Veritas Enterprise Vault™ 12.3
|
Last updated: 5-Apr-2018 |
|
The latest version of this document is available from the Veritas Support website at https://www.veritas.com/docs/100041266. For the latest news about this release, including any hotfixes, subscribe to https://www.veritas.com/docs/100041268. |
This document describes the new features in Veritas Enterprise Vault 12.3.
If you are performing a new installation of Enterprise Vault, follow the installation instructions in the Enterprise Vault Installing and Configuring guide. If you are upgrading, follow the instructions in Upgrade Instructions. These guides are in the Veritas Enterprise Vault\Documentation\English\Administration Guides folder on the Enterprise Vault media.
Enterprise Vault 12.3 includes the following new features. For information about the new features in earlier releases, see the release notes for Enterprise Vault 12, Enterprise Vault 12.1, and Enterprise Vault 12.2.
This release includes the following enhancements to help you comply with data protection legislation, such as the "right to be forgotten":
Earlier versions of Enterprise Vault archived all items to a single, open vault store partition on a storage device. Enterprise Vault 12.3 removes this limitation by letting you archive different items to different partitions, depending on how the Enterprise Vault classification feature has tagged the items. For example, if you have configured the classification engine to detect and tag items that contain personally identifiable information (PII), you can choose to archive these items to one partition. Other types of items, such as bids and business proposals, can be archived to a different partition.
These new types of partitions are called smart partitions. They are identical to standard vault store partitions except in the following ways:
Using the Vault Administration Console, you can associate a smart partition with one or more classification tags that you have defined in your chosen classification engine (Veritas Information Classifier or Microsoft File Classification Infrastructure). Only items to which the classification engine has assigned the chosen tags are archived to the smart partition.
Multiple smart partitions can be open for archiving at the same time. This is not true of standard vault store partitions, which are limited to one open partition for each vault store.
Note: If you normally use the NetBackup Agent for Enterprise Vault to perform backups of your data, see below for a known issue in how it handles multiple open partitions in the same vault store.
You can configure a standard vault store partition so that Enterprise Vault automatically rolls over to the next available partition when certain criteria are met. This rollover capability is not available for smart partitions.
As with standard vault store partitions, you can create smart partitions on any storage device that Enterprise Vault supports.
For more information on smart partitions, see the Installing and Configuring guide.
Enterprise Vault 12.3 comes with an updated version of the Veritas Information Classifier engine, with which you can assign classification tags to all new and existing archived content. This new version first appeared in the Enterprise Vault 12.2.2 release update, and it provides the following additional features:
For more information on these features, see the online Help for the Veritas Information Classifier.
This release adds the following features and enhancements to Enterprise Vault Search:
Restored Items
folders in these mailboxes.This release adds the following features and enhancements to SMTP archiving:
Existing targets that you added in the previous release of Enterprise Vault are listed under Manual targets. During the upgrade to Enterprise 12.3, the journaling type of existing targets is determined based on the archive type. For more information, see the Upgrade Instructions.
For more information, see the Setting up SMTP Archiving guide.
Enterprise Vault 12.3 includes the following enhancements to storage expiry:
Enterprise Vault 12.2 introduced a feature with which you can create one or more retention folders in your users' Exchange mailbox archives. With Enterprise Vault 12.3, you can now create retention folders in Internet Mail archives as well.
In addition, when defining the properties of retention folders, you can now supply alternative names for them in multiple languages. For example, suppose that some users in your organization employ English and others employ French. You can now supply one folder name to suit the English users and an alternative name to suit the French users. This feature overcomes a limitation in earlier versions of Enterprise Vault: the need to create multiple, language-specific retention plans in order to supply retention folder names in different languages.
For more information on retention folders, see the Administrator's Guide.
In new installations of Enterprise Vault 12.3, connections to Enterprise Vault web applications require HTTPS with Secure Sockets Layer (SSL) by default.
Enterprise Vault web applications are configured in the Default Web Site in IIS. When configuring a new installation, the Enterprise Vault configuration wizard creates and installs a self-signed certificate. The configuration wizard adds to the Default Web Site an HTTPS binding on port 443, if this binding does not already exist, and enables SSL on all Enterprise Vault virtual directories.
Note: The self-signed certificate uses the SHA512 hashing algorithm. Some versions of Windows disable this algorithm on computers where the TLS 1.2 protocol is used. See the following Microsoft article for instructions on how to enable SHA512 for TLS 1.2, so that you can use the self-signed certificate:
http://support.microsoft.com/kb/2973337
We strongly recommend that you replace the self-signed certificate as soon as possible with a certificate obtained from a trusted authority. For more information, see "Default security for the Enterprise Vault Web Access components" in the Installing and Configuring guide.
If you are upgrading from an earlier version of Enterprise Vault, the existing configuration of Enterprise Vault web applications in IIS remains unchanged. To ensure the security of these web applications, we recommend that you manually configure HTTPS with SSL on all the Enterprise Vault virtual directories. For instructions on how to do this, see "Securing Enterprise Vault web applications" in the Upgrade Instructions.
Auditing of administrative activity (Admin Activity auditing category) has been enhanced. In particular, the quality of information relating to administrative activity in the following areas is significantly improved:
Improvements have also been made to the auditing of roles-based administration, vault store and partition administration, and advanced settings.
For more information, see the new Auditing guide.
The following new Content Conversion site settings give you greater control over how Enterprise Vault applies Optical Character Recognition (OCR) content conversion to embedded images:
The Content Conversion site settings are described in the Administrator's Guide.
Enterprise Vault now supports the migration of archived data to Amazon Web Services (AWS) Commercial Cloud Services (C2S) storage using the AWS C2S storage migrator.
The AWS C2S migrator plug-in is installed as part of the Enterprise Vault 12.3 installation. For more information, see Migrating Enterprise Vault Data Using the AWS C2S Storage Migrator.
Enterprise Vault 12.3 includes support for the following Microsoft releases:
Enterprise Vault classification using Microsoft File Classification Infrastructure is not supported on Windows Server 2016.
There are no changes to prerequisite software since Enterprise Vault 12.
The Enterprise Vault installer requires Microsoft .NET Framework 4.5.2, and all Enterprise Vault servers require both Microsoft .NET Framework 4.5.2 and .NET Framework 3.5 SP1.
For full details of all supported versions of software and devices, see the Enterprise Vault Compatibility Charts. Appendix A provides details of the versions of software that have been dropped since Enterprise Vault 11.0.
Archiving from Exchange public folders is now supported with Outlook 2016 on the Enterprise Vault server.
Testing has shown that performance of public folder archiving is affected if Outlook 2016 is installed on the Enterprise Vault server. If you are already using Outlook 2013, we recommend that you continue to use it on the Enterprise Vault server.
If you choose to install Outlook 2016, you may need to configure legacy (Exchange 2010 or earlier) public folders so that users whose mailboxes are on Exchange Server 2013/2016 can access them. See the following Microsoft article for instructions:
https://technet.microsoft.com/en-us/library/dn690134(v=exchg.150).aspx
Note the following:
In earlier versions of Enterprise Vault, you needed to import certain modules
to use PowerShell cmdlets that the Enterprise Vault Management Shell did not automatically
load. For example, you needed to import the module Symantec.EnterpriseVault.PowerShell.Monitoring.dll
to make available cmdlets like Get-EVServiceState and Get-EVTaskState. This is not
the case in Enterprise Vault 12.3, where all the Enterprise Vault PowerShell cmdlets
are immediately available in the Management Shell.
Enterprise Vault 12.3 includes the following new PowerShell cmdlets:
| Cmdlet | Description |
|---|---|
| Remove-EVArchive | Deletes the specified archive and the items that it contains. |
Enterprise Vault 12.3 includes the following changes to existing PowerShell cmdlets:
| Cmdlet | Change |
|---|---|
| Get-EVFSAFolder | Can now retrieve details of all folders, including retention folders. |
| Get-EVRetentionPlan | In cases where you have used the specified retention plan to supply alternative names of retention folders in multiple languages, now returns information about these alternative names. |
| Get-EVSMTPTarget | Now returns in tabular format the details of the archives that are associated with the target. |
| New-EVRetentionPlan | For the retention folders that you have associated with a new retention plan, now lets you supply alternative names of the folders in multiple languages. |
| New-EVSMTPTarget | Can now associate multiple archives with SMTP Journaling and SMTP Group Journaling targets, and set the target type. For targets that are associated with other archives, updates the retention plan of all affected archives. |
| Set-EVArchive | For archives that are associated with one or more targets that are associated with other archives, updates the retention plan of all affected archives. |
| Set-EVFSAFolder | Can now disable archiving on retention folders and sub-folders. |
| Set-EVRetentionPlan | For the retention folders that you have associated with an existing retention plan, now lets you supply alternative names of the folders in multiple languages. |
| Set-EVSMTPTarget | Can now associate multiple archives with SMTP Journaling and SMTP Group Journaling targets. For targets that are associated with other archives, updates the retention plan of all affected archives. Can also use the output of Get-EVSMTPTarget to update the list of archives and archive types. |
| Start-EVDatabaseUpgrade | Now has multiple timeout parameters with which you can adjust the time that the cmdlet allows for executing SQL Server commands and scripts. |
See the PowerShell Cmdlets guide for more information on these cmdlets.
The command-line syntax for silently installing Enterprise Vault has changed. You must now include two new parameters, /wait and /clone_wait. The syntax is as follows:
start /wait "" "setup (x64).exe" /s /clone_wait /v"COMPONENTS=Option[|Option][...]"
For more information, see the "Installing Enterprise Vault (command line)" section in the Installing and Configuring guide.
The following Enterprise Vault registry value has been withdrawn:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\KVS\Enterprise Vault\Storage\EMCCenteraExpiryThreads
The registry value is not removed on upgrade, but it is now ignored.
In this release, there are new storage expiry settings that you can configure for a storage server using the Enterprise Vault Administration Console. These settings apply to all storage devices. See Enhancements to storage expiry.
In a new installation of Enterprise Vault 12.3, or an upgrade to Enterprise Vault 12.3, the Enterprise Vault installer now disables weak protocols and ciphers for all applications that require HTTPS communications.
Enterprise Vault disables the following protocols, if you have not enabled them manually:
Weak protocols are managed using registry values under the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols
If you have manually enabled the weak protocols listed above, registry values
will exist under the Protocols subkey. Enterprise Vault does not disable
a protocol that you have enabled in this way.
You can also manually disable the TLS 1.0 protocol, but this may prevent some Enterprise Vault functionality from working properly. The following article describes how to disable TLS 1.0 and explains the consequences of doing so:
https://www.veritas.com/docs/100041638
Enterprise Vault disables the following ciphers:
Ciphers are managed using the registry value called functions under
the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002
Enterprise Vault disables all the weak ciphers listed above, even if you have
enabled any of them using the functions registry value.
This release includes the following patch for Oracle Outside In Technology content converters:
Classification using the Microsoft File Classification Infrastructure is not supported on Windows Server 2016.
With the introduction of smart partitions in Enterprise Vault 12.3, vault stores can now contain multiple, open vault store partitions. Previously, each vault store could contain just one open partition.
The NetBackup Agent for Enterprise Vault does not currently support this enhanced functionality. Instead of backing up the data from every open partition in a vault store, the agent backs up the data from the most recently opened partition only. The other partitions are not backed up and marked as secured.
This issue will be fixed in a future version of the NetBackup Agent. If you normally use the agent to perform backups of your Enterprise Vault data, see the Backup and Recovery guide for alternative methods to back up the data.
To use the Enterprise Vault Policy Manager, you must specify the SMTP address of the Enterprise Vault system mailbox, irrespective of the version of Outlook that is installed on the Enterprise Vault server. The script fails to run if you specify the name of the system mailbox.
On NetApp 9.2 devices, archived files are not deleted when the placeholders are deleted.
In Enterprise Vault 12.2 and earlier, the default ports for client connections to Enterprise Vault Search are HTTP over TCP port 80 and HTTPS over TCP port 443. However, you can choose an alternative port when you edit the properties of your Enterprise Vault site with the Vault Administration Console.
After you upgrade to Enterprise Vault 12.3, any change that you have made to the site-level port setting is discarded. As a result, some Enterprise Vault Search, OWA and the Office Mail app functions do not work.
To resolve this issue, follow these steps after you have upgraded to Enterprise Vault 12.3:
Web.config file for the affected feature.
For Enterprise Vault Search, the Web.config file is in the EVSearch\EVSearchClient
subfolder of the Enterprise Vault installation folder; for example,
C:\Program Files (x86)\Enterprise Vault\EVSearch\EVSearchClient.Web.config file in a plain-text editor such as Windows Notepad.In every <endpoint> entry, change the target address so that
it includes the required port number.
For example, if you set the default port to 8080 then you might change the
first <endpoint> entry to the following:
<endpoint name="normal" address="http://localhost:8080/EnterpriseVault/Search/ClientDataService.svc"
...
The Enterprise Vault media includes the Enterprise Vault documentation in all supported languages.
The Enterprise Vault documentation is available in PDF and HTML format in the Veritas Documentation Library.
The Enterprise Vault administration documentation is available in English, Japanese, and Simplified Chinese from the following locations:
Veritas Enterprise Vault\Documentation folder on the
Enterprise Vault media| Document | Comments |
|---|---|
| Enterprise Vault Documentation Library |
Includes all the following documents in Windows Help (.chm) format so that you can search across them all. It also includes links to the guides in Acrobat (.pdf) format. You can access the library in several ways, including the following:
|
| Introduction and Planning | Provides an overview of Enterprise Vault functionality. |
| Deployment Scanner | Describes how to check the required software and settings before you install Enterprise Vault. |
| Installing and Configuring | Provides detailed information on setting up Enterprise Vault. |
| Upgrade Instructions | Describes how to upgrade an existing Enterprise Vault installation to the latest version. |
| Setting up Domino Server Archiving | Describes how to archive items from Domino mail files and journal databases. |
| Setting up Exchange Server Archiving | Describes how to archive items from Microsoft Exchange user mailboxes, journal mailboxes, and public folders. |
| Setting up File System Archiving | Describes how to archive files that are held on network file servers. |
| Setting up IMAP | Describes how to configure IMAP client access to Exchange archives and Internet Mail archives. |
| Setting up SharePoint Server Archiving | Describes how to archive documents from Microsoft SharePoint servers. |
| Setting up Skype for Business Archiving | Describes how to archive Skype for Business sessions. |
| Setting up SMTP Archiving | Describes how to archive SMTP messages from other messaging servers. |
| Classification using the Microsoft File Classification Infrastructure | Describes how to use the classification engine that is built into recent Windows Server editions to classify all new and existing archived content. |
| Classification using the Veritas Information Classifier | Describes how to use the Veritas Information Classifier
to evaluate all new and archived content against a comprehensive set of industry-standard
classification policies. If you are new to classification with Enterprise Vault, we recommend that you use the Veritas Information Classifier rather than the older and less intuitive File Classification Infrastructure engine. |
| Administrator's Guide | Describes how to perform day-to-day administration procedures. |
| PowerShell Cmdlets | Describes how to perform various administrative tasks by running the Enterprise Vault PowerShell cmdlets. |
| Auditing | Describes how to collect auditing information for events on Enterprise Vault servers. |
| Backup and Recovery | Describes how to implement an effective backup strategy to prevent data loss, and how to provide a means for recovery in the event of a system failure. |
| Reporting | Describes how to implement Enterprise Vault Reporting, which provides reports on the status of Enterprise Vault servers, archives, and archived items. If you configure FSA Reporting, additional reports are available for file servers and their volumes. |
| NSF Migration | Describes how to import content from Domino and Notes NSF files into Enterprise Vault archives. |
| PST Migration | Describes how to migrate content from Outlook PST files into Enterprise Vault archives. |
| Utilities | Describes Enterprise Vault tools and utilities. |
| Registry Values | A reference document that lists the registry values with which you can modify many aspects of Enterprise Vault behavior. |
| Help for Administration Console | The online Help for the Enterprise Vault Administration Console. |
The following guides for end users are provided in .PDF format on the Enterprise
Vault media, in the folder Veritas Enterprise Vault\Documentation\language\Client
User Guides:
Copyright © 2018 Veritas Technologies LLC. All rights reserved.
Veritas, the Veritas Logo, Enterprise Vault, Compliance Accelerator, and Discovery Accelerator are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This product may contain third-party software for which Veritas is required to provide attribution to the third party ("Third-party Programs"). Some of the Third-party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Refer to the Third-party Legal Notices document accompanying this Veritas product or available at:
https://www.veritas.com/about/legal/license-agreements
The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Veritas Technologies LLC and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq. "Commercial Computer Software and Commercial Computer Software Documentation," as applicable, and any successor regulations, whether delivered by Veritas as on-premises or hosted services. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement.
Veritas Technologies LLC
500 E Middlefield Road
Mountain View, CA 94043