An Exchange installation question over a WAN

Posted on 2007-08-02
Last Modified: 2010-03-06

We are a charity and a following a kind donation from Microsoft and a benefactor, we are having Microsoft Exchange installed within our organisation, along with other things.  Our benefactor has also kindly organised for an IT Engineer to install our equipment but he has admitted that Exchange isn't his area of expertise and so I would just like to check that we aren't going to do something disastrous without hurting our Engineer's feelings.

Basically, we will have a main Exchange server installed in our Central office.  Each of our regional offices will also have their own exchange servers.  Our central office is connected via VPN to each regional office (but the regional offices are not connected to each other).  As we have no license concerns, it was decided that each regional office would have their own server which would act as a file server, domain controller and exchange server.  Each region only has about 10-15 staff and so I am sure that the new kit can handle this.  We decided upon this structure as sometimes the regions have unreliable broadband connections (or at least the regional managers feel that they have unreliable connections) and we did not want them to be completely lost if their connection to a central server was lost.

However, I want to check that we get our settings right.  I read about things like Bridgehead servers and I wondered whether we had to ensure that certain things were in place or can we rely on the way that Exchange installs itself at each region, as we add each server to the organisation. For example, how will a staff member in Region A email to a staff member in Region B if there is no direct VPN link.  Will Exchange work out that it has to route via our central server.

All advice will be gratefully received
Question by:baileytibbs
    LVL 10

    Accepted Solution

    You shouldn't need to worry about bridgehead servers. That is more for large organizations with multiple exchange servers in each location so you can designate one of them to handle email across the WAN.

    As far as sending email from one RO to another, as long as IP traffic is being routed between them, then it should work fine. The messages wouldn't be routed through your central exchange server, but instead, it would try to talk directly to the destination server, so it depends on how you have routing set up in your org. If this isn't the case, I think you can designate that messages would be routed through your central Ex server, but I'm not sure how this would be done (maybe then your central Ex would need to be a bridgehead server).
    LVL 104

    Expert Comment

    If you are using multiple servers where they don't have direct VPN connections you are going to have to look at routing groups and routing group connectors to ensure that the email flows between the servers correctly.
    Although if you only have ten users in each site, I would find it hard to justify a server in each site, even with no licensing concerns.
    Have you considered things like backups, antivirus and antispam protection for all of those sites?
    The bridgehead servers do play an important part in the message flow, as the bridgehead is the server that email goes out to the internet through. Get it wrong and email could be going a long way round, taking many hops, or not at all.
    If you insist on sticking with a multiple site arrangement then you should probably read the Routing white paper from Microsoft or get some advice from an experienced Exchange consultant.


    Author Comment

    Dear Sembee,

    Thank you for your advice.  Based upon your concerns about our exchange infrastructure design and before we go ahead with the final installation work can you suggest an alternative structure that might be better suited for us.

    As I said, we have a number of regions, each connected via a VPN to our exchange server in central office (but not to each other).  The regions want a reliable email system.  They want to be able to use functions such as shared calendars and I have to consider the effects of internet failure at a region.

    Thanks for your help
    LVL 104

    Assisted Solution

    You need to start putting financial numbers on the issues.
    Costs of downtime, costs of the servers, costs of the additional maintenance etc.

    For example, if internet failure is a real concern, then perhaps you should consider paying for a connection that has some kind of SLA. Here in the UK I can get a line that costs me more per week for 2mb (thats 2mb up and down) than I would pay for xDSL for an entire year. Yet if that line goes down the ISP usually calls me to say that it has gone down and it is the top of the Telco's priority list.

    However if they aren't prepared to pay for that kind of connection, you have to look at placing Exchange servers on the sites. Then you get issues with maintenance, backups, AV and Antivirus, security of the server, the backups etc.

    With small remote sites I often suggest a combination of Outlook using cached mode for laptop users and terminal services for desktop users. The remote sites have nothing in them but an internet connection and a pile of thin clients. No security concerns there.
    Another increasing common idea is to place the servers in a data centre. Lots of bandwidth and no concerns over physical security.

    LVL 1

    Expert Comment

    Forced accept.

    EE Admin

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
    You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
    In this video we show how to create a Distribution Group in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >>…
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now