Microsoft Teams – Blur your background experience

Microsoft  recently added a new feature of blur my background in Microsoft Teams. This feature is really cool. This helps participants to attend the meeting on the go  from anywhere like coffee shop, restaurant , even from home without worrying the background  and provide participants to focus only on the person attending the meeting.

Once we have joined the meeting, there is an option to choose blur my background.


Once enabled we see the background completely blurred. This is a rock solid feature which is more helpful when we are attending meeting from outside, home and do not need to worry about  on choosing  a right place to attend a video conference.


New artificial intelligence (AI) powered option from Microsoft uses facial detection to blur the background during video meetings.

Microsoft through  its machine learning technology brought intelligent meeting recording which will provide speech to text transcription capable of applying captions automatically and searchable transcript. These options will be available worldwide later this year and customers will be able to stream live and on demand events in teams.

Source –

Bulk Import local PST files to Office 365 mailboxes

In this article we will look at the steps to bulk import PST files to office 365 mailboxes.
There might be a scenario when a switch over from on premise to office 365 is done users might have maintained local PST files in network drive without an archive solution which is a bad practice.
When we run into these kind of scenarios its definitely not recommended to maintain this data in this approach.We might have bunch of pst files or probably more which might be 10 years worth of email that needs to be imported to the associated mailboxes.

There are 2 options to perform this action

Method 1: Use the free Azure service to upload the .PST files and map to the users mailbox.

Below prerequisites needs to be done:

1)So as a initial prerequisite move all the pst files to one central location which will be easier to perform the bulk import. If you have them in different sites then better to create one central location per site.

2)If we have more number of PST files and the data is more then create multiple jobs which will be better for tracking and not to choke the bandwidth and throttling.

3) The administrator will require a mailbox import\export rights to perform this operation.

Step 1:  Assign RBAC Mailbox import Export role to the required account. This can be done via power shell to connecting remote session to office 365 account or via Exchange admin console in office 365.






Once permission is granted navigate to data migration option setup  in the admin  page in office 365 admin URL – Here we need to select the option upload PST files.


Now Upload PST files go to New Import Job and type the Job name >> Next. Then check on Upload Your Data or hit on Next.


Now an import job window will appear. Here we need to click on Show network upload SAS URL and copy the URL by clicking Copy to clipboard. After that download Azure AzCopy for download the AzCopy tool and install the application.


Click on Azure AzCopy software and type the given command.

AzCopy.exe /Source:\\network path /Dest:”SAS URL” /V: give location  to save log file \AzCopy.log /Y


Note: We need to give the Sharing Permission for our file or folder where the PST file is present.

Navigate  to the import data window and check on the both preparing the mapping file’s option and click on Next.


Now in this import data we need to create the pst mapping and user in the excel file.


And upload the file by clicking the Select mapping file option




Once done we can see the pst files have been successfully imported to the associated office 365 mailboxes.

Method 2: Use a third-party solution for migrating PST to O365 Cloud Platform

Sometime we need  solution to import specific items from bunch PST file data into Office 365. So here we are going to discuss one more method which is a third-party tool for migrating PST to Exchange Online Mailbox.

I happened to have a look at this  MailsDaddy PST to Office 365 Migration Tool and it provides  security and easiness to Import all PST file data like emails, contacts, calendars, appointments, and attachments etc into o365 .

The tool carries advantages like:

Export the selected items only: It will show all the preview of PST file data and you can select the items and migrate them to O365 account. This is very much useful where in terms of an organization have restored a large mailbox from the old backup tapes for a legal issue. Here the exported huge PST from the backup can be taken and only the required important emails can be selected and imported to the user mailbox in online.

Date Range Filter: With the data filter option you can search the emails between the specific times and import only required data from PST file to Exchange online Mailbox. This option is also useful for cases where end user requires a restore of missing emails or a resigned employee from an old data from the backup and extract data only for last 1 year and importing them to the associated  office 365 mailbox.

Impersonation Option: Using this option, we will be able to migrate multiple mailboxes using sharing throttling and connection limits of each users. To use the impersonation export option, users must have application impression rights and full access to the admin account.

Bulk export Option: With this option, we can export multiple PST files into multiple mailboxes by mapping all mailboxes using a CSV file.

Below are the steps to use the Mails Daddy PST import tool :

Step 1: We can download this application and install it.

Step 2: Once it installed launch this software. After that click on Add file to upload the PST file.

Step 3: Once we click on upload the PST the software it will show all the preview of the PST file data.


Now we can select the mail, contacts, calendars, appointments, and attachments etc. if we need to export only selected items.
Click Export button to import all data from PST into Office 365.
Now select the provide export option and put the Office 365 Mailbox ID and password>> click Export.

Here we have 3 options export  all folders , export selected folders, export to primary mailbox and export to archive mailbox.


Once the export is clicked the  selected emails will be imported to  associated office 365 mailboxes successfully.

Steps to enable vault cache in Enterprise Vault

In this article we will have a look at enabling vault cache in veritas enterprise vault.

What is Vault Cache?

Vault cache is like a personal folder  or local copy  of their archived data which can be enabled and presented to end users in outlook. This can be  limited based on size of the file  and  can be enabled only for few users based on the requirement.

When this option is enabled it is provides  a local pst folder mapping  of users archived data to end user  through virtual vault. This wizard starts automatically once after we enable this option on server side and we need to run this setup only once from the end user side.

Follow the below steps to enable vault cache in enterprise vault:

Logon to Enterprise Vault – expand the policies container – navigate to  exchange  desktop policy  and select properties – click on Vault cache tab Click on enable – make vault cache available for users.

Once done we get the below warning to ensure that the cache location have enough space in addition to other vault operations that takes place from this location. Because enabling this option adds extra files in this location during the end user actions.


We can check the vault cache location  and cache size in below location

Open vault admin console – navigate to enterprise vault – right click on ev server properties – click on cache tab- Make sure that you have added some extra space based on the number of users that we are going to assign this policy to end users


Once enabled we have the following options

we can allow users to decide whether they can choose this option or leave them not to enable and access from EV store.

We have option to limit the archive download on GB. When this option is enabled  and it reaches the maximum level the oldest item is deleted and later the new items are copied over here.

In content strategy we have  3 options

Do not store any items in cache:

When this option is enabled only item headers are synchronized in the  vault cache and the content still remains in the vault store partition.

Store all items:

When this option is enabled it stores the item headers and the content from the server and maintains them as a local copy.

Store only items that user opens:

When this option is enabled it stores the local copy of headers and content of  only the items users retrieves from the client.

The rest below features that we see are the outlook client options that we can control on the end users based on our requirement.


There are few more features in the advanced tab which helps admins to determine the vault cache settings and provide them based on the requirement.

On switching to advanced tab – list settings from vault cache

We can specify the download age limit. Default vault is 0. This helps  admins to control the size of the download cache to the clients.


We have an option to control the download age limit from server side and not providing this option to end user to make decision.


There are few more options which can be modified based on our requirement.

The most important thing is that we have an option to enable this feature for the delegated archive. We have option to enable all type of archives, default archive only the user mailbox and all mailbox and shared archive. This setting is mandatory required if we need to enable Virtual Vault for archives other than a user’s default archive.


Below are the advantages of virtual vault:

  1. User will be to access archived items when offline  even when they are away from internet connection.
  2. Users can perform parallel multiple retrievals at the same time and will come from local content directly.
  3. Virtual Vault looks exactly like a mailbox or mapped PST file. This makes the users comfortable on opening the archived items directly and not from shortcuts. They can drag and drop items to and from mailbox to virtual vault.

Points to consider:

  1. When we enable this option and disable for end users no new vault archives will be enabled for users, however the old downloaded archives will still be present.
  2. A Vault Cache is a local copy of a user’s Enterprise Vault archive and stored on the users local computer.  As a best practices its preferred not to store content locally due to security reasons. However enabling this provides improved search and items retrieval for end users. So an  Encryption – either at the folder or the drive level is recommend.
  3. After enabling this option on server side its recommended to limit the data on the machine side and not to download all the content since it requires disk space on the client.

Thanks & Regards 
Sathish Veerapandian

Product Review – Stellar Mailbox Extractor for Exchange Server

Stellar Mailbox Extractor for Exchange Server – Product Review

Exchange administrators face a wide range of nightmarish scenarios through their working career. Handling corrupted databases, restoring files from backup, extracting data from an old employee’s computer are some examples of situations that every Exchange administrator wants to avoid because they are complex and time-consuming. Unfortunately, they end up facing these scenarios more often than they like.

But the good news is there are tools like Stellar Mailbox Extractor for Exchange Server that can make your job a lot easier.

What is Stellar Mailbox Extractor for Exchange Server?

This is a handy tool to have in your arsenal as it is designed to extract data from clean EDB files and to connect directly to the Exchange environment. It can also be used to mass export data from an existing environment to other formats like PST.


Let’s look at some of its prominent features to get an idea of what it can do for Exchange administrators like us.

  • Converts a mailbox from EDB format to other formats such as PST, MSG, EML, HTML, RTF and PDF
  • You can convert multiple mailboxes
  • Gives you the option to search for a particular content in your mailbox. The filters are advanced and offer a ton of flexibility.
  • Converts archives mailboxes to PST
  • Compatible with many versions of Exchange Server.

These features have been tremendously helpful for many Exchange administrators.

Ideal situations

This tool is handy because it saves time and effort in many common situations and problems. Here are a few where this tool would prove to be invaluable for you.

Extract Mailboxes

This is the most perfect tool to extract mailboxes from EDB file to PST. As an administrator, this extraction task has been an integral part of my working life, and Stellar Mailbox Extractor for Exchange Server saves a lot of time for me. It also takes away the mundane side of the job.

One aspect I truly love is its user interface which is almost identical to the Mailbox Extractor tool. So, there is nothing much to learn or experiment here; everything is fairly straightforward.

Mass Exports

Another ideal situation for this tool is when you want to do mass exports from the existing environment to PST and other formats. Our organization often uses this tool for migration, where we export mailboxes from one Exchange environment to another.

Though these are some of the prominent uses of Stellar Mailbox Extractor for Exchange Server, you can end up using it in many other situations as well.

Installation and Use

A salient feature of this tool is its easy interface.

Extracting content from mailboxes and exporting them to other formats is extremely complicated. But this tool masks the complexity behind a simple and intuitive user-interface. As a result, you simply stare at good looking screens, oblivious of what’s happening in the background.

This way, you are not only spared of the complex processes, but this interface makes it highly usable for anyone. You don’t have to be an Exchange administrator with many years of experience and in-depth knowledge to use it. Even novices can use this tool comfortably.

With all that said, let us briefly see how we can use this tool.

When you double-click on the exe file, the installation wizard starts the process. There is really nothing much for you to do, as the wizard takes care of everything.

After installation, when you open the tool, you’re given two choices to start off. You can either open an offline EDB file or connect to Online Exchange.


You can even view the folder structure of each mailbox and the contents within each folder on the left hand side pane. As you expand the tree structure, you can navigate your way.

You can right-click the folders at any time and you’ll be given a set of formats to which you can convert.


These formats give you a ton of flexibility to view and migrate your data at any time.

Another cool aspect about this tool is that you can view individual mails, contacts, notes, attachments and pretty much everything else stored in your EDB files.

There are even search criteria that help you to zone in on the messages you want to see.


The search feature is advanced and helps you to quickly find what you want. The available fields include:

  • To
  • From
  • CC
  • Subject
  • Text in the body or email
  • Attachment name or file extension
  • Date range

Once you find the content you want, you can convert it into any of the recognized formats. Simply choose your content and select ‘Save’ or ‘Right Click on tree item’ in any of the following formats.

  • PST
  • MSG
  • EML
  • RTF
  • HTML
  • PDF
  • Office 365

Alternately, you can export the contents to a Live Exchange Server directly. In fact, you’ll be able to connect to an individual mailbox or all mailboxes, depending on your scenario.

Overall, Stellar Mailbox Extractor for Exchange Server is a great tool that eases the work of Exchange administrators and this is why it makes sense to have this tool on hand always. Its simple interface and powerful capabilities are sure to make exporting data from Exchange mailboxes a breeze and hassle-free task.

This tool would definitely be a major help in environments where the backup solution and exchange have been decommissioned on older exchange databases, which was taken 10 years back.Due to critical legal requirements there might be a need to extract mailbox or particular email from an employee who was resigned 10 years back. All we need is the older backup tapes should have this edb file and we can bring them to clean shutdown even if they are not present in that state and extract users data with no hassle with this tool.

Enable DLP for outgoing emails in Cisco Iron Port

Data Loss Prevention prevents the sensitive organization’s proprietary information by detecting before transit through ex-filtration transmissions and continuously monitors them to protect all types of data loss. The organizational data leak mostly happens when the end users unintentionally emailing sensitive data from our network which leads to Data leak Incidents.
There are many ways to achieve this and in this article we will look into how to prevent the data loss with the options present in Cisco Iron Port Email Gateway Solution.

Basically in any DLP there will be two actions involved :

Data Match: Where the DLP application scans the email body, header and attachments for the sensitive content created based on the DLP policy rules.

Action: Once any emails are identified to be sensitive, based on the DLP policy where it was blocked action types can be drop,quarantine or deliver with disclaimer and notify an admin or manager or recipient based on the policy and document classification.

Below are the steps to enable DLP on Cisco Iron Port-

Login to Cisco Iron Port – Select security Services – Click on Data Loss Prevention


By Default this option will be enabled – but now we need to creation DLP policies and action types based on our requirement.

Better to enable Content logging which will appear in message tracking and better in troubleshooting.


In this example we will run through the DLP wizard which will have few popular policies which are common. Adding custom policies are very much possible via cisco ironport and there are more options to add custom.

An Example of enable matched content logging when DLP is enabled. This will help Admins to debug and find the reason why the email was blocked.


There are more common used cases and in our example we can choose PCI-DSS which is most sensitive and must be enabled  especially for the Finance teams.


Here we have an option to enable the DLP reports


Once done in the outgoing mail policies will be configured for PCI-DSS we created.


And in this policy we can edit and choose the inbuilt DLP  dictionaries based on our requirement.


There is an option to add custom also.


In Mail Policies there is an option to apply only for few users sent or in the recipient list.


Options to add attachments is present


The Severity settings can be altered below


The severity scale can be altered based on the policy and our requirement


Custom classifier can be added


In the classifier we have an option to choose templates from dictionary and entity



Once Done based on the policy and action DLP will be working for outgoing emails.

Imp Notes:

    1. Before implementing DLP in any environment it requires lot of study in multi phase , closely working with security team and implementing purely based on the document classification.
    2. Need to understand how the sensitive data is currently handled by all the teams, identify the current risks. Post analysis the required action plan of creating policy and action must be done.
    3. End user awareness session is very important to deal with DLP. Advising to use more secure channels in Enterprise File Share DRMS solutions only for dealinig with sensitive documents for finance teams can be advised.
    4. Any DLP policies we create must have Audit and notify manager which will create awareness on employees and easier for tracking.

Thanks & Regards
Sathish Veerapandian

Microsoft Teams- Consult before transferring a call & HoloLens Remote assist

Calling in Teams is powered by Phone System (formerly known as Cloud PBX), the same service in Office 365 that enables PSTN calling capabilities in Skype for Business Online.

The Phone System feature set for Skype for Business is different from the Phone System feature set for Teams.Also With Direct Connect we can use our existing  PSTN Telephony system through an SBC . To connect the on premise SBC to Microsoft Teams a sip proxy is used to connect to

Microsoft Teams have a new feature consult before transfer.

By using this option we can help the  wrong callers calling our extension to reach the right person.

This feature lets you quickly check in with another person via chat or audio call before transferring a call to them

Anyone with an Enterprise Voice license can do this, not just delegates! To try it, when you’re in a call, click More options (…) > Consult then transfer.


Call someone on a HoloLens –

Microsoft introduced the remote assist option for HoloLens users via Microsoft Teams.


By using this option we can collaborate remotely to our Microsoft Teams Colleagues list. In remote assistance they can  perform reality annotations, we can show them  what we see , place arrows, draw lines and share images with our colleagues.


  1. This works from the Teams desktop app from Windows 10 PC.
  2. Need to have the remote assist app installed on the holo lens.


Email Security – Enable Sand Boxing ATP on Cisco Iron Port

Cisco Advanced malware protection uses Cisco Threat Intelligence Extensive latest threats and security trends Knowledge base Analytics and behavioral indicators which will help us to defend in latest spear phishing  and malware attacks.

This will basically fall under  advanced threat capability  category which is capable of providing additional layer of security.These ATP have retrospective detection alerts which is capable of tracking malware alerts which was successful through initial defenses.

AMP is the recent name given to this advanced threat detection by most of the security systems  where it has following:

  1. A separate private isolated environment where it has Implementations for multiple attack vectors/entry points (firewall, network, endpoint, email.
  2. Ransomware/Malware Threat prevention.
  3. Retrospective alerting and remediation techniques.

Usually AMP works in the following fashion for any email security system :

Preventive Measure – Strengthens the defense mechanism by having upto date latest malware attacks and defense mechanism from respective real time threat intelligence service.
Ironport uses Talos Engine –
Using this technique the malicious content will be blocked.

Threat Analysis in Transit of Emails – During this process the file is analyzed as an end user PC(windows/MAC) in a isolated network to detect malware, experience file behavior and mark threat level if at all detected. If the sand boxing is not enabled in local on premise them it captures the fingerprint of each file which hits the gateway and will send them to their AMP cloud based intelligence network. Here we have an option to select which types of files that needs to be analysed via this AMP in most of the gateways.

Tracking after Delivery- In this step it uses continuous analysis which will help to identify if there are any malicious file which are capable of performing any malware attacks after certain period of time. By using this AMP will be able to find the infected source and then alert the admin and visibility till the infected file.

In this article we will have how to enable AMP in cisco ironport.

Login to the  appliance –  Navigate to security services – Advanced Malware protection – Select File reputation and analysis.


If its enabled we will be getting the below screen. To further fine tune the settings click on edit global settings


Click on – Enable file reputation.


This is used to protect against zero-day and targeted file-based threats.

Following actions are performed After a file’s reputation is evaluated:
• If the file is known to the file reputation service and is determined to be clean, the file is released to the end user.
• If the file reputation service returns a verdict of malicious, then the appliance applies the action that we have specified for such files.

We have Enable File Analysis-

This needs to be enabled. We have almost for all the attachment types.




File Analysis works in coordination with File reputation filtering. When this option is enabled attachments in emails will be sent to file analysis. Here we have the option to choose the file types which we need to perform the analysis. Be very choosy in this section keep in mind that since there is analysis enabled on this file it will take little few minutes to deliver the mail to end user when compared to a user who does not have AMP enabled for their account.

If the file is sent for analysis TO SANDBOXING (cloud or onprem based on setup):
• If the Selected file type is sent to the cloud for analysis: Files are sent over HTTPS.
Also the appliance generates an identifier for each file using a Secure
Hash Algorithm (SHA-256)
•Usually Analysis normally takes minutes, but may take longer based on the size and file type.
• Results for files analyzed using an on premises Cisco AMP Threat Grid appliance are cached locally

Advanced settings for file reputation –  Here we need to select our Sand boxing environment based on our configuration. If we are using cloud AMP then we have 4 regions to select based on our requirement.


There is an option  to register appliance with AMP for endpoints.Make sure you have a user account in AMP for Endpoints console with admin access rights. For more details on how to create an AMP for Endpoints console user account, contact Cisco TAC.


If we have local on premise AMP setup then we need to select option private reputation cloud and add the required details.


We have the same option cloud or on prem for file analysis

If specifying the cisco cloud server, choose the server that is physically nearest to your
appliance. Newly available servers will be added to this list periodically using standard
update processes


If we choose our own private cloud then we need to  use the self signed cert or  upload one certificate.This is required for encrypted communications between this appliance and yourprivate cloud appliance. This must be the same certificate used by the private cloudserver. I prefer to have one SHA256,2048 bit certificate generated from internal CA and apply them on the private cloud as well as the appliance for this connection alone.


This settings is optional which we can leave as it is or if you want to configure the cache expiry period for File Reputation disposition values.


Once enabled the files enabled in AMP will be passed to them after antivirus engine.

We can see the files blocked in the AMP in the incoming mail dashboard.


Imp Notes:

  1. An AMP subscription is required to enable this functionality.
  2. Advanced Malware Protection services require network communication to the cloud servers on port 443 (for File Reputation) and 443 (for File Analysis). If there is no communication  the file types enabled for AMP will be sent to quarantine folder even if they are clean. Below error message will be received if no communication is present to cloud server in incoming  email header.


Thanks & Regards
Sathish Veerapandian

%d bloggers like this: