The Edge Transport server role

Overview of Server Roles in Exchange Server 2010
In Exchange Server 2010, servers are installed with specific functional roles:
• Hub Transport Server role
• Mailbox Server role
• Edge Transport Server role
• Client Access Server role
• Unified Messaging Server role
Enterprise Level Fault Tolerance
Database Availability Groups
SAN hosted Databases
Personal Archives of PST files
Shadow Redundancy
Centralized access through Client Access
Server arrays allow hardware load balancing
What Is a Database Availability Group?
A DAG is a collection of servers that provides the infrastructure for replicating and
activating database copies. DAGs:
• Require the failover clustering feature, although all installation and configuration
is done with the Exchange Server management tools
• Use Active Manager to control failover
• Use an enhanced version of the continuous replication technology that Exchange
Server 2007 introduced
• Can be created after the Mailbox server is installed
• Allow a single database to be activated on another server in the group without
affecting other databases
• Allow up to 16 copies of a single database on separate servers
• Define the boundary for replication
What Is Active Manager?
Active Manager:
• Runs a process on each server in the DAG
• One node is the Primary Active Manager
• Remaining nodes are Secondary Active Managers
• Manages which database copies are active and which are passive
• Stores database state information
• Manages database switchover and failover processes
• Does not require direct administration configuration
How Are Databases Protected in a
Continuous replication protects
databases across servers in the DAG
Understanding the Failover Process
If a failure occurs, the following steps occur for the failed database:
Active Manager determines the best copy to activate
The replication service on the target server attempts to copy missing log files from
the best “source”:
• If successful, the database mounts with zero data loss
• If unsuccessful (failover), the database mounts based on the
AutoDatabaseMountDial setting
The mounted database generates new log files (using the same log generation
Transport dumpster requests are initiated for the mounted database to recover lost
When original server or database recovers, it determines if any logs are missing or
corrupt, and fixes them if possible
How Personal Archives Work in
Exchange Server 2010
Exchange Server 2010 Personal Archives require a secondary or archive mailbox for
the user
The Personal Archive:
• Must be in the same mailbox database as the
primary mailbox
• Appears as a folder in Outlook 2010 or Outlook Web App
• Is indexed and searchable
• Is not cached in Outlook
• Can be managed using messaging records management
Personal Archives can help organizations meet legal and corporate requirements by
ensuring that all messages are stored
in an Exchange server mailbox
Disaster Mitigation Options in
Exchange Server 2010
Loss of a message
Loss of a mailbox
Loss of a database
or server
Logical corruption
in the database
Mitigation Option
• Configure recoverable items folder and deleted
item retention settings
• Recover messages from backup by using the
recovery database
• Configure and use mailbox retention settings
• Configure hold policy, and recover it
• Back up the Exchange Server data, and recover
database to a recover database
• Create a DAG on another server
• Recover the server from backup
• Install Exchange with /m:RecoverServer option
• Create a lagged database copy in a DAG
• Backup the Exchange Server data, and recover
Disaster Recovery Options for Mailbox
Exchange Server 2010 provides theServers
following disaster recovery features for Mailbox
• Disaster recovery with DAGs
• Mailbox servers in a DAG can host other server roles
• Point-in-time database snapshot with lagged copy of DAG
• Recovery database to recover mailboxes, folders, or items
• Lower cost of DAG backup compared to existing backup
What Is Database Mobility?
Database mobility enables you to move mailbox databases between Mailbox servers
To move a mailbox database to another server:
• Perform a soft recovery on the database
• Create the destination mailbox database
• Move the database files and mount the database
• Reconfigure the user mailboxes
High Availability Solution for Mailbox
Mailbox data high availability: Servers
• Single database failover
• Requires failover clustering feature
• Allows up to 16 copies of each database
• Allows up to 14 days for lag copies
Public Folder high availability:
• Leverages Public Folder replication
• Is similar to previous Exchange Server versions
What Is the Transport Dumpster?
The transport dumpster:
• Protects against Mailbox server failures when transaction logs have been lost
• Keeps copies of all messages delivered in the transport queue (mail.que) until
the transaction logs have replicated to all servers in the DAG, or until the
maximum dumpster size is reached
• Redelivers missing e-mail messages when a failure occurs
How Shadow Redundancy Provides High
Availability for Hub Transport Servers
Transport server delays message deletion until it verifies that the message has been
delivered past the next hop
External SMTP
Mail Server
Exchange 2010 integration with the
• Integrates with Office 365
• On Premise Mailbox server with:
– Hosted Client Access Server
– Hosted Hub Transport Server
– Hosted Lync Server uses on-premise mailbox DB
Options for Integrating Exchange
Server 2010 and Exchange Online
Exchange Online Services:
• Is part of the Business Productivity Online solution
• Enables e-mail and calendar functionality hosted
by Microsoft
• Enables e-mail co-existence and migration of mailboxes
and global address lists
• Enables both on-premise and hosted mailboxes
with Exchange Server 2010
Powershell 2.0 and Exchange
Management Shell
• Version 2.0 provides Remote Management
• Exchange Management Shell is a superset of
What Are the Exchange Management
Shell and Windows PowerShell?
• The Exchange Management Shell is a command-line interface used for
administering Exchange Server 2010
• The Exchange Management Shell is built on Windows PowerShell 2.0 remoting
• Windows PowerShell is an extensible scripting and command-line technology that
developers and administrators can use to:
• Perform a specific task
• Combine cmdlets to perform complex administrative tasks
The Benefits of Remote Windows
Remote Windows PowerShell 2.0 enables:
• Role Based Access Control
• Client/server management model
• Standard protocols allow easier management through firewalls
Exchange 2010 provides ongoing
protection through:
• Discovery Group
• ALL e-mails go through the Hub Transport
• Domain Security filtering
What Is the Edge Transport Server
The Edge Transport server role provides:
Internet message delivery
Antivirus and anti-spam protection
Edge transport rules
Address rewriting
The Edge Transport server role:
Cannot be deployed with any other server role
Should not be a member of the internal
Active Directory domain
Should be deployed in a perimeter network
Forefront Protection 2010 for Exchange
Benefits of Forefront Protection 2010 for Exchange Server include:
• Antivirus scan with multiple scan engines
• Full support for VSAPI
• Microsoft IP Reputation Service
• Spam signature updates
• Premium spam protection
• Automated content filtering updates
Forefront Protection 2010 Deployment
You can install Forefront ProtectionOptions
• Only on an Edge Transport server or a Hub Transport server
• On an Edge Transport server or a Hub Transport server
and a Mailbox server
When installing Forefront Protection 2010, consider:
• The number of scan engines required
• The types of scan engines that should be used
Overview of Spam-Filtering Features
Filters messages based on:
The IP address of the sending SMTP server
Content Filtering
The message contents
Sender ID
The IP address of the sending server from which
the message was received
Sender Filtering
The Sender in the MAIL FROM: SMTP header
Recipient Filtering
The Recipients in the RCPT TO: SMTP header
Sender Reputation
Several characteristics of the sender, accumulated
over a period of time
Attachment file name, file name extension, or file
MIME content type
How Exchange Server 2010 Applies Spam Filters
Exchange Server 2010
Edge Transport server
IP Allow List
Connection Filtering
IP Block List
Sender Filtering
Recipient Filtering
Sender ID Filtering
Content Filtering
Outlook Safe Senders
Exceed SCL Threshold
Below SCL Threshold
What Is Domain Security?
Uses mutual TLS with business partners to enable secured message paths over the
Internet & shows an icon in Outlook
To set up mutual TLS:
• Generate a certificate request for TLS certificates
• Import and enable the certificate on the
Edge Transport server
• Configure outbound Domain Security
• Configure inbound Domain Security
When to Use SharePoint Instead of
Public Folders
Using Public Folders?
New to Public
SharePoint may be a
better option
SharePoint is a better
Calendar Sharing
Depends on Outlook
Integrates with
Contact Sharing
More difficult
Sharepoint aggregates
Discussion Forum
Less dynamic
Sharepoint is better
Group Archive
No need to move
Use either
SharePoint may be a
better option
SharePoint may be a
better option
No need to move
Use InfoPath
Client Access Changes
Outlook now goes through CAS
HW load balanced CAS arrays
Exchange Control Panel
Access File Shares
Access Sharepoint Libraries
Allows Web Ready documents
How Client Access Works
Client Access
Services Provided by a Client Access
Server for Outlook Clients
RPC Client Access
Enables MAPI connectivity to user mailboxes
Enables automatic configuration for Outlook
and mobile clients
Provides free or busy information
Provides notifications regarding issues with
sending a message
Provides offline address book download for
Outlook clients
Offline Address Book
Exchange Control
Panel (web Based)
Provides User & Administrative
interface for accessing mailbox and
recipient information
Exchange Web
Provides a developer interface for accessing all
Exchange server content and settings
Service Outlook
Enables RPC over HTTPS access to user
Introducing the Exchange Control
ECP provides Web-based user access to self-manage:
• Outlook Web App features
(signature, message options, etc.)
• Deleted item recovery
• Inbox rules
• ActiveSync (report wipes, logs)
• Automatic replies
• Text message configuration
• Report delivery
• Account information (location,
phone numbers, etc.)
• Call Answering Rules
• Public groups
What Is File and Data Access for
Outlook Web App?
File and data access for Outlook Web App enables users to access attachments and
files stored on other servers
With file and data access, you can configure:
WebReady document viewing
Direct file access
Different settings when users connect from public or private computers
Access to files stored on Windows SharePoint Services servers and Windows
file shares
Restrict access to files based on file types or internal servers

similar documents