Highlighted

Evault take over - reverse engineer/understand

I will try to make the back story as short as possible,  My former IT manager (no longer with us) installed Evault did not train anyone on it, basically it is a black hole to us.  Second our main Exchange guy did not know anything about Evault as well (no longer with us) he did not like evault so the idea was to get rid of it and look at something else.  That decision has been reversed, i have been tasked with re-evaluating all the settings and confirm everything is setup correctly or setup better as things did not work properly that is why we had the idea to get rid of it.

We are currently running EV9 we have started the process of renewing and getting the upgrade to 10. i would like to make sure everything is configured properly before the upgrade so i hope there will not be much that needs to be done after.

We have a few different policies that are setup but i think are not working one is to archive everything after 6 months the other is 12.  in stead of months the guy had years selected... kills me thinking it was not working because of the software and all along it was the guy who originally configured it...

I have been doing some reading on the EV admin guide and i see you can have EV auto add new mailboxes once they are created.  I think i would like to implement this. are there any benefits/cons in doing this?  We started restoring every ones emails back into exchange, we have like only 5 users left on evault we have stopped this process.  so my question is if i modify the default Exchange policy will it effect the remaining users on Evault?

We have users with crazy size mailboxes like 40 and 60 gigs, we would like to help exchange we would like to set a quota policy to archive emails after the mailbox gets to one gig, this would be one policy for everyone.  what are the benefits/cons in doing this? is there a better option(s)?

I am sure i have more questions but i will post them here as they arise.

 

Thanking you in advance

Rafael

1 Solution

Accepted Solutions
Highlighted
Accepted Solution!

OK for the HUGE mailboxes

OK for the HUGE mailboxes this is not going to be an easy task, i mean, really its not going to be easy just for the fact that Enterprise Vault will scan every single message to determine its eligibility before archiving it, and then will reate an order of large vs old items and then archive them in that order.

That process will take hours just to create that list and its very possible that you will run in to your backup windows when the ev services stop or go in to read only mode.

But the way typically it would work is

1. You create and configure your archiving and desktop policies
The archiving policy will dictate what type of items can be archive (IPM.Note, IPM.Appointment etc), when it can be archived (6 months or older etc), and what happens when its archived, so if to leave a shortcut, what to contain in the shortcut etc.

The desktop policy will dictate what the end users experience is like, can they manually archive themselves? well show them the EV icon for store on vault, or give them Vault Cache and Virtual Vault, as well as things such as what gets added to their Intranet Zone.

You can create as many Desktop and Archiving Policies that you want.
Typically you would normally create one for a Left The Company policy, so that anyone that has left the company you set it to archive everything at 0 days.
Another would be for regular users that would get shortcuts after a couple of months
And another might be for Remote users where you wish to give them offline access through Vault Cache and Virtual Vault.
 

2. Create your retention categories
Retention Categories are typically dicated through your legal department, who will have different policies for different types of email and usually dictated by the industry that they're in, for instance Pharmacutical companies will have different regulations that financial institutions.

Coupled with the type of storage, you may have a Centera in compliance mode or a NetApp with SnapLock , meaning you have to pick your retentions very carefully, because you may set a retention as Forever, and once it goes on a compliance device Forever means forever, so if you have a change of mind and want to put it to 7 years, that may not be possible.

Typically companies will have 1 Year, 3 Years and 7 Years for their retention, and its up to the end users to decide what type of email gets archived under what retention period. There are however third party addons that can do context based archiving and classification, so if its a certain type of email it will automatically put it in 7 years, so therefor you dont have to have the user decide

 

3. Create your provisioning groups
Provisioning Groups allow you add users or a group of users and have them enabled for Enterprise Vault with an archive, and this specifies the type of Archiving and Desktop Policy and also the default retention category.

You can only specify one of each.

You add users either individually, or based off of an OU, an LDAP query or a security group.
So you may have some AD folks that might be adding custom AD attributes that you could base an LDAP Query off of, so you may have CustomAttribute1 = Sales , and then add that LDAP query to the Sales Provisioning Group.

This Sales Provisioning Group would then give them say a remote users desktop policy to have offline access via Vault Cache and Virtual Vault and a default retention of 7 years.

You can also specify whether they will automatically enable, meaning that you don't have to manually enable them later, it just gets enabled after they've been provisioned on the next archiving schedule.

You could also have it so that if CustomAttribute1 = LeftCompany that they get added to the Left The Company provisioning group and now their archiving policy is set to archive their entire mailbox immediately.

Provisioning works on a ranking system, so if a user shows up in say 10 provisioning groups, they will only be added to the first provisioning group processed, so when you look at the groups list, what ever is listed at the top is the highest priority.

So you may have something like
1. Left The Company
2. Sales People
3. Remote Users
4. Regular Users


Although you can only have one archiving policy and retention category per user specified through the Vault Admin Console, you could use EVPM (Enterprise Vault Policy Manager) to assign them different behaviors based on their folders.

So in some companies you might find people adding retention folders , so you would tell it to create a "Vault - 1 Year" folder with a retention category of 1 Year, "Vault - 3 Years" with a 3 Year Retention category and so on so forth

You can also set entire folders to Do Not Archive, so maybe you wish to set \Inbox to DoNotArchive and have users specifically drag and drop items in to their vault folders for them to be archived.

You can also set other things such as how old items have to be to be archived, so you may have a policy that says archive after 6 months, but specific folders that are archived after 2 weeks etc

You could also use Exchange Managed Folders that set things like retention and have EV just copy the Exchange rules when it archives.

Honestly though, Enterprise Vault is a fairly large and comprehensive product, that without training can be an absolute beast to support and you've unfortunately been thrown in at the deep end with. I will say though that other products aren't all that simple either so if you were to go to another product you may just be swapping out one headache for another.

 

https://www.linkedin.com/in/alex-allen-turl-07370146

View solution in original post

7 Replies
Highlighted

  "If i modify the default

 

"If i modify the default Exchange policy will it effect the remaining users on Evault?" - Yes if all users are set to use the default policy. To see which users are affected you can right click the 'Exchnage' object in the left pane usder Site / targets and select 'display policies assigned to mailboxes'

 

Like to set a quota policy to archive emails after the mailbox gets to one gig, this would be one policy for everyone.  what are the benefits/cons in doing this? is there a better option(s)?

The benefits are that you reduce space in Exchange which is basically the point of EV. Most Customers tend to archive on age but age and quota provides more control over the mailboxes but does make it harder to understand when users are not being archived.

I would suggest that you contact Professional Services via the link below as you need to get it right and asking questions every now and then will take you forever:

http://www.symantec.com/business/support/assistance_information.jsp

For more guides and best practice etc go here:  http://www.symantec.com/docs/DOC2200

Highlighted

ride the wild wind

Hello Rafael,

You're in for a wild ride!

I agree with Percy. Try to convince whoever is in charge to get some consulting in. As you already have EV9 in place (and although not properly configured, it sounds like it is working), the configuration to get you going is not going to take much time. a thorough configuration and check will take sometime.

Do take in account that as preparation you might try to find out the following in your organisation:

General: Do you have enough storage available for indexes and data. In your example, 40GB mbx will be about 20Gb EV-data, if not more. You will get benefit from SIS, but still you require enough space. Is your SQL server configured ok. Did you arrange for backups to take place? Do you use OWA, and do you want your users to have access to the archives from OWA?

Journal Archiving: Do you want to journal in exchange, and do you want that archived? Do you have the license for that? What retention do you want on that? Do you have requirements to do research on legal archives (you might need DA for that!)

Mailarchiving: what retention? Do you allow people to delete items from the archive themselves? Do you want to use scheduled archiving only, or also manual? Do you need seperate policies (ie some users archive everything older than 30 days, other everything older than 90 days), do you also want to do quota based? do you have laptop users, and do those users need offline access to their archive? Do you want to use Virtual Vault? etc.

Please try to convince also your moneyman that EV is not an 'off the shelff' product. If you are going to manage it, you will need to go on training. It is (if you start with it) difficult to understand, because there is so much to learn. Training is 5 days, but then at least you know what you are doing.

Good luck! Please do not hesitate to post more questions if needed!

Regards. Gertjan
Highlighted
Accepted Solution!

OK for the HUGE mailboxes

OK for the HUGE mailboxes this is not going to be an easy task, i mean, really its not going to be easy just for the fact that Enterprise Vault will scan every single message to determine its eligibility before archiving it, and then will reate an order of large vs old items and then archive them in that order.

That process will take hours just to create that list and its very possible that you will run in to your backup windows when the ev services stop or go in to read only mode.

But the way typically it would work is

1. You create and configure your archiving and desktop policies
The archiving policy will dictate what type of items can be archive (IPM.Note, IPM.Appointment etc), when it can be archived (6 months or older etc), and what happens when its archived, so if to leave a shortcut, what to contain in the shortcut etc.

The desktop policy will dictate what the end users experience is like, can they manually archive themselves? well show them the EV icon for store on vault, or give them Vault Cache and Virtual Vault, as well as things such as what gets added to their Intranet Zone.

You can create as many Desktop and Archiving Policies that you want.
Typically you would normally create one for a Left The Company policy, so that anyone that has left the company you set it to archive everything at 0 days.
Another would be for regular users that would get shortcuts after a couple of months
And another might be for Remote users where you wish to give them offline access through Vault Cache and Virtual Vault.
 

2. Create your retention categories
Retention Categories are typically dicated through your legal department, who will have different policies for different types of email and usually dictated by the industry that they're in, for instance Pharmacutical companies will have different regulations that financial institutions.

Coupled with the type of storage, you may have a Centera in compliance mode or a NetApp with SnapLock , meaning you have to pick your retentions very carefully, because you may set a retention as Forever, and once it goes on a compliance device Forever means forever, so if you have a change of mind and want to put it to 7 years, that may not be possible.

Typically companies will have 1 Year, 3 Years and 7 Years for their retention, and its up to the end users to decide what type of email gets archived under what retention period. There are however third party addons that can do context based archiving and classification, so if its a certain type of email it will automatically put it in 7 years, so therefor you dont have to have the user decide

 

3. Create your provisioning groups
Provisioning Groups allow you add users or a group of users and have them enabled for Enterprise Vault with an archive, and this specifies the type of Archiving and Desktop Policy and also the default retention category.

You can only specify one of each.

You add users either individually, or based off of an OU, an LDAP query or a security group.
So you may have some AD folks that might be adding custom AD attributes that you could base an LDAP Query off of, so you may have CustomAttribute1 = Sales , and then add that LDAP query to the Sales Provisioning Group.

This Sales Provisioning Group would then give them say a remote users desktop policy to have offline access via Vault Cache and Virtual Vault and a default retention of 7 years.

You can also specify whether they will automatically enable, meaning that you don't have to manually enable them later, it just gets enabled after they've been provisioned on the next archiving schedule.

You could also have it so that if CustomAttribute1 = LeftCompany that they get added to the Left The Company provisioning group and now their archiving policy is set to archive their entire mailbox immediately.

Provisioning works on a ranking system, so if a user shows up in say 10 provisioning groups, they will only be added to the first provisioning group processed, so when you look at the groups list, what ever is listed at the top is the highest priority.

So you may have something like
1. Left The Company
2. Sales People
3. Remote Users
4. Regular Users


Although you can only have one archiving policy and retention category per user specified through the Vault Admin Console, you could use EVPM (Enterprise Vault Policy Manager) to assign them different behaviors based on their folders.

So in some companies you might find people adding retention folders , so you would tell it to create a "Vault - 1 Year" folder with a retention category of 1 Year, "Vault - 3 Years" with a 3 Year Retention category and so on so forth

You can also set entire folders to Do Not Archive, so maybe you wish to set \Inbox to DoNotArchive and have users specifically drag and drop items in to their vault folders for them to be archived.

You can also set other things such as how old items have to be to be archived, so you may have a policy that says archive after 6 months, but specific folders that are archived after 2 weeks etc

You could also use Exchange Managed Folders that set things like retention and have EV just copy the Exchange rules when it archives.

Honestly though, Enterprise Vault is a fairly large and comprehensive product, that without training can be an absolute beast to support and you've unfortunately been thrown in at the deep end with. I will say though that other products aren't all that simple either so if you were to go to another product you may just be swapping out one headache for another.

 

https://www.linkedin.com/in/alex-allen-turl-07370146

View solution in original post

Highlighted

Thanks!

Thanks for the feed back! Smiley Happy Yeah I usually get dropped into the deep end of the pool, but like usual i end up getting everything worked out. Smiley Happy

For the most part i think all the SQL and drive space calculations are correct?  at least i think that was planned correctly?

We are a law firm so no one likes to delete anything hence the large mailboxes.  Great idea on the different policies, i did not think about a former employees policy.

i sure will look into getting some consulting services to review the configurations.

Again thanks for all the feed back.

Rafael

Highlighted

Percy, Gertjan, JW2... thanks

Percy, Gertjan, JW2... thanks for rolling out the red carpet, providing great info and helping Rafael out!

Highlighted

oh and one other suggestion,

oh and one other suggestion, if you can't get training or what not, see if they will spring for a box that you could host VMWare on.

For instance i just ordered an 8 core machine with 32GB memory, 2x256GB SSD drives (in a RAID0) etc for $1600, and with that you can have your own environment, a few EV Servers, a couple of exchange servers, a test client like XP or Win7 etc, and then you can test out how things work without having to use production to test.

Also that kind of machine will easily be able to run an EV10 environment where the minimum specs are Win2k8 R2 x64 with 8GB memory etc

https://www.linkedin.com/in/alex-allen-turl-07370146
Highlighted

yw.

At least this is not a 'dead bird' devil

Regards. Gertjan