Exchange Online Message Size Increase

In the Past

Over the past few years I have worked with a lot of Enterprise customers coming to the Office 365 cloud. When specifically working with them on Exchange Online, one of the conversations we would always have is a discussion on message size limits. Up to this point, Exchange Online only support 25 MB message sizes. Most of the time, customers already had smaller message sizes being supported or felt the can do a transition to 25 MB message size. Many cases the need for 25 MB message size was needed or based on old business requirement that could be satisfied through or solutions. Still there would be business cases where customers would have a challenge with 25 MB message size threshold.

So what has changed?

Office 365 has just announced that Exchange Online now supports the ability to send email messages as large as 150 MB.

• Exchange Online administrators have the ability to set the message size to any value between 1 MB to 150 MB.
• The default message size will say 25 MB.
• Customers have the ability to assign some people to larger message sizes, while smaller message sizes can be assigned to different users. This allows customers to align requirements of the business to the configuration of the service.

So how is this configured?

There are multiple different ways to configure this. Inside the Exchange Online Admin Console, administrators have the ability to set the message size restrictions. The message size restriction is actually applied at the mailbox level. You have the ability to change it on individual mailboxes and many at a time. You also have the ability to configure the default mailbox size you want for all new users. Realistically, if you are a large organization, you should you the PowerShell commands that are available to configure this across the mailboxes you manage.

Are there considerations?

Yes there are several things you should consider when setting your strategy for message size.

First, not all other organizations will be able to accept a large email message size. Lots of organizations do not allow receiving of email larger than 25 MB. So really increasing the message size should be for tactical business reasons.

Second, you should consider how SharePoint Online and OneDrive for Business be utilized for sharing files. If the message size is being increased solely for the purpose to allow users to send internal messages with large attachments, SharePoint Online and OneDrive for Business may be a better alternative. Plus SharePoint Online and OneDrive for Business both have external sharing capabilities and can support sharing of significantly larger file sizes. Plus there have new user experiences being delivered between Exchange Online, SharePoint Online and OneDrive for Business that make it even easier for users to share large files quickly and efficiently. I at least recommend that you evaluate these other solutions before just changing the message size to align the business requirement to the technology. Things have changed and there are new solutions.

Third, before increasing the message size restrictions, make sure you understand what the actual mail clients can support. For instance Outlook clients can support 150 MB attachments. However currently Outlook for MAC can support 35 MB attachments and OWA can support 112 MB attachments. This could change in future but this is how they are now. Additionally APIs such as Exchange Web Services (EWS) right now only support 48 MB message sizes and this consideration for customers that are trying to migrate or created other integrated solutions with Exchange Online.

In conclusion

This is a really addition to the Exchange Online service as it provides customers additional flexibility with the configuration of messaging.

Here is the public announcement - http://blogs.office.com/2015/04/15/office-365-now-supports-larger-email-messages-up-to-150-mb/

Outlook for Android Release

It was just recently announced that the Outlook for Android app is no longer in Preview. The Outlook for Android app is available in the Google store and is available for Android 4.0 and up.

It is exciting to see the first release of the Outlook for Android app. It just another demonstration of Microsoft’s commitment to provide apps across mobile platforms. Microsoft has created apps for both iOS and Android for Word, Excel, PowerPoint and OneNote. Now there Outlook apps available on iOS and Android.

Announcement - http://blogs.office.com/2015/04/22/outlook-for-android-comes-out-of-preview/

Modern Auth ADAL Public Preview

A feature that I have been following called Office 2013 Modern Authentication has now come out of private preview and is now in public preview. It is also commonly called Active Directory Authentication Library (ADAL). If you now have the Office 365 ProPlus updates from March, you have access to the capability.

Why is ADAL feature so important? It will support strong authentication natively in Office rich clients. Support for third-party solutions and smartcards has been an important request for enterprise customers. As part of this preview, there are some limitations that need to be considered. Please read the announcement here for more information - http://blogs.office.com/2015/03/23/office-2013-modern-authentication-public-preview-announced/.

In the announcement there are instructions on how to join the preview program as well there is a table that describes all the clients and operating systems that are supported.

Skype for Business Online Release Coming

Skype for Business Online is coming around the corner. As many of you know, Lync Online is transitioning to Skype for Business Online. Skype for Business Online will start rolling out on April 14^th!

If you read the recent announcement (http://blogs.office.com/2015/03/16/get-ready-for-skype-for-business/) you will know that Skype for Business Online is new solution that delivers on top of the enterprise capability Lync Online. The user experience is enhanced and consistent. I can even say from my personal experience, I have not missed a step as part of the transition.

Enterprise customers may however want to delay pushing the Skype for Business Online client to end users until the organization is ready from a change management perspective. That is not a problem. There are two ways you can control this. First, remember you as the administrator can control where your desktops receive their Office 365 ProPlus updates from; thus you have the ability to delay these updates. Second, there is policy available through PowerShell that will control what client is presented to the user Lync or Skype for Business. More information is located here - http://blogs.office.com/2015/04/01/whats-new-in-skype-for-business-and-how-you-can-take-control-of-updates/

MDM for Office 365 Released

It was announced back in October 2014 that a new MDM for Office 365 solution was being released. I wrote this at the time - http://www.astaticstate.com/2014/11/mdm-for-office-365.html.

The MDM for Office 365 capability has now going generally available. If you did not hear much about it, here are some quick points:

• MDM for Office 365 is subset of Intune features that is now available to Office 365 customers.
• MDM for Office 365 provides conditional access Office 365 email and documents. Apps such as Office Mobile, OneDrive and native email apps that use Exchange ActiveSync will trigger enforcement of policy.
• MDM for Office 365 provides new device management policies for PIN requirements and jailbreak detection.
• MDM for Office 365 provides enhanced remote wipe of Office 365 data without impacting end user personal data.
• This new MDM solution provides support across iOS, Android and Windows Phone.

Additionally, as part of MDM for Office 365 becoming generally available, there are some new TechNet articles that you should check out Overview built-in Mobile Device Management for Office 365 and the sub-articles within it - https://technet.microsoft.com/en-us/library/ms.o365.cc.devicepolicy.aspx. There are some great facts in here such as:

• Information on how to enable MDM for Office 365 on your tenant.
• Articles on how to perform common tasks such as creating policies, running reports, unblocking devices, how to perform a wipe, etc.
• There is a listing of the exact devices that are supported.
• Listing of mobile apps where MDM for Office 365 can be applied.
• Note Blackberry is not controlled by this solution.
• Note using a mobile browser to access is not controlled by this solution either. Organizations will rely on policies they enforce in general for browser based access to Office 365 services.
• Detailed listings of all the types of settings and controls that can be enforced by type of device.
• Note that MDM for Office 365 policies override Exchange ActiveSync (EAS) policies and device created in the Exchange admin center.
• Note it is recommended to block Exchange ActiveSync to unsupported devices. There are steps provided to do this.

ExpressRoute for Office 365

There was a big announcement for Office 365. Azure ExpressRoute will be a soon supported solution for customers to connect to Office 365. This will become available in Q3 of CY 2015.

Why is this such a big big deal? There are tons.

Secure Connection. The first reason that comes to mind is a new option for a secure connection. All Office 365 data in transit is encrypted yet that traffic still had to traverse over the public Internet. Up till this point customers had a few options to try to control that traffic. First customer could use ADFS Client Access Policies to control where authenticated traffic would originate from. They could use IP address ranges to say that all traffic must originate from the organization network or a VPN connection. However at the end of the day, that traffic would have to go over the public Internet. Second, customers had the option to connect to Office 365 at a network peering point where Microsoft is located (http://www.peeringdb.com/view.php?asn=8075). This required the customer to some work to get this set-up with a provider.

This all changes with ExpressRoute.

Connecting to Office 365 through ExpressRoute enables a customer to use a private network circuit; no more going over the public Internet. All data in transit will continue to be encrypted, and I would still recommend customers to consider using ADFS Client Access Policies. There will still be scenarios where an organization will want to support public Internet access to Office 365. This all depends on the end user connection scenarios the organization wants to support. The most common would be a remote employee from a mobile device.

Better Availability and Reliability. Using ExpressRoute to connect to Office 365 provides customers with a more consistent reliable connection. Up till now, customers will reliant on the public Internet to make a connection. Azure ExpressRoute provides a guaranteed availability of 99.9% uptime SLA to Microsoft networks. By default a customer will have two active circuits for high-availability. Additionally, an organization has the ability to provision multiple circuits for higher availability and redundancy. Large organizations will probably opt to provision regional connections via ExpressRoute and you can mix in different providers based on your needs.

Predictable Performance. Using ExpressRoute to connect to Office 365 provides organizations with more predictable performance. Before ExpressRoute, customers would be initially concerned about how the new network traffic patterns to the Internet would impact their enterprise architecture. Microsoft provides tools to estimate network bandwidth utilization for Exchange Online, SharePoint Online and Lync Online (https://technet.microsoft.com/en-us/library/hh852542.aspx). With Azure ExpressRoute your bandwidth is more predictable because you are connecting to the cloud over dedicated circuits and managed infrastructure. Plus ExpressRoute supports options up to 10 Gbps with multiple circuits. Customers are still going to want to use the previously mentioned tools to estimate traffic to Office 365 when using Azure ExpressRoute however customers will have the confidence they connecting to Office 365 in a controlled manner over dedicated circuits.

Connection to Azure and Office 365. If your organization is using Office 365 for SaaS services and Azure for IaaS/PaaS services, the same Azure ExpressRoute connections can be used to connect. If you already have Azure ExpressRoute for other Azure services, you will be able to expand it to Office 365 when it becomes Generally Available for Office 365.

Where you learn more about Azure ExpressRoute? Start here - http://azure.microsoft.com/en-us/services/expressroute/. There is a ton of documentation and FAQs available to you to start planning on this service.

How much does Azure ExpressRoute cost? If you want to find out more, go here - http://azure.microsoft.com/en-us/pricing/details/expressroute/. Note there is no additional cost to Office 365 itself. You need to only purchase Azure ExpressRoute.

Here is the public Office 365 Announcement for ExpressRoute - http://blogs.office.com/2015/03/17/announcing-azure-expressroute-connectivity-to-office-365/

Office Online Integration to Third-Party Partners

There was another really interesting announcement today from the Office 365 team.

There is a new Office Online Integration capability being offered to cloud storage solution providers to allow them to offer Office Online Integration and user experiences for files that are residing on other data storage platforms.

· This will enable Microsoft Word, Excel and PowerPoint files to be opened, viewed and edited on platforms other than OneDrive and OneDrive for Business.

· This drives on Microsoft strategy for continued support for devices and browsers across platforms.

· Partners can use Office Online to build previews of Office files into their solutions.

· Partners can use this as a way to introduce Office file editing into their applications.

· Consumer users do not need an Office 365 subscription nor do they need to log into Office Online. However if the user is an Office 365 subscription users need to use their subscription.

· The integration is achieved by 1) create a browser application with some javascript, and 2) implement WOPI REST endpoints on top of your service (ContosoDrive). Pretty straight forward.

· There is additional information referenced below for authentication, security, file conflict resolution, file IDs, versioning, desktop integration, etc.

Overall I find this direction very exciting.

For more information about the announcement read here - http://blogs.office.com/2015/02/17/new-cloud-storage-integration-office/

Microsoft have created the Office 365 Cloud Storage Partner Program which provides partners information on how to create integration points. Right now there is iOS menu integration and Office Online integration. There are targets to add more to this program. More details can be found here along with technical references - http://dev.office.com/programs/officecloudstorage

Here is the technical reference to actually start building this integration - https://msdn.microsoft.com/EN-US/library/dn913043.aspx.