Symantec Proof of Value Proposal for [Company Name]

This document describes the proposed steps to ensure a successful evaluation of the SymantecEnterprise Vault email archiving solution at [Company Name].

  1. The Mailbox Archiving component of the Enterprise Vault will be used to reduce the size of the Exchange private information store and enhance email search capabilities across multiple folders and possibly multiple users.
  1. The Public Folder Archiving component of the Enterprise Vault will be used to reduce the size of the Exchange public information store and enhance search capabilities across multiple folders.
  1. The Journal Archiving component of the Enterprise Vault will be used to archive all email sent or received through specified Exchange server(s) to a central archive which can then be searched only by authorized personnel.
  1. The PST Migration component of Enterprise Vault will be used to import messages from disparate PST files directly into Enterprise Vault, optionally placing shortcuts to these archived messages in the associated Exchange mailboxes using the same folder structure.
  1. The Compliance Acceleratorcomponent of the Enterprise Vault will be used to facilitate the daily supervisory review by designated Compliance Officers according to the mandatory SEC/NASD regulatory requirements for the financial services industry.
  1. The Discovery Accelerator component of the Enterprise Vault will be used to efficiently facilitate a legal discovery process - organizing electronic messages, markings, users, and permissions by case name(s).
  1. The Enterprise Vault for SharePoint Portal Server will be used to facilitate the archive storage, retention, and searching of the SharePoint Document Library.
  1. The Enterprise VaultFile System Archiving will be used to facilitate the archive storage, retention, and searching of a Windows-based file system.

Proof of Value Planning:

Customers have different reasons for implementing email archiving solutions. The Proof of Value will be designed to show that the SymantecEnterprise Vault can solve specific problems and achieve [Company Name]’s goals.

Proof of Value Assumptions:

Before the Proof of Value begins, both parties should agree on a set of assumptions:

  1. The Proof of Value will be performed in a test lab with a non-production Exchange/File/SPS server, testing with non-production mailboxes/users. This will allow functionality testing without any potential impact to the production infrastructure.
  2. The Microsoft Exchange/File/SPS environment will be configured and populated with sample data before the Symantec engineer arrives on-site and begins the installation.
  3. Because the testing is geared towards functionality demonstration and not performance benchmarking, only 5 to 10 mailboxes (for file system folders) containing sample data will be enabled for automatic archiving by the SymantecEnterprise Vault. These mailboxes/folders can be hosted on one or multiple source servers.
  4. The mailbox archiving criteria will be configured to archive messages older than [n] days/weeks/months/years.
  5. 5 to 10 Public Folders underneath a single public folder “root” will be enabled for automatic archiving by theSymantecEnterprise Vault. These folders will be populated with test data prior to archive installation.
  6. The public folder archiving criteria will be configured to archive messages older than [n] days/weeks/months/years.
  7. Message journaling will be enabled on the specified Microsoft Exchange store(s), and the Enterprise Vault Journaling service will be configured to archive and remove all the collected email throughout the day.
  8. A few non-production PST files will be made available for importing directly into the Enterprise Vault using the PST Migrator utility. Copies of production PST files would be fine.
  9. To expedite the configuration of the Compliance Accelerator, a set of Windows security groups will be configured to organize the mailbox accounts to be reviewed. NOTE: the SMTP address of these user accounts much match the SMTP addresses in the header of the sample email messages to be reviewed. Symantec would welcome the opportunity to demonstrate the Compliance Accelerator to interested parties from Compliance while we are on-site.
  10. One fictional Discovery Accelerator “case” will be created and configured to search the journal archive, assigning the review of the search results to multiple test users to demonstrate the efficient legal workflow capabilities. Symantec would welcome the opportunity to demonstrate the Discovery Accelerator to interested parties from the Legal department while we are on-site.
  11. The Microsoft SharePoint Portal server used for testing will be either SPS 2001 or SPS 2003 with the backwards-compatible Document Library installed, as support for SPS 2003’s SQL document store is scheduled for release in Q1 of 2005.
  12. Because the testing is geared toward functionality demonstration, no more than 10GB of files will be archived by Enterprise Vault File System Archiving.
  13. Although the archive and index processing takes place on the Symantec application server, an Enterprise Vault File Placeholder Service (agent) will be installed on each file server that will store the placeholders/stubs. This placeholder service is necessary in order to provide transparent user access to archived files, but is unnecessary when Enterprise Vault File System Archiving is configured to simply make a “copy” of files for search purposes only.
  14. When testing Enterprise Vault File System Archiving, NTFS security will be configured and synchronized to the archive at a folder-level, not from individual file permissions.
  15. If quota-based archiving is required in Enterprise Vault File System Archiving, volume-wide disk quotas will be used in the archiving calculations.
  16. There will be no backup of the lab environment’s data; therefore the Enterprise Vault will be configured to remove Exchange data immediately during the archiving process. In normal production environments that are backed up regularly, the Enterprise Vault is configured to remove Exchange data only after the archive storage has been successfully backed up.

Criteria for success

We believe the following list aptly describes the criteria for success, but this list will be refined and agreed to before the Proof of Value begins. The Proof of Value will show that:

  1. Each data source will only store information that falls outside of the configured archiving criteria, as well as fully-functional shortcuts to data that has been archived to the Enterprise Vault.
  2. The archiving process will be automatic and transparent to the end users because automatic archiving takes place at a server level with no user intervention required.
  3. The viewing of archived data will be transparent to the end users,including the continued use of the Outlook preview pane and “Find” feature for email archive users.
  4. Email journaling will be completely transparent to the typical end user, because it does not affect the appearance or size of private mailboxes in any way.
  5. The PST Migrator can successfully move messages contained in PST files directly into the Enterprise Vault, eliminating the need to first copy the messages into an Exchange mailbox.
  6. The PST Migrator can optionally recreate the PST file’s folder structure inside the appropriate user’s Exchange mailbox, and place message shortcuts in the respective folders, if required.
  7. The PST Migrator can delete the source PST file upon successful completion of the migration process, if required.
  8. The archived email can be accessed and/or searched only by authorized personnel, according to permissions configured in Exchange and/or the Enterprise Vault.
  9. A web-based search will yield the appropriate results based on specified keywords contained anywhere in the email message – including attachments.
  10. Messages found in the web-based search results can be reviewed and selectively added to a “shopping cart”, which can then be copied to either a specified Exchange mailbox or to a PST file.
  11. Using Compliance Accelerator, messages to/from specific departments can be reviewed and marked only by designated reviewers/supervisors.
  12. A random sample (percentage) of messages may be selected for review in the Compliance Accelerator if required.
  13. Reviewed messages in Compliance Accelerator may be marked as Reviewed, Questioned, or Pending, and may have free-form text comments added.
  14. The Discovery Accelerator can greatly improve the efficiency of the legal review process by allowing users to categorize their assigned messages by custom markings, such as “relevant”, “not relevant”, “spam”, “personal email”, “client/attorney privilege”, etc. These markings will be saved in a SQL database on a case-by-case basis and the messages can be viewed/filtered (and even produced) later by authorized personnel.
  15. File server archiving can be configured to archive or immediately delete files based on a variety of properties, including file extension.

The following features are considered “Symantec differentiators” and may not be applicable to every environment:

  1. The Enterprise Vault will be successfully installed on a Windows 2003 server.
  2. Outlook 2003 clients using local cache mode are fully supported.
  3. The PST Migrator can import PST files in Outlook 2003’s new UNICODE format
  4. The PST Migrator can automatically correlate PST files to the appropriate end users, based on Outlook profile configuration, the PST’s file or folder level Windows permissions, or a text-based script indicating file path and ownership.
  5. The Enterprise Vault allows complete flexibility to implement journaling partially, with custom retention policies, or not at all, depending on business requirements over time. We will prove that the same message can contain two different retention policies, one from the journaling and another from the individual’s mailbox. Some products have known issues surrounding policy conflicts between the journal and mailbox policies. We can also prove the absence of journaling for specific test users that should only use mailbox archiving.
  6. The Enterprise Vault can be configured to delay the deletion of the original email message until the corresponding archive file has been backed up successfully.
  7. The Enterprise Vault can be configured to delayed archive file collection to optimize performance and single-instancing of newly-archived records. Other archiving products single-instance and collect files immediately as they enter the archive, which results in larger file recalls and the lack of single-instance storage when another copy of an archived message enters the system, from PST files for example.
  8. Mailbox archiving can be based on Exchange mailbox limits, archiving dynamically to prevent the mailbox from reaching its limit. This is one of the benefits of a product customized specifically for Microsoft Exchange, and not designed generically for multiple email platforms.
  9. The Enterprise Vault can be configured with folder-level mailbox archiving policies, which allow organizations to implement a mailbox archiving/retention strategy that involves user discretion (“drag & drop” into standard Outlook sub-folders that represent different retention policies behind the scenes). Most archiving products apply policy at a mailbox or higher level even though many companies want to apply different rules to different messages.
  10. The Enterprise Vault will run completely as a set of Windows services, typically leaving the server console “logged out” for security reasons.
  11. Archived messages can be synchronized to the workstation/laptop, to allow access to archived messages & attachments while disconnected from the primary archive location.
  12. If configured, the Enterprise Vault mailbox shortcuts can be accessed from IMAP/POP3 clients that support the HTML message format.
  13. Users can read messages directly and transparently from the archive, without adding unnecessary time or storage requirements to restore the data to Exchange first, as some other products are designed to do.
  14. The Enterprise Vault allows flexibility when configuring the amount of detail message shortcuts should contain, to provide more predictability around shortcut sizes. For example, include only the first 100 characters/bytes of the message body inside the shortcut.
  15. The Enterprise Vault allows flexibility to control the retention of mailbox shortcuts themselves, in addition to the separate policy controlling the retention of the underlying data. This comes in especially handy for PST migrations and/or mailboxes that are configured to retain information long-term, such as executives.
  16. The Enterprise Vault allows automatic and/or manual permission control to mailbox archives, regardless of whether the searching user is listed in the To/From header of the email message. Delegate and mailbox-level permissions managed in Exchange automatically synchronize to the archive permissions, and a GUI is also available to add Active Directory users and/or groups directly to a specific archive’s properties. This is compared to other products that are less flexible, assigning permissions to either the entire enterprise-wide archive, or just the messages that mention the searching user in the To/From fields.
  17. Archived files with Enterprise Vault File System Archiving are indexed by Alta Vista and can by found by keyword/phrase searches.
  18. The Enterprise Vault has a bulk export feature to Exchange or PST files. Specific message search results, one or more entire user archives, or the entire system can be exported. This gives organizations peace of mind that should they ever need to export some or all of their archived data for any reason, there are user-friendly tools included to do just that.
  19. Administration is handled by the common Microsoft Management Console, conveniently allowing administrators to manage Exchange, Active Directory, SQL, the Enterprise Vault, and other applications in a single console window.
  20. The Enterprise Vault utilizes the Microsoft Event Viewer (Application Log) for diagnostics and ID-based error reporting, rather a proprietary logging system that is not recognized out of the box by industry-standard system monitoring tools.
  21. The Enterprise Vault enforces single-instance storage at the file level in environments using an EMC Centera as their back-end archive storage device. Even though other products write to an EMC Centera, only Symantec assigns a separate identifier for files attached to email messages. It can be proven that only one file will be stored in the Centera even when the same file is found in multiple email messages (including forwarded messages), and/or in archived file servers.

Proof of Value Requirements

Hardware

We suggest the Proof of Value be run on the following hardware as a minimum:

1 GHz server-class machine with 2 GB RAM, and at least 60GB of available storage.

Software

The Enterprise Vault server(s) should be configured with Windows 2000/2003 Server prior to installation. SQL Server 2000 SP3a must be provided by [Company Name], and ideally should be installed & patched before the Symantec engineer arrives. In a production environment it is recommended to use a dedicated SQL server rather than install SQL on an Enterprise Vault application server, but test labs can be configured either way. Outlook 2000 or 2003 (with the CDO option included during installation) must be provided by[Company Name]for the Enterprise Vault server, and may be installed on the Symantec application server either before or after the Symantec engineer arrives.

Upon arrival, the Symantec Engineer will need to install IIS, ASP.Net (if Windows 2003), Message Queuing (without Active Directory integration), Internet Explorer 6.0 (if Windows 2000), MDAC (if Windows 2000), .Net Framework (if Windows 2000), and Exchange System Manager (with patches). The version number (year) of Exchange System Manager must correspond to the version number (year) of the Enterprise Vault’s operating system. For example, install Exchange 2003 System Manager if the Enterprise Vault resides on a Windows 2003 server, regardless of which version of Exchange you are archiving from.

The Vault Service account

Purpose The Vault Service account is used by Enterprise Vault processes to access the Windows server operating system. The Enterprise Vault services, which are Windows services, run under this account.

The Vault Service account is shared by all the Enterprise Vault computers in the Enterprise Vault Directory. If you are managing multiple Enterprise Vault sites, you can use the same Vault Service account for more than one Enterprise Vault site.

If you are using Exchange Server 2003 or Exchange 2000 Server, the Vault Service account must be a member of the Active Directory domain.

The Vault Service account must be a domain-based Windows security account that belongs to the local Administrators group on all Enterprise Vault computers in the Directory. The account password must not be blank. We recommend that you do not make this account a Domain Administrator or part of an Exchange administrators group. It is better to assign Exchange permissions explicitly. The account does not need a mailbox, but you may want to create one and use it for the service mailbox,

If possible, create the account so that it is in the same domain as the Enterprise Vault computers. If it is necessary for the Vault Service account and the Enterprise Vault computers to be in different domains, create the account so that it is in a domain that is trusted by the Enterprise Vault computers’ domain. During configuration, you are asked to provide the name and password of the Vault Service account.