EIViKIL~TENDER

ENTERPRISE SOLUTION DESIGN

VERSION

OCTOBER Z3, Z008

SENSITIVE EOP0000172
 Table of Contents
Document Control .............................................................................................. 5
2. Document Approval ......................... J ................................................................. 5
2.1 EMG Approvers ................ . ..........................................................................5
Customer ~pprovers ......................................................... . ..........
3. Purpose of This Document.,.. ........... : ..... :..: ................
4. Ir~troduction ................................................................................................ : ....... 6
5. Engagement Logistics .............................................................................. " ........... 6
5.1 Participants ................................................................................ : ............... 6
"Executive Summary ........................................................................................... 7
6.1 Findings Highlights .................................................................................... 7
6.2 Recommendations Highlights .....................................................................
6.3 Out of Scope Recommendation Highlights ....................... : ......................... 8
Project Objectives .............................................................................................. 8
7.] Business Objectives ............................................................................ 9
8. General Solution Description .................................................... ~ ...................... 13
8.1 Enx, ir onment Description ......................................................................... ]4
8.1.1 Lab Environmen~ ..................................................
8.1.2 Staging En~-Lronment ......................... ~ ............................................. 15
8.1.3 Production Env[r6nment ..................................................................
8.1.4 Change Management Policies ....................................................... ".. 18
8. ! .S Tes.t and Acceptance Plan (TAP) ........ : ............................................. 16
8.1.6 System Sizing ........................... ; ................................................. : .... .17
8.2 Security and Compliance ...................................................... 17
8.2.1 Authentication ..., ............................................................................. 17
8.2.2 Authorization ..........." ........................ : ............................................... 18
8.2.3 En~tion ............................ : ..................... " ........................... ~ ......... ] 8
8.2.4 Firewalls .......................................................................................... 18
8.2.5 Audit Requirements ......................................................................... 10
8.2.6 Audit Reporting ................................................................................ 19
8,2.7 Roqufi:ed EmailXtender Accounts and Permi~s!ons ............... : ......... 19
8.3 Storage Utilization ....................................................................................
8.4 Using EMCDiskXtendez ................................. ; ......... " ................................ 21
9. Solution Functionality Deployment. .................................................... : ............ 22
9. ] Archive Folders and Retention .................................................................. 22
9.2 Rules Processing ......... ¯ ......................................................... ; .... ; ............. -.23
9.3 Shortcutting Email ...................................... : ..................................
9.4 Historical PST/NSF IngestiOn .................................................................... 23
9.~ Deleting Mail ~rom the/~rchive ................................................................ 23
0. Technical Solution Description ......................................................................... 24
! 0. l Network Infrastructure ............................................................................. 24
] 0.1. ]" Wide ]~rea :Netwo~rk ......................................................................... 24
] 0.1.2 Local Area Iqetwork ......................................................................... 24
10.2 . High Availability/Disaster Recovery ........................................................ 24

SENSITIVE EOP0000173
 10.2.1 Disaster Recovery Logical Design ................................................... ZS
10.2,2 Disaster Recovery Physice3 Design ........................................ : ........ 26
10.Z.3 Disaster Recovery Failover/Failback P~ocesses .............................. 26
10.3 Enterpxise Storage ................................................................................... 26
10.3. l Storage Logical Design Diagram ..................................................... 26
10.3.2 Disaster Recovery Time Objectives (~TOs) .................................... 28
10.4 Database Design ........................................................................... ~.,~ .......28
’10.4.1 " Microsofto~Serve~Cenfigu~a-tion..~ .......~ .................... -..,~;.~.; ..... ~.,28
10.5 Journaling Requkaments ........... : ........................................................ : ......28
1.0.6 ¯ .f~.uti-vfirus Softwa.Te ........................................................... ......................... 28
] 0.7 BacI~p Requirements ............................................. ." ................................ 30
10.Y,1 Emai~tendez General Server Backup ............................................. 30
!0.7.2 Em~lXtender License Se~’ver Bacl~p ............................................. 30
] 0.Y.8 Regist~ Ke~ Values Backup ............................................................ 30
10.7.4 Disl~tender Configuration Baakup ................................................. 3]
10.7.6 Di~kXtender Pile Metadata Backup ................................................. 31
] 0.7.6 ~em Partition and System State Backup ,... ............................ . ...... 31
]0.7.7 W Se:r’,,rer Backup.. ......................................................................... 32
] 0,7.8 MSMQ Baekup...,~. ........................................ : ................................... 32
10.8 Application Management .................................................. " ....................... 32
10,8.1 System Mon~to~mg ............................................. ~ ............................ 32
I. Proje’ct Documentation ...................................................................................... 32
lZ. Product ~aining Req-ukements ....................................................................... 3~
~3. Definitions ........................................................................... ............................. ~3
4. Adclendums ................................................................................................... ~..3~
~4,1 EMC E~ailXtenderSizin S ~adsheet ..................... ~ ...... ; ........... 35
14,2 Disaster Recovery Using
EmailXtender 4.81 SP 1 Best Practices Guide ......................................................... 35
14,3 EmailXtender Requked Poxes ...................................................... : ............35
] 4.4 Disk SLoe and RA~D Requkements ............................................................ 36

101~31200B -. P~G’~: 3 o~" 36

SENSITIVE EOP0000174
 Lis~ of T~bles
Table I. Customer Parficipanfs ............... : .................................................. 8
Table 2. o ...................
EM~ Participants .................................................................. 7
Table 3. Business Obiecdves ................................................................................. 9
Table 4. Estimated Disk Requkements ................. ~ .............................................. 17
Table S. Email Archive Enunyption Requirements .................................. ._...: .........!8
Table 6. EmailXtender Standard Audit Reports ........................................... ;-. .......19
~Ble 7~ " E~ai~t~n~r Req~d°Acco~ aiid ~’~rm.is~ions’~....~ ....... ~ ....~ ...........~,,20
Table 8, A.rctdve Folders and Retention ........................................................ ~, .......22
Table 9, Rule Processing Definition ........................... : ............................
~. .........’,.23
Table l 0. Anti-virus Exclusion Requirements ........................................................ 28.
Table l 1.
Table 12. ~em P~ndidon Back-up Schedule .........................................................
Server Back-dp Schedule .................................................................
31
32
Table 13. MSMQ Backup Schedule ..................................................... i ................... 32
Table 14, P~:oject Documentation ........................................................................... 33
Table ]5. Technical Definifions .............................................................................. 33

List .of Figuzes

Fig ]~ Lab Envizonmen{ .................................
J ...................................................................
1~
Fig 2. 15
S~aging Environment ...............................................................................................
Fig 3. Pzoduofion Environment .........: .............................................................................. 16
Fig 4. DR Desiga ........................................
’ ....................................... Z6
7 ........: .....................
Fig 5. Disk Utilization ...................... Z7
. .................................................................................

EMAII~TENDER ENteRPriSE BObUT]ON DF~IGN

I0/Z3/2008

SENSITIVE EOP0000175
 Doc~meni Control

9-23-2008 ChB.n~es Bher IA meeting B_nd Engineedng.Te~m

design meeting
i.2 9-26~200B Added vexb~age on IA procedu.Yes,iete~.tlon
phase 1I and security ’
9-3D-~OO8 M~or g~-aznmal~ca] co~-~ecHo~
1.3 ).O--ZB-8008 ~ Added PST/ARMS ingestion doc

2. Document Approval
z. 1 E1VIC Approvers

EX Design and
in-tplementadon

~ ]:~zoj ect
Management

Z,2 Customer ~pprovers

/COTR

Engineering Branch

! o/z~/~ooB

SENSITIVE EOP0000176
 Purpose of This Document
Tlzis report i~ ~ review of the EMC team’s findings, observations, and recommendations
supported by the Infomaation Technology In~Tastracl~m-e Lib~a~ (ITI~), and EMC Best
Practices. The team will review tNs report as a presentation to the E×ecutive sponsors.

This document presents the results of the EMC EmaiIXteuder Solutior~ D,sign Service at
-Executive Office 0fthe President ~OP), The inte~iew pro~ess looked al all of the email
storage ~ctions within E~utive ONce orthe Pregdent’s IT env~onment win respect to &e
implementation of EmaiiXtender. :

4. iatroduction
The EMC teara thanks Executive Office of the President and the EMC Executive Office o£the
President Account team for the opportunity to conduct the EMC ErnailXtender Solution Design
Service. The goals of this engagement were to answer all of the questions necessary to budget
and make a pumhasing deal&ion, including; hardware (disk, se~ers, etc) acquisition, software
(both EMC and 3rd palrty) acquisition, professional services time (implementation, prsject
managemcnq etc,..).and internal resource requirements.

The foundation of the service offering is’a consultative assessment of Executive Office of the
President’s email infrastructure and operations emphasizing their arehiving requirements and
processes. This Service involves one-on-one interview sessions with Execu~,ive Office of the
President’s Subj~cl Matter Experts (SME) and Business owners to obtain a detailed
understanding of their cmail archiving business requirements.

The planning process promotes a seamless softy)are implementation, mapping a customized -

EMC EmaiLYtender solution to Exeautive Office of the President’s sp.ecific business
requirements discovered throughout the intervl ew process,

8.1 PaxticipaxttS
Table 1. CUstorne~ par~iClpanfs

10IZ31BDOB

SENSITIVE EOP0000177
 6. Executive Snm.ma.ry
Email has become a re@or l’l%eallS of business communication. Fe~ Research s~ys that the
number o f co~oralc emails incrc~ed by 50% over the past year, and predicts an increase o f 35-
50% next year. IDC forec~ts that the number of mnails sent daily would ~ow from 93 hi]lion
i~ 2006 to over 35 billima in 200~. E~il b~ become a st~dard means oginterof5ce
communication(such as memo~nda), as well as communication wlth customers, suppliers and
b~iness p~aaers. The ability to a~ach documents adds to email utility ~ a communication
medium, ~ companies can deliver statemen(s, bills, prospectus Jnfe~atio~ and other t~es of
info~ation.

Not only are the storage’costs ~sociated with email astounding, file pervasiveness ofemail as a
communication medium is both advantageous and a potential problem for mm3y large enterprises
such as Executive Office of tlqe President. Email give~ ~ompanies a fast and efficient mechardsm
of communicating internally, with each other, with branch offices, and wi~ clients. However,
this can lead t6 potential heMaehes for compliance office~z or legal council in discovery
requests, as al’l communications related to the business - including internal oommunica~ions -
must be retaJned for discovery and/or eomplimlce purposes.

6.1 Findings I-Iighlights

Executive Office of the President’s challenges managing their email data revolves around the
following issues:
¯ Difficulties u,i~l~ esmblisl~i~N aridly defensible capture and retention process:
¯ Jncrzased deman.dsfor eDiscovery inquiries, which are resource intensh~e a~d c~zrry a
risk of incomlJle~e/inacqurate results;
Legac), technology, storage and applies~ions ttTat are unnecessarily complex and require
high levels of operation/mainte~tance costs.

.While .FOP has made a significanl investment in the Exchange environment [’or managing their
email, the ism~e afemail management and future storage requirements will need to be addressed.
EMC’s EmaiIA%o~der solution ,,~ill dramatically improve operational efficiencies and red,me
eostgassociated with email management. "Additionally EmailXt~der Will act as a vehicle for
improved Total Cost of Ownership {TCO) as the email environment continues to grow.

l O/Z31ZOO8

SENSITIVE EOP0000178
 6.Z t{ecomme~dations Highlights
"EMC’s EmailXlender so]utiorl w[]i siffaificantly address fl~c amount of email storage space
-consumed through message de-duplication and compression. Beyond the storage cost savings, a
proper Email Management solution is also an automated data man.agement solution tha__t i_ncreases-
. m~.s.sage arc!five a.pcessibility, while reducing administrative costs associated with email
management, compliance and legal disc~ve~ pi’oce~Iur’~. Beri~fits’~d E~Ccufii;e Offi~
President include:
¯ Sec~tre storage ofinboun.d and outbound emails in a een.tral repository.
¯ Implementation of~ records retention policy for email records.
¯ Enable eDiscover), ofemaits. .
" Categorization ofarchi~ed emails.
¯ Enable managed transfer of records to NARA.
Creation of an auditable, controllable process for re-categorization or quarantining
emai! records if required.

6.3 Out of Scope Recomraendafion Highlights

Each EmailXlender engagemenl un6ertaken by EMC Professional Services must first pass
through fl~e EMC Solutions Validation Center (SVC) to ensure thai it adheres to EMC best
practices. This process takes a look at the.customer’s environment, intended use of
EmailXtender and proposed design of EmailXtender.

"In phase one of the EmailXtender project the following EmailXtender components will not be
utilized:
, ~h.ortcutting
, User Directett Archiving
" User Men.tiO, Mapping
" PSTingesdon

Project Objectives
The deployment of the EMC Messaging technology addresses a significant number &objectives
that may be in conflict with regard to both the server environment and storage spa~e
require’merits. The objeotives fall with two basic ~’oups - Business Objectives and Operational
Objectives. It is necessary to determine what objectives apply to a partleular implementation ~nd
the specific goal" For each objective. All oF the obj ectives focus around the amotmt el" email that
will be kept at a specific location and the policies that will be enforced for the objectives:

10/83/9.008

SENSITIVE EOP0000179
 ~. 1 Bus~ness Objectives
~e fo]~ovcing business objectives have been identified fo drive lhe project:
T~ble 3. Business Objective~
Capture and store all ~mail
eommunioations sent or
recgived from at.counts on the
o~cial t|nclassified EOP Email
system
~aptu~e and store ALL related
information (metadata)
associated with the Email
.Capture and store the Email in
real time, as soon as the sender
hils the send button
~e fault-tolerant and have no
sin’gle point of failure which
could cause BOP Email to be
sent or received without be[rtg
captured in the RM system
Allow for th~ physical or logical
segregation of re~ords based on
the agency]component of the
;ender or .recipient. One copy of
the record should be stored in
the sender’s component bucket
and one copy in each of the
recipient’s agency/component
buckets. If one or more
recipients are associated with a
single agency/component then
oflly one copy of the record
should be stored in the
eorrespondi ng’
agency/component.b?cket
Allow searches to be run against
the data, by component, data
range and search words and
phrase~, Searches of Email
addresses, display name fields
m~d all ofl~er EmNI fields MI!
he provided; Search ~f
a~e~ents ~dll be provide.
Se~ch results will be able to be
10123/200~ -.
SENSITIVE
All emall flowing to, fi’om or within the Exchange__ _
envh’onment wi.ll be stored in a single era’all archive, This
will:inulude system .messages. ""
EmailXtender inherently retains email in its original form,
in0uding all metadata and attachments associated with i~.
This is a ~nction of Microsoft Exchange joumaliug,
EmailXtender emmet control which m~ssages arejournaled,
it can only control what to do with .those messages once it
has ingestect them from the jqumaling mailbox(s)..
The solution will include separate Microsoft blusters for the
~ server. The EmailXtender servers will rely on
boot from SAN and Tednndant servers set up in. a DR
locati.on to ~sare business continuity
The EMC team will create a separate cabinet (reposiiory) in
EmailXtender for each defined office and rules’will be
app]ied to these c’abinets to capture email in them for only
the users defined./fmultlple users on a message m’e in the
same cabinet, thebuilt-in d~-dup]ication of Ema~lXtender
will only stare one copy of the rnessa.ge. Also, inherent to
EX, if that same message contains users across multiple
cabinets, the message will be copied to each cabinet.
Bdtti versions of EmailXtende~ are Nlly Capable of
allowing searches for m~d r~Meva] of email across all
repositories within the archive, EOP personnel will be
trained on this process, However, there is no built-in way to
search within search results on EX 4.8. Th~ search criteria
can be saved for later use but the search results cannot, One
way to work around this will be to sort the results by
category m~d selectively export the desired results to file.
P~ 9 or 30
EOP0000180
 extracted via some search
delivery mechanism such that
the results can be viewed using
a WEB browser or some other
commonly available method.
Subsequent searches of search
results will be provided..The
ability to save search parzaneters
associated with searches will be
provMed
be not allow removal of EmailXlender 4.8 will be installed using Disk_X:tender,
record(s) from the archive, but which will enforce retention on the volumes within EX.
~llow a record to be quarantined EmailXtender 6 will be writing to Documentum wldch also
in a controlled and in an enforces retention on the data within the archive. :In either
attditable manner from other state, messages will not be able to be remove;] from the
"ecords into a lo~cnlly (or archive if the retention period has not expired. The method
physically sepa~te) records for separation of records has been described above
repository for quarantined
records. Such quaraufine
requires O~ce of General
Counsel and Records
M~uagement ~i~en ~d
auditable approval.
Fu~e~ore, qo~tined
federal, presidential, and Office
o f the Wee President records
must be mainlined in sep~ate
repertories from each other.
L~tly, for cla~si~ed
info~ation inadve~ent]y
plac~ on tl~s uncl~sified
records system, the classified
record m~t be tran~fe~ed to the
National Security Council or
Cl~sified Records Manager
who administ~ such
~e Faqsf~ or quaantine
~y record must be done
controlled and in an audlt~le

Automate email record series
and/or schedules (as .applicable)
enabling-the EOP to tTansfer
categorized email-records to
NARA
grnaiiXtender does not have the ability to automate the
transfer of records to a unit of storage other than to what it
is directly connected to, However, this can be accomplished
using a scheduled task running h script that copies the
specified volume folders ~o a network share at NARA..

0123/2008

SENSITIVE EOP0000181
 There are several ways to accomplish this task in tl~o end
state solution. We believe olcar, L’uture-looking
requirements From N~
~refe~ed mo~od.
Integrate the system into the A detailed disaster recovery plan, including faitover and
EOP’s backup and disaster failback procedures, will be doemnented dt~ring eaok -
"recovery system amending as .necessary.Phase and ,~ill be pro.vialed as.part of the teSt.and
applicable the EOP’s Disastei" acceptance plan.
Recovery Plan
Enable the EOP to enact User Directed Archiving (UDA) fold ’ers will be util~’~d to
enforce litigation holds, enforce legal holds of data. The legal team will be given
document a compliant chain of search privileges m~d will be able. to copy their search
custody, prevent spoliation results to a designated UDA folder that has specific
claims, negotiate in ’good-faith’ retention applied to it. Chain of custody will be verified
during moorLand-confer using the Archive Process Tracking (APT) utility included
sessions, and produce with EmailXtender. The end-state solution will leverage
appropriate non-privileged- RPS features in Documentnm to meet these-requirements
~nformation.
Accelerate & facilitate the The EOP is already familiar with the search functions of
exchange of information (and .EmailXt~nder 4.8 and t.he capa.bilities. The end state
does not hinde~ or fatstrate) solution will be de~iN~ed and implemented to accomplish
duringthe pro-trial period, k~mwn requirements for easing the legal discovery process.
Freedom of Information Act, using standard search capabilities in RPS and RM
and other electronic search components of Docum’entum
request period, while
facilitating a smoother, simpler,
and less financially burdensome
legal pmdess for all parties
DevElop, document, and Documentation will be provided at the en"d of Phase 1 for
institute vefifiab.ly enfomeable EX 4.8 and at the end of Phase 2 when EX V6.1 SP1 is
formal litigation hold(s) and implemented.
data preservation procedures to
include: creating
communication distribufibn "
lists, documenting relevant
.activities, m~d defining
procedures and accountabil]ty
For instituting, monitoring, and
releasing litigation ]~olds
Identify all relevant data sources Relevant information is included in the Search criteria When
and fo.m~ata include a "copy of, searching for einails.
or a description by c;ategory and.
location including the approach
to maintain or produce th~ copy
or description" orrelevant

10/~3/8008 Paoa i 1 oP36

SENSITIVE EOP0000182
 the course o~ routioe records
disposal and / or disposition
Ensure that the servers are
properly managed with
appropriate ~]~s and repo~
Io~ defined ~d available
software mechanisms in the cud state solution.
Tile logging information of EmailXtender 4.8 is not as
complete as EX 6 but we will be installing a monitoring
framework to h~lp administration t~ks. Appropriat~
monilodng att~bute~ will b~ documented for EOP~g.
jo~l mailbox size, ~X se~ices, et~.)

General Solution Description

The EOP has formally engaged the EMC temn to desi.gn an cmail records m~agement solution
using EMC EmailXtender for the required number of Exchange mailboxes (approximately
4,100). The professional services work to be ~erformed by the EMC team in s.upport of this
effort wi]l comprise of’proj~t managemenl, planning, analysis and design, installation, testing,
and support of the email archiving solnlion in lab, production and disaster recovery
environments. This will include the des~, documentation and testing o fall relevant operational
procedures.

To meet the requirements for the EOP a bye phased approach will be used. Phase 1, referred to
as the ]ntefim phase, is the phase addressed in this design docmnent. ]t will utilize EmailXtender
4.81 SPI. This system will become the"system ol’email r~ords" to service and supportthe
Federal and presidential email records of the next President of the United States..

The second phase of this pmj~ot (Phase Ill) will be to implement the new version oF
EmaflXtender, which will then be known as EMC Source Qne Email (ES f). The installation of
ESI will be a separate project and will be executed while the EmailXtm~der 4.81 continuvs to
ingest ~mails, It is EOP’s desire to take the email that will hage been collected in EmailXtender.
4.81 and migrate.jr to the new ES1 implementation once it is completed. At the time of cutoff
from EmailXtender 4.81 to ES1, a copy of the data flint has been collected in EmaflXtender 4.81
w~ll be migrated to the new envirorm~enL During this migration there are two methods for
allowing the already ingested data to still be accessible for legal starches. First the old
EmailXtender 4.81 envh’onment can be put into a rea&only state and left as is, or the new ES1
environment can use the EmailXtender 4.g1 repository’as a read-only repository. A
determination of which methodology will be .used will be made at the time the desiN~ for the new
ES1 environment is done.

The remainder &this document addresses the design for the Phase ] interim solution using
EmailXtender 4,81. SP1

This interim solution consists of four EmailXtender servers and an Active-Passive ~ 2005
clust4r bases on Microsoft Cluster Services.

This solution addresses the Following key Features needed by the EOP:
~ Integration with e~visting EOP email inf-c~s~ructure. "’
~ Auto-categorization, de-duplication and isolalion ofemail ~sets.
" Full laxt indeMng and search capabilities (,cross all components for privileged usenv.

IO/23/gOO8

SENSITIVE EOP0000183