notempty
Deployment and configuration of "UMA as a Service" - cloud-based email archiving
Last adaption: 11.2021
- New:
- Hinweis, zum Import von E-Mails
Reasons for using UMA as a Service
Managed services in IT security is much more than just offering technical solutions. Managed service means being able to offer a defined service for small environments both cost-effectively and with high availability at no cost for your own infrastructure.
UMA as a Service offers these advantages to your customers:
- Legal advantages:
- Signing of emails and documents with qualified time stamps
(manipulation-free and court-proof archiving.) - Audit-proof email archiving to the highest standards
- Compliance with legal requirements,
- GoBD (Grundsätze zur ordnungsmäßigen Führung und Aufbewahrung von Büchern, Aufzeichnungen und Unterlagen in elektronischer Form sowie zum Datenzugriff / Principles for the orderly keeping and retention of books, records and records in electronic form and for data access)
- German Commercial Code (HGB)
- German Tax Code (AO, Abgabenordnung)
- Basel II
- BSI TR 03125 (Technische Richtlinie des Bundesamt für Sicherheit in der Informationstechnik / Technical guideline of the Federal Office for Information Security, national cyber security authority in Germany)
- Rule-based storage
- Automatic storage based on legal archiving periods
- Signing of emails and documents with qualified time stamps
- Operational advantages:
- Increases the performance of an existing mail server and releases storage capacity by outsourcing historical emails.
- Powerful search engine for emails and documents
- Sorting, categorization and indexing of emails and documents
- Permanently reduces email storage costs by rule-based deletion of unneeded emails.
- Data backups are significantly simplified with UMA
In addition, UMA as a Service offers the following advantages for resellers:
- It is multi-client capable for up to 50 customers.
- Provision of up to 500 mailboxes
- Optimization for Office 365
- No change to the customer's infrastructure is necessary
Securepoint supports you with these services:
- Complete provision
- Journal email mailboxes
- backup
- monitoring
- Updates and Support
Organizational requirements
The Managed Service "UMA as a Service" can be ordered either via the TERRA CLOUD Center or via the api Cloud.
For an order in the TERRA CLOUD Center, the account there must be linked to a corresponding Securepoint Reseller Account. This is configured in the settings (gearwheel at the bottom left) under "My additional services" → "Securepoint".
After successful linking you will find our products under: "TERRA CLOUD" -> "Security as a Service". If you have any further questions regarding the ordering process, please contact the WORTMANN AG Security Team (e-mail: security@wortmann.de). Please use only the URL www.terracloud.de for orders.
For an order via api Cloud the account there must be linked with a corresponding Securepoint Reseller-Account. This can be configured in the settings (gearwheel at the bottom left) under "My additional services" > "Securepoint".
If you have further questions about the order process, please contact the api Security Team (e-mail: security@vad4u.de).
The service is provided by the company Wortmann AG and hosted on their servers in Germany and configured and maintained by Securepoint.
If the service is provided, a mail with the required credentials will be sent.
The password for administrator access is communicated by telephone and must not be changed! We need the credentials for the maintenance of the Managed Service (updates, monitoring etc.) !
Dieser kann über die Terra Cloud, die api Cloud oder direkt über Securepoint gebucht werden.
Konfiguration
Create e-mail domains
System Settings / Mailserver
By default, email addresses are provided for receiving mails for archiving under the domain archiv.securepoint.cloud. This access is already preconfigured.
Additional domains can be added whose access must be configured in the Remote email accounts section.
Remote Mailserver settings | ||
---|---|---|
Email domains: | ttt-point.onmicrosoft.com Example for Office 365 domain |
Submit email domain with add See also the wiki article on Office 365 accounts. In order to archive an email for an account, the complete email domain must be stored here. |
The administration center allows further settings, which should however not be changed in any case without consulting our support.
Changes only after consultation with our support! | ||
Remote Smarthost Settings | ||
---|---|---|
Not configured | ||
Remote email accounts | ||
At this point, the central mailbox is configured where all emails to be archived arrive. The assignment to individual users with their mail addresses is done in the Accounts tab or UMA NG v3 (New or Upgrade from June 15, 2020): on the Mail Accounts . With Add account additional mailboxes can be configured. | ||
Name: | Xnnnnn | Name of the connection to the server Wird von Securepoint vergeben |
Servername: | imap.archiv.securepoint.cloud | Adresse des Servers, auf dem die zu archivierende Mails eintreffen. Wird von Securepoint vergeben |
Protocol: | Auto | The protocol used (POP3 or IMAP) with which the UMA collects the emails from the mail server. With the AUTO option, the UMA automatically searches for the protocol used on the mailserver. |
Username: | Xnnnnn | User name used to log on to the mailserver. |
Password: | •••••• | Password for logging on to the server on which the mails to be archived arrive. |
Fetch Mails Every: | 1 Minute (Default) | Frequency with which the mails are collected |
Keep Mails | Activate only for test and verification purposes, otherwise the mailbox will overflow. | |
SSL: | Required | |
Disable MS Journal-Envelope Autodetection | With activation the detection of the header entries "MS Journal-Envelope" is switched off. BCC recipients are not in the original mail header. Detecting the header entries "MS Journal-Envelope" enables the UMA BCC recipient to detect them in the Exchange header and assign them to a user account. | |
Max. E-Mail Size: | Disabled | Can be set between disabled and 1- 100MB. |
Configuring User Accounts
System Settings / Mail Accounts
User Repository | |
User repository | |
---|---|
Local usersLocal users |
Only local user lists can be used. To be able to use AD or LDAP directory services an UMA as Hardware or VM is necessary. |
Local users | |
Add userAdd user | |
Username: | Username for access to the UMA email archive. ( user-definable) The username cannot be changed later anymore. We recommend absolutely to provide the username with a customer-specific prefix. This ensures an overview when displaying the accounts and avoids problems with identical names! |
Password | Password, for access to the UMA e-mail archive |
First Name: | First name of the user |
Last Name: | User's last name |
Mail address to which the user has access, e.g.: user@ttt-point.onmicrosoft.com . Here several addresses can be defined with hinzufügen. In order for the emails to be archived, the corresponding mail domain (here: ttt-point.onmicrosoft.com) must be entered under / Remote Email Server Settings. | |
Save Completion of the process | |
CSV ImportCSV Import | |
A .csv file with the following format can be imported: | User ID, password, first name, last name, email, further email Any number of email addresses can be specified. The content of the .csv file must be UTF-8 encoded and without header line. |
Selecting an Import File | |
Import Completion of the process | |
CSV ExportCSV Export | |
Download | The user list can be exported with the following information: User ID, password, first name, last name, e-mail, other e-mail addresses The content of the .csv file is UTF-8 encoded and without headers. |
Select Accounts Select Accounts to store
| |
Enable manual select | |
Choosing this option allows you to restrict archiving to individual accounts. When removing mail accounts from archiving, it must be noted whether legal regulations on storage are affected! | |
User Search | Immediately filters the displayed accounts for contained characters. |