The Office 365 component parts were first released two years ago. It was an effort to stem the tide of Google Apps and other Web-hosted alternatives to Microsoft’s on-premises and privately hosted Exchange and SharePoint products. They were simplified versions of their perpetually licensed namesakes: designed to run in Microsoft’s Azure cloud service, based on the same core technology, but substantially different in terms of how they were managed and deployed.Today, Microsoft flips the switch on the latest generation of its Office 365 Enterprise hosted collaboration service. At the same time, Microsoft will release for purchase the software products that make up Office 365—Office 2013 Professional, Exchange 2013, SharePoint 2013, and Lync 2013.
Combined with Web versions of Office applications, Office 365 has been both more and less than its Google Apps competition. It blends perfectly with Microsoft’s desktop Office tools and even comes with Office 2013 Pro Plus licenses in its $20-a-month “Plan E3” form. But Office 365’s strengths are less impressive when you look at how it trails Google’s live collaboration and social features. For full disclosure, Ars is an Office 365 shop—but we use Google Docs, GTalk, and a number of other Google Apps tools to fill in gaps we perceive in Office 365.
That may change with the latest incarnation of Office 365 and the Exchange and SharePoint platforms. The differences between Microsoft’s hosted versions of Exchange and SharePoint and the on-premises counterparts have virtually disappeared. Office 365 has gained some real enterprise-strength management features like data loss prevention and e-discovery (at least in its premium plans). And the on-premises versions of the core of Office 365—Exchange Server 2013, SharePoint 2013, and Lync Server 2013 (which will be reviewed separately by Peter Bright)—have all been tweaked for better use in a virtualized world. Regardless of whether you buy a perpetual license and install Exchange and SharePoint on a server in your LAN closet or data center, set up a hosted mail service with a service provider, or subscribe to Office 365 Enterprise, you'll have essentially the same set of administrative tools and the same user and administrative experience.
But perhaps most importantly, the latest versions of the Exchange and SharePoint platforms strike an important balance. The IT department has the power to tightly manage how information flows into, out of, and through an organization, but the platforms also give users the ability to wing it. The new Office 365, Exchange, and SharePoint allows users to collaborate socially, to build ad-hoc solutions, and to self-provision new features and applications through both public and private “app stores” (depending on how much leash the company wants to give them).
We set out to determine just how well the new service and servers strike this balance. We tested on a local installation of Exchange and SharePoint, then used an Office 365 implementation of the same services among Ars colleagues—as well as a known bad actor we’ll call Packetrat, who was out to break the rules.
Exchange 2013 and Exchange Online
There are a number of things Exchange 2013 changes from the user perspective, both for on-premise and in Office 2013. Even if you’re not using Outlook 2013 as your mail client, there are elements of Exchange that will change how you interact with your inbox—even how you think of an inbox.
Most of what users will notice is centered on what shows up in their mailboxes. Now, it’s not just mail. Exchange 2013 and Exchange Online offer more than shared folders and SharePoint integration; there’s a whole new model for in-mailbox applications hosted on the Exchange server.
The Suggested Meeting app in Outlook finds a time in an e-mail and suggests a calendar entry automatically.
Called “Apps for Outlook,” these HTML and JavaScript based applets are exposed within e-mail messages in the Outlook 2013 client as well as the new Outlook Web Access Web client. The apps detect content patterns in e-mail messages and other content, then retrieve data from Web services based on that data. Exchange comes with three installed by default—a Bing Maps tool, an “action items” finder that flags e-mails for follow-up, and an appointment suggestion applet. Each of these looks for content patterns in messages (addresses for maps, dates and times for appointments) to generate their content. A number of other applications are already available through Microsoft’s Office website, including ones that tie in services such as LinkedIn and Twitter.
The Bing Maps application, in Outlook Web Access, finds an address and offers to show you where it is.
Which apps show up in Outlook are determined by the Exchange administrator, but there is a growing collection of free and paid applications available through the Office website (directly accessible through the administrative interface). And internal developers can build their own apps for deployment through Exchange as well, adding them either by pulling them in as a file or pointing to their URL. Developers can build mailbox apps using Microsoft’s “Napa” Web-based developer tool for Office 365 and then share its URL to be used on any Exchange server. Once an application is added, it’s available to everyone as an option unless it’s disabled. If desired, apps can be made mandatory as well.
Office.com's Apps for Outlook app store includes apps for Twitter, LinkedIn, and other services.
There’s also more integration with SharePoint through a new feature called Site Mailboxes. You can configure a mailbox that’s associated with a specific SharePoint “team page” or other collection within the collaboration server. That mailbox includes an e-mail address that people can send messages to as well as access to the documents in the site’s library. (Those documents are accessible directly from within the Outlook client, though not through Outlook Web Access). Lync Server 2013 also integrates into the Exchange mailbox. It can archive chat sessions in the mailbox store and store Lync contacts there as well.
A view of a SharePoint Team site mailbox, with its shared documents, in Outlook.
The other changes in Exchange may be subtler to users, but they’ll be immediately apparent to administrators. If you’re installing Exchange 2013 locally, the first thing administrators will notice is what's gone: the Exchange Management Console and Exchange Control Panel management interfaces. They’ve been replaced by Exchange Administration Center (EAC), a Web-based administrative console shared across all the versions of the Exchange platform. This is the same interface administrators use for Exchange Online, the cloud tenant version offered on its own or as part of Office 365.
The Exchange Admin Center, the new Web-based console for managing Exchange 2013 and Exchange Online.
There's still support for PowerShell-based administration commandlets (both for on-site and Online versions of Exchange), so automated provisioning and scripted administration of Exchange servers is as powerful, so to speak, as ever. But as far as day-to-day administrative tasks go, it's all done from a browser. This is the case regardless of whether your Exchange server is under your desk, in a rack in your own data center, running as a hosted instance with a service provider, or a tenant in the Office 365 cloud.
EAC also integrates management across both on-premises and hosted services for companies that opt for a “hybrid” Exchange deployment, allowing administrators to move from Enterprise to Office 365 tenant management with a single click in the header.
An EAC console administering both an on-premises Exchange 2013 Enterprise install and an Office 365 tenant allows navigation from local to cloud with a click on the tab.
Another thing missing from the new Exchange is support for older versions of the Outlook client. Exchange 2013 requires its Outlook clients support auto-discovery of the server; this is in part to help streamline cloud deployments of Exchange. Clients also have to support “Outlook Anywhere” access—remote procedure calls via HTTP—to connect to Exchange 2013 instead of using TCP-based RPCs as in older versions of Exchange. In theory, it’s a good thing—unless you have clients still running Outlook 2003.
Those changes are in part because of a major architectural shift in Exchange. Functionality used to be split across multiple server elements to allow for better scaling out of Exchange. Now it's been consolidated into two components: the Mailbox server and the Client Access server. The Mailbox server handles all of the heavy lifting, including the mailbox database, mail transport services, and unified messaging and client access protocols. The Client Access server role, on the other hand, is lightweight. It's intended to act as a proxy and allow for load-balancing of connections. It also handles incoming requests from HTTP, POP, IMAP and SMTP.
The result is that it’s a lot simpler to deploy Exchange in larger organizations. Servers no longer need to have a fully qualified domain name for clients to connect to them; you can have load-balancers pass connections to whichever Client Access server is available. There’s less need for configuring namespaces for different services; whole rafts of Client Access servers can be hidden behind a small number of host names.
EAC might seem like a downgrade for some administrators. There were a number of things you could do from the MMC-based Management Console that you now have to rely on PowerShell to do. But the EAC is an upgrade for those already using Office 365, with more administrative and reporting features exposed. Two of those features are compliance and policy management tools new to Exchange as well. However, they’re exclusive to the Enterprise version of the on-premises server and the enterprise-level plans of Office 365: data loss protection and e-discovery.
Exchange had data retention policies for some time. But the new e-discovery features make it a lot easier to find content in mailboxes—or in Lync instant messages or SharePoint sites—that needs to be held and prevent it from being deleted. All you need is the right query to find it. SharePoint 2013 also has its own e-discovery capability for content not explicitly connected to Exchange.
Exchanges’ e-discovery tools allow for “in-place” preservation of content that matches up with a specific keyword within a group of mailboxes—usually someone working on a specific team requiring regulatory oversight. The e-discovery tool allows any matching e-mail or other messages (including voicemails and other content stored in the Mailbox server) to be retained either indefinitely or for a set period of time based on the needs of the company
A quick test—the tale of Packetrat
Let’s say we’re tracking a project called "Credit Advisory Group." The e-discovery administrator is asked to set up an in-place e-discovery search checking the mailboxes of those involved in the project for the keyword “credit," then holding them for 90 days. You can designate someone as specifically being an e-discovery administrator, or this can be passed off to a legal department if you’ve got one.
Setting up an e-discovery policy in Exchange 2013 is as easy as creating a search query.
Any administrator given e-discovery rights can create a new in-place e-Discovery query, starting with its description.
You can perform an all-encompassing "in-place e-discovery," but to perform an actual hold on content, you need to specify user and asset mailboxes to search.
You can also narrow e-discovery searches by keywords, date ranges, addressees, and types of messages—including shared documents, Lync chats, and scheduled meetings.
Now, the admin previews the results, which are opened in Outlook Web Access. And they discover something unexpected: an employee has been sending e-mails filled with credit card numbers.
Fortunately, another wrinkle in Exchange's new policy enforcement capabilities is data loss prevention. The enterprise versions of Exchange 2013 and Exchange Online come out of the box with a set of templates to enforce compliance with common policies and regulations, such as preventing the leaking of personal identifying information via e-mail. You can also create custom DLP rules based on search strings or common patterns for information and then scale the response from a simple warning that the user can override to completely blocking the message and reporting it to the appropriate person in the company.
The Data Loss Prevention feature of Exchange 2013 and Exchange Online comes with a number of ready-made pattern recognition templates you can build policies around.
You can create rules based on the templates, and you can add your own customized rules based on your organization's policies.
Here, our bad actor has his message blocked from being sent out of the organization by a PCI rule.
The offending message has been sent to his boss to raise the alarm about a violated policy.
These features will make cloud-based e-mail somewhat more palatable for more regulated or secretive companies. There are a few minor setbacks for the truly paranoid, however: Outlook Web Access in Exchange 2013 no longer supports S/MIME encrypted content, for example. But on the whole, there's a lot more security capability out of the box for Exchange (and particularly Exchange Online) in this incarnation of the platform.
SharePoint 2013 and SharePoint Online
SharePoint has been many things to many people over its lifecycle. It started off as sort of a knowledge and document management solution, then picked up aspects of Web server, Wiki, and blogging tools over the past few iterations. Now, Microsoft has turned it into something closer to a social networking tool by adding features that seem plucked from the corporate social networking service Yammer (which Microsoft acquired last summer).
Out with the old...
The SharePoint Web service has been given a significant makeover to make it more Windows 8-like, with bright colors and lots of touch-friendly whitespace on its pages. And there are also more ad-hoc collaboration capabilities thrown onto SharePoint for good measure, such as the integration of the OneNote note collecting and organizing application into SharePoint’s “team sites” or the deeper integration with Exchange and Outlook.
Office 2013 also turns SharePoint into a corporate SkyDrive, allowing users to directly synchronize folders from their desktop to a personal storage space on the SharePoint service or to a team document library—or both. The team sites can be used as collaborative file stores by team members like a network file share—except that retention policies can be applied to the contents of the shared SkyDrive-esque folder, and the contents can be searched for e-discovery.
The social features of SharePoint sound like they were lifted from Twitter and Facebook. At the top right corner of every SharePoint page, there are buttons to share and follow it. Sharing allows users to invite others to view or contribute to a page, creating an ad-hoc collaboration around it. Following a page means you get alerts about changes in its status; you can also “follow” people’s activities, specific subject tags, or individual documents. You can even tag pages or documents to associate them with topics; those tags can then be used for search and to drive cross-site publishing of content.
There’s also the Newsfeed app within SharePoint, a “micro-blogging” feature allowing you to post in Twitter-like short format about activities and documents you’re working on. You can broadcast these to everyone via SharePoint’s general Newsfeed page or limit them to a more select audience by posting Newsfeed entries on team pages and other sites within SharePoint set up with the feature. You can also mention other users of the site with an @ in front of their name, and SharePoint alerts them of the mentions.
SharePoint 2010 already had user profile pages and personal home pages. But now the profile pages have taken on a much more Facebook-like nature. Also from the Facebook side of the social metaphor, SharePoint borrowed the concept of “liking.” You can use a like to approve of a comment or answer to a question on a Community site, a new construct in SharePoint that has aspects of a Facebook group page or the Quora question-blogging site. The Community site tracks the level of participation of users, and it allows you to award them badges based on how useful their contributions are.
The big difference, of course, between Community sites and other social media is that companies can apply retention policies to them to ensure they’re in line with corporate governance requirements. And everything in SharePoint can be trolled for e-discovery through SharePoint’s new eDiscovery Center site template, which allows content to be held in place and shared with legal teams through a secured SharePoint site.
The SharePoint Team site has also gotten a tune-up. As mentioned earlier, project sites can be directly integrated into Exchange through a site mailbox; a shared calendar for a project team is also created and automatically added to team members’ Outlook calendar lists. Team sites can be customized with Web "parts" from other site templates, such as the project management lists shown here:
A brand new SharePoint 2013 team site, waiting to be customized.
There are a number of underlying architectural changes and additions that make SharePoint 2013 an increasingly interesting development platform. Like Exchange, SharePoint 2013 has its own app store now for Web service plugins, and you can develop a whole new class of SharePoint applications using Microsoft’s Web-based ”Napa” developer tools based on CSS3, HTML, and JavaScript. Really, you can develop from any other platform using open Web standards if it can leverage the same hooks. There’s also support for Open Data (OData) provider connections through SharePoint’s Business Connectivity Services (BCS), which can be used to create dashboards and reports pulled from live data.
You can configure OData sources in SharePoint's Business Connectivity Services to feed structured data from lots of sources, (including, apparently, Netflix).
But perhaps the most interesting development tool for ad-hoc app creation related to SharePoint is Access 2013. The database tool, long a favorite of those hoping to end-run around long enterprise app development queues, now offers the ability to publish Web applications to SharePoint and the Azure cloud service. For a small organization looking to create a simple shared database application for a product catalog, project management, or similar non-transactional tasks—and possibly even some transactional ones—the addition of Access app publishing makes SharePoint a much more attractive part of Office 365 for small and midsized businesses.
The Next Generation
There are some eggs broken with this re-imagining of Exchange and SharePoint that some organizations may miss, especially trailing-edge late adopters who still have copies of Outlook 2003 in circulation. And taking full advantage of Exchange and SharePoint 2013 means adopting Office 2013. That’s assumed with the Office 365 full premium plan, since it comes with subscription licenses for the desktop suite as part of its price tag.
As a result, some may hang back a bit longer on older versions of the products. But the changes are a net positive for most organizations, especially smaller ones looking for a way to straddle between the server onsite and cloud services. And while the subscription model of Office 365 may not make a lot of sense for many consumers, it's perfectly logical for small and mid-sized organizations that don’t fit into Microsoft’s volume licensing model.
It’s clear the real mission of Exchange and SharePoint 2013 is to pull Microsoft’s existing customers closer to the cloud precipice, providing them with a smooth path toward either migrating to Office 365 or some other hosting arrangement with the Online products (maybe even creating their own private clouds). When taken in combination with Lync, they reveal Microsoft’s long-term vision of creating a business version of the Outlook.com/SkyDrive/Skype consumer cloud services—offering businesses all the applications and communication they need for a monthly fee per user that isn’t too far removed from their existing phone bill. The goal is turning IT into a utility not far removed from former Sun CEO’ Scott McNealy’s vision of “application dial tone.”
Microsoft is no stranger to the power of bypassing IT—it was a strategy that made the Office platform so dominant in the workplace and then in turn in the consumer market. Tools like Excel, Access, and even Word gave power users the ability to bypass corporate IT to solve problems. This paved the way to world domination for Microsoft’s server platforms—Exchange, SQL Server, and SharePoint—in the process. The problem is that Google and others are moving just as fast, and in some respects have out-Microsofted Microsoft in the game of bypassing IT and following the Pareto principal (delivering 80 percent of the results for 20 percent of the cost). While there’s definitely value in the latest versions of Microsoft’s collaboration platforms, the question is whether they’re worth spending nearly twice as much for.
However this proved to be quite inadequate as the volume of
ReplyDeletemedical records of patients are safe and there are
additional backups created to help keep them data access compliance unit
safe even in an emergency. NYSE: MRK, Bristol-Myers Squibb Company Research ReportOn June 3, 2013,
Keryx Biopharmaceuticals, Inc. No liability is accepted by Equity News Network.
Here is my web blog ... hipaa monitoring
Pretty section of content. I just stumbled upon your website and in accession capital to assert that I
ReplyDeleteget in fact enjoyed account your blog posts.
Anyway I'll be subscribing to your feeds and even I achievement you access consistently
rapidly.