! ECE mail system statistics and examples Problems References Mail system Previous server Sun UltraEnterprise 450 4 X UltraSparc 300 MHz 2 Gigabytes of RAM 10 x 9 Gigabytes hard drives (SCSI) Solaris Postfix (SMTP) Inboxes in MBOX format UW IMAP, and QPopper (POP3) Text file for user information (/etc/passwd) Mail System Current server Dell PowerEdge 1750 2 X Intel Xeon 3.2 GHz with HT 4 gigabytes of RAM 2 X 36 GB (SCSI), RAID 1 for OS 14 x 73 GB (SCSI), RAID 5 for users, web pages, etc Linux Postfix (SMTP, SMTPS, SASL, TLS) Cyrus (IMAP, POP3, TLS, maildir inboxes) LDAP for user information Mail System (cont.) Current system Over 1,400 inboxes Over 40,000 messages received per week Over 10,000 messages received are SPAM Over 10,000 messages sent per week Additional services Mail gateway (Spamassassin, ClamAV) Greylisting (OpenBSD spamd) Mail System (cont.) How mail system works User sends an email with a client The client sends the email to the designated SMTP server. The SMTP server look for the MX record for the recipient domain. The SMTP server sends the email to the MX. The recipient domain mail server receives the message and store it into the user INBOX. Finally, the user reads the new message with an email client using IMAP or POP3. How mail system works (cont.) dns.prt.net mail.prt.net 2 dns [email protected] 3 1 smtp smtp 4 IMAP/POP ` Internet ` PRT Client [email protected] mydomain Client [email protected] 1) Client sends the messages to mail.prt.net (SMTP) 2) mail.prt.net query the MX record for mydomain.com (DNS) 3) mail.prt.net send the message to mydomain.com (SMTP) 4) Recipient reads the message (IMAP/POP) SPAM!!! The biggest problem is SPAM.
    [Show full text]
  • Repairing Past Errors with System-Wide Undo
    A Recovery-Oriented Approach to Dependable Services: Repairing Past Errors with System-Wide Undo Aaron Brown EECS Computer Science Division University of California, Berkeley Report No. UCB//CSD-04-1304 December 2003 Computer Science Division (EECS) University of California Berkeley, California 94720 A Recovery-Oriented Approach to Dependable Services: Repairing Past Errors with System-wide Undo by Aaron Baeten Brown A.B. (Harvard University) 1997 M.S. (University of California, Berkeley) 2000 A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the GRADUATE DIVISION of the UNIVERSITY OF CALIFORNIA, BERKELEY Committee in charge: Professor David Patterson, Chair Professor John Chuang Professor Armando Fox Professor Katherine Yelick Fall 2003 A Recovery-Oriented Approach to Dependable Services: Repairing Past Errors with System-wide Undo Copyright 2003 by Aaron Baeten Brown Abstract Motivated by the pressing need for increased dependability in corporate and Internet services and by the perspective that effective recovery can improve dependability as much or more than avoid- ing failures, we introduce a novel recovery mechanism that gives human system operators the power of system-wide undo. System-wide undo allows operators to roll back erroneous changes to a service’s state without losing end-user data or updates, to make retroactive repairs in the historical timeline of the service system, and thereby to quickly recover from catastrophic state corruption, operator error, failed upgrades, and external attacks, even when the root cause of the catastrophe is unknown. We explore system-wide undo via a framework based on the novel concept of spheres of undo, bubbles of state and time that provide scope to the state recoverable by undo and serve as a structuring tool for implementing undo on standalone services, hierarchically-composed systems, and distributed interacting services.
    [Show full text]
  • Measuring Attack Surfaces of Open Source IMAP Servers
    Measuring Attack Surfaces of Open Source IMAP Servers E. Chaos Golubitsky May 2005 Abstract The attack surface metric provides a means of discussing the susceptibility of software to as-yet- unknown attacks. A system’s attack surface encompasses the methods the system makes available to an attacker, and the system resources which can be used to further an attack. The attack surface metric can be used to compare the security of multiple systems which provide the same function. The Internet Message Access Protocol (IMAP) is a protocol which has been in existence for over a decade. Relative to web (HTTP) and e-mail transfer (SMTP) servers, IMAP servers are a niche product, but they are widely deployed nonetheless. There are three popular Open Source Unix IMAP servers (UW-IMAP, Cyrus, and Courier-IMAP), and there has not been a formal security comparison between them. In this project, i use the attack surface metric to discuss the relative security risks posed by these three products. I undertake this evaluation in service of two complementary goals: to provide an honest examination of the security postures and risks of the three servers, and to advance the study of attack surfaces by performing an automated attack surface measurement using a methodology based on counting entry and exit points in the code. 1 Contents 1 Introduction 3 1.1 Contributions and Roadmap . 3 1.2 Attack Surfaces . 4 1.3 IMAP Servers . 5 2 Observation of IMAP Server Software 6 2.1 Observation Methodology . 6 2.2 High-Level Interactions of IMAP Servers . 7 2.3 UW-IMAP Server .
    [Show full text]
  • Qmail Quickstarter: Install, Set up and Run Your Own Email Server
    Qmail Quickstarter Install, Set Up, and Run your own Email Server A fast-paced and easy-to-follow, step-by-step guide that gets you up and running quickly Kyle Wheeler BIRMINGHAM - MUMBAI Qmail Quickstarter Install, Set Up, and Run your own Email Server Copyright © 2007 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: June 2007 Production Reference: 1040607 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 978-1-847191-15-1 www.packtpub.com Cover Image by Vinayak Chittar ([email protected]) [ FM- ] Credits Author Editorial Manager Kyle Wheeler Dipali Chittar Reviewer Project Coordinator Russell Nelson Abhijeet Deobhakta Development Editor Indexer Nanda Padmanabhan Bhushan Pangaonkar Assistant Development Editor Proofreader Rashmi Phadnis Chris Smith Technical Editor Production Coordinator Saurabh Singh Manjiri Nadkarni Code Testing Cover Designer Ankur Shah Manjiri Nadkarni Project Manager Patricia Weir [ FM- ] About the Author Kyle Wheeler is a PhD candidate at the University of Notre Dame in the Computer Science and Engineering Department.
    [Show full text]
  • How Qmail Works
    APPENDIX A How qmail Works You DON'T NEED TO UNDERSTAND how qmail works to install or use qmail. And you don't have to be an auto mechanic to operate a car or a watchmaker to tell time. Eut if you really want to master qmail, knowing exactly how it does what it does is crucial. Luckily, qmail's simple, modular design makes understanding how it works easy for a system as complex as a Mail Transfer Agent (MTA). This appendix takes a top-down approach: first looking at how the modules interact with each other, then looking at how each module does its job. High-Level Overview The grand division in qmail is between the modules that accept new messages and place them into the queue and the modules that deliver them from the queue. We'll call these functions receivingand sending. The separation between receiving and sending is complete: Either of these functions can be fully oper­ ational while the other is shut down. Figure A-l shows the high-level organization of qmail. Incoming Receiving Queue Sending Delivered Messages Messages Figure A -1. High-level qmail organization Receiving Messages enter the queue through two main routes: local injection using qmail-inject or sendmail and network injection using qmail-smtpd, qmail-qmtpd 417 AppendixA or qmail-qmqpd. Both ofthese routes use qmail-queue to actually inject their mes­ sages into the queue. Figure A-2 shows the organization ofthe receiving function. QMQP tcpserver QMTP tcpserver SMTP tcpserver Queue Local------------­ MUA Figure A-2. The receivingfunction Sending Messages are delivered from the queue through two main routes: local delivery using qma il-loca 1 and remote delivery using qma il-remote.
    [Show full text]
  • DOVECOT at DESY
    DOVECOT at DESY First experiences with DOVECOT as IMAP server Wolfgang Friebel Dirk Jahnke-Zumbusch HEPiX Spring 2009 Umeå University, Sweden Reasons to change the IMAP server > at both DESY sites the hardware had to be renewed → time for (re-) thinking about requirements > problems / deficiencies with the old servers: mostly mbox related . mbox file format for INBOX (and all other mailboxes) . the number of big e-mails accumulate → mbox files are getting huge (see below) . DESY had mailboxes reaching the UW-IMAP and Solaris 8 UFS file limits (2GB) . only one process may write to mbox mailbox sizes distribution of mailboxes by size > requirements / needs 1752 108 621 259 2088 157 270 . server-side e-mail filtering 316 379 . access control for shared folders and mailboxes 3313 Exchange . general speed up 1731 > Dovecot looks promising UWimap . Fast progressing development with very active community under 10 10M – 100M 100M – 250M 250M – 500M . one of the fastest open source IMAP servers 500M – 1G 1G – 2G 2G – 5G over 5G Wolfgang Friebel & Dirk Jahnke-Zumbusch | First experiences with Dovecot at DESY | HEPiX May 2009 | Umeå | Page 2 Dovecot highlights > Maildir++ INBOX and folder > Namespaces easily configurable format . mix serveral folder formats on the . fast access same server . no locking issues . provide shared folders (access according to ACLs for groups of users) plug-ins for enhanced functionality > . provide public folder (unlimited access . ACL support (local as well as via IMAP after authentication) commands) > other folder formats possible . compressed folder . mbox (indexed, faster than plain mbox . quota handling (local and via IMAP files) commands) . compressed readonly mbox folders .
    [Show full text]
  • Bladecenter, Linux, and Open Source Blueprint for E-Business on Demand
    Front cover IBM Eserver BladeCenter, Linux, and Open Source Blueprint for e-business on demand Discover open source projects to reduce cost and improve reliability Install and configure Linux and critical open source network services Learn best practices to implement reliable services George Dolbier Peter Bogdanovic Dominique Cimafranca Yessong Johng Rufus Credle Jr. ibm.com/redbooks International Technical Support Organization IBM ^ BladeCenter, Linux, and Open Source: Blueprint for e-business on demand July 2003 SG24-7034-00 Note: Before using this information and the product it supports, read the information in “Notices” on page vii. First Edition (July 2003) This edition applies to Red Hat Advanced Server 2.1. © Copyright International Business Machines Corporation 2003. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . vii Trademarks . viii Preface . ix The team that wrote this redbook. ix Become a published author . xi Comments welcome. xi Chapter 1. About the book: Blueprint for building an e-business application for BladeCenter. 1 1.1 Building an e-business infrastructure . 2 1.1.1 Materials . 2 1.1.2 Objectives . 3 1.2 IBM eServer™ BladeCenter . 3 1.3 FAStT SAN storage. 3 1.4 BladeCenter business value . 4 1.5 Linux business value. 4 1.6 Open source business value. 4 1.7 Other references . 5 Chapter 2. Architecture: Solution overview . 7 2.1 Open source e-business infrastructure a modular approach . 8 2.2 All construction projects start with a pattern . 8 2.2.1 Industry standard e-business pattern: A three-tier infrastructure .
    [Show full text]