Versions Compared

Version Old Version 6 New Version Current
Changes made by

Priya Srinivasan

Priya Srinivasan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Agenda

  • Management has indicated that achieving O365 Exchange campus independence is a high priority goal

  • This meeting is to discuss approaches to remove O365 dependencies on campus.

  • Can a cloud service receive an email first, do spam filtering and route to O365 or MTA?

  • Send report to management on whether there is an agreed approach to achieve this goal 

...

1) Use Option 2 - Synched identities in the cloud with password hash. This would enable replicating password hashes in both locations and authentication can happen on-premise or in the cloud.

  • Need link listing different options from David/WSG.Managing Identities on Office365
  • WSG mentioned that currently, we are using federated identities option and would like to determine the feasibility of implementing synched identities.

...

  • Need to figure out if anti-spam and anti-virus filtering by above cloud services are comparable to MTA.
  • There could be route delays to services on-premise due to the cloud being the first delivery point. This needs to be tested in POC
  • Filtering could be limited by cloud provider's capability and not match OIT standards or requirements.
  • Can we test delivering to a cloud delivery point with a POC?
    • exchangetest.uci.edu test domain is available per WSG.
    • We can test with ExchangeOnline and Google being the first delivery point
    • Most of the delivery points are in Google. So WSG and EUS prefer Google to be the initial delivery point for POC.
    • Need level of effort and estimates for POC to test delivery of exchangetest.uci.edu test domain to Google delivery point for virus scan/spam filtering

Action items

  •  Priya SrinivasanHEINDRICK YU , Thomas Acker  - Create ServiceNow project to get Get level of effort and estimates for POC to test delivery of exchangetest.uci.edu test domain to Google delivery point for virus scan/spam filtering   
  •  HEINDRICK YU - Can we use synched identities with password hash (option 2) instead of federated identities currently used? WSG to figure out the feasibility of this approach and recommend. If recommended, priya will add this task to the project
  • for recommended/available routing options, if Google is the first recipient of email to campus
  •  David Severance - Get level of effort for recommended/available spam filtering options, if Google is the first recipient of email to campus
  •  HEINDRICK YU , Thomas Acker  - Determine level of effort for recommended/available routing options, if Exchange Online is the first recipient of email to campus
  •  HEINDRICK YU , Thomas Acker - Determine the feasibility of password hash solution for Exchange Online authentication. If feasible, what is the level of effort? 
  •  HEINDRICK YU , Thomas Acker - If password hash is not feasible, what is required architecture and level of effort to move ADFS capability to AWS cloud? Priya & David K to assist with AWS
  •  David SeveranceDerek Chee - What is level of effort to put MX / MTA servers in the cloud?
  •  Priya Srinivasan - Create project tasks to determine LOE on above action items
    Created Project PRJ0014527 with above action items as tasks and assigned to appropriate resources