protecting exchange with veeam
DESCRIPTION
You will learn about general security, high availability and recovery. We will review built-in methods, how to use Veeam for Instant VM Recovery™ and item-level recovery, as well as Exchange patch testing with Veeam's Virtual Lab. We will also discuss more advanced Exchange topics and provide references for further reading. You can learn more about the latest version of FREE Veeam Explorer for Exchange: http://go.veeam.com/veeam-explorer-for-microsoft-exchange VIDEO for this Webinar: http://www.veeam.com/videos/protecting-exchange-with-veeam-4712.htmlTRANSCRIPT
Managing your Exchange Architecture LEARN EXCHANGE – PART 3
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Niels Engelen System Engineer, Veeam Software [email protected]
Johan Huttenga System Engineer, Veeam Software [email protected]
Recap: Last Session
We’ve discussed: ‐ Exchange Management
‐ Troubleshooting Mail Flow
‐ Compliance Policies (including DLP and Email Archiving)
‐ Monitoring Exchange (Events, SCOM, and Best Practice Analyzer)
Session Overview
We’ll be discussing: ‐ Exchange Security
‐ High Availability and Recovery
‐ Built-in and Veeam Instant Recovery as well Item-level recovery
‐ Exchange patch testing with Veeam’s Virtual Lab
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Exchange Security
‐ Accounts should have limited permissions and scoping using RBAC
‐ Internal message paths are encrypted by default, (ensure your message transport is as secure as possible for all routes)
‐ Use a DMZ to protect your mail flow (you can use IIS Application Request
Routing to reverse proxy Exchange traffic).
‐ Make sure you test regularly deploy security patches.
Secure it baby! Exchange Security
‐ Anti-spam agents can be enabled on mailbox servers in organizations without Edge Transport (.\Install-AntispamAgents.ps1)
‐ Agents: Sender Filter, Recipient Filter, Sender ID, Content Filter, Protocol Analysis
‐ Anti-malware filtering is enabled by default on mailbox servers in organzations without Edge Transport (.\Install-AntiMalwareScanning.ps1)
Anti-spam and Anti-malware Exchange Security
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
High Availability and Recovery
Native Exchange Functionality Exchange High Availability and Recovery
‐ Use DAG replication, email archiving, built-in recovery of hard deleted items to protect Exchange (uses multiple DAG copies and lag copies to prevent corruption.)
‐ Eliminating traditional recovery sounds exciting but can be a dangerous concept.
Single-Item Recovery Exchange High Availability and Recovery
‐ Can use an In-Place eDiscovery search
‐ Or PowerShell Search-Mailbox "Johan" -SearchQuery "from: 'Niels'" -TargetMailbox "Discovery Search Mailbox" -TargetFolder "Mail Recovery" -LogLevel Full
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Recovery using Veeam
Instant VM Recovery Recovery using Veeam
- Exclusive patented Veeam technology
- Publishes the contents of the backup file as a datastore a host can connect to
- Compressed, deduplicated, (full or incremental chain)
- Runs the VM directly from the backup file on regular backup storage without making any changes to the backup file
Instant VM Recovery Recovery using Veeam
Fast: Restart a VM directly from a backup file in 2 minutes
Readily available: uses existing backups and backup storage
Buys you time: Users keep working while you troubleshoot the problem
Recovery using Veeam
Instant VM Recovery
vPower
migrate online
Recovery using Veeam
Explorer for Exchange
- Visibility into Exchange 2010 and 2013 VM backups.
- Browse, search and restore mailboxes and mailbox contents.
- Export, email or restore directly back to Exchange, or even Office 365.
- Restore to online archive mailboxes
- Recover from hard deleted items (that were both created and deleted since last backup)
- Twist: 1-Click Exchange item recovery in Enterprise Manager (useful for helpdesk staff)
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Exchange Patch Testing
Exchange Patch Testing
Virtual Lab
VM App OS Report
verification job
Leverage Data use backup to spin up test environments
Virtual Lab Proxy
Virtual Lab Network
Production Network
Start VMs from a backup file (SureBackup) or replica, using a virtual lab proxy to separate network traffic.
The internal IP address of the virtual lab should be set to the default gateway in production. It is also possible to allow internet traffic through or map an IP address (static mapping) to allow production access to a VM.
SureReplica requires distributed virtual switches.
© 2014 Veeam Software. All rights reserved. All trademarks are the property of their respective owners.
Demo
Find recordings of our series online:
http://go.veeam.com/microsoft-exchange-series/
However if you’d like there is a lot more detailed
information available:
http://microsoftvirtualacademy.com
http://blogs.technet.com/b/exchange/
(you had me at EHLO)
Niels Engelen System Engineer, Veeam Software [email protected]
Johan Huttenga System Engineer, Veeam Software [email protected]
Questions? Further Reading and References