Manual

ManualsBrandsGoogle ManualsSoftwareMessage Archiving Administration Guide

Message Archiving

Administration Guide

• Google Message Discovery

• Postini Message Archiving

Summary of content (79 pages)

PAGE 1
Message Archiving Administration Guide • • Google Message Discovery Postini Message Archiving
PAGE 2
Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 www.google.com Part number: PMAAG_643_32 February 24, 2012 © Copyright 2012 Google, Inc. All rights reserved. Google, the Google logo, Google Message Filtering, Google Message Security, Google Message Discovery, Postini, the Postini logo, Postini Perimeter Manager, Postini Threat Identification Network (PTIN), Postini Industry Heuristics, and PREEMPT are trademarks, registered trademarks, or service marks of Google, Inc.
PAGE 3
This software is provided “AS IS.” The copyright holders disclaim all warranties, either express or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose, with respect to this code and accompanying documentation. Although their code does not appear in gd 1.8.4, the authors wish to thank David Koblas, David Rowley, and Hutchison Avenue Software Corporation for their prior contributions.
PAGE 4
Contents About This Guide................................................................................................. 7 What This Guide Contains..................................................................................... 7 Who This Guide Is for ............................................................................................ 7 Related Documentation ......................................................................................... 8 How to Get Support ........................
PAGE 5
Allow a User Full Access to the Corporate Archive ............................................. 69 Allow a User to Search the Corporate Archive ....................................................70 Allow a User to Manage Message Retention....................................................... 71 Allow a User to View and Create Reports ........................................................... 72 Allow a User to Restrict Searches .......................................................................
PAGE 6
About This Guide What This Guide Contains The Message Archiving Administration Guide provides information about: • How Message Archiving works • Setting up Message Archiving for your message security service • Granting Message Archiving privileges to other users • Generating Message Archiving usage reports This guide does not include information about using the Message Archiving search panels, which you use to search for, view, and export archived messages; or about creating archive audit reports.
PAGE 7
Related Documentation For additional information about Message Archiving and your message security service, refer to the following related documents. These documents are available on the Postini Support Portal. For details, see “How to Get Support” on page 10. Document Description Message Security Release Notes The latest information about new features in this release, known issues, and resolved issues. Message Archiving Quick Start Instructions for quickly setting up and verifying Inbound Archiving.
PAGE 8
Document Description Outbound Services Configuration Guide Step-by-step instructions for setting up your network environment and mail server for Outbound Services, an optional feature that allows filtering of outbound messages. Batch Reference Guide Instructions for using batch commands to perform message security configuration tasks, including creating, deleting, and modifying organizations, users, domains, and aliases.
PAGE 9
How to Get Support You with several options for getting support for Message Archiving, including: • Related documentation and FAQs • A searchable knowledge base • Support tools • Email support • Phone support • Instructor-led and self-paced training • Account management To access support resources, go to the Postini Support Portal at: https://support.postini.com How to Send Comments About This Guide We value your feedback.
PAGE 10
Chapter 1 Introduction Chapter 1 About Message Archiving Welcome to Message Archiving, an easy-to-deploy solution for storing electronic communications for the purposes of data retention, regulatory compliance, and legal discovery. Message Archiving can capture all email messages that users on your network send and receive, and store them in a central corporate archive.
PAGE 11
Why Archive Email Messages? Your company may have several reasons for archiving email messages. The following are some of the most common reasons for establishing a message archiving policy: 12 • Business continuity and disaster recovery: Organizations require secure long-term storage of email communications, which have become key business assets.
PAGE 12
Features and Benefits Message Archiving provides a complete solution for message capture, secure storage, search and discovery, and archive management and access. Feature Benefits Email capture and archiving • Captures all inbound, outbound, and intradomain (internal) email messages and attachments and stores them in a central, corporate archive. • Integrates with your message security service, filtering to ensure that only legitimate email is archived.
PAGE 13
Feature Benefits Investigations management • Allows users to set up investigations that organize and save search criteria and search results for specific topics. • Includes an option to place a litigation hold on saved results to prevent them from being purged when their retention periods expire. • Allows an administrator to restrict the scope of an investigator’s search to a specific set of senders and recipients.
PAGE 14
Feature Benefits Legacy message archiving • Lets you merge email messages stored on other systems and media types with your Postini archive. Optional feature • Centralizes management and discovery of archived data. Note: Requires the Message Consolidation service. Message Archiving Editions Postini Message Archiving is available as a standalone product, and as part of Google Message Discovery.
PAGE 15
For details about how Message Archiving captures messages for archiving, see “How Message Archiving Captures Email Messages” on page 24.
PAGE 16
Setup Options You can set up Message Archiving to establish archiving polices for users, and to grant access to the corporate archive and the Personal Archive. Because Message Archiving settings are integrated with your Message Discovery service, you access them through the Administration Console. You use the following Message Archiving Settings page to turn on email archiving for any user organization in your organization hierarchy, and to set the retention period for archived messages.
PAGE 17
For details about configuring journaling on Microsoft Exchange Server, refer to: • Microsoft Exchange Journaling Configuration Guide For Exchange Server 2000 and 2003 • Microsoft Exchange Journaling Configuration Guide For Exchange Server 2007 and 2010 For details about configuring journaling on Lotus Domino Server, refer to: • Message Archiving - Lotus Domino Journaling Configuration Guide For Domino Server 6.5.
PAGE 18
Search and Discovery Options Depending on privileges, users have access to either the Search tab or the Discovery tab. Both tabs include search panels with which users can search for archived messages, and display search results. Search Tab This Search tab provides authorized users with tools to search for, view, print, and export messages in your corporate archive. The following figure shows the Search tab: For details about using the Search tab, refer to the Message Archiving User’s Guide.
PAGE 19
Discovery Tab The Discovery tab provides the same features as the Search tab, with the additional options to set up investigations to save and organize search criteria and results for specific topics. The following figure shows the Discovery tab: For details about using the Discovery tab, refer to the Message Archiving User’s Guide.
PAGE 20
The following figure shows the Email Search panel: Search Results Once a user retrieves messages from the archive, search results appear in the page. For example: For details about using the Message Archiving search panels, refer to the Message Archiving User’s Guide.
PAGE 21
Retention Tab The Retention tab lets you manage the retention and deletion of messages from your corporate archive. Use the Retention tab to: • View a monthly list of messages that are on extension beyond the expiration of their retention periods. The list indicates the month in which the messages were archived. Messages are on extension when their retention periods have expired but they have not been deleted because you have turned off auto-purging.
PAGE 22
Reports Tab The Reports tab provides four different types of reports: • Storage Overview An overview of mail flow, and current and historical archive storage • Storage Reports A month-by-month listing of the number and overall size of archived messages and messages on extension • Purge History A list of purge events • Audit Reports Information about user activity in the archive For complete details about using the Reports tab, refer to the Message Archiving User’s Guide.
PAGE 23
Personal Archive Optional feature The Personal Archive is a user-level subset of the corporate archive. It provides a user with Web-based access to only his or her archived email messages. Users can access their archives at any time to recover (export) messages that were lost or deleted from your email server, or to read their messages when your server is unavailable.
PAGE 24
Inbound/Outbound Archiving If you set up the inbound/outbound archiving option, Message Archiving stores only the email messages that users receive from and, optionally, send to others outside your network. Internal-only, or intradomain, messages, which do not leave your network, are not archived. Use inbound/outbound archiving if any of the following are true: • You want to archive only messages that users receive from or, optionally, send to others outside your network.
PAGE 25
Use journal archiving if both of the following are true: • You want to archive all inbound, outbound, and intradomain email messages for users. • Your email server provides a journaling option.
PAGE 26
The process by which users’ email enters the archive differs, however, depending on whether you choose to use inbound/outbound archiving or journal archiving. Message Capture for Inbound/Outbound Archiving If you use inbound/outbound archiving, rather than journal archiving, Message Archiving automatically captures, stores, and indexes legitimate inbound and, optionally, outbound messages as they flow through your message security service.
PAGE 27
If a message includes registered and non-registered addresses, the message is archived for only the registered users for whom archiving is turned on. After the message is archived, the message security service sends the sending server a reply code to confirm that the message was delivered. Blackholed and Bounced Messages Message Archiving does not store any incoming messages that the message security service blackholes (deletes) or bounces back to the sender.
PAGE 28
How Outbound Messages Are Archived Note: Outbound messages are archived only if you enable and configure the Outbound service for your message security service. For details about setting up the Outbound services, see the Outbound Services Configuration Guide.
PAGE 29
Message Capture for Journal Archiving When you configure your email server for journaling, your server records a copy of, or journals, all inbound, outbound, and intradomain messages for the users you specify, and stores those messages in a special mailbox on your email server or a separate journaling email server. The server then automatically forwards the messages to your archive. The following figure shows an overview of how Message Archiving captures email messages for journal archiving.
PAGE 30
Quarantined Inbound Messages If your message security service quarantines an incoming message, your email server does not journal that message, and that message is not archived. However, if a user or administrator views a message in a quarantine without delivering it to his or her inbox, Message Archiving then captures the message directly and stores it in the archive.
PAGE 31
To implement Exchange Duplicate Suppression, contact Support or your reseller. How Quickly Are Email Messages Archived? In most cases, Message Archiving typically stores an email message in the archive within about 30 minutes after a user sends or receives it. However, the time can be longer, depending on whether the message contains file attachments, and the size of those attachments.
PAGE 32
The account password for a user who has authorization to search the archive must meet the same strict requirements as those for administrators’ passwords. If a user’s password does not meet these requirements, your message security service automatically prompts the user to change his or her password before logging in to Message Archiving. For more information about administrator password requirements, refer to the Message Security Administration Guide.
PAGE 33
Message Retention and Deletion You specify the maximum retention period for your messages when you purchase Message Discovery. Message Archiving can retain messages for periods of up to 10 years. You set a separate retention period up to that maximum for each user org. The flexibility to set retention periods on a per-org basis lets you tailor message retention to the needs of various user groups. You can retain messages longer than your retention period if you turn off Autopurge (see below).
PAGE 34
Feature Search or Discovery tab Reports tab Available during mailflow continuation event? Available during full continuation event? Yes. Users with Archive Search privilege can use the Search tab or Discovery tab (depending on the options included with your Message Archiving service). No. Attempts to log in to Message Archiving return a message indicating that access is temporarily unavailable.
PAGE 35
Maximum Message Size Message Archiving supports a maximum message size of 200 MB. This maximum size is the total for the message and any attachments. However, the maximum size for a message that can be archived may be lower, depending on the setting for the Inbound Attachment Manager Message Size filter for your message security service. For example, if the Message Size filter for Inbound Attachment Manager is set to 50 MB, Message Archiving will not store messages over 50 MB.
PAGE 36
Requirements The following table lists the requirements for Message Archiving. For more information on supported configurations and platforms, please contact your account manager.
PAGE 37
Chapter 2 Setting Up Message Archiving Chapter 2 About Setting Up Message Archiving To store email messages in your archive, you need to set up Message Archiving on your Message Discovery service. The following table summarizes the steps to set up Message Archiving: Step Description Step 1. Ensure your Users are Registered with your Message Security Service Make sure the users for whom you want to archive messages are registered with your message security service. Step 2.
PAGE 38
Step Description Step 6. Set Up Message Archiving for Journaling If you chose the journal archiving option, set up Message Archiving on your message security service to accept incoming journaled messages from your email server. Turn on archiving alerts so the system can keep you apprised of any anomalies with journaled messages reaching the archive. To complete this step, you need the IP address or address range for your email servers. You also need to set up journaling on your email servers. Step 7.
PAGE 39
You can use Google Apps Directory Sync for Message Security to synchronize the user directory on your LDAP server with your message security service. For more information, see: Google Apps Directory Sync Administration Guide Note: You can also add users manually by following the instructions in: Message Security Administration Guide Step 2.
PAGE 40
Archiving Option Description Inbound/Outbound archiving Captures messages sent from outside your network to users in your network. Optionally, captures messages that users send to addresses outside your network if you enable and configure the Outbound service for your message security service. This option, however, does not capture messages that users send within your network. Note: If you are a Google Apps customer, use this option.
PAGE 41
Step 4. Set Up Your Organization Hierarchy (Optional) Before you turn on archiving, determine the users for whom you want to archive email messages. Because you must turn on archiving at the user organization (org) level of your organization hierarchy—not the user account level—you may need to reorganize your organization hierarchy. How you reorganize your hierarchy depends on whether you are using journal archiving or inbound/ outbound archiving.
PAGE 42
Set Up Your Hierarchy for Journal Archiving If you use the journal archiving option, Message Archiving stores journaled messages only for users who have accounts on your message security service, and only if those accounts reside in a user organization for which you turned on archiving. • To archive messages for only specific users: Set up your organization hierarchy such that you place these users in separate user organizations.
PAGE 43
Step 5. Turn On Archiving You must turn on archiving for each user organization (org) that contains users for whom you want to archive email messages. Before turning on archiving, ensure that you: • Choose an email archiving option. For details, see “Step 2. Choose an Email Archiving Option” on page 41. • Set up your Email-Security-service organization hierarchy, if necessary. For details, see “Step 4. Set Up Your Organization Hierarchy (Optional)” on page 43.
PAGE 44
The Message Archiving Settings page appears. 6. On the Message Archiving Settings panel, select Archive messages for this organization. 7. Select one of the following options: • All inbound and outbound messages • All journaled messages WARNING: If you select both options, Message Archiving will store two copies of all inbound and outbound messages. Note: If you are a Google Apps customer, use the All inbound and outbound messages option.
PAGE 45
The retention period you set applies to all messages entering the archive from that point on. It does not apply to messages already in the archive. If you need to ensure that existing messages with shorter retention periods are not deleted from the archive, turn off auto-purge on the Message Archiving Retention tab. You can enter any retention period up to the number of months equivalent to the maximum retention period you purchased.
PAGE 46
Add a Journaling Configuration to Your Email Config A journaling configuration identifies the type of server and the IP address (or address range) of the server from which Message Archiving can accept incoming journaled email messages. You can also use the journaling configuration to turn non-account archiving on or off, turn archive alerts on or off, and to specify the address to which archive alerts are delivered. In addition, you can turn the journaling configuration itself on or off.
PAGE 47
Message text: Journal messages from your server are not in the correct envelope journal format. Check to see that your server is properly configured according to these instructions: https:// www.postini.com/webdocs/archiving/en_US/arch_admin/ setup_am_journaling.html. • The system has not received any journaled messages from your server for: • One hour: if the system has not received a journaled message for one hour, then an initial alert is sent.
PAGE 48
5. On the Organization Management page, under Organization Settings, click Archiving. The Message Archiving Journaling Configuration page appears. 6. Click Add Journaling Configuration.
PAGE 49
7. Configure the following options: Option Value Configuration Status Select ON to archive journaled messages from the server identified in the Sending IP Address Range option. Those messages are archived according to the settings on this page. Select OFF to suspend the archiving of messages from the server identified in the Sending IP Address Range option.
PAGE 50
Option Value Non-account Archiving Select ON to archive messages to and from users on a particular email server who do not also have accounts on your message security service. When you enable non-account archiving, you immediately begin archiving all journaled messages without having to first register users with your message security service. This option can be useful when the urgency of archiving messages outweighs the need for granular control of whose messages are archived.
PAGE 51
Option Value Alert Address Enter the email address at which you want to receive alerts. We recommend that you use a long-standing group address rather than an individual address so that it remains viable over the long term. 8. Click Save. The IP address range that you entered appears on the page, along with the other configuration settings. The email address for your archive also appears in the message area at the top of the page, in the following format: archive@your_ID.archive.psmtp.
PAGE 52
Step 7. Grant Archiving Privileges to Your Users After you’ve completed the previous steps to set up archiving for your organization, you then need to grant privileges to your administrators and users so they can have access to the archive. For information, see “Granting Message Archiving Privileges” on page 61. Message Archiving Setup Reference About the Message Archiving Settings Page for a User Org Use the Archive Settings page to: • Turn on email archiving for an organization.
PAGE 53
Option Description All journaled messages Archives all email messages that your email server journals for users on your network, including inbound, outbound, and intradomain messages (internal messages that do not leave your private network). WARNING: If you select this option, Postini recommends that you do not also select the option All inbound and outbound messages. If you select both options, Message Archiving stores two copies of all inbound and outbound messages.
PAGE 54
About the Message Archiving Journaling Configuration Page for an Email Config Use this page to: • Set up Message Archiving to accept journaled email messages from your email server. • Obtain the email address for your archive. Use this address when you configure your email server to send journaled messages to the archive. • See a list of Journaling Configurations and their settings, along with options to edit and delete those configurations.
PAGE 55
Option Value Non-account Archiving Select ON to archive messages to and from users on a particular email server who do not also have accounts on your message security service. When you enable non-account archiving, you immediately begin archiving all journaled messages without having to first register users with your message security service. This option can be useful when the urgency of archiving messages outweighs the need for granular control of whose messages are archived.
PAGE 56
Option Value Alert Status You can choose to receive daily email alerts when it appears that your journaled messages are not being archived correctly. There are alerts that cover the following conditions: • Journaled messages from your server are being bounced Message text: Journal messages from your server are currently being bounced. Check to see that your IP address is properly configured. Click here for more information: https:// www.postini.
PAGE 57
Journaling Configurations List: Option Description Enable ACL The On/Off value for Configuration Status Server Type Indicates the type of email server for which you entered an IP-address range. IP Address Range Indicates the IP-address range that you entered for an email server. Non-Account Archiving The On/Off value for Non-Account Archiving. Alerts The On/Off value for Alert Status. Alert Address The address to which alerts are sent. Edit Edit the Journaling Configuration.
PAGE 58
Chapter 3 Granting Message Archiving Privileges Chapter 3 About Archive Privileges Your corporate message archive will likely contain highly sensitive corporate information, as well as private employee information. Therefore, we recommend that you provide only one or two employees with privileges to search your archive, purge messages, and create audit reports.
PAGE 59
You must also provide a formal, written request to grant the privileges to the account. This request must be signed by an officer of your company on company letterhead, and faxed to Postini Customer Care or your reseller. Note: If you request any of the Message Archiving privileges for an administrator who also has the Assign Authority privilege, he or she can grant the respective privileges to any other user for whom he or she can create or edit authorization records.
PAGE 60
The following table describes the Message Archiving privileges available for administrators and users. Privilege Description Message Archiving The user can turn on archiving and set archiving options for specific organizations (orgs) in your organization hierarchy. Optionally, you can grant a user “read” privilege only, which allows the user to view Message Archiving settings but not modify them.
PAGE 61
Privilege Description Archive Search The user can access the Search tab to (depending on the options your service includes) search for, view, and print email messages in your corporate archive. You can forward messages to your email inbox. You can export messages as MBOX files. The user can access the Reports tab, and the Storage Overview and Storage reports. For an overview of reports, see “Reports Tab” on page 23.
PAGE 62
Privilege Description Archive Discovery The user can access the Discovery tab. With this privilege, the Discovery tab replaces the Search tab (described above). The Discovery tab includes all the functionality of the Search tab, plus the ability to manage investigations and place holds on messages.
PAGE 63
Privilege Description Archive Retention The user can access the Retention tab to: • View a monthly list of messages that are on extension beyond the expiration of their retention periods. • View how many of the messages on extension are also on hold (not available to purge). • Turn Auto-archiving on and off. • Purge messages from the archive that are not on hold. • View the history of when and by who messages were purged.
PAGE 64
Privilege Description Personal Archive When you grant the Personal Archive privilege, the related Archive Search and Archive Recover privileges are granted automatically. • Archive Search permits users to search for and view email messages in their personal archives. When you grant Archive Search, the Archive tab appears in the user’s Message Center. This tab includes the search options for finding messages in the Personal Archive.
PAGE 65
Allow a User to Set Up Message Archiving To grant the Message Archiving privilege to another user, your administrator account must have: • The Assign Authority privilege for the organization in which the user’s account resides • The Message Archiving privilege WARNING: If you grant the Message Archiving privilege to an administrator who also has the Assign Authority privilege, this administrator can grant this privilege to any other user for whom he or she can create or edit authorization records.
PAGE 66
Allow a User Full Access to the Corporate Archive To grant the Archive Security Administration privilege to another user, your administrator account must have: • The Assign Authority privilege for the organization in which the user’s account resides • The Archive Security Administration privilege If no administrator account has this privilege, you must submit a request to Postini Customer Care or your reseller to add the Archive Security Administration privilege to a user account.
PAGE 67
Allow a User to Search the Corporate Archive To grant the Archive Search or Archive Discovery privilege to another user, your administrator account must have: • The Assign Authority privilege for the organization in which the user’s account resides • The Archive Search, and optionally, Archive Discovery privilege Note: To grant the Archive Discovery privilege, you must also grant the Archive Search privilege.
PAGE 68
5. Select the Archive Search, and optionally, the Archive Discovery check box.
PAGE 69
5. Select the Archive Retention check box.
PAGE 70
If no administrator account has this privilege, you must submit a request to Postini Customer Care or your reseller to add the relevant Archive privilege to a user account. For more information, see “About Archive Privileges” on page 61. Note: An audit report can show the messages that users accessed in the archive.
PAGE 71
If no administrator account has this privilege, you must submit a request to Postini Customer Care or your reseller to add the Archive Investigator Security privilege to a user account. For more information, see “About Archive Privileges” on page 61. You must also grant the Archive Search privilege so the user can access Message Archiving.
PAGE 72
Allow a User to Access the Personal Archive Users access the Personal Archive in Message Center, where they can also manage their junk and virus quarantines. If users don’t currently have access to Message Center, you must provide that access. Note: • You can limit access to only the Personal Archive, without allowing users to also manage their message quarantines.
PAGE 73
5. On the Organization Management page, under Organization Settings, click User Access. The User Access page appears. 6. Under Personal Archive, do one of the following: • To allow users to view and forward archived messages to their inboxes, select both the Archive Search and Archive Recover check boxes. Note: Any messages that users forward are archived again. • 76 To allow users to only view their archived messages, select only the Archive Search check box. Your changes take effect immediately.
PAGE 74
Allow an External User to Access your Corporate Archive You may grant message archive access to a third-party, such as a regulatory agency, as necessary to comply with an investigation or audit. You give these external users access by adding them as users in Message Archiving and setting up their permissions to search the archive and/or view activity logs. To grant access to external users: 1. Create a new user org and add the external user with your domain as their address.
PAGE 75
Appendix A How To Appendix A This section provides a link to each procedure in the Message Archiving Administration Guide. These links are provided to give you easy access to the procedural information, and are organized by chapter.
PAGE 76
Appendix B Troubleshooting Appendix B This section discusses some of the problems that have been observed with Message Archiving, and the solutions to those problems. Journaled messages are being forwarded from your Exchange server to the correct Message Archiving address, but are being bounced with the error code “554 Cannot relay journal - psmtp.” The IP address of the Exchange server sending the journaled messages is not correctly identified in the relevant journaling configuration.
PAGE 77
Index A adding services for Message Archiving 15 users to organization for journal archiving 30 Admin tab access 66 Admin tab access 66 Aid4Mail, obtaining 64, 65 alerts for journaled messages 48 alias addresses, how Message Archiving works with 28 domains, how Message Archiving works with 28 archive access granting privileges 62 security 32 archive alerts, turn on 48 Archive Audit privilege description 65 process for granting to account 61 Archive Discovery privilege description 65 process for granting to
PAGE 78
domain aliases, how Message Archiving works with 28 domain substripping, how Message Archiving works with 28 duplicate message handling for inbound/outbound archiving 28, 29 for journal archiving 31 E Email & IM Search panel, overview 20 email configuration setting up for archiving 47 email messages archived, overview 24 how quickly archived 32 types stored with inbound/outbound archiving 25 types stored with journal archiving 25 email messages, retrieved saving to mbox file 64, 65 saving to pst file 65 Ema
PAGE 79
P packages, for Message Archiving 15 Personal Archive access privilege 75 overview 24 Personal Archive privilege description 67 granting 75 Personal Archive Recover privilege, description 67 Personal Archive Search privilege, description 67 Postini Message Archiving Administration Guide audience 7 overview 7 related documentation 8 privileges Archive Audit, granting 61, 65 Archive Discovery, granting 61, 65 Archive Investigator Security, granting 61, 66, 73 Archive Reports, granting 61, 66 Archive Retention