Microsoft Exchange Management

Ensim Exchange Manager provides self-service automated provisioning and operations management with self-service control panels in both multi-tenant and dedicated platforms for Microsoft Exchange 2013 and 2010 SP3/SP2 (prior versions included; 2010 SP1, 2007, 2003, Exchange 5.5).  Ensim was selected as a strategic partner and co-developed with Microsoft, a scalable, extensible, and highly available platform to meet broad industry requirements for Service Providers, Enterprises, MSPs and Telcos.  As part of the Ensim Automation Suite, Exchange Manager provides a complete, turnkey, end-to-end solution for Marketplace, Storefront, Ordering, Service Catalog, Billing, Provisioning, and Operations Management, along with over 50 additional automation connectors including Microsoft Lync, Sharepoint, Dynamics CRM, Desktop Virtualization, Hyper V / System Center, Office 365, and VMware vCenter / vSphere / vCloud Director, Citrix Xen App, BroadSoft VoIP, Symantec Cloud, and many more.

  • Ensim Automation Suite enables complete automation including:
    • Cloud Marketplace and Storefront
    • Service Catalog with automated Ordering
    • Rating, Invoicing / Chargeback, Payment
    • Estimating and Quoting
    • Product modeling with Plan and Pricing management
    • Subscription, Contract, and Account Management
  • Automated Provisioning and Orchestration workflow
  • Usage collection and Reporting
  • Brandable Self-Service Multi-level Portals
  • Channel support for Resellers, Agents, and Private Label Wholesalers
  • Multi-language and Multi-currency
  • Web Service APIs and SDKs
  • Migration, Upgrade, and On-boarding Tools

Single or Multi-Tenant, Dedicated or Shared Environments

Ensim provides complete provisioning and management for Single tenant or Multi-tenant AD environments with MS Exchange as well as management of Dedicated and Shared environments,where Active Directory is managed on-site while exchange is hosted by MSPs in their datacenter.  Ensim has unique management capabilities for each via its simple and intuitive web portal, such as creating Organizations or Resellers management levels, setting resource limits or automatically incrementing when resellers require additional capacity, billing and monitoring and more.  Telco’s and  Hosting Organizations can manage Shared or Dedicated Mailbox stores, set and manage quota limits, create pre-defined mailbox types for organizations and resellers or create a custom mailbox to suit the requirements of a particular client.

Microsoft Exchange for Hosted, Managed, Enterprise, or Hybrid Deployments

Small or Large Telco’s with a Hosted Exchange deployment will benefit from the flexibility offered by the Ensim Web Portal when granting management access to other organizations or resellers who want to manage their own sub-tenants.  Ensim offers a complete solution for Billing, Account management and Usage reporting for Hybrid and Dedicated Active Directory and Exchange deployments.

Provisioning and De-Provisioning with Templates and Definable Business Logic

Problem: In a typical organization there is need to apply identical user information, service options, mailbox limits etc. in systems such as AD and Exchange. Not having an automated solution for regulating services for users can easily make the systems go out of control.

Solution: Ensim Exchange Manager solves this problem by providing messaging templates that can be used to control the service configurations for a single user or a large set of users in an automated manner.  By using these templates a large set of users can be brought under a known set of service configurations with just a few clicks.  Ensim’s provisioning templates are flexible and highly configurable allowing IT Administrators to create department, location or rank based provisioning templates to automate and simplify the provisioning of users into Active Directory and Exchange.  Any updates made to these templates can be propagated to the users thus making ongoing maintenance of these users easy.  Provisioning Templates also allow for efficient pooling of resources, ensuring that users are accurately provisioned on the correct resource automatically, even when the resource is across multiple servers or data stores.

Granular Role Based Access Control, Management and Delegation

Problem: Microsoft Exchange requires a great deal of expertise in its management, skills that are mainly possessed by Exchange Administrators.  Using native tools to manage MS Exchange requires a lot of experience and training.  Administrators are reluctant to give access to these tools to non-Admins therefore they get burdened with having to create and manage Exchange mailboxes, distribution groups, resources etc.  This takes them away from doing the more critical tasks of keeping mail systems online and tackling with one off issues that are more critical to keeping the Email infrastructure up and functioning.

Solution: With Ensim, Administrators have the option of delegating only those tasks to junior or non admins that they feel are adequate.  Administrators don’t have to give out access to native tools directly at the Exchange server because all management and provisioning activities are performed via Ensim’s intuitive web portal.  The Ensim Web Portal allows various delegated admins such as the help desk, junior administrators, and members of the HR department or department managers to provision mail boxes for end users without having to know the detailed intricacies of Exchange management.  These actions are controlled within the design of the template and thus almost outsourcing these everyday tasks to other teams while reserving expert IT resources for more skilled responsibilities.  Such delegated admins can perform the heavy lifting with much ease based on the automation and simplicity provided by the portal.  Administrators can provision or de-provision users, create and manage distribution groups, set delivery restrictions among others without requiring access to any complex Exchange management tools.

Self-Service Control Panel for Users and Admins

Problem:  IT centric and manual management adds even more load to already stretched resources and budgets.  Users make requests expecting immediate actions, yet IT must add these support requests to an already overflowing queue of pending action items.  In addition, users can be unclear as to the intent of their requests or ask for updates that require privileges they are not authorized for, and IT must take action to verify their entitlements before granting the request.

Solution:  Ensim enables IT to off load to Users the ability to directly create, edit, delete, and manage distribution group members, email aliases, and delivery restrictions all within the boundaries defined by IT policy.  Group owners are the ones best able to accurately and quickly maintain their own groups and they can do so instantly in an easy to use web portal with just a few clicks.  This can result in significant cost savings to IT, reduced workload, and greatly increased user satisfaction.  Employees can log into their personalized single sign-on web portal and perform various exchange management tasks including Out of Office Management, Email Forwarding, Mailbox Rights Delegation, Mailbox Folder Delegation, Mobile Device Setup and Management, Remotely Wipe their mobile devices or access Outlook Web Access.  Administrators can be given controlled access for management of Exchange Resources or for provisioning and de-provisioning users via templates.  All of this can be done without requiring access to Microsoft Exchange management tools.

Provisioning and De-Provisioning with Template and Policy Management

Problem: Manual Provisioning/De-provisioning users in Exchange is time consuming and prone to inaccuracies and errors. With users requiring access across many systems, manually provisioning a user into these systems is not efficient anymore.  Service Configurations constantly change or have to be modified. Re-provisioning user accounts manually is inefficient and cumbersome as well. Junior Administrators or Non-Administrators may not know the exact name of the resource resulting in users having services such as Email/IM accounts provisioned incorrectly.

Solution: Ensim Exchange Manager provides complete automation for provisioning a single user into Exchange or when provisioning multiple users in bulk, whether their mailboxes reside on one Exchange Server or across multiple Exchange servers.  Granular changes in IT policies /service configurations can be pushed out to users with a few clicks, thus making propagation of these changes easier and less error prone.  If a specific attribute or setting needs to be updated or a service removed from a large set of users, an IT Admin (or an authorized user) can make the appropriate update to the template, then propagate this update to as many users as desired. De-provisioning or moving user resources from one backend server to another can all be achieved using similar steps.  At the end of the process the system also provides a clean audit log of all the operations/updates that were committed.

Hierarchical Resource and Quota Management with Physical and Logical Pools

Problem: It is not uncommon to see users whose accounts and/or mailboxes have not been created correctly resulting in lost productivity while the user waits for their account to be re-setup correctly.  This also increases the burden on the help desk and on Exchange Administrators who must now troubleshoot the issue and manually re-provision users.

Solution: Administrators can create provisioning templates to ensure that users are created in the proper organizational unit in Active Directory with accurately sized mailboxes on the correct exchange server and that they have been provisioned with the appropriate services required by their job function.  Administrators can configure mailbox provisioning templates with resource pooling to ensure users get mailboxes on the correct server and that user mailboxes are evenly created across a pool of servers so that no single server is overburdened.  Admins can create multiple pools for resources with automatic resource allocation.  For example: a company may have a set of messaging data stores reserved for executives who require a higher uptime for their email than a normal employee who may be okay with 95% uptime.  Admins can create resource pools for such and allocate appropriate servers to those pools for accurate provisioning, automation and for even distribution of mailboxes across these resources.

Resource Forest and Linked Mailbox Support

Ensim has Exchange management solutions for small to large enterprises, MSPs and Telco’s who want to streamline or enhance their exchange management offerings.  MSP’s who manage customers that want to retain control of their Active Directory while having the MSP manage their Exchange environment will benefit from Ensim’s support for managing a remote resource forest with support for creation and management of linked mailboxes built into its provisioning automation.

Approval Workflow and Notifications

IT may want to enforce certain approval policies to prevent inaccurate or unauthorized groups from being created or certain groups from being accidentally deleted by group owners or junior members of IT and Help Desk teams.  Ensim provides a granular approval workflow system so IT can create policies that are automatically enforced when groups are created, deleted, modified, subscribed to, or when membership changes.  Also, notifications can be sent to; the requesting employee’s manager, a group of approvers, or the IT Administrator, who can review the request and approve or deny.  Once approved the group or action will be automatically processed and logged with Ensim’s central auditing system.  If denied the requester is notified accordingly.  Notifications can also be used just to inform interested parties of the opt-in / opt-out, or membership request action.  This process is faster, more efficient, and allows the helpdesk to focus on higher priority tasks.

Distribution Group Management

Ensim Exchange Manager provides complete management of Standard Distribution Groups, Dynamic/Query based Distribution Groups and Auto-Populated or Hybrid Distribution Groups.  It also provides complete management of External Contacts and Resource mailboxes from a single web portal.  Administrators have control in delegating management control of specific attributes for group management OR delegating group management to one or more group owners or managers.  For more information and additional features for managing Exchange groups, please see Ensim Group Manager.

Mobile Device Management for iPhone, Android, Windows, and Blackberry

The number of user devices brought in to corporations is increasing dramatically. The burden to manage and support these devices, especially in BYOD scenarios, is also increasing as these devices gain access to corporate data and expose potential security risks.  Ensim Exchange Manager allows you to safely and securely manage these mobile devices from a single console, while controlling the growing security risk the devices can represent.  Administrators or Delegated users can remotely wipe their devices over-the-air including IOS, Android, Windows and Blackberry devices.  For more information and additional features, please see Ensim Mobility Manager.

Quick and Easy Installation

The Ensim Application Suite can be installed and configured in under and hour without requiring professional services.  Companies can gain an immediate ROI as well as meet security and compliance requirements.  The Quick Start guide assists the administrator in configuring the required parameters and the embedded help files in the web portal as well as detailed context relational on-line help files, guide administrators along the way.

Executive Summary

Architecture design is both a science and an art form,  applying too much science to the process (trying to get too accurate) usually results in not having enough extra capacity available to deal with peaks, and in the end, results in a poor user experience and decreased system availability. On the other hand, there does need to be some science involved in the process, otherwise it’s very challenging to have a predictable and repeatable methodology for sizing deployments. The key is strike the right balance here.

Top 10 Best Practices for Hosted Exchange server 2013 deployment

  1. Implement DAG for high availability and site resiliency.
  2. Decide whether you want to virtualize or use physical servers. Virtualize when you get some benefit out of it.
  3. Figure out the service requirements, constraints and user profile data for the Exchange solution to be built. For example: service level objectives, number of sites, number of mailbox database copies etc.
  4. Use the data from above two points and calculate capacity requirements. The easiest to do this is with the calculator tool published by Microsoft.
  5. Next, design your storage. Select the storage type and architecture as per your budget.
  6. Decide whether to scale up or scale out, as per the capacity requirements calculated in point 4.
  7. Use load balancers for CAS servers to distribute incoming client traffic and to ensure failover redundancy in case one of the CAS servers goes down.
  8. Design a 3-tiered network consisting of perimeter, front end and backend network, isolate the tiers and open only the required ports.
  9. Go for commercial Certification Authorities for Internet Facing server. Use a private CA for non internet facing servers. Minimize the number of certificates and server host names, use SAN certificates or wild card certificates.
  10. Use Jetstress tool and validate pre-production lab to ensure that the production rollout and implementation will go smoothly.