Exchange Server 2010 Information Protection and Control (06-29-09) Questions and Answers Log

On June 29, 2009, I delivered a 60 minute webcast on Exchange Server 2010 Information Protection and Control.  Since I could not answer Questions and deliver the content at the same time, I captured the Q&A Log after the Webcast and answered the questions offline.  Below is the entire Log with Answers.

If I missed anything, please let me know.  Thanks.

Harold Wong

Exchange 2010 Information Protection and Control (June 29, 2009) Questions and Answers Log

Question: How flexible and dependable are these outlook protection/encryption procedures in terms of ease-of-use and ease-of-adaption for business communication?

Answer: I guess it depends on your definition of flexible. For internal communications, I believe this feature is quite easy to use. It is just a matter of educating the users and having them adopt it. At the same time, there is no technology solution that is going to be 100% fool proof. For example, if you sent me an email and protected it such that I cannot forward, print or copy from the email, I can still retype your email into a Word document or take a photo using my camera. I can also let the opposing attorney look over my shoulder to read the email.

Question: Which of the features shown today for Exchange 2010 are only possible with Outlook 2010 versus Outlook 2007?

Answer: Since Exchange Server 2010 hasn’t released yet, it is hard to say with certainty. The only one I am aware of currently that Outlook 2007 does not support is Mailtips. The other items that are associated with Transport Rules are server side so it doesn’t matter what version of Outlook is being used. The ability to apply RMS Permissions is also available in Outlook 2007.

Question: Is RMS and the protection it offers standard (i.e., out of the box available) or is it an additional license fee/server license? Is there any additional client costs? Does it integrate into any other IRM solutions such as EMC or IBM?

Answer: Licensing related items have not been decided yet. This decision will be made closer to shipping time. Rights Management Services is not an Exchange component, but a Windows Server component: https://www.microsoft.com/windowsserver2003/evaluation/overview/technologies/rmenterprise.mspx. Information Rights Management (IRM) is the ability to use RMS to set permissions on a document or a section within a document (such as Word, Excel or email). Exchange Server 2010 can interact with the RMS server on behalf of the user (using the user’s credentials) to unencrypt the message so the user will have ready access to the email upon accessing their mailbox.

Question: Does RMS with Firefox work if the client is running on Liniux?

Answer: For Exchange 2010 and OWA 2010, Yes.

Question: If you restrict the email message and this email goes to external source, would the recipient have to be using Exchange 2007 or greater for those restrictions to be maintained? In other words, they couldn't be using another platform such as Lotus Notes for the restrictions to be maintained, right?

Answer: No, the external recipient does not have to be using Exchange. They would have to be able to query the RMS server that is maintaining the credentials.

Question: can you set transport rule for public folders on Exchange 2010?

Answer: Transport Rules only apply to messages that are handled by the Hub Transport Server role. When a user posts something directly to the Public Folders, they are not using the HT, but going directly to the Mailbox Server that hosts the Public Folder Database. With this in mind, the Transport Rules do not directly apply to Public Folders.

Question: What is the cap on the amount of rules?

Answer: I don’t know that there is a cap on the amount of Transport Rules that can be created. I remember hearing a recommendation of limiting to 1000 rules (not a hard limit). Keep in mind that these rules are stored in AD and also cached by the Hub Transport Servers.

Question: Will Exchange 2010 be available for Microsoft Small Business Server and, if so, when?

Answer: That is a decision the Small Business Server team will need to make. In my opinion (This is 100% my opinion), I would think Exchange Server 2010 will be incorporated into the next release of SBS.

Question: Do you need to use Transport Rule to set RMS to a voice mail?

Answer: Yes, you do.

Question: Where we could download Office 2010 (Outlook 2010) ? thanks

Answer: I am not sure what the specific time frame is for Office 2010 to go into a public Beta, but the public announcement said third quarter of 2009. I can only speculate at this time, but would rather be safe and just ask you to keep your ears open for announcements on that.

Question: B2B RMS - can the federation being implemented with an in-house federation gateway? For example, a company that wants to use B2B RMS between departments of the company without access to the Internet by the Exchange servers.

Answer: If the two departments are within the same company, there is no reason to use B2B Federation. Both departments would have access to the internal RMS servers and therefore there should be no issue with having to go to the Internet or through a federation gateway.

Question: do mailtips work in owa, and outlook 2003?

Answer: Mailtips do work in Exchange 2010 OWA. It is not available for Outlook 2003 though.

Question: I missed the start, is there an expected release date for Exchange 2010?

Answer: The official announcement (https://www.microsoft.com/presspass/press/2009/apr09/04-15Exchange2010PR.mspx) states the second half of calendar year 2009.

Question: Is the Oversized message mailtip intelligent for internal VS external mail? We allow 15meg internal and 10 meg external.

Answer: MailTips doesn’t look at connector size limits. It’s impossible to know for sure which connectors a message will travel over, so MailTips only looks at the limits configured for the sender and the recipients. Also, we can’t differentiate between Internal versus External message size limits for the sender.

Question: Can E2010 export public folder as PST via command shell? Thanks.

Answer: No, it cannot.

Question: I noted the signature can use HTML. Can you use this to include a company logo image?

Answer: Yes, you can.

Question: how can i insert company logo?

Answer: By using HTML.

Question: Can you embed images in the html signatures?

Answer: Yes, you can.

Question: Great presentation Harold! You were making the autosig blocks, and whipped out various attributes. Is there going to be a listing of what all the attributes are in the documentation?

Answer: Thank you! I haven’t seen the documentation for this piece yet, but I would have to assume that we will list most of the key ones (if not all of them). I was just using AD Attributes so it really isn’t that difficult.

Question: How do you do the signature for multiple users

Answer: In my demo, I referenced AD Attributes by variables so if I had applied the rule to everyone, the Signature would have been customized for each user – in other words, every user would have had their own signature with their own name, title and phone.

Question: I can't believe what I have seen just now.... how do you think non-technical end-users will deal with this mashup of pop-up blocking and approval procedures...?

Answer: The Mailtips may be a surprise initially, but just like the Outlook cache, I’m quite confident the end user will come to depend on this feature. In terms of Moderated emails, it really isn’t that difficult as the moderator is given very specific information on how to approve or reject the email. If the organization does not find this useful, they don’t need to use this feature.

Question: please outline the system level requirements for the RMS implementation.

Answer: From an Exchange perspective, there isn’t anything special that is required other than a deployment of Exchange Server 2010 and enabling the feature from an Exchange Administrative perspective. To configure RMS itself, you need to configure it on Windows Server 2003 or 2008. Here’s an article for Windows Server 2003: https://www.microsoft.com/windowsserver2003/evaluation/overview/technologies/rmenterprise.mspx.

Question: What impact on performance and mail size (increase in size of each mail) when html disclaimer is enabled? Also we we have an option to choose the Font Type and Size?

Answer: The size of the email will depend on what you put into the HTML disclaimer. Using HTML, you can indeed choose the Font Type and Size.

Question: Can we add disclaimers on messages going between internal mailboxes?

Answer: Yes, you can.

Question: Funny that on an Information protection presentation that we learned that "Microsoft reported looking to sell Raz....."

Answered: Luckily for me, that was an email referencing a public article that was reported here: https://www.reuters.com/article/technologyNews/idUSTRE55S08L20090629.

Question: Will an archived verison of this broadcast be available?

Answered: Yes, you should receive an email within a few days with links.

Question: how do we get on the beta for outlook 2010, so we can test this with the beta of exchange 2010

Answered: I am not sure what the specific time frame is for Office 2010 to go into a public Beta, but the public announcement said third quarter of 2009. I can only speculate at this time, but would rather be safe and just ask you to keep your ears open for announcements on that.