Message Server Integration Guide › Microsoft Office 365 Exchange Server Integration › Deployment Architecture

Deployment Architecture

The following diagram summarizes the deployment architecture for CA Data Protection integration with Office 365 Exchange Server and Sendmail. The CA Data Protection Milter MTA agent enables integration. This agent can reside directly on the Sendmail email server, or on a separate Linux machine.

To enable communication between Unix or Linux machines and the CA Data Protection policy engines running on Windows servers, the Milter MTA agent uses the CA Data Protection Socket API to call the CA Data Protection External Agent. The External Agent in turn establishes a connection with a local policy engine hub. The hub then distributes the Sendmail emails to policy engines for processing. Alternatively, the External Agent can pass e‑mails directly to a local policy engine (not shown in the following diagram).

Microsoft Office 365 Integration

In a typical Microsoft Office 365 integration, the followings steps show how CA Data Protection monitors and controls emails transiting from Sendmail servers:

1. Emails sent internally transit through the Office 365 Exchange Server.
2. The Sendmail MTA operates at the Internet boundary. Emails leaving the company or arriving from an external source are processed by Sendmail. These messages are forwarded to the CA Data Protection Milter MTA agent (3).
3. Hosted on a Linux machine, the Milter MTA agent uses the Socket API (4a) to pass emails to CA Data Protection.
4. Hosted on a Windows machine, the Socket API (4a) sends Sendmail emails to a local policy engine or hub (4b). This example shows a local hub. (When installed with the Socket API, policy engine hubs are technically known as Remote PE Connectors).
5. The hub then distributes emails to policy engines for processing. The results of any policy processing are returned via the hub to the Milter MTA agent, which in turn relays any resulting actions back to the Sendmail server.