Technology, Infrastructure and Cloud Focused.

Father of 3 lovely children, geek, infrastructure expert, technical architect and all round technologist.

CloudShare who? Blog Series Part 2 – Configure your environments

I have had this post in my drafts for some time and I have been trying to get round publishing this for some time.  I cannot go on about how good Cloudshare is and what a fantastic service and model they offer.  In a nutshell they provide a cloud based service that individuals (Pro plus account) or enterprises can subscribe to provide a pooled hardware resource count, from here you can then add prebuilt and configured services or environments ranging from Linux, to Windows, to SharePoint 2010 and Exchange 2010 – this includes full licenses.

For a complete listing of all the machines they offer see here – http://www.cloudshare.com/products/proplus/availablemachines All these machines can be intergrated into your own network through the use of VPN’s etc and are spun up within a matter of minutes (sometimes sec’s).

Once you have signed up for a 14 day trial account then create an environment, edit that environment and select the machines that you want to be provisioned within that environment:

This will take some time for the machines to be built, from here you will be able to view the username and passwords for the machines within that domain, connect through an RDP client to the “public address” – BTW this will change every time you suspend and spin up your environment.  Also note to get these details you need to view your environment and then select more details on the server / machine in question for example please look at the below screenshot:

Cloudshare external address

Now to be frank that is it, hence the beauty of this service, my only concern for me (being a hardware monkey) is the RAM, CPU and Storage I require.

 

Thanks and go ans sign up for 14 days – what do you have to loose…!

 

BLOG SERIES – MY EXPERIENCE WITH THE FIRST MIMECAST IMPLEMENTATION PART 2

So in this series I wanted to document my journey and experience with setting up (or migrating) a Mimecast Unified Messaging Platform.  Part 1 gave an introduction into what Mimecast offered, the benefits of their cloud solution and the superb service you get guiding you though this process.

Although this guide deals with the configuration and interaction with Office 365 (where our hosted Exchange environment is located) the process is similar to an Enterprise wide deployment.  A useful tip here could be to setup a test Domain, add this to your existing email environment and just test the process on this test domain for a reduced risk migration.

I am wrapping up 2 stages within the Mimecast process here (Stage 2 – Account configuration and Stage 3 – Outbound Routing), but the summary of this is below:

Step 1 (Admin users):

Mimecast Login Pahe

Mimecast Login Screen


After you receive your “Super Administrator” (this is the account that has full access to every feature within the Mimecast Admin console) details from Mimecast it is recommended to first setup a series of users with the access you require. 

  1. Log into your Mimecast portal and first review the default roles.
  2. Next Click on the “Roles” tab to display the built-in roles.
  3. Roles are predefined permission levels that Mimecast has provisioned – you can create your own but for this example we have setup another Super Admin.
  4. To select a role just click on that with the mouse, here you select the “Add user to role” function and select your required user.

    Mimecast Default Roles

    Mimecast Roles

  5. If the user is not listed you may need to manually add the user to your console – Directories – Internal – Click Domain Name and select “New Address”.
  6. Test you can login within the newly created account.
  7. Next have a play with setting up with a dummy or test user account and move them into the different roles.  Later on down the line we will be looking at giving our Service Desk login rights to track messages etc..

Step 2 (Configure Routing):

Next comes the interesting phase, here we are going to ensure that all our emails leaving our organisation are routed into the Mimecast cloud.  In our example our message flow is detailed below (sorry did not have the time to do this in Visio so used my friend – Cacoo):

Check our mimecast network diagram

Office 365 and Mimecast diagram

Last year we decided to move our Exchange 2007 servers over to Office 365 instead of carrying out an upgraded.  We only have around 10 users so this makes perfect since, therefore these steps are designed for Office 365 environments, although similar if you host on-premise (just remove and adapt where needed):

  1. Ensure ALL your domains are registered with Mimecast before proceeding, if you have any issues then please contact Mimecast Support.
  2. Add the Mimecast MX records into your DNS zone at the highest priority (i.e. if you records are currently set to a preference of 10, then select the Mimecast preference to 100) – this will allow time for the records propagate and then help in the next few steps.
  3. If you use SPF records then ensure the following is setup (of course these may change so check with Mimecast support, however these are correct as of this post):  v=spf1 ip4:135.196.24.192/28 ip4:213.235.63.64/26 ip4:94.185.240.0/24 ip4:212.2.3.128/26 ip4:94.185.244.0/24 ip4:195.130.217.0/24 ip4:91.220.42.0/24 ~all
  4. Configure an Outbound connector in conjunction with the Mimecast KB article – http://www.mimecast.com/mc/kb/Mimecast/KBID10601.htm
  5. Notify Mimecast for them to monitor the outbound emails – these are used for Mimecast to configure a “TO” whitelist.
  6. Thats it….!!! – See so simple…
  7. I would recommend keeping this in place for 2 weeks.
Stay tuned for part 3.

 

Blog Series – My experience with the first Mimecast implementation part 1

I wanted to build up a series of blog posts around my first experience with implementing the Mimecast solution.  These posts will be part of an on-going series, as we progress throughout the project so please check back our look at our twitter feed for more details.  Before diving into the detail I want to give an overview (in my opinion) of what the Mimecast Solution has to offer and then the reason(s) for selecting this product for the company I am working for at present.

Mimecast offer a complete cloud based unified messaging platform that offers the following services.  It is worth noting that Mimecast are currently the best of breed within the industry and look at the Bloor report for Best Practice Email Archiving comes top:-

1. Email Security, Anti Virus and Anti Spam filtering.

2. Email continuity – if you Exchange (internal or cloud hosted, such as Office 365 / BPOS) server goes offline then the Mimecast client (additional module) will redirect the traffic to the Mimecast cloud.

3. Email archiving – the default is 10 years but you have the option of unlimited storage, yes that’s right UNLIMITED..!  Microsoft Office plug-in to search the archive – just like a PST file.

4. eDiscovery and Litigation – the ability to securely search for mails or mailboxes under investigation.  You can define a very tight sign off and auditing procedure for this.

5. Email Migration – One of the biggest selling points of the continuity elements are the benefits to aiding Exchange migration to 2007 / 2010 or even off premise.

6. Blackberry continuity – those Blackberry outages last year are a thing of the past with Mimecast’s solution.  The ability to invoke Blackberry DR and route all your RIM email traffic through the Mimecast cloud.

7. Email Branding – the ability to multi-brand emails based on users, Active Directory groups, email addresses etc and have some limited reporting on how many recipients click back.

8. Secure attachment portal – remove the attachment and email the recipient a link to retrieve the document from a secure portal.

9. Convert attachments – convert attachments based on a rule-set to PDF.

10. Online based portal – Web based admin portal and Blackberry / iPhone based application to search the archive.

11.  100% Uptime and SLA – yes I said it Mimecast claim to offer 100% – I will report back on this.

12.  Data Sovereignty – yes, this is a massive benefit for me and one that I think will make cloud providers stand out – UK based data, securely encrypted within the UK (the data is written to a number of data centres at once).

 

As you can see with all the above features there is no wonder why this has become a truly “best of breed” technology.  Now the reasons for purchasing in this example is to replace an on-site email archiving, consolidate the current email security devices, dramatically reduce the onsite email storage, improve email continuity and provide a lower TCO.

So where am I now?

The process of implementing and on-boarding the Mimecast service is one of the best I have ever seen so far.  Very positive, organised and informational at each of the 3 phases:

1. Configure Outbound Routing.

2. Configure Inbound Routing.

3. Data Ingestion – Configure Exchange servers, export the data and roll out the Outlook client / plug-in.

Mimecast have a very good knowledge base system and provide free online training.  You get assigned dedicated engineers to assist at each phase with information provided via email, PDF and direct contact with the engineer.

The next post will going into the phase 1 Outbound configuration testing.