Office 365 DeploymentFastTrack OverviewJeff MedfordSr. Technical Product ManagerMicrosoft

1

Build from Pilot to Deployment, layer features and integrations

Full Office 365 User Experience with minimal on-premises requirements

Time to value vs. effort invested

Identity options:

cloud IDs, synchronized IDs and federated IDs

John

Benefits of Office 365 FastTrack

Exchange, SharePoint & Lync Online, Office ProPlus, WA Active Directory

Experience Value EarlyNew Cloud Experience

Real World BenefitsBroad Production Use

Full Feature ValueMeet your needs

Deploy Enhance Pilot1 2 3

Optional integrationExtend in weeksMeet business needsCustomized to landscape

Core onboardingDeploy in daysCompanywide cloud useIT led migration

Full Office 365 servicePilot in hoursPersist to deploymentUser led migration

First use in hours, Onboarding in daysExchange, SharePoint, Lync, Office 365 ProPlus, WA Active Directory

Pilot complete

Deploy Complete

WhatOffice 365 ServiceExchange, SharePoint, Lync, Office Web Apps, Office 365 ProPlus, Mobile

HowService domainCloud IdentityWeb Client

Office clientSelf Service

WhatAll Pilot Features +Shared namespace, simple coexistence, external sites

HowPilot +IT led migration *Customer domainDirectory sync

Password syncAdmin migrationsOnRamp

WhatDeploy +Federation, Hybrid Delegation, and more

HowDeploy+ *Configure adv. featuresFederated IdentityExchange HybridCorporate app store

SharePoint HybridLync Hybrid3rd party migration tools

Adopt new features

Deploy Enhance Pilot1 2 3

Sign-on Pilot the service quicklyUser signs into Office 365 with a Cloud ID (jane@contoso.onmicrosoft.com)

Mail Pilot the new Exchange mailboxNew mailbox in the cloudInbox content populated via Connected accountUser sends/receives email as Jane@contoso.comUser PST import option for additional content migration (mail/calendar/contacts)

Collaboration Pilot the new collaboration toolsRun online meetings with any user with computer & app sharing, video conferencing, and PC-to-PC callingCollaborate using SharePoint Online team site and newsfeedsEasily store files in the cloud with SkyDrive Pro and share file with external users

Clients Office across multiple devicesAccess the service via a browser - Office Web Apps across devices and platforms – no client requiredUser self-install of Office 365 ProPlus side-by-side with existing Office client installations

Mobile Experience Office anywhereMobile connectivity options are built into the service – just start connecting devicesConnect to Office 365 via mobile devices with Exchange Active Sync for mailPlatform specific mobile apps bring best experience where it makes sense - i.e. OneNote, Lync

Administration

Control & manage your pilotCentralized administration from the Office 365 admin center in the service. Online management centers for Exchange, SharePoint, and Lync. Service health dashboard to monitor service maintenance and incidents.Service use reporting available in the service admin center including service activity.

Setup on day 1

Full use of the service

User driven pilot

Pilot setup continues to step 2 deploy

Limited on-premises requirements

Pilot Experience

Cloud Identity

Single identity in the cloud

Directory & Password Synchronization 

Single identity without federation

Federated Identity

Single federated identity and credentials

Pilot Identity Scenario Deploy Enhance Pilot1 2 3

Demo

Network What you need to connectNetwork access to service from client end points over ports 80 and 443Network bandwidth capacity

Clients Pilot user accessWeb client – minimum browserOffice 365 Pro Plus – clients running Windows 7 +

Simple requirements

Easy to start or stopMail Connect to existing mail for the pilot

POP3 or IMAP4 protocol support for pilot users to use Connected Accounts

Pilot – what’s required

Sign-onIntegrated identity managementSign-on with the same user and password as on premises

Mail

Integrated mail flow and migrationGlobal address list Full mail content migration – mail, calendar, contacts

Collaboration

Sharing and working with othersLync business partner federationSite governance and provisioning supportSetup of Apps for Office corporate app catalog

ClientsIT managed client productivityOffice 365 ProPlus deployed to user desktop via IT process

MobileManaged mobile connectivitySend and receive mail from mobile device as on-prem email

AdministrationControl & monitorData loss prevention configuration (limited)Exchange Online Protection mail protection configuration (limited)

Setup in days

Adds on-premises integration

Pilot user and info is sustained

IT driven migration

Mail migration that best fits environment

From EX 2010 Mail ServersManaged mail moves (MRS)Free/busy cross premisesUse existing OST

From EX 2007/03 Mail Servers Staged mail migrationNew mail file download

From OthersUser migration (PST import) or IMAP MigrationNew mail file

Deploy Experience – what’s added

Cloud Identity

Single identity in the cloud

Directory & Password Synchronization 

Single identity without federation

Federated Identity

Single federated identity and credentials

Deploy Identity Scenario Deploy Enhance Pilot1 2 3

PST Migratio

n

IMA

P migration

Staged migration

Hybrid

Exchange 5.5 X X

Exchange 2000 X X

Exchange 2003 X X X

Exchange 2007 X X X

Exchange 2010 X X X

Exchange 2013 X X X

Notes/Domino X X

GroupWise X X

Other X X

* Additional options available with tools from migration partners

FastTrack Step 2 Migration Options

Migration

PST MigrationImport of Archived/Offline Mail

IMAP migrationSupports wide range of email platformsEmail only (no calendar, contacts, or tasks)

Staged Exchange migrationNo server required on-premisesIdentity federation with on-premises directory

Hybrid

Hybrid deploymentManage users on-premises and onlineEnables cross-premises calendaring, smooth migration, and easy off-boarding

Office 365 Deployment Offer Accelerating Office 365 deployment (150+ seats)

Who

Customers who buy 150+ Seats of Office 365Enterprise plans and Exchange Online; Add-on or Full USL Licenses purchased through EA, MPSA, AOS, Open, or MOSP

When September 1, 2013 – March 31, 2014

What

FastTrack step 2 deployment activitiesDeployment partner reimbursed $20K for 1,000+ seats, $12K for 250-999 seats, $5K for 150-249 seats

IT led migrationCustomer domainDirectory syncPassword syncAdmin migrations

Deployment Can Include:

Identity

What’s RequiredDirectory Sync server/sAD meets service requirements for hygieneSame password on-prem and in cloud via password sync

Network

What you need to connectNetwork access to service from client end pointsNetwork bandwidth availabilityAccess to maintain DNS entries for share domains

ClientsRequired to connect and deployWeb client – minimum browserOffice 365 Pro Plus – clients running Windows 7 +

Unique requirements per mail platform

Dedicated customer IT team

Change management readiness

Mail

Required to setup and migrateAdmin access

From EX 2010 Mail ServersExchange 2010 SP3Certificates - public

From EX 2007/03 Mail Servers Outlook Anywhere Access

From OthersPST requirement

Deploy – what’s required

FastTrack Deployment EnablersEngineering service adoption enhancements

Password Sync

New feature of Windows Azure Directory Sync as an alternative to Federated Authentication

Customer Benefits:

Customer can use a “single set of credentials” (same username and password) to access both on-premises and online resources

This single set of credentials is managed in the customer’s Active Directory and is synchronized with Office 365 (username + password)

Password Sync is fully integrated in the Dirsync appliance, no additional sw/hw, or changes to the on-premises AD are required

No requirement to deploy and maintain Active Directory Federation Services.

Keeps the deployment simple and eliminates IT costs associated with ADFS

Password Sync Security

Does not require nor access the user’s plain text password.

No requirement for AD reversible encrypted format.

AD user password hash is hashed again using a non-reversible encryption function and digest is synchronized into Azure AD.

The digest in Azure AD cannot be used to access resources in the customer’s on-premises environment.

JoE SmoTh

tIm CLarK??

Ca’RLy RobErts

KeVIn S*to*kS

Joe Smoth

Tim Clark

Carly Roberts

Kevin Stokes

IdFix

Identifies and remediates AD object issues that will fail Windows Azure AD DirSync

Built on analysis of DirSync daily error volumes and is targeted at fixing the majority of errors quickly

Provides a data grid with the ability to scroll, sort and edit

Suggested fixes are provided for known errors

Customer change confirmation change and undo/rollback functionality

IdFix DirSync Error Remediation Tool

Azure AD DirSync Scoping Options Ability to Dirsync to Windows

Azure AD only a subset of your users

Options for Filtering OU Domain-based User Attribute

Customers with Exchange 2010 SP3 or Exchange 2013 on-premises can deploy Exchange Hybrid in Step 2

The built in Hybrid Configuration Wizard automates the process and allows hybrid configuration to be completed within timelines and effort requirements of Step 2

Exchange 2010 SP3 Hybrid

Sign-onAdvanced integrationSingle sign-on / ADFS3rd Party identity providers – “Works with program”

MailAdvance migration scenariosNotes migrationsHybrid Exchange for 2007 or 2003

CollaborationAdvanced integration and solution buildingLync or SharePoint hybridSharePoint solutions – including BCS, Duet, etc.

Clients Advanced client management capabilitiesVirtual desktop and virtual application scenarios

MobileConnect to the serviceBlackberry Enterprise Sever integration

AdministrationLeverage advanced service controlsData loss prevention configuration Exchange Online Protection mail protection configuration

Adds scenarios

Extended durations

Customer specific implementation

Ability to add to deployed clients at point in the future

Enhance - What’s added

Cloud Identity

Single identity in the cloud

Directory & Password Synchronization 

Single identity without federation

Federated Identity

Single federated identity and credentials

Deploy Identity Scenario Deploy Enhance Pilot1 2 3

Federation options

Suitable for educational organizations

Recommended where customers may use existing non-ADFS Identity systems

Single sign-on

Secure token based authentication

Support for web clients and outlook only

Microsoft supported for integration only, no shibboleth deployment support

Requires on-premises servers & support

Works with AD and other directories on-premises

Shibboleth (SAML*)Works with AD & Non-AD

Suitable for medium, large enterprises including educational organizations

Recommended option for Active Directory (AD) based customers

Single sign-on

Secure token based authentication

Support for web and rich clients

Microsoft supported

Phonefactor can be used for two factor auth

Works for Office 365 Hybrid Scenarios

Requires on-premises servers, licenses & support

ADFSWorks with AD

Suitable for medium, large enterprises including educational organizations

Recommended where customers may use existing non-ADFS Identity systems with AD or Non-AD

Single sign-on

Secure token based authentication

Support for web and rich clients

Third-party supported

Phonefactor can be used for two factor auth

Works for Office 365 Hybrid Scenarios

Requires on-premises servers, licenses & support

Verified through ‘works with Office 365’ program

Works for Office 365 Hybrid Scenarios

Third-party STSWorks with AD & Non-AD

Preserve Search

Secondary mailbox with separate quota

Managed through EAC or PowerShell

Available on-premises, online, or through EOA

Automated and time-based criteria

Set policies at item or folder level

Expiration date shown in email message

Capture deleted and edited email messages

Time-Based In-Place Hold

Granular Query-Based In-Place Hold

Optional notification

Web-based eDiscovery Center and multi-mailbox search

Search primary, In-Place Archive, and recoverable items

Delegate through roles-based administration

De-duplication after discovery

Auditing to ensure controls are met

In-Place Archive Governance Hold eDiscovery

Compliance: Email archiving and retention

Exchange, SharePoint & Lync Online, Office ProPlus, WA Active Directory

Experience Value EarlyNew Cloud Experience

Real World BenefitsBroad Production Use

Full Feature ValueMeet your needs

Deploy Enhance Pilot1 2 3

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

FastTrack Data SheetsQuick reference guide

Office 365 Capability Matrix per Deployment Step

Key Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend

Identity Sign On Cloud IDs Corporate AD user account with same password via Password Sync

Corporate AD user account and password via ADFS Option for Integration with

“Works with O365” Identity Providers

Option for Shibboleth Integration

Active Directory Remediation Not applicable IdFix Dirsync Error Remediation Tool

IdFix Dirsync Error Remediation Tool

Custom Engagement

Office 365 Capability Matrix per Deployment StepExchangeKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend

Global Address List Cloud Users Dirsync Users Dirsync users FIM 2010 via O365 connector

Calendar Free/Busy sharing Cloud Users Dirsync Users (req. Ex 2010 SP3) Dirsync Users Exchange Federation to other

O365 or Exchange

Corporate Email Yes via “connected accounts” Yes via Corporate Domain add a

Data Migration Options User driven migrations via connected accounts (mail only)

User driven PST import (mail/calendar/contacts)

User Driven IT Driven via Staged Migration

or Hybrid Exchange (req. Ex 2010 SP3)

Hybrid Exchange for 2010, 2007 or 2003 on-premises

IBM Notes Migration Option

OWA / Full Outlook a a a

Mobile via Active Sync Cloud Email Address (Send From) Corporate Email Address Option for BlackBerry BCS

Corporate Email Address Option for BlackBerry BCS

Office 365 Capability Matrix per Deployment StepLyncKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend

IM & P a a a

Online Meetings a a a

Video Conferencing a a a

PC and Application Sharing a a a

Mobile Lync Clients a a a

Skype Federation (Summer ‘13) a a a

Lync External Federation   a a

Lync Hybrid Option     a

Lync Hybrid Voice Option     a

Office 365 Capability Matrix per Deployment StepSharePointKey Capabilities Step 1 – Pilot Step 2 – Deploy Step 3 - Extend

Team Sites a a a

Sky Drive Pro a a a

External Sharing a a a

Office Web Apps a a a

Public Site with Corporate DNS   a a

SharePoint Solutions (BCS, Duet)

    a

Click-to-Run Office 2013 Prof Plus

Self-Serve for Pilot Users Self-Serve for Dirsync Users IT Managed Deployment

Self-Serve for Dirsync Users IT Managed Deployment

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.