1. build from pilot to deployment, layer features and integrations full office 365 user experience...
TRANSCRIPT
Office 365 DeploymentFastTrack OverviewJeff MedfordSr. Technical Product ManagerMicrosoft
1
Build from Pilot to Deployment, layer features and integrations
Full Office 365 User Experience with minimal on-premises requirements
Time to value vs. effort invested
Identity options:
cloud IDs, synchronized IDs and federated IDs
John
Benefits of Office 365 FastTrack
Exchange, SharePoint & Lync Online, Office ProPlus, WA Active Directory
Experience Value EarlyNew Cloud Experience
Real World BenefitsBroad Production Use
Full Feature ValueMeet your needs
Deploy Enhance Pilot1 2 3
Optional integrationExtend in weeksMeet business needsCustomized to landscape
Core onboardingDeploy in daysCompanywide cloud useIT led migration
Full Office 365 servicePilot in hoursPersist to deploymentUser led migration
First use in hours, Onboarding in daysExchange, SharePoint, Lync, Office 365 ProPlus, WA Active Directory
Pilot complete
Deploy Complete
WhatOffice 365 ServiceExchange, SharePoint, Lync, Office Web Apps, Office 365 ProPlus, Mobile
HowService domainCloud IdentityWeb Client
Office clientSelf Service
WhatAll Pilot Features +Shared namespace, simple coexistence, external sites
HowPilot +IT led migration *Customer domainDirectory sync
Password syncAdmin migrationsOnRamp
WhatDeploy +Federation, Hybrid Delegation, and more
HowDeploy+ *Configure adv. featuresFederated IdentityExchange HybridCorporate app store
SharePoint HybridLync Hybrid3rd party migration tools
Adopt new features
Deploy Enhance Pilot1 2 3
Sign-on Pilot the service quicklyUser signs into Office 365 with a Cloud ID ([email protected])
Mail Pilot the new Exchange mailboxNew mailbox in the cloudInbox content populated via Connected accountUser sends/receives email as [email protected] PST import option for additional content migration (mail/calendar/contacts)
Collaboration Pilot the new collaboration toolsRun online meetings with any user with computer & app sharing, video conferencing, and PC-to-PC callingCollaborate using SharePoint Online team site and newsfeedsEasily store files in the cloud with SkyDrive Pro and share file with external users
Clients Office across multiple devicesAccess the service via a browser - Office Web Apps across devices and platforms – no client requiredUser self-install of Office 365 ProPlus side-by-side with existing Office client installations
Mobile Experience Office anywhereMobile connectivity options are built into the service – just start connecting devicesConnect to Office 365 via mobile devices with Exchange Active Sync for mailPlatform specific mobile apps bring best experience where it makes sense - i.e. OneNote, Lync
Administration
Control & manage your pilotCentralized administration from the Office 365 admin center in the service. Online management centers for Exchange, SharePoint, and Lync. Service health dashboard to monitor service maintenance and incidents.Service use reporting available in the service admin center including service activity.
Setup on day 1
Full use of the service
User driven pilot
Pilot setup continues to step 2 deploy
Limited on-premises requirements
Pilot Experience
Cloud Identity
Single identity in the cloud
Directory & Password Synchronization
Single identity without federation
Federated Identity
Single federated identity and credentials
Pilot Identity Scenario Deploy Enhance Pilot1 2 3
Demo
Network What you need to connectNetwork access to service from client end points over ports 80 and 443Network bandwidth capacity
Clients Pilot user accessWeb client – minimum browserOffice 365 Pro Plus – clients running Windows 7 +
Simple requirements
Easy to start or stopMail Connect to existing mail for the pilot
POP3 or IMAP4 protocol support for pilot users to use Connected Accounts
Pilot – what’s required
Sign-onIntegrated identity managementSign-on with the same user and password as on premises
Integrated mail flow and migrationGlobal address list Full mail content migration – mail, calendar, contacts
Collaboration
Sharing and working with othersLync business partner federationSite governance and provisioning supportSetup of Apps for Office corporate app catalog
ClientsIT managed client productivityOffice 365 ProPlus deployed to user desktop via IT process
MobileManaged mobile connectivitySend and receive mail from mobile device as on-prem email
AdministrationControl & monitorData loss prevention configuration (limited)Exchange Online Protection mail protection configuration (limited)
Setup in days
Adds on-premises integration
Pilot user and info is sustained
IT driven migration
Mail migration that best fits environment
From EX 2010 Mail ServersManaged mail moves (MRS)Free/busy cross premisesUse existing OST
From EX 2007/03 Mail Servers Staged mail migrationNew mail file download
From OthersUser migration (PST import) or IMAP MigrationNew mail file
Deploy Experience – what’s added
Cloud Identity
Single identity in the cloud
Directory & Password Synchronization
Single identity without federation
Federated Identity
Single federated identity and credentials
Deploy Identity Scenario Deploy Enhance Pilot1 2 3
PST Migratio
n
IMA
P migration
Staged migration
Hybrid
Exchange 5.5 X X
Exchange 2000 X X
Exchange 2003 X X X
Exchange 2007 X X X
Exchange 2010 X X X
Exchange 2013 X X X
Notes/Domino X X
GroupWise X X
Other X X
* Additional options available with tools from migration partners
FastTrack Step 2 Migration Options
Migration
PST MigrationImport of Archived/Offline Mail
IMAP migrationSupports wide range of email platformsEmail only (no calendar, contacts, or tasks)
Staged Exchange migrationNo server required on-premisesIdentity federation with on-premises directory
Hybrid
Hybrid deploymentManage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding
Office 365 Deployment Offer Accelerating Office 365 deployment (150+ seats)
Who
Customers who buy 150+ Seats of Office 365Enterprise plans and Exchange Online; Add-on or Full USL Licenses purchased through EA, MPSA, AOS, Open, or MOSP
When September 1, 2013 – March 31, 2014
What
FastTrack step 2 deployment activitiesDeployment partner reimbursed $20K for 1,000+ seats, $12K for 250-999 seats, $5K for 150-249 seats
IT led migrationCustomer domainDirectory syncPassword syncAdmin migrations
Deployment Can Include:
Identity
What’s RequiredDirectory Sync server/sAD meets service requirements for hygieneSame password on-prem and in cloud via password sync
Network
What you need to connectNetwork access to service from client end pointsNetwork bandwidth availabilityAccess to maintain DNS entries for share domains
ClientsRequired to connect and deployWeb client – minimum browserOffice 365 Pro Plus – clients running Windows 7 +
Unique requirements per mail platform
Dedicated customer IT team
Change management readiness
Required to setup and migrateAdmin access
From EX 2010 Mail ServersExchange 2010 SP3Certificates - public
From EX 2007/03 Mail Servers Outlook Anywhere Access
From OthersPST requirement
Deploy – what’s required
FastTrack Deployment EnablersEngineering service adoption enhancements
Password Sync
New feature of Windows Azure Directory Sync as an alternative to Federated Authentication
Customer Benefits:
Customer can use a “single set of credentials” (same username and password) to access both on-premises and online resources
This single set of credentials is managed in the customer’s Active Directory and is synchronized with Office 365 (username + password)
Password Sync is fully integrated in the Dirsync appliance, no additional sw/hw, or changes to the on-premises AD are required
No requirement to deploy and maintain Active Directory Federation Services.
Keeps the deployment simple and eliminates IT costs associated with ADFS
Password Sync Security
Does not require nor access the user’s plain text password.
No requirement for AD reversible encrypted format.
AD user password hash is hashed again using a non-reversible encryption function and digest is synchronized into Azure AD.
The digest in Azure AD cannot be used to access resources in the customer’s on-premises environment.
JoE SmoTh
tIm CLarK??
Ca’RLy RobErts
KeVIn S*to*kS
Joe Smoth
Tim Clark
Carly Roberts
Kevin Stokes
IdFix
Identifies and remediates AD object issues that will fail Windows Azure AD DirSync
Built on analysis of DirSync daily error volumes and is targeted at fixing the majority of errors quickly
Provides a data grid with the ability to scroll, sort and edit
Suggested fixes are provided for known errors
Customer change confirmation change and undo/rollback functionality
IdFix DirSync Error Remediation Tool
Azure AD DirSync Scoping Options Ability to Dirsync to Windows
Azure AD only a subset of your users
Options for Filtering OU Domain-based User Attribute
Customers with Exchange 2010 SP3 or Exchange 2013 on-premises can deploy Exchange Hybrid in Step 2
The built in Hybrid Configuration Wizard automates the process and allows hybrid configuration to be completed within timelines and effort requirements of Step 2
Exchange 2010 SP3 Hybrid
Sign-onAdvanced integrationSingle sign-on / ADFS3rd Party identity providers – “Works with program”
MailAdvance migration scenariosNotes migrationsHybrid Exchange for 2007 or 2003
CollaborationAdvanced integration and solution buildingLync or SharePoint hybridSharePoint solutions – including BCS, Duet, etc.
Clients Advanced client management capabilitiesVirtual desktop and virtual application scenarios
MobileConnect to the serviceBlackberry Enterprise Sever integration
AdministrationLeverage advanced service controlsData loss prevention configuration Exchange Online Protection mail protection configuration
Adds scenarios
Extended durations
Customer specific implementation
Ability to add to deployed clients at point in the future
Enhance - What’s added
Cloud Identity
Single identity in the cloud
Directory & Password Synchronization
Single identity without federation
Federated Identity
Single federated identity and credentials
Deploy Identity Scenario Deploy Enhance Pilot1 2 3
Federation options
Suitable for educational organizations
Recommended where customers may use existing non-ADFS Identity systems
Single sign-on
Secure token based authentication
Support for web clients and outlook only
Microsoft supported for integration only, no shibboleth deployment support
Requires on-premises servers & support
Works with AD and other directories on-premises
Shibboleth (SAML*)Works with AD & Non-AD
Suitable for medium, large enterprises including educational organizations
Recommended option for Active Directory (AD) based customers
Single sign-on
Secure token based authentication
Support for web and rich clients
Microsoft supported
Phonefactor can be used for two factor auth
Works for Office 365 Hybrid Scenarios
Requires on-premises servers, licenses & support
ADFSWorks with AD
Suitable for medium, large enterprises including educational organizations
Recommended where customers may use existing non-ADFS Identity systems with AD or Non-AD
Single sign-on
Secure token based authentication
Support for web and rich clients
Third-party supported
Phonefactor can be used for two factor auth
Works for Office 365 Hybrid Scenarios
Requires on-premises servers, licenses & support
Verified through ‘works with Office 365’ program
Works for Office 365 Hybrid Scenarios
Third-party STSWorks with AD & Non-AD
Preserve Search
Secondary mailbox with separate quota
Managed through EAC or PowerShell
Available on-premises, online, or through EOA
Automated and time-based criteria
Set policies at item or folder level
Expiration date shown in email message
Capture deleted and edited email messages
Time-Based In-Place Hold
Granular Query-Based In-Place Hold
Optional notification
Web-based eDiscovery Center and multi-mailbox search
Search primary, In-Place Archive, and recoverable items
Delegate through roles-based administration
De-duplication after discovery
Auditing to ensure controls are met
In-Place Archive Governance Hold eDiscovery
Compliance: Email archiving and retention
Exchange, SharePoint & Lync Online, Office ProPlus, WA Active Directory
Experience Value EarlyNew Cloud Experience
Real World BenefitsBroad Production Use
Full Feature ValueMeet your needs
Deploy Enhance Pilot1 2 3
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
FastTrack Data SheetsQuick reference guide
Office 365 Capability Matrix per Deployment Step
Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend
Identity Sign On Cloud IDs Corporate AD user account with same password via Password Sync
Corporate AD user account and password via ADFS Option for Integration with
“Works with O365” Identity Providers
Option for Shibboleth Integration
Active Directory Remediation Not applicable IdFix Dirsync Error Remediation Tool
IdFix Dirsync Error Remediation Tool
Custom Engagement
Office 365 Capability Matrix per Deployment StepExchangeKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend
Global Address List Cloud Users Dirsync Users Dirsync users FIM 2010 via O365 connector
Calendar Free/Busy sharing Cloud Users Dirsync Users (req. Ex 2010 SP3) Dirsync Users Exchange Federation to other
O365 or Exchange
Corporate Email Yes via “connected accounts” Yes via Corporate Domain add a
Data Migration Options User driven migrations via connected accounts (mail only)
User driven PST import (mail/calendar/contacts)
User Driven IT Driven via Staged Migration
or Hybrid Exchange (req. Ex 2010 SP3)
Hybrid Exchange for 2010, 2007 or 2003 on-premises
IBM Notes Migration Option
OWA / Full Outlook a a a
Mobile via Active Sync Cloud Email Address (Send From) Corporate Email Address Option for BlackBerry BCS
Corporate Email Address Option for BlackBerry BCS
Office 365 Capability Matrix per Deployment StepLyncKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend
IM & P a a a
Online Meetings a a a
Video Conferencing a a a
PC and Application Sharing a a a
Mobile Lync Clients a a a
Skype Federation (Summer ‘13) a a a
Lync External Federation a a
Lync Hybrid Option a
Lync Hybrid Voice Option a
Office 365 Capability Matrix per Deployment StepSharePointKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend
Team Sites a a a
Sky Drive Pro a a a
External Sharing a a a
Office Web Apps a a a
Public Site with Corporate DNS a a
SharePoint Solutions (BCS, Duet)
a
Click-to-Run Office 2013 Prof Plus
Self-Serve for Pilot Users Self-Serve for Dirsync Users IT Managed Deployment
Self-Serve for Dirsync Users IT Managed Deployment
© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.