Index []network deployments, 317 pro grammin , 263–264 Cluster Continuous Re plication (CCR), 33,...
Transcript of Index []network deployments, 317 pro grammin , 263–264 Cluster Continuous Re plication (CCR), 33,...
IndexNote to the Reader: Throughout this index boldfaced page numbers indicate primary discussions of a topic. Italicized page numbers indicate illustrations.
AABP (Address Book Policies), 36
absolute scope in RBAC
permissions, 105
acceptance testing, 329–330
access. See data access
access control entries (ACEs),
103, 112
access control lists (ACLs), 103, 112
actions in EOP, 173
activation rules in mail apps, 293
Active Directory
contact photos in, 234
deployment, 322–323
distribution groups, 243
forest merging, 150
integration
Exchange 2000/2003, 28–29
Exchange 2007, 30
Exchange 2010, 35
mail fl ow, 43
site-based routing, 31
split permissions model,
124–125
Active Directory Certifi cate
Authority, 151
Active Directory Federation
Services (ADFS)
authentication, 73
Exchange Online, 149
single sign-on, 139
Active Directory Lightweight
Directory Services (AD LDS), 173
Active Directory Migration Tool
(ADMT), 336
Active Directory Rights
Management Service (AD RMS),
188–190
Add-MailboxPermission
cmdlet, 237
Add-MailboxPermissions
cmdlet, 274
Add-ManagementRoleEntry
cmdlet, 113, 120
add-on solutions, 297
Add-RoleGroupMember cmdlet, 115
Address Book Policies (ABP), 36
address books
in collaboration, 234–235,
234–235–
offl ine, 336, 338
ADFS (Active Directory Federation
Services)
authentication, 73
Exchange Online, 149
single sign-on, 139
ADFS Proxy servers, 73
Admin Audit Log agent, 122, 122admin audit logging, 121–122
Admin Roles tab, 125
administration management, 127
EAC
access to, 134–135
hybrid deployments, 135
new features, 132–134,
133–134PowerShell, 135–136
scenarios, 127–131
scripts, 136
tools, 131–132
administrator auditing, 36, 195–196,
196, 209
ADMT (Active Directory Migration
Tool), 336
Advanced Encryption Standard
(AES), 191–192
Advanced Query Syntax (AQS)
fi lter, 279
AFR (annual failure rate), 63
alerting, 357–358
AllSigned execution mode, 136
analysis paralysis, 6
annual failure rate (AFR), 63
antimalware protection, 175–177
antispam protection, 175–177
antivirus program
deployment, 327
appendices in compliance
policies, 206
application integration in
migration, 352–353
application programming interface
(API), 261, 264–268
appointments, 285
AQS (Advanced Query Syntax)
fi lter, 279
architectural concepts, 27
Exchange 2000/2003, 28–30
Exchange 2007, 30–34
Exchange 2010, 34–39
Exchange 2013. See Exchange
2013 overview
Architecture Summary section in
design, 14–15
archive mailboxes, 36
archiving, in-place, 208
AS (Availability service), 332
association of RBAC roles,
107–111
assumptions, documenting, 8
Attachment Filter Agent, 175
attachments, photo, 291–292
attacks, security, 160–161, 180
auditing
administrator activity,
195–196, 196administrator login, 36
capabilities, 193–194, 194mailbox activity, 194–195
authentication
Client Access servers, 45
clients, 315
EWS, 270, 272–273
mailboxes, 273–274
two-factor, 179–183, 310
autoconfi guration in DAGs, 55
Autodiscover
confi guring, 255
Exchange 2007, 32
Exchange 2013, 49–51
POX, 270–271
SOAP-based, 271–272
automatic database reseed, 54, 88
automatic mailbox mapping, 237
Automatic Replies feature, 232
availability. See high
availability (HA)
COPYRIG
HTED M
ATERIAL
374 | AVAILABILITY DATA SHARING • COMPLEXITY IN SECURITY
availability data sharing
inter-org migration, 332
intra-org migrations, 337
Availability service (AS), 332
Average Mailbox Size metric, 91
Average Message Size in KB
metric, 91
average seek time metric, 84
Bback pressure feature, 31
background database maintenance
(BDM), 93
Background Database Maintenance
Throughput Requirements
value, 94
bandwidth
DAG replication, 76–78, 77networks, 20, 317
Bandwidth Calculator, 20, 317
batches, migration, 353
BDM (background database
maintenance), 93
best copy and server selection
(BCSS), 55
best copy selection (BCS), 55
best effort mail delivery, 56
BIG-IP appliance, 147
Bing Maps app, 293, 293BitLocker, 187–188, 191
Blackberry Enterprise Service, 191–192
brick confi guration, 51
Bring Your Own Device (BYOD)
strategies, 191
build-time validation, 98
built-in management roles, 107–111
bulk edit EAC functionality, 132
business availability, 358
business logic in RBAC, 119–121
business requirements, 4–6, 14
business support issues in
migration, 350
BYOD (Bring Your Own Device)
strategies, 191
bypass, antimalware, 176
CC-SOX (Keeping the Promise for a
Strong Economy Act), 309
calibrated workloads, 97
capacity
high availability, 68
increasing, 82, 83mailboxes, 86
sizing, 21
transaction logs, 359–360
CAS. See Client Access Server (CAS)
CCR (Cluster Continuous
Replication), 33, 80
CDO (Collaboration Data Objects)
model, 304–305, 309
CDO 1.2 VBS scripts, 290–292
certifi cates
clients, 180, 315
connection encryption, 314
deployment, 325
Exchange 2007, 30–31
IPSec, 180
SAN, 69
SharePoint, 254–255, 255Check-SiteMailboxConfi g.ps1
script, 258
CI (content indexing)
Exchange Search service,
278–279
migrations, 343
trending, 360
Client Access Server (CAS)
design, 18
for EWS, 263
Exchange 2007, 32
Exchange 2013, 45–47,77 46, 51, 53
Exchange Hybrid, 73
Client Access Server (CAS) arrays
Exchange 2010, 38
Exchange 2013, 54
clients, 299
CDO, 304–305, 309
certifi cates, 180, 315
connectivity, 41
data encryption, 314–315
deployment, 328–329
EAS, 303–304
email experience, 232–233
EWS, 300–301
Exchange Online support,
153–154
importance, 305
inventory, 310–313, 311MAPI, 300, 309
network usage, 317, 77 318performance, 315–317, 77 316
POP/IMAP, 301–302, 308–309
protocol offl oading, 41
regulatory compliance, 309
responsiveness, 306
security, 309–310, 314–315
supportability, 306–308,
313–314
throttling, 36, 318–319
types, 299
user experience, 305–306
web browsers, 302–303
cloud
encryption, 191
Exchange Online Protection,
172–173
high availability, 68
message hygiene services,
170–172
network deployments, 317
programming, 263–264
Cluster Continuous Replication
(CCR), 33, 80
cmdlet usage in RBAC,
121–122, 122Coca Cola email system, 161
code. See also programming
connecting, 263
snippets, 263
collaboration
address books, 234–235,
234–235–
distribution groups, 242–245,
244–245–
email, 232–235, 234–235–
overview, 231–232
public folders, 240–242, 241–242–
resource mailboxes, 238–240,
238–239–
shared mailboxes,
235–238, 236site mailboxes. See SharePoint
site mailboxes
training, 233–234
Collaboration Data Objects (CDO)
model, 304–305, 309
COM (Component Object
Model), 304
communication, compliance, 229
company-mandated storage
platforms, 95–96
company regulations, 202
complexity in security, 162
COMPLIANCE • DEPLOYMENT | 375
compliance, 199
clients, 309–310
communication, 229
in design, 15
legal department, 203
migration issues, 353
overview, 199–200
policies, 203–206
regulations, 200–203
requirements, 203–205
scenarios
global banking company,
219–228, 221, 223–228HR issues, 209–213
sensitive data, 213–218
solutions, 206–209
Compliance Management
settings, 194
Component Object Model (COM), 304
compression, database, 81
Confi gure-EnterpriseApplication.
ps1 script, 273
Confi gure Synchronization
Connections option, 252, 252confi gure write scopes, 116
Connection Filtering Agent, 175
connections
code, 263
encryption, 314
EWS, 270
Exchange Online, 141–143
fi ltering, 172
SharePoint to Exchange,
256–259
connectors
Exchange 2007, 31
Exchange 2013, 43
source servers, 43
consequences in compliance
policies, 206
constraints, 7–8
contacts
creating, 284
photos, 234, 234–235– , 5 291–292
Contacts folder, 290–291
Content Filter Agent, 175
content fi ltering, 172
content indexing (CI)
Exchange Search service,
278–279
migrations, 343
trending, 360
Continuous Replication Circular
Logging (CRCL), 360
conversation view, 232
cooling factor in high
availability, 67
corporate security policy, 163
cost
complexity, 162
downtime, 62–63
Exchange Online, 140, 142
storage, 86–87, 9677
coverage in compliance policies, 206
CRCL (Continuous Replication
Circular Logging), 360
cross-forest migration, 331
DDAC (Database Activation
Coordination) mode, 75–76, 76DAC (Datacenter Activation
Coordination) mode, 38
DACLs (discretionary access control
lists), 274
DAGs. See database availability
groups (DAGs)
data access, 183
data at rest, 186–193, 189data in transit, 184–186, 186fi rewalls, 180
long-term storage, 193–197
mailboxes, 274–278
mobile devices, 191–193
unauthorized, 162, 177–183
data corruption events, 357
data encryption
clients, 314–315
end-to-end, 190–191
mobile devices, 191–193
data jurisdiction laws, 163
Data Leak Prevention (DLP)
templates, 44
data leakage, 152–153
Data Loss Prevention (DLP), 207
Data Protection Act (DPA), 200, 309
data retention requirements, 204
data sharing. See also collaboration
inter-org migration, 332
intra-org migrations, 337
data sovereignty, 151–152
Database Activation Coordination
(DAC) mode, 75–76, 76
database availability groups
(DAGs), 19
Exchange 2010, 37–38, 81
Exchange 2013, 54–55
nodes, 74
planning, 73–78, 75–77replication, 20
security in transit, 185
database copies in DAG, 74
database reseed, 88
database size in DAG, 73
DatabaseList scope option, 114
DatabaseRestrictionFilter scope
option, 114
Datacenter Activation Coordination
(DAC) mode, 38
de-duplication, 280
Default Role Assignment Policy,
117–118, 118, 244
defense in depth, 170
DelegatingOrgWide RBAC role
assignments, 111
delegation in EWS, 274, 289–290
delivery agents, 266
denial-of-service (DoS) attacks, 180
deployment, 321
acceptance testing, 329–330
Active Directory preparation,
322–323
certifi cates, 325
clients, 328–329
EAC, 135
Exchange 2013, 41, 57
Exchange Online
hurdles, 150–156
planning and preparation,
145–150
into existing organization,
324–325
fi rewalls, 327–328
high availability, 72–73
information resources, 321
load balancer, 326–327
operating system-based
antivirus programs, 327
preproduction load testing, 329
publishing to Internet, 328
required documentation,
321–322
rollout process, 323–325
SMTP considerations, 325
updates for, 323
376 | DEPLOYMENT PHASE FOR REQUIREMENTS • EVOLUTION OF EXCHANGE 2013
deployment phase for
requirements, 3
design
bandwidth requirements, 20
Client Access server, 18
detail in, 12
documents, 2–4, 11. See alsodesign document sections
Exchange Online, 143
Exchange solution sizing, 20–23
fi nishing, 24–25
future proofi ng, 25
living documents, 24
Mailbox, 18–19
overengineering, 25
requirements in, 3, 11
security, 170
simplicity, 25
VM Requirements, 19–20
design document sections, 12
Architecture Summary, 14–15
Business Requirements, 14
compliance framework, 15
Executive Summary, 13
external publishing, 15
Functional Specifi cation, 14
high-availability, 16–17
index, 13
interoperation with third-party
applications, 16
migration and legacy
integration requirements,
15–16
transport design, 17
Vision and Scope document, 14
destination database availability
group, 43
detail in design, 12
DirectAccess, 181
Directory Sync (DirSync)
Exchange hybrid, 139
Exchange Online, 146–148
directory synchronization in
IMAP, 348
Disable-CmdletExtensionAgent
cmdlet, 122
Disable-Mailbox cmdlet, 113–114
disaster recovery (DR), 66
discontinued features
Exchange 2010, 34–35
Exchange 2013, 42
discovery search, 37
discretionary access control lists
(DACLs), 274
Disk Space Requirements table, 93
distribution groups (DG)
inter-org migration, 336
intra-org migrations, 338
overview, 242–245, 244–245–
distribution of DAG databases,
74–75, 75DLP (Data Leak Prevention)
templates, 44
DLP (Data Loss Prevention), 207
DNS domains in Exchange Online,
146–147
DNS round robin, 326
documenting
assumptions, 8
deployment, 321–322
design, 2–3, 11
requirements, 2
Domain Security, 184
domains
Active Directory, 323
Exchange Online, 146–147
failure, 64
DoS (denial-of-service) attacks, 180
double-hop inter-org migration, 349
downloading contact photo
attachments, 291–292
downtime cost, 62–63
DPA (Data Protection Act), 200, 309
DR (disaster recovery), 66
drives
capacity increases, 82, 83failure rate, 63–64
dumpster of folders, 274
EEAC. See Exchange Administration
Center (EAC)
EAS (Exchange ActiveSync)
protocol
encryption, 191–192
features, 268, 308–309
overview, 303–304
ECP (Exchange Control Panel),
36, 127
Edge Transport server
Exchange 2007, 32
Exchange 2013, 43
security, 173–174
EdgeSync feature, 173
eDiscovery feature
compliance, 208–209
in design, 16
in-place, 279–283
Keyword Query Language,
280–281
results of operations, 281–282
with SharePoint, 45
working with, 282–283
editions of Exchange 2013, 42
effective RBAC permissions,
121–122, 122EHS (Exchange Hosted
Encryption), 191
Einstein, Albert, 356
collaboration with, 232–235,
234–235–
mailboxes. See mailboxes
single instanced, 28
EmailMessage class, 285
EMP (Exchange Management
Console), 127–128
EMS (Exchange Management Shell),
102, 135–136
Enable-SPFeature cmdlet, 258
encryption
clients, 314–315
end-to-end, 190–191
mobile devices, 191–193
end-to-end encryption, 190–191
end-user expectations in
migration, 351
endpoints in migration, 353–354
Enterprise edition, 42
entities in mail apps, 293
envisioning phase for
requirements, 3
EOP (Exchange Online Protection),
171–173, 174EPA (Exchange Server Profi le
Analyzer), 92
ESE (Extensible Storage Engine)
description, 28
lost fl ush detection, 363–364
ESW Managed API, 269
evergreen service contracts, 141–142
evolution of Exchange 2013, 27–28
Exchange 2000/2003, 28–30
Exchange 2007, 30–34
Exchange 2010, 34–39
Exchange 2013. See Exchange
2013 overview
EWS. SEE EXCHANGE WEB SERVICES • EXTENDED SUPPORT | 377
EWS. See Exchange Web Services
(EWS)
EWS impersonation, 273
EWSEditor tool, 263
Excel for trend predictions,
364–365, 364exceptions in EOP, 173
Exchange 4.0–5.5 storage, 79–80
Exchange 2000/2003
features, 28–30
storage, 80
Exchange 2007
features, 30–34
storage, 80–81
Exchange 2010
features, 34–39
migration to, 349
storage, 81–82
Exchange 2013 overview, 39–42
autodiscover, 49–51
Client Access servers, 45–47,77 46,
51–53
discontinued features, 42
editions, 42
high availability, 54–56
mail fl ow, 43–44
mailbox servers, 51–52
management, 44–45
name space reduction, 47–49,9
48–49online integration, 57
public folder databases, 52
role separation, 45–54, 46,
48–49sizing, 20–23
transport, 42–43, 51, 53
Unifi ed Messaging, 54
Exchange 2013 Server Role
Requirements Calculator, 93–94, 93Exchange ActiveSync (EAS)
protocol
encryption, 191–192
features, 268, 308–309
overview, 303–304
Exchange ActiveSync Logo
Program, 304
Exchange Administration Center
(EAC), 44, 102
hybrid deployments, 135
malware, 176
new features, 132–134, 133–134for RBAC, 125–126, 126security, 134–135, 194
Exchange application integration
inter-org migration, 335–336
intra-org migrations, 338
Exchange Client Monitor (ExMon)
tool, 310–311, 311Exchange Client Network
Bandwidth Calculator, 20, 317
Exchange Control Panel (ECP),
36, 127
Exchange Event Trace, 311
Exchange Health Manager Service
process, 56
Exchange Health Manager Worker
process, 56
Exchange Hosted Encryption
(EHS), 191
Exchange hybrid. See Exchange
Online
Exchange Mailbox Server Role
Requirements Calculator, 342
Exchange Management Console
(EMP), 127–128
Exchange Management Shell (EMS),
102, 135–136
Exchange native data protection
(backupless) solutions, 91
Exchange Online, 128, 137
benefi ts, 140–141
client support, 153–154
data leakage, 152–153
data sovereignty, 151–152
deployment hurdles, 150–156
deployment planning and
preparation, 145–150
design overview, 143
DNS domains, 146–147
drawbacks, 141–143
External Publishing
Infrastructure, 139–140
infrastructure overview,
137–140, 138proof of concept, 145
single sign-on, 155
solution design, 144–145
solution requirements, 143–144
UPNs, 151
Virtual Desktop Infrastructure,
155–156
Exchange Online Protection (EOP),
171–173, 174Exchange Search service, 278–279
Exchange Server Profi le Analyzer
(EPA), 92
Exchange Setup Wizard, 125
Exchange Solution Reviewed
Program (ESRP) - Storage
platform, 95
Exchange store search, 279
Exchange Trusted Subsystem, 112,
124–125
Exchange Web Services (EWS), 32,
261, 268–269
authentication, 270, 272–273
availability data sharing, 332
best practices, 296
as client, 300–301
connections, 270
delegation, 274, 289–290
Exchange 2007, 32
FreeBusy lookups, 288–289
identifi ers, 275, 277
in-place eDiscovery, 279–283
item creation, 283–286
mail apps for Outlook,
292–296, 293mailboxes
accessing, 274–278
authentication, 273–274
MailTips, 287–288
migrating CDO 1.2 VBS scripts,
290–292
out-of-offi ce settings,
286–287
POX Autodiscover, 270–271
proxy objects, 269
raw SOAP, 269
searching for items,
278–279
on SharePoint server,
254, 254SOAP-based Autodiscover,
271–272
WSDL, 269
Exchange Windows
Permissions, 112
Exclusive scope option, 114
Executive Summary
compliance policies, 205
design sections, 13
EXHTTP nodes, 51
existing organization, deployment
into, 324–325
ExMon (Exchange Client Monitor)
tool, 310–311, 311extended property defi nitions, 275
extended support, 314
378 | EXTENSIBLE STORAGE ENGINE • HYBRID SERVERS
Extensible Storage Engine (ESE)
description, 28
lost fl ush detection, 363–364
external publishing in design, 15
External Publishing Infrastructure,
139–140
external URL publishing
inter-org migration, 335
intra-org migrations, 338
Ffailover, 66–67
failure, planning for, 63–65
failure domains, 20, 64
FAIs (folder associated items), 274
Farm Confi guration Wizard,
249,9 249FAST Search technology, 343
fi le-level protection, 171
fi le share witness, 74
fi ltering
AQS, 279
Contacts folder, 291
FIM (Forefront Identity Manager),
150, 332, 341
FindFolders operation, 275
FindItems operation, 275
fi rewalls
access rules, 180
deployment, 327–328
FOIA (Freedom of Information
Act), 201
folder associated items (FAIs), 274
folders
mailboxes
access, 276–277
properties, 275–276, 276public. See public folders
Forefront Identity Manager (FIM),
150, 332, 341
Forefront Online Protection for
Exchange (FOPE), 172
foreign systems, migrations from,
346–348
FreeBusy lookups, 288–289
Freedom of Information Act
(FOIA), 201
front-end servers, 29
Front End Transport service, 51
functional documents for
requirements, 3–4
functional requirements, 4, 7
Functional Specifi cation in design, 14
functionality, 41
future proofi ng in design, 25
GGAL (Global Address List)
synchronization
inter-org migration, 332
intra-org migrations, 337
GALSync management agent, 332
Gartner report, 171
geographic affi nity, 41
Get-DistributionGroup cmdlet, 239
Get-Mailbox cmdlet, 111, 118, 194
Get-ManagementAssignment
cmdlet, 121
Get-ManagementRole cmdlet, 107
Get-ManagementRoleAssignment
cmdlet, 121
Get-ManagementRoleEntry cmdlet,
113, 121
Get-RoleGroup cmdlet, 109
Get-ServerHealth cmdlet, 368
Get-WebServicesVirtualDirectory
cmdlet, 263
GetHoldOnMailboxes
operation, 280
GetItem request, 292
GetSearchableMailboxes
operation, 280
GetUserAvailiblity operation, 288
GFE (Good For Enterprise), 335
Global Address List (GAL)
synchronization
inter-org migration, 332
intra-org migrations, 337
Good For Enterprise (GFE), 335
Goodman, Steve, 313, 365
Gossage, Matt, 356
granular permission models,
112–113
Griffi n, Stephen, 305
Group Naming Policy, 243–244,
244–245–
groups
distribution, 242–245, 244–245– ,5336, 338
email metrics, 233
RBAC, 115
HHA. See high availability (HA)
hardening servers, 162
hardware for storage, 95–96
HBA (host bus adapter) device
drivers, 80
Health Insurance Portability and
Accountability Act (HIPAA),
201–202
high availability (HA), 8
achieving, 67–69
components, 60–62, 61DAG planning, 73–78, 75–77defi ning, 59–60, 66
downtime costs, 62–63
Exchange 2000/2003, 29
Exchange 2007, 33–34
Exchange 2010, 37–38
Exchange 2013, 40–41, 54–56
Exchange Online, 141
hybrid deployment, 72–73
namespace planning, 69–72,
70–72planning for failure, 63–65
strategy and requirements in
design, 16–17
terms, 65–67
transport, 69
HIPAA (Health Insurance
Portability and Accountability
Act), 201–202
host bus adapter (HBA) device
drivers, 80
Host IO and Throughput
Requirements table, 94
hosting
Exchange 2010, 36
Exchange 2013, 45
HTTPS tunnels, 300
Hub Transport Server (Hub/HT), 32
Huiyuan Juice Group, 161
Hybrid Confi guration Wizard
EAC, 135
Exchange 2010, 39
Exchange Online, 149–150
hybrid deployments, 102. See alsoExchange Online
availability, 72–73
EAC, 135
Exchange 2013, 57
hybrid servers, 139
IDENTIFICATION OF ORGANIZATION IN COMPLIANCE POLICIES • LOADPROPERTIESFROMITEMS METHOD | 379
Iidentifi cation of organization in
compliance policies, 205
identifi ers in EWS, 275, 277
identity federation, 139
IdFix tool, 146
IMAP (Internet Message Access
Protocol), 299
in inventory, 312–313
migration, 347–348
immutability of data, 204–205
in-place archiving, 208
in-place discovery reports, 196, 197in-place eDiscovery, 279–283
In-Place Holds mechanism, 86, 208,
221–222
indefi nite holds, 221
Independent Software Vendors
(ISVs), 297
indexes
content, 278–279, 9 343, 360
design documents, 13
Information Rights Management
(IRM)
compliance, 207–208
data at rest, 186–190, 189security compliance, 310
Information Store process, 52
Information Technology
Infrastructure Library (ITIL), 363
Input/Output Operations Per
Second (IOPS), 22, 80, 83–85
integrity of data, 204–205
inter-org migration, 331
availability data sharing, 332
distribution groups, 336
double-hop, 349
Exchange application
integration, 335–336
external URL publishing, 335
GAL synchronization, 332
mail fl ow, 333–334
mailbox moves, 340–341
mailbox permissions, 334
mobile device reconfi guration,
334–335
offl ine address book, 336
Outlook client reconfi guration,
331–332
public folder data
synchronization, 333
Inter-Organization Replication
(IORepl) tool, 333, 343
interdependency of component
systems, 61–64, 61internal antimalware and antispam
protection, 175–177
Internet access
infrastructure, 147
Internet Information Services
Manager, 250
Internet Message Access Protocol
(IMAP), 299
in inventory, 312–313
migration, 347–348
Internet Security and Acceleration
(ISA) servers, 178
interoperation
Lotus Notes, 346
third-party applications in
design, 16
intersite replication bandwidth,
76–78, 77intra-org migrations, 336–338
inventory
clients, 310–313, 311monitoring, 365–366, 365
Iometer tool, 97
IOPS (Input/Output Operations Per
Second), 22, 80, 83–85
IORepl (Inter-Organization
Replication) tool, 333, 343
IPSec, 180–181
IRM (Information Rights
Management)
compliance, 207–208
data at rest, 186–190, 189security compliance, 310
ISA (Internet Security and
Acceleration) servers, 178
ISVs (Independent Software
Vendors), 297
IT availability, 358
items in mailboxes
access, 277–278
properties, 275–276, 276ITIL (Information Technology
Infrastructure Library), 363
JJavaScript API for Offi ce, 294
JBOD (just a bunch of disks)
Exchange 2010, 81–82
multiple databases for,
88–90, 89solutions, 85–86
Jetstress tool
description, 94
preproduction load testing, 329
storage validation using, 96–98
journaling, 199–200, 207, 30977
KKeeping the Promise for a Strong
Economy Act (C-SOX), 309
Kerberos Constrained Delegation
(KCD) preauthentication, 178
keyloggers, 161
Keyword Query Language (KQL),
225, 280–281
keywords attribute, 50
Llarge audience threshold, 233
latency
cloud, 263–264
Exchange Online, 147
network, 147, 361
trending, 361, 363
Launch The Farm Confi guration
Wizard option, 249
LCR (Local Continuous
Replication), 33
leakage of data, 152–153
least-cost routing, 31
legacy integration requirements in
design, 15–16
legacy migration, 348–349
legacy name space, 324–325
legacy protocols in design, 16
legacyExchangeDN attribute, 334
legal department compliance, 203
legal discoveries, 282
Linux MAPI implementations, 311
litigation holds, 36–37, 208
litigation reports, 196, 197Live@edu service, 299
load balancers, 326–327
load testing in deployment, 329
LoadGen tool, 97, 329
LoadPropertiesFromItems method,
292, 296
380 | LOCAL CONTINUOUS REPLICATION • MIGRATIONS
Local Continuous Replication
(LCR), 33
Log Parser, 312
log shipping, 33
logging, audit, 121–122, 209
Logman tool, 311, 311long-term storage, 193–197
lost fl ushes, 357, 363–364
Lotus Notes, migration from,
346–347
MMA (Managed Availability), 55–56,
367–369
MA (management agent), 332
macros in Outlook, 307
mail apps for Outlook, 292
EWS operations for, 295
overview, 293–294, 293permission levels, 294–295
Mail client, 300
mail fl ow
Exchange 2013, 43–44
inter-org migration, 333–334
intra-org migrations, 337
Mail Recipient Creation role, 123
Mail Tips, 232
mailbox delivery group, 43
Mailbox Replication Service (MRS),
339–340
Mailbox Server Role Requirements
Calculator, 20, 93–94, 93–95Mailbox Transport service, 53
Mailbox Transport Delivery
service, 53
Mailbox Transport Submission
service, 53
mailboxes
auditing, 194–195, 195, 2095authentication, 273–274
capacity requirements
increases, 86
data access, 274–278
databases
trending, 359
volume size in
migrations, 342
design, 18–19
Exchange 2010, 36
inter-org migrations, 340–341
mapping, 237
moving, 338–343
permissions
inter-org migrations, 334
intra-org migrations, 337
reporting, 194–195, 195resource, 238–240, 238–239–
servers
Exchange 2007, 32
Exchange 2013, 51–52
shared, 235–238, 236site. See SharePoint site
mailboxes
MailTips, 287–288
makeEWSRequestAsync
method, 295
malware
prevalence, 160
protecting against, 170–172,
175–177
threats, 160–161
Managed Availability (MA), 55–56,
367–369
managed stores, 52
management, 101
administration. Seeadministration management
Exchange 2000/2003, 29
Exchange 2007, 31–32
Exchange 2010, 35–37
Exchange 2013, 40, 44–47
RBAC. See Role-Based Access
Control (RBAC)
tools, 131–132
trends, 101–102
management agent (MA), 332
management scope in RBAC
permissions, 105
MAPI (Messaging Application
Programming Interface), 299–300
CDO connections, 309
Exchange 2010, 38
Exchange 2013, 47
in inventory, 310–311, 311mapping mailboxes, 237
MCS (Microsoft Consulting
Services), 150
Mealiffe, Jeff, 24
meeting requests, 285
megacycles, 23
memory sizing, 23–24
merging Active Directory
forests, 150
message queue, trending, 360–361
Message Records Management
(MRM), 208
message throttling, 35
Message Transfer Agent (MTA), 28
Messages Received per Mailbox per
Day metric, 91
Messages Sent per Mailbox per Day
metric, 91
MessageWare, 181
Messaging Application
Programming Interface (MAPI),
299–300
CDO connections, 309
Exchange 2010, 38
Exchange 2013, 47
in inventory, 310–311, 311MFCMapi editor, 276, 276Microsoft Consulting Services
(MCS), 150
Microsoft Federation Gateway
(MFG), 139
Microsoft Mail, 28
Microsoft Malware Protection
Center (MMPC), 164
Microsoft Management Console
(MMC), 29
Microsoft Security Response Center
(MSRC), 164
Microsoft Solutions Framework, 3
migration batches, 353
migrations, 331
application integration, 352–353
business support issues, 350
CDO 1.2 VBS script to
PowerShell EWS Managed
API script, 290–292
compliance, 353
content indexing, 343
in design, 15–16
end-user expectations, 351
endpoints, 353–354
foreign systems, 346–348
improvements, 353–354
inter-org. See inter-org
migration
intra-org, 336–338
legacy, 348–349
Mailbox Replication Service,
339–340
moving mailboxes, 338–343
planning issues, 350–351
MIMECAST COMPANY • PERCENTTIMEINMAILBOXRPC PARAMETER | 381
problems, 349–353
public folder data, 343–346
seamless vs. velocity issues,
351–352
storage capacity, 342–343
Mimecast company, 161, 200
MMC (Microsoft Management
Console), 29
MMPC (Microsoft Malware
Protection Center), 164
mobile devices
data access, 191–193
device reconfi guration
inter-org migration, 334–335
intra-org migrations, 338
shared mailboxes, 237–238
monitoring
alerting, 357–358
inventory, 365–366, 365Managed Availability, 55,
367–369
overview, 355–357
trending, 358–365
Workload Management,
369–371
moving mailboxes, 338–343
MRM (Message Records
Management), 208
MRS (Mailbox Replication Service),
339–340
MRTG (Multi Router Traffi c
Grapher), 362, 362MSExchangeHMHost.exe
process, 56
MSExchangeHMWorker.exe
process, 56
MSRC (Microsoft Security
Response Center), 164
MTA (Message Transfer Agent), 28
Multi Router Traffi c Grapher
(MRTG), 362, 362multi-tenant messaging system, 138
multi-tenant model, 36
multiple Active Directory
forests, 150
multiple JBOD databases, 88–90, 89“must” security requirements, 168
MX records, 325
MyBaseOptions role, 117
MyContactInformation role, 117
MyDistributionGroupMembership
role, 117
Nnamespace
planning, 69–72, 70–72reduction, 47–49, 9 48–49
NEAR operator, 281
network perimeter zones, 177–178
networks
bandwidth, 20, 317
client usage, 317, 77 318high availability, 67
latency, 147, 361
unauthorized access, 162,
177–183
utilization trending,
361–364, 362New-AdminAuditLogSearch
cmdlet, 122
New-App cmdlet, 296
New-MalwareFilterPolicy
cmdlet, 176
New-ManagementRole cmdlet,
113, 120
New-ManagementRoleAssignment
cmdlet, 115–116, 120
New-ManagementScope cmdlet, 114
new-migrationbatch cmdlet, 353
new-MigrationEndpoint cmdlet, 354
New-MoveRequest cmdlet, 341
New-OutlookProtectionRule
cmdlet, 190
New-RoleAssignmentPolicy cmdlet,
117–118
New-RoleGroup cmdlet, 115, 121
New-SPTrustedSecurityTokenIssuer
cmdlet, 256
nines in availability, 59–60
non-service-affecting failures, 357
nonfunctional requirements, 4, 7
Novell GroupWise, migration
from, 347
OOAB (offl ine address book)
inter-org migration, 336
intra-org migrations, 338
OAuth
confi guring, 256–257
EWS, 272
Offi ce 365
migration to, 349
SSO, 135
Offi ce 365 Dedicated service, 138
Offi ce 365 Directory Sync
Exchange hybrid, 139
Exchange Online, 146–148
offl ine address book (OAB)
inter-org migration, 336
intra-org migrations, 338
ONEAR operator, 282
online integration
Exchange 2010, 39
Exchange 2013, 57
OnRamp for Offi ce 365 tool, 145
operating system-based antivirus
program deployment, 327
Organization Management role
group, 107–111
organization security compliance,
309–310
out-of-offi ce (OOF) settings,
286–287
out of process hosts, 294
Outlook
client reconfi guration
inter-org migration, 331–332
intra-org migrations, 337
mail apps for, 292–296, 293support, 306–307
Outlook Anywhere
connections, 300
Outlook Web App (OWA), 181
contact photos, 234, 234–235–
Exchange 2013, 44
feature availability, 307–308
mail apps for, 292–296, 293spell check, 303
web browsers, 302–303
OutlookSpy editor, 276
overengineering, 25
Ppaging, 277
partitioning, 41–42
password sync, 347
Patriot Act, 201
Payment Card Industry Data
Security Standard (PCI-DSS), 202
percentage availability, 59
PercentTimeInAD parameter, 318
PercentTimeInCAS parameter, 318
PercentTimeInMailboxRPC
parameter, 318
382 | PERFORMANCE • REPLY ALL PROBLEMS
performance
clients, 315–317, 77 316Lotus Notes, 347
storage platforms, 96
Performance Monitor tool, 363
perimeter protection, 171
permissions
effective, 121–122, 122intra-org migrations, 337
mail apps, 294–295
mailbox, 334
RBAC, 104–105, 104shared mailboxes, 235, 235SharePoint, 257
split, 36, 123–125
Personal Storage Table (PST)
fi les, 199
PHI (protected health
information), 201
phishing attacks, 160–161
PhoneFactor, 181
photos, contact, 234, 234–235– , 5291–292
pilots, 145
Plain Old XML (POX) Autodiscover,
270–271
planning
database availability, 73–78,
75–77Exchange Online deployment,
145–150
for failure, 63–65
migration issues, 350–351
namespace, 69–72, 70–72RBAC management strategy,
105–107
platform-level protection, 171
POC (proof of concept), 145
policies
compliance, 203–206
RBAC role assignments,
117–119, 9 117–77 119Post Offi ce Protocol (POP3),
299–302
in inventory, 312–313
support, 308–309
power
high availability, 67
storage platforms, 96
PowerShell
EWS. See Exchange Web
Services (EWS)
execution modes, 136
POX (Plain Old XML) Autodiscover,
270–271
predicted random IOPS metric,
84–85
Prepare-MoveRequest.ps1 script,
334, 341
preproduction load testing, 329
Primary Safety nets, 56
probability of failure,
63–64
probe engines, 55, 367
processes
in compliance policies, 206
high availability, 67
processor megacycles requirements
per mailbox, 23
processor sizing, 22–23
Product Certifi cations team, 164
production POCs, 145
profi le analysis, 91–92
profi le fi les in migration, 332
Profi le Synchronization service,
247–248, 251–253, 251–253–
programming
API choices, 264–268
cloud considerations,
263–264
connecting code, 263
EWS. See Exchange Web
Services (EWS)
EWSEditor, 263
overview, 261–263
project roles, 2
proof of concept (POC), 145
protected health information
(PHI), 201
Protocol Analysis Agent, 175
proximity searches, 282–283
proxy bypass solution, 147
proxy objects, 269
Proxy/Redirect feature, 45
PST Capture tool, 210, 216
PST (Personal Storage Table)
fi les, 199
public folders
for collaboration, 240–242,
241–242–
data synchronization
databases, 52
inter-org migration, 333
intra-org migrations, 337
Exchange 2007, 32
migration, 343–346
publishing
external, 15, 139–140
to Internet, 328
URL, 335
Purple Zone, 178
Qquery-based holds, 221
quorums
DAC mode, 38
DAG, 74–76
RRackspace hosts, 102
raw SOAP, 269
RBAC. See Role-Based Access
Control (RBAC)
ReadItem permission, 295
ReadWriteMailbox
permission, 295
receive agents in SMTP, 266
receive connectors
in design, 16
Exchange 2007, 31
Exchange 2013, 43
Recipient Filter Agent, 175
recipient write scopes, 116
recovery point objectives (RPOs),
65, 66, 362
recovery time objectives (RTOs),
66, 66Regular RBAC assignments, 111
regulations, 200–203
regulatory compliance, 309
regulatory policies, 163
relative scope in RBAC
permissions, 105
Remote Client Access, 179–183
Remote Procedure Call (RPC)
protocol, 300
RemoteSigned execution
mode, 136
Remove-Mailbox cmdlet, 121
Remove-RoleGroupMember
cmdlet, 115
replication
bandwidth, 20, 76–78, 77CCR, 33, 80
LCR, 33
MRS, 339–340
public folders, 240–241
Reply All problems, 233
REPORTING • SECURITY | 383
reporting
administrator activity,
195–196, 196capabilities, 193–194, 194mailbox activity, 194–195
system availability, 358
trending. See trending
requirements, 1–2
business, 4–6
compliance, 203–205
constraints, 7–8
in design, 11
elicitation, 8, 167–170
in framework, 3–4
implementing, 12
storage, 90–92
technical, 6–7
types, 4
VM, 19–20
requirements defi nition phase, 3
reseed
automatic, 54, 88
planning, 78
resource mailboxes, 238–240, 0 238–239–
responders in Managed
Availability, 56
Restricted execution mode, 136
Restricted permission, 295
restrictions in search, 275
retention holds, 36–37
retention of data, 204
revenue requirements, 5
revision dates in compliance
policies, 206
rights in distribution groups,
244, 244rights policy template, 188
risk requirements, 5
Role-Based Access Control
(RBAC), 102
business logic, 119–121
distribution groups, 244
EAC for, 125–126, 126Exchange 2010, 36
overview, 103–104
permissions, 104–105, 104effective, 121–122, 122granular models,
112–113
split, 123–125
planning management strategy,
105–107
roles
assignment policies,
117–119, 117–77 119assignments, 111,
115–117
built-in management,
107–111
creation, 113–114
groups, 115
scope creation, 114
role-based mailboxes, 235
role groups
RBAC, 107–111, 115
reports, 196, 197role separation
Exchange 2000/2003, 29
Exchange 2007, 32–33
Exchange 2010, 37
Exchange 2013, 40, 45–54, 46,
48–49roles
compliance policies, 205
establishing, 2
RBAC. See Role-Based Access
Control (RBAC)
rollout process, 323–325
rotational latency
metric, 84
rotational latency + average seek
time metric, 84
rotational speed metric, 84
round-trip time (RTT), 363
routable DAGs, 43–44
routing
Exchange 2010, 35
Exchange 2013, 43
routing agents, 266
RPC (Remote Procedure Call)
protocol, 300
RPC Averaged Latency
counter, 363
RPC Client Access service, 37
RPOs (recovery point objectives),
65, 66, 362
RTOs (recovery time objectives),
66, 66RTT (round-trip time), 363
rules in EOP, 173
Run A Per-Mailbox Litigation Hold
report, 196
Run An Administrator Role Group
Report settings, 196
SS/MIME (Secure/Multipurpose
Internet Mail Extensions),
190–191, 315
safelist aggregation, 173
Safety Nets, 56, 69
SAN (Subject Alternate Name)
certifi cates, 69
SANs (storage area networks), 64
Sarbanes-Oxley Act (SOX), 202, 309
SCC (single copy clusters), 33–34, 81
schema in Active Directory, 322
SCL (Spam Confi dence Level)
rating, 175
SCOM (System Center Operations
Manager), 356
scopes in RBAC, 105, 114, 116
SCP records, 50
SCR (standby continuous
replication), 33, 80
scripts, 136, 290–292, 313
SDL (Security Development
Lifecycle) framework, 164
seamless issues in migration,
351–352
Search-AdminAuditLog cmdlet,
122, 195
Search-MailboxAuditLog
cmdlet, 195
SearchFilters, 275
searching for items, 278–279
SearchMailboxes operation, 280
Secure by Default, 164–166
Secure by Design, 167
Secure/Multipurpose Internet Mail
Extensions (S/MIME),
190–191, 315
Secure the Perimeter (STP), 178
security, 159
clients, 309–310, 314–315
cloud, 170–173, 174compliance policies, 205
conversations, 162–164
design overview, 170
EAC, 134–135
Edge Transport server, 173–174
malware and spam, 170–172,
175–177
meaning, 159–160
need for, 161–162
remote client access, 179–183
threats, 160–161
384 | SECURITY DEVELOPMENT LIFECYCLE • STANDARD EDITION
trustworthy computing,
164–170
unauthorized network access,
177–183
Security Development Lifecycle
(SDL) framework, 164
Security Group Creation and
Membership role, 123
Security Industry Alliances
teams, 164
self-service management of
distribution groups, 243
self-signed certifi cates, 30–31
send connectors
Exchange 2007, 31
Exchange 2013, 43
Sender Filter Agent, 175
Sender ID Agent, 175
sender policy framework (SPF), 173
sender-recipient fi ltering, 172
server health, 368–369, 9 368–369server lists, 43
server-to-server authentication, 272
Server Virtualization Validation
Program (SVVP), 19
ServerList scope option, 114
ServerRestrictionFilter scope
option, 114
service-affecting failures, 357
service-level agreements (SLAs),
65, 91
service outages in Exchange
Online, 141
serviceBindingInformation
attribute, 50
Set-ADServerSettings cmdlet, 116
Set-ClientAccessServer cmdlet, 255
Set-DatabaseAvailabilityGroup
cmdlet, 55, 185
Set-DistributionGroup cmdlet, 239
Set-ECPVirtualDirectory
cmdlet, 134
Set-ExecutionPolicy cmdlet, 136
Set-ImapSettings cmdlet, 312
Set-Mailbox cmdlet, 117–118, 194
Set-MalwareFilteringServer
cmdlet, 176
Set-ManagementRoleEntry
cmdlet, 114
Set-PopSettings cmdlet, 312
Set-SendConnector cmdlet,
184–185
Set-SPAppPrincipalPermission
cmdlet, 257
Set-TransportConfi g cmdlet, 185
Set-WebServicesVirtualDirectory
cmdlet, 263
SetHoldOnMailboxes operation, 280
shadow redundancy
Exchange 2010, 38
Exchange 2013, 56
Shadow Safety Nets, 56
shared mailboxes, 235–238, 236shared permissions model, 123
SharePoint site mailboxes, 16
Exchange connections, 256–259
Exchange integration, 44–45
implementing, 247
overview, 245–247, 77 246prerequisites, 247–248, 248server confi guration, 248–255,
249–255–
server preparation, 255
SQL, 248, 248“should” security requirements, 168
Simple Network Management
Protocol (SNMP)
alerting, 357
in deployment, 325
Exchange 2013, 51
mail fl ow, 333–334
MRTG, 362
receive agents, 266
simplicity
design, 25
EAC, 133–134
single copy cluster (SCC),
33–34, 81
single instanced email, 28
single item recovery (SIR), 274
single points of failure, 68
single sign-on (SSO)
ADFS, 139
authentication in EWS, 273
Exchange Online, 155
Offi ce 365, 135
SIR (single item recovery), 274
site collections, 250–251, 251site mailboxes. See SharePoint site
mailboxes
sizing
database, 73
memory, 23–24
processors, 22–23
servers, 21
storage, 21–22
SLAs (service-level agreements),
65, 91
Smith, Ross, IV, 93, 367
SNMP. See Simple Network
Management Protocol (SNMP)
SOAP, 262, 268–272
soft deleted items, 274
software support for Exchange
Online, 153–154
SolarWinds monitoring, 356
solid-state (SSD) technology, 83
solutions in Exchange Online
design, 144–145
requirements, 143–144
solution alignment
workshop, 143
SOX (Sarbanes-Oxley Act), 202, 309
space in storage platforms, 96
spam
prevalence, 160
protecting against, 170–172,
175–177
threats, 161–162
Spam Confi dence Level (SCL)
rating, 175
Spamhaus database, 172
spear phishing, 161
SPECint benchmark, 23
spell check in OWA, 303
SPF (sender policy
framework), 173
split brain
DAC mode, 38
DAG, 74
split permissions
Exchange 2010, 36
RBAC, 123–125
spoofi ng, 172–173
SQL installation, 248, 248SSD (solid-state) technology, 83
SSL
SharePoint certifi cates,
254–255, 255Web applications
creating, 249–250, 250site collections, 250–251, 251
SSO. See single sign-on (SSO)
stability in Exchange Online,
140–141
Standard edition, 42
STANDBY CONTINUOUS REPLICATION • USER ACCEPTANCE TESTING | 385
standby continuous replication
(SCR), 33, 80
StartTLS command, 184
Stehle, Matt, 263
storage, 79
capacity
increases, 82, 83, 86
mailbox, 86
migrations, 342–343
trending, 359
costs, 86–87
design overview, 90
Exchange 2000/2003, 29–30
Exchange 2007, 34
Exchange 2010, 39
Exchange 2013, 41, 56
hardware, 95–96
history, 79–82
improvements, 87–90, 89IOPS performance, 83–85
mailbox server role
requirements calculator,
93–94, 93–95requirements gathering,
90–92
sizing, 21–22
validation using Jetstress,
96–98
storage area networks (SANs), 64
store search, 279
STP (Secure the Perimeter), 178
Subject Alternate Name (SAN)
certifi cates, 69
supportability of clients, 306–308,
313–314
SVVP (Server Virtualization
Validation Program), 19
switchover, 66–67
Symantec Intelligence Report, 160
Symantec Policy Based
Encryption, 191
synchronization
Exchange Online,
146–148
IMAP directories, 348
public folder data, 333
User Profi le Synchronization
service, 247–248, 251–253,
251–253–
system availability types, 358
System Center Operations Manager
(SCOM), 356
Ttarget Exchange mailboxes, 290
task requests, 285
TCP ports, 51, 53
Technical Adoption Program, 352
technical requirements, 6–7
tenants in Exchange hybrid, 138
testing user acceptance, 329–330
Thiel, Greg, 367
thinking phase for requirements, 3
third-party products, 297
interoperation with, 16
storage devices, 91–92
Threat Management Gateway
(TMG), 178
threats, security, 160–161
three nines availability, 59
throttling
clients, 36, 318–319
cloud, 264
messages, 35
time-based holds, 221
time for one rotation metric, 84
Tivoli Data Protection, 193
Tivoli Storage Manager, 193
TLS (Transport Layer Security), 184
TMG (Threat Management
Gateway), 178
token authentication, 272–273
tokenized structures, 268
top-level roles, unscoped, 119–121
Total Database Required IOPS per
database value, 94
TPM (Trusted Platform Module),
187, 191
tracking/protocol log trending, 361
trading disclosure regulations, 202
training collaboration, 233–234
transaction logs
capacity trending, 359–360
volume size in migrations,
342–343
transport
design, 17
Exchange 2000/2003, 29
Exchange 2007, 30–31, 34
Exchange 2010, 35
Exchange 2013, 40, 42–43, 51, 53
high availability, 56, 69
transport agents, 35, 266
transport dumpster, 31, 34
Transport Layer Security (TLS), 184
transport rules, 31, 207
TransVault Insight tool, 216
TransVault Migrator tool, 222
trending, 358–359
content index, 360
Excel predictions, 364–365, 364mailbox databases, 359
message queue, 360–361
network utilization,
361–364, 362tracking logs, 361
transaction log capacity,
359–360
Triple Data Encryption Standard
(Triple DES), 192
Trusted Platform Module (TPM),
187, 191
Trustworthy Computing (TwC)
initiative, 164
requirement elicitation, 167–170
Secure by Default, 164–166
Secure by Design, 167
tunnels, HTTPS, 300
two-factor authentication (2FA),
179–183, 310
UU.S. Patriot Act, 201
ubiquitous computing, 159–160
unauthorized network access, 162,
177–183
Unifi ed Access Gateway (UAG),
147, 178
Unifi ed Messaging
design, 19
Exchange 2007, 32
Exchange 2010, 37
Exchange 2013, 54
United Kingdom, Data Protection
Act in, 200
Unrestricted execution mode, 136
unscoped top-level roles, 119–121
unsupported clients in Exchange
Online, 153–154
updates for deployment, 323
upgrades, version-to-version, 348
UPNs (User Principal Names), 151
UPSS (User Profi le Synchronization
Service), 247–248, 251–253,
251–253–
user acceptance testing, 329–330
386 | USER EXPERIENCE FOR CLIENTS • XML MANIFEST FILES
user experience for clients, 305–306
user locations in high
availability, 67
user mailbox activity, auditing and
reporting, 194–195, 195user partitioning, 41–42
User Principal Names (UPNs), 151
user profi les, 179
analysis, 91–92
UPSS, 247–248, 251–253,
251–253–
user throttling, 318–319
VVBA (Visual Basic for
Applications), 307
VDI (Virtual Desktop
Infrastructure), 155–156
velocity issues in migration,
351–352
version-to-version upgrades, 348
versioning, 41
violations in compliance policies, 206
VIP (Virtual Internet Protocol), 255
Virtual Desktop Infrastructure
(VDI), 155–156
Virtual Internet Protocol
(VIP), 255
virtualization
failure domains, 64
high availability, 68
requirements, 19–20
Virus Scanning API (VSAPI), 175
viruses
antivirus program
deployment, 327
protecting against, 170–172,
175–177
threats, 160–161
Vision and Scope document,
3, 14
Visual Basic for Applications
(VBA), 307
Visual Studio Express, 263
Volume Requirements tab, 94
Volume Shadow Copy Service
(VSS), 216
volumes in JBOD, 85
VPN connections, 181
VSAPI (Virus Scanning API), 175
VSS (Volume Shadow Copy
Service), 216
Wweb browsers, 302–303
web clients in inventory, 311–312
Web Services Description Language
(WSDL), 269
WellKnownFolderName
enumeration, 277, 291
“What” in RBAC permissions, 105
“Where” in RBAC permissions, 105
“Who” in RBAC permissions,
104–105, 104Workload Management (WLM),
369–371
write scopes in RBAC, 116
WSDL (Web Services Description
Language), 269
XXML manifest fi les, 294