Arm yourself for battle against an email virus outbreak

The onslaught of ransomware and devious social engineering efforts means it’s only a matter of time before your organization is hit with a major email virus outbreak.

Administrators should prepare on-premises Exchange — and themselves — to quickly stem the bleeding when that malware lands in a user’s inbox. And while the techniques to protect on-premises Exchange Server aren’t new, they are important steps to reduce the effects of an attack. Even if the antivirus scanner fails to detect the threat, there are ways to isolate affected mailboxes, slow the proliferation and even stop the spread of a virus. Have procedures, processes and scripts in place to fight off an email virus outbreak before trouble starts.

The risk chart also indicates the appropriate response based on the severity and distribution of the threat. For example, a widespread distribution of the destructive Locky ransomware warrants a far greater response than when the Tinba malware hits a single mailbox. Use this chart as a baseline to assemble a threat-response plan.

Follow this link to get the processes and scripts you can use to help slow down the attack.

Prevent Extended Exchange Outages

Small problems can turn into large ones in Exchange environments that aren’t regularly monitored, causing the system to deteriorate quickly to the point of outage or even total failure.

There are a few areas to watch to prevent outages in single-sever Exchange environments and large enterprises with multiple servers. Here are three of the most common causes of extended Exchange outages.

Failed/Incomplete Disaster Recovery Plan

A failed recovery is the most common cause of extended Exchange outages. It may sound like circular logic, but if the Exchange environment is down for multiple days, the root cause of the failure is no longer relevant. Don’t let indecision and untested processes fuel a crisis. Every Exchange shop needs to have a detailed plan to recover each of the following: single mailbox, single database, single server and the entire environment.

While there are a number of third-party products that handle disaster recovery, tools and processes included with Microsoft Exchange and Windows Server are good options because Microsoft offers support and documentation for different disaster scenarios. Microsoft provides guidance on how to restore the following — a single mailbox from a database backup, an Exchange Server, a DAG Member Server and dial tone portability, which can solve failures of a mailbox database, server or entire site.

Use these procedures regularly to understand the process and test backups. The processes to restore a database and a single mailbox are not invasive; administrators can perform these procedures on live servers. It’s best to perform these on weekends and after hours to minimize the potential effect on end users.

For the rest of the article, please follow this link to my complete article at Tech Target.

 

Reconnected!

Recognition is always appreciated and last month Microsoft honored me by including me in the MVP Reconnect Program. Its a privilege to be included in the group once more and to be reconnected with so many brilliant and talented people again.

dsc00051

20 Years of Exchange

It was an honor and privilege to be included in a small gathering last night celebrating the 20thdsc00024 Anniversary of Microsoft Exchange. The product group, MVPs and the writers/Rock-Stars were all there to commemorate the landmark achievement.

There were folks in that room who gave me opportunities many years ago to publish articles and chapters in books. Because of their trust and support I was able to branch off and write many more articles, to speak at events and to expand my own horizons within the field. In fact as I looked around the room and shook hands I was humbled by the realization of how many of them have helped me over the years.

This event was not about strategizing the future of email, our careers or even the future of Exchange. This gathering was a pure trip down memory lane and an opportunity for us to reacquaint and reconnect. I don’t know if there will be another version of Exchange but I will continue to help the Exchange community as we continue our migration into the cloud.

Office 365 eDiscovery bolsters an admin’s compliance arsenal

Many organizations contemplating a move to Office 365 have major concerns about security and compliance. Some may even abandon plans to move to the cloud because of compliance worries. Many of the legal and regulatory tasks administrators perform with on-premises Exchange Server can now be replicated with the updated Office 365 eDiscovery tool and other compliance utilities.

Microsoft recently shifted the location of Exchange management tools, and it put most of the retention and compliance utilities in the Office 365 Security & Compliance Center. In fact, the Office 365 eDiscovery feature has more power and versatility than similar tools in on-premises Exchange Server 2013 and 2016, and the Office 365 Exchange administrator console.

Last week, TechTarget published my entire article with walk-throughs, screenshots and lost of details. Follow this link for more details: Office 365 eDiscovery

Exchange 2016 upgrade considerations

For more detailed explanations, scripts and recommendations please follow this link to my article on TechTarget.

It’s tough to leave a good thing. Let’s face it: Exchange 2010 was a solid release. Not only did it bring native support for public folders but it also had direct Remote Procedure Call connections with the option of HTTPS, built-in antispam tools and great third-party support for just about anything we wanted — fax, antivirus and even BlackBerry Enterprise Services.

Unfortunately, Exchange 2010 and the organizations that depend on it are on borrowed time. Microsoft ended mainstream support in early 2015 and extended support is not an option for most of us, so it’s time to start planning an upgrade.

There are well-known compatibility and migration issues that can be solved in advance. With good preparation and planning, Exchange administrators can make the upgrade to Exchange 2013 or 2016 practically invisible to end users. If you follow my list of top five items to handle, then the switch should be fairly painless.

5. Load balancing

Load balancing is not an issue for smaller shops but there are specific differences between Exchange 2010 and later versions that need attention, depending on whether you use F5, NetScaler, or some other hardware or software options.

4. DNS namespaces and certificate planning

What we are really talking about is the names used for Outlook Anywhere (OA), Outlook Web App (OWA), Exchange Control Panel (ECP), ActiveSync (AS), EWS, Offline Address Book (OAB) and Autodiscover. It sounds like a lot but most administrators combine the namespaces for many of these.

3. Third-party compatibility

An organization that relies heavily on a particular add-on should talk to its vendor as soon as possible to see if it can offer a transition plan. Vendors that provide fax, compliance, e-discovery, mobile synchronization or security services, antivirus, backup and recovery, unified messaging and other services do not always have a clear path to newer versions of Exchange.

2. Exchange public folders

I have rated public folders so high because I have seen companies struggle with the transition work in this area for more than a year and severely delay the move from Exchange 2010. The process of moving the folders is cumbersome but even more difficult is the effort needed to identify and determine if a folder and its contents can be removed instead of migrated.

1. Exchange clients

Client software gets top billing in this list. Exchange 2013 and 2016 do not support direct RPC connections for MAPI so you will have to use Outlook 2007 or newer. Also, make sure the Outlook clients are patched.

This is the short list from the entire article but hopefully it helps you with your planning.

Exchange Costs : Cloud vs. On-Prem

Moving your Exchange services to Office 365 seems to be a fairly simple decision for smaller companies; it just makes sense. Most of my larger customers however remain on-prem due to security concerns and higher estimated costs. In addition, there are often political challenges in eliminating local servers and eliminating jobs within IT departments and sometimes irrational fears of a global cloud shutdown or problem. (Blackberry/RIM problems come to mind.)

The slower adoption rate of Office 365 for larger entities is a huge topic and I would need some help in covering that completely, but I did find an interesting article today with price comparisons for small shops. It’s the first time I have seen calculations and a nice chart that shows the costs between the two options for various small company sizes. This article suggests that the price advantage with Office 365 starts to wither once you reach 1,000 mailboxes.

Anyway, check it out.

Comparing Cost for Exchange Online to On Premise for Small to Midsized Businesses