How To Protect Office 365 With Cohesity
Back at Microsoft Ignite 2018, we announced that Cohesity would be supporting Office 365 Mail as part of our core data protection functionality. While the feature itself is still not generally available, it’s very close. Please be sure to check with your account team on the general availability where you will see the Office 365 protection option in the UI. I wanted to walk through some of the basic configuration steps you need to do in order to get data protection working for Office 365.
First, there are a few options you might want to consider when it comes to how you deploy Cohesity DataPlatform.
Cloud Edition vs On Premises
Many customers have the option of running both versions of the Cohesity DataPlatform. As a cloud person, for years I have compared solutions in order to decide whether I should run on-premises or directly in the cloud. With Office 365 Mail these are some things to consider:
- Size of your mailboxes
- Local Internet connection speed
- Replication options
- Job Management locally or via Helios
With these considerations in mind, I decided to use a full cloud-based solution for my example. What I deployed to get things integrated was all done in Microsoft Azure. The components consist of:
- Azure Active Directory
- Cohesity Control VM
- Cohesity DataPlatform Cloud Edition
- Office 365 Mailboxes
My goal here was to get a demo setup done for the Cohesity Mobile Mobile Demo Center (#CohesityOnWheels), which was tied to a dedicated Azure AD and users from the truck’s on-board data center. I will actually discuss this in a later article. For the purposes here, let’s look at the initial setup requirements, which assume you have deployed the Cohesity DataPlatform.
Configure Office 365 Exchange Group
The first thing you will need to do is ensure that the user account you are using to connect to Office 365 has the right permissions to access the mailboxes. For this I’d suggest adding a new group through the Office 365 Exchange Admin section.
Once there, navigate to the permissions section and “Admin Roles” and create the “+” button to create a new group called “Cohesity Access”.
In the settings of this new role group add the roles shown below:
Once you have added the role under members, that will be the account used when configuring the Cohesity DataPlatform for access. At this point you will need to wait for these changes to get pushed out. I found that this was about ten to fifteen minutes before you can setup the Cohesity side.
Configure The Cohesity DataPlatform
All you need to do now is take a few simple steps on the Cohesity DataPlatform to connect to Office 365. Under the protection menu select sources and add a new source of Office 365.
Once you’ve added this as a source, everything about protection jobs is exactly the same. What makes Cohesity loved by customers is that no matter the source the protection job workflow is easy and well documented. All you have to do is add a new protection job for Office 365, select the mailboxes and other options, and you’re done! Of course you can add something like a new policy and assign the mailbox job it.
Below you can see I simply created a new job with a default policy.
Like everything Cohesity, once the job runs, you will have access to restore data. With this solution you can restore either full mailboxes or individual messages. You can also elect to restore to original mailboxes or a separate location, depending on your needs. Simply search by mailbox name, or protection job, and from there your restore options are presented.
Here you can see I have elected to restore the entire Bruce Banner mailbox to my Admin account. Some organizations may in fact have a “restore” account where they send an entire mailbox for export to a PST for legal or other reasons. That mailbox essentially would be the reusable account for alternate restore locations. Individual messages from an accidental deletion may very well go back to the original location.
You can see that protecting Office 365 Mailboxes with the Cohesity DataPlatform (Cloud Edition) is extremely easy to setup and use. I had many discussions at Ignite 2018 where customers told me that Office 365 Mail backup is a huge concern for them. Cohesity provides an easy-to-deploy and easy -of-manage capability that is part of the same platform used for on-premises backups.
Integrate all your data platforms into Helios and then manage them all from one interface across on premises and cloud editions. Contact us to get a live demo of this new capability and if you’re already a customer look for this to become live in the platform soon!