Exchange Anywhere Access Solutions
Architecture Design Session
Name
Title
Microsoft
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Solution
Overview
Technology
Overview
VPC-based
demo
Point out
technologies
for relevant
capabilities
View the
capabilities in
action
Show various
possibilities
Discuss
technologies
Architecture
Discussion
Discuss
Architecture
Decision Points
POC
Planning
Develop scope
and
specifications
for POC
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Summary of Pains and Drivers
Challenges
•
•
•
•
Weakened productivity of mobile
workers
Competitive pressure to increase
sales or improve efficiency
Failure of business activities when
sales people are out of the office
Poor availability of data for mobile
workers
Business Drivers
•
•
•
Increase efficiency and flexibility
Easily connect to key resources and
information while on the road
Increase employees’ availability to
customers regardless of location
Technical Requirements
•
•
•
Secure, reliable communications via mobile devices
Feature-rich application access on mobile devices (like CRM, sales pipeline, and
documents)
Real-time conferencing capabilities in lieu of face-to-face visits
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Solution
Overview
VPC-based
demo
View the
capabilities in
action
Show various
possibilities
Future
of Communications
Communications
Today
Instant
Messaging (IM)
Voice Mail
Video
Conferencing
Telephony
and
User
Voice
Mail
User
Experience
Experience
User
Experience
Authentication
Authentication
Administration
Administration
Storage
Storage
Authentication
Administration
Storage
Telephony
E-mail and
Calendaring
Web
Conferencing
Unified
Conferencing:
Audio, Video,
Web
User
Experience
Authentication
Administration
Administration
Storage
Audio
Conferencing
Instant
Messaging
User
User
Experience
Experience
Unified Inbox Authentication
& Presence Administration
Storage
Authentication
E-mail and
Calendaring
User
Experience
Authentication
Administration
Storage
Authentication
Administration
Storage
Storage
Compliance
On-Premises
Hybrid
In the Cloud
Microsoft Unified Communications
Increased productivity through communications convergence
Across Devices
PC, Mobile, Web
Increase
Efficiency and
Flexibility
Streamline
Communications
Amplify Protection
and Control
Unified Identity,
Presence, and Inbox
Authentication
Administration
Storage
Compliance
Provide a Unified
and Extensible
Platform
Maximize IT
Resources
with S+S
On-Premises, Hybrid, or in the Cloud
Enable Anytime and Anywhere
Access messages
PC, from
mobile
device,interface
or the
Connect
in real timethrough
acrossyour
devices
a familiar
Web
PC
Mobile
Web
Scenarios
Microsoft Unified Communications
Products and Services
Conferencing
E-Mail and Security and
Calendaring Compliance
VoIP
IM and
Presence
Conferencing
Mobility
E-mail Security,
Compliance, and
Continuity
Delivery
Products
Unified
Messaging
On Premise
Hosted by Microsoft
Hosted by Microsoft or by Partners
Hosted by Partners
UC Journey Through Infrastructure
Optimization
identify
where
you want
to be
identify
where
you are
Basic
Standardized
Rationalized
Dynamic
Basic e-mail, file
shares, mostly
phone based
communication
Standard platform
for secure e-mail
and IM
Ad hoc teaming
around functions &
projects based on IT
standards
Increasing
unification of
communication
channels
Fully managed
collaboration
platform and
pervasive access
Seamless
collaboration across
the firewall
Federation of
communication
information and
policy
IT is an
Efficient cost center
IT is a
business enabler
IT is a
strategic asset
IT is a
cost center
Identifying Target Maturity Level
Voice
Conferencing
IM &
Presence
Messaging
Basic
Standardized
Rationalized
Basic email with no remote Rich mailbox & calendaring
access and with limited
Secure, remote, online &
security
offline access
Minimal or decentralized
Basic AV/AS/AP protection
IT support
and disaster recovery
User inboxes are fully
Solution supports encryption
managed by IT
Business continuity with
AS/AP and multi-layer AV
protection
Public IM/online
presence, ad-hoc use for
daily business
Secure IM/online presence
accessible from a variety of
devices and integrated into
enterprise productivity &
collaboration platform
Secure access from inside
& outside the firewall
Supports peer-to-peer voice
& video communications
Presence enabled email
client
Sporadic use of audio &
web conferencing
Limited video
conferencing capabilities
Secure web conferencing
accessible from remote
locations and devices
IT-managed video
conferencing with limited
remote access
Legacy TDM PBX,
traditional phones
Highly available hybrid
telephony infrastructure
Limited voice mail and
call routing
Online & offline access to
voice mail
Managed call routing
Support advanced policydriven message controls
Provisioning for user
inboxes
Dynamic
Seamless business continuity
with multiple AV/AS protection
Advanced policy control to
mobile devices & applications
Integration with LOB
applications
Federation of calendar
Supports federation and
integration with LOB
applications
Persistence group chat
Integrated & secure
conferencing platform
Supports high-quality audio
& video
Remotely accessible
collaboration features
Encrypted voice infrastructure
with unified inbox accessible
from PCs, phones, & web
browsers
Managed storage
Presence-based call routing
Contextual unified
conferencing solution tightly
integrated with collaboration
infrastructure and LOB
applications
Integrated voice platform for
IM/presence; conferencing
with LOB applications
Auto-remediation, proactive
monitoring of call quality
Federated identity and
presence-based call routing
Anywhere Access
Unified Communication Anywhere Access
Manage Inbox
Overload
Enhance
Voicemail
Collaborate
Effectively

Enhanced conversation view eases Inbox
navigation

MailTips help avoid undelivered/misdirected email

Text preview of voicemail messages for faster
triage

Customizable call handling rules and menu options


Full featured experience across all “three screens”
Federation of Free/Busy details with partners
Manage Inbox Overload
Conversation View
Instant Messaging
Ignore Conversation
Manage Inbox Overload
MailTips in
Outlook 2010
MailTips in
Outlook Web App
Enhanced Voice Mail
Audio playback
Contextual Contact
Actions
Text Preview
of Voice Mail
Enhanced Voice Mail
Managing Call
Answer Rules
Defining a Custom
Voice Mail Menu
Collaborate Effectively
Desktop
Collaborate Effectively
External Contact
Free/Busy Information
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Solution
Overview
Technology
Overview
VPC-based
demo
Point out
technologies
for relevant
capabilities
View the
capabilities in
action
Show various
possibilities
Discuss
technologies
Exchange Server 2010 Anywhere Access
Outlook Web App (OWA) - Web based inbox access
Exchange ActiveSync – Over the air inbox access on
variety of mobile devices
Outlook Anywhere - Connect Outlook to your mailbox
server without a VPN
Outlook Voice Access (OVA) - voice based inbox access
Bandwidth reductions – Less round trips and less data
transferred
while maintaining functionality
Anywhere Access Clients
Outlook Web App
A rich, familiar Web e-mail experience, enables users to
work and collaborate more effectively wherever they are
Great Web-based messaging experience
across platforms and locations
Access to email, voicemail, instant
messaging, SMS text messages, and
Calendaring
Shows real-time presence of users and
contacting them through e-mail, instant
messaging, or SMS directly from Outlook
Web App
External Calendar sharing made easy to
collaborate with customers
Helps preventing intellectual property leaks
or policy violations
Anywhere Access Clients
Outlook Web App
Conversation View
View
conversations in
context
All messages
All folders
Forks
Hide repeated
information
Take action on
conversations
Ignore
Categorize
Anywhere Access Clients
Outlook Web App
Key Features
OWA premium for IE, FireFox, and Safari
Improved threaded conversation view
Integrated Presence and IM for SPOG Unified Communications (UC)
experience
External Calendar sharing and Side by Side Calendaring
SMS Sync in OWA (Outlook and Mobile too!)
Nickname cache
See your Voice Mail Messages
Favorites folders
Advanced search
End User Archiving and access to archive
Distribution group creation
Information Rights Management (IRM)
Delegate access
Anywhere Access Clients
Outlook Web App
Presence and Instant Messaging
See and set
presence
Chat using
instant
messaging
(IM)
Start a chat
from
anywhere you
see a user
IM log in from
multiple
locations
Presence
throughout
Outlook Web
App
Anywhere Access Clients
Outlook Web App
Unified Messaging Card
Voicemail
Inline
Transcription
player
is now
is visible
an attached MP3 file
Anywhere Access Clients
Outlook Web App
Protected Email
View Information
Send
IRM-protected
Rights
email
Management (IRM) email
Anywhere Access Clients
Outlook Web App
Protected Voicemail
Protected
Inline
Forwarding
playback
voicemail
of the
means
message
access
no attachments
is disabled (Internet Explorer® only)
Anywhere Access Clients
Outlook Web App
Access IRM-protected attachments
Anywhere Access Clients
Outlook Web App
Online Archive
Archive in
the folder
list
Treat like
any other
folder
Access
your PST
from the
Web
Anywhere Access Clients
Outlook Web App
Calendar Sharing
Share calendars
internally or externally
Trust can be set by
user or by domain
Once trust is set,
everything is
transparent
Admin control is
provided
Anywhere Access Clients
Outlook Web App
Calendar Sharing
Admin can
Users
setsnow
up trust
see calendars
with Microsoft
another
organization
fromFederation
other organizations
Gateway
Contoso Inc.
Microsoft Federation Gateway
Exchange Server 2010
Intranet
Fabrikam Inc.
Exchange Server 2010
Internet
Intranet
Anywhere Access Clients
Outlook Web App
Calendar Sharing & Subscribing
Calendar Publishing
Explicit opt-in for both admins and users
Admin turns on vdir, enables sharing, and assigns policy
User decides to turn on calendar for publishing
Server provides URL
Public: Discoverable over the Internet
Restricted: User must send link
Security and data protection
Published calendars are completely isolated with a dedicated vdir, separate app pool,
and limited HTTP access
Throttling prevents excessive requests for published calendars
Calendar Subscribing
Subscribe to any public calendar
Uses iCal standard
Server-side storage
Anywhere Access Clients
Exchange ActiveSync
Provides users with full-featured, real-time access to their
communications over the air on variety of compatible devices
Exchange ActiveSync
Direct Push delivers e-mail to device as
it arrives
Enhanced device control and policies,
including user self-service
Support for advanced e-mail features
ActiveSync uses SSL by default
Certificate based authentication
Outlook Web App provides user self
service options, such as:
Remote device wipe
Device access logging
Device password reset
Speech-to-text voice mail preview
Conversation View of E-mails
Exchange ActiveSync Benefits
Key User Benefits
High fidelity Direct Push email and personal
information management (PIM)
Know when to schedule a meeting
Read your voicemail
The company directory is in your pocket
SMS from your computer
Find any email in your mailbox
Message Flagging
Remember to tell them you’re on vacation
SharePoint® sites & file share access
Data Encryption
Buy the phone that’s right for you
GAL Photo
Quick Actions
IRM over EAS
Exchange ActiveSync Benefits
Key Administrator Benefits
Don’t pay extra for mobile email
Don’t risk downtime at the hands of others
Grows with you
You’ve already got enough to manage
Bring law and order to your mobile employees
Control your border
Lost devices don’t mean leaked information
Keep away prying eyes
Know what's going on with your users
Device choice
Connect multiple devices
Block/allow via approved device list
Quarantine
Approved by device type or by user
Device type reported by the device
Block an unsupported device
E-mail sent
Administrator approved
Anywhere Access Clients
Exchange ActiveSync
Block/Allow/Quarantine
Scenario: New
Allowdevice
Block
CEO
isList
special
No
Policy
No
Policy
Person
Device
Anything
Unknown
Block
Block
Allow
Allow
Quarantine
Allow
Person: Is there a special case for this user?
Device: Are we blocking or allowing this device?
Anything Unknown: What is done when no policy applies?
Anywhere Access Clients
Exchange ActiveSync
Block/Allow/Quarantine List
One list with settings for each device type
Device type reported by the device
List is updatable
List shows device type
Anywhere Access Clients
Exchange ActiveSync
Broad EAS Support
Apple
Anywhere Access Clients
Exchange ActiveSync
Conversation View
Anywhere Access Clients
Exchange ActiveSync
Message Diffs
A new,
Relevant
efficient
A conversation
Aninformation
email
conversation
Anywhere Access Clients
Exchange ActiveSync
Quick Menu
Access from Conversation View
Reply all
Reply
Forward
Open the message
Delete
Mark as read/unread
Flag for follow-up
Anywhere Access Clients
Exchange ActiveSync
Global Address List Photo
Photo pulled from the GAL
Photo on contact card
Sender photo in email
Contact photo used if
present
Photo added to contact if
no photo exists
Anywhere Access Clients
Exchange ActiveSync
Free/Busy Information
Free/Busy from contact card
Color coded by user’s availability
Change day to see
future availability
View Free/Busy of
external contacts
Anywhere Access Clients
Exchange ActiveSync
UM Card
Inline player
Call back button
Voicemail preview
Anywhere Access Clients
Exchange ActiveSync
IRM Over EAS
Access protected
messages
No need to tether
All IRM templates
Exchange ActiveSync Self Help Feature
Remote Wipe
Self help features empower users to fix their own problems
Users can remotely manage devices
Users can remotely wipe their device in even that it is lost of
compromised
Anywhere Access Clients
Outlook Anywhere
Provides user to access to their full mailbox with rich outlook
features outside the corporate firewall without VPN
Provides rich Outlook
experience
Enables users to access their
full mailbox from Internet
Users can access their full
mailbox including E-mails,
calendar, contacts, voice mails,
public folders etc.
Provides secure communication
without VPN connectivity
Anywhere Access Clients
Voice mail and Unified Messaging
Provides effective to manage and easy access to voicemails
wherever you are
Consolidation of voicemail
in to Universal Inbox
Speech-to-text previews
of voicemail
Effectively manage
important calls – call
answering rules
Users can create
customized greetings and
call transfer options
Protected voicemail
Outlook Voice Access
Text Preview
of Voice Mail
Audio Playback
Contextual Actions
Exchange Unified Messaging
Outlook Voice Access
Enables users to retrieve e-mail messages from their
mailbox using an analog, digital, or mobile telephone
Users can interact with their mailbox
using touchtone or voice commands
Automatic Speech Recognition
(ASR)
Users can retrieve, listen to, reply to,
create, and forward voice or e-mail
messages
Listen to or change calendar
information
Send a voice message to a personal
contact
Can set personal greeting messages
Allows user to choose the order to
listen to unread voice mail
messages, from the oldest message
first or the newest message first
Listening to e-mail messages using the
Voice User Interface
Sending an I'll be late message using
the Voice User Interface
Sending an I'll be late message using
the touchtone interface
Exchange Server 2010 Security
External
Web
Server
Users
Exchange
DMZ
Internet
Internal
Network
External traffic
secured with SSL
and authentication
HEAD
QUARTERS
Active
Directory
Secured by default with SSL:
Outlook Anywhere, Exchange ActiveSync and Outlook Web App
Self-signed certificate installed out of the box
Deploy Windows Certificate Services
Use a third-party PKI product or CA
Remote device wipe
Device password policies
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Solution
Overview
Technology
Overview
VPC-based
demo
Point out
technologies
for relevant
capabilities
View the
capabilities in
action
Show various
possibilities
Discuss
technologies
Architecture
Discussion
Discuss
Architecture
Decision Points
Key Deployment Scenarios
Access for everyone / Branch office support:
Consider impact of Outlook Web App; Exchange ActiveSync;
Outlook Anywhere; Outlook Voice Access; Instant Messaging;
and Instant Messaging thru Web client, on users productivity
Consider SSL and server placement requirements to provide
secure remote access
Evaluate mobile device support and purchase options
Existing non-Windows Mobile devices:
Evaluate the impact of replacing devices
Determine if existing devices can be supported by Exchange
Exchange Server 2010 Architecture
Overview
Other
SMTP
Servers
Enterprise Network
I
N
T
E
R
N
E
T
Edge
Transport
Hub
Transport
Routing
Hygiene
Routing Policy
PBX
or
VoIP
Applications
OWA
Protocols
ActiveSync, POP,
IMAP, RPC /
HTTP, MAPI
Mailbox
Public Folders
Voice
Messaging
Fax
Programmability
Web services,
Web parts
Client Access
Mailbox
Unified
Messaging
5 server roles – Edge, Hub Transport, UM, Mail and Client Access
Exchange Server 2010 Roles
Client Access Server enables
OWA, mobility, web services, and RPC client access
Hub Transport enables
SMTP email transport
Mailbox enables
Both mailbox and public folder database hosting
Edge Transport role resides in the perimeter network
Not required to be part of Active Directory
Provides routing hygiene and security
Unified Messaging enables
Storage of voicemail messages in the Exchange mailbox
Flexible deployment options – co-locate or separate
Automated provisioning with Windows PowerShell scripting
Architecture Decision Points
Current
Infrastructure
• Current mobility/mobility-ready
technologies
Future Infrastructure • Future mobility needs and goals
Remote Access
• Basic remote access
requirements
Deployment
• Basic deployment planning
Application
Development
• Scope and nature of applications
• Development expertise on staff
Architecture Decision Points
Current Infrastructure
What technologies are currently implemented that offer
mobility?
What is the current network and office topology?
What are the company drivers and requirements for
mobility?
Is there a current PKI infrastructure?
If not, are there plans to implement PKI to support
anywhere access?
Is the use of a supported third-party CA under
consideration?
Architecture Decision Points
Future Infrastructure
What are the future plans for the network and office
topology?
What are the expansion expectations for the next six
months, a year, two years, and five years?
What types of anywhere access options are needed?
Does everyone need the same type?
Which specific services or resources do you want to
provide access to?
Architecture Decision Points
Remote Access
What certificate types will be required and
how will they be deployed?
Transitioning from earlier versions (Exchange Server 2003 and
2007) requires additional certificates
OWA/EAS: everything you need is
included.
Outlook: need Autodiscover DNS records
Outlook Voice Access: requires inbound
extension to Exchange Server
What other servers will have proxy access
provided by Exchange Server?
Architecture Decision Points
Deployment
What devices and device operating systems will be
supported?
Do you need to deploy any PKI assets if you’re just doing
a pilot of Lync Server 2010 deployment
What device policies will need to be configured?
Is over-the-air provisioning required?
Is there any benefit to deploying UAG/TMG 2010 now
even if your Exchange Server / unified communications
deployment is delayed?
Coordinate with network security / firewall team to
provide appropriate tunneling, server access, and server
placement.
Architecture Decision Points
Application Development
What applications do you want to enable for mobile
access?
Are they your own applications, or third-party tools?
What data types (forms, databases, etc.) does the
application need to handle?
Do you have an existing .NET Framework application that
you can extend?
Do you need mobile device access only, or Web and
desktop / mobile PC access?
What’s your corporate experience with Windows / .NET
application development?
Architecture Design Session
Solution
Briefing
Summary
Vision scope
input from
solution
briefing
Solution
Overview
Technology
Overview
VPC-based
demo
Point out
technologies
for relevant
capabilities
View the
capabilities in
action
Show various
possibilities
Discuss
technologies
Architecture
Discussion
Discuss
Architecture
Decision Points
POC
Planning
Develop scope
and
specifications
for POC
POC Planning
Sponsor Name
Project Timing
Goals and Objectives
Scope
Milestones
Risks & Dependencies
Next Steps
  
Solution
Development
Solution
Briefing
Architecture
Design
Session
Proof of
Concept
Proof of Concept
•Assemble resources from the business
side and from the IT group
•Understand business processes that are
being addressed
•Gain knowledge about technology
infrastructure
•Verify the technology roadmap
•Review the POC scope and assumptions
© 2007 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Appendix Slides…
Improvements in Service Pack 1 &
Service Pack2
Anywhere Access
Improved Outlook Web App UI
• Simplified UI better optimizes for small screens – e.g., Netbooks
• Support for calendar printing
• Support for adding inline images while composing new email
• Themes and customization support
Improved OWA Performance
• Long running operations do not block user experience
• Auto-save drafts while composing new email
Better Mobile Experience
• Conversation view experience on par with Outlook Web App
• Photos supported in Global Address List contact card
• Exchange ActiveSync (EAS) throttling support
• Information Rights Management support in EAS
• Block/Quarantine notification to mobile device via EAS
Outlook Web App (OWA) Mini A browse-only version of OWA
designed for low bandwidth and resolution devices
EAS Policies
Exchange Server Standard CAL
•
•
•
•
•
•
•
•
•
•
Allow Mobile OTA Update
Mobile OTA Update Mode
Configure message formats
(HTML or plain txt)
Include past email items
Email body truncation size
HTML email body truncation
size
Include past calendar items
(Duration)
Require manual sync while
roaming
Allow attachment download
Maximum attachment size
•
Color Key •
•
Exchange 2010 SP1
Exchange 2010 RTM
Exchange 2007 SP1
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Minimum number of complex
characters
Enable password recovery
Allow simple password
Password expiration (days)
Enforce password history
Windows file share access
Windows SharePoint access
Minimum password length
Timeout without user input
Require password
Require alphanumeric
password
Number of failed attempts
Policy refresh interval
Allow non-provisionable
devices
Exchange 2007 RTM
Exchange 2003 SP2
•
•
•
•
•
•
•
•
•
Allow IRM over EAS
Require signed SMIME
messages
Require encrypted SMIME
messages
Require signed SMIME
algorithm
Require encrypted SMIME
algorithm
Allow SMIME encrypted
algorithm negotiation
Allow SMIME SoftCerts
Device encryption
Encrypt storage card
EAS Policies
Exchange Server Enterprise CAL
•
•
•
•
Disable desktop ActiveSync
Disable removable storage
Disable camera
Disable SMS text messaging
Color Key
•
•
•
Exchange 2010 SP1
Exchange 2010 RTM
Exchange 2007 SP1
•
•
•
•
•
•
•
Disable Wi-Fi
Disable Bluetooth
Disable IrDA
Allow internet sharing from device
Allow desktop sharing from device
Exchange 2007 RTM
Exchange 2003 SP2
•
•
•
•
•
•
•
Disable POP3/IMAP4 email
Allow consumer email
Allow browser
Allow unsigned applications
Allow unsigned CABs
Application allow list
Application block list