mcascio
asked on
Planning an Exchange 2007 upgrade strategy from Exchange 2000
Hello,
I'm in the process of planning for an Exchange 2007 transition from an Exchange 2000 environment. I currently have around 300 mailboxes, so it's not a very large company. I'm currently running a two-node Exchange 2000 cluster (using your basic Microsoft Clustering service). I have an SMTP server sitting out on my DMZ for incoming email (outgoing email just gets sent directly to the Internet). I also have an OWA server sitting out on the DMZ as well. (I personally would not put an OWA server on a DMZ, but this was inherited).
What sort of strategy would be recommended? From what I read and have heard in training classes, is a big push for Microsoft ISA on a DMZ that then publishes to a Client Access server for OWA access. In our smaller environment, that seems to be a bit overkill. Another option is to put a CAS on the DMZ (to act similar to our current OWA). But again, the whole "member server in the DMZ" bothers me. Any recommendations?
And finally, the difference between SCR and CCR, to me, is minimal. I understand that CCR takes away the whole shared data single point of failure theory, but I'm thinking more ease of setup and similar to our current environment. Any strong recommendations for CCR over SCR? What additional costs are involved with CCR? is it just the witness server?
Any thoughts or recommendations would be greatly appreciated.
Thanks!
I'm in the process of planning for an Exchange 2007 transition from an Exchange 2000 environment. I currently have around 300 mailboxes, so it's not a very large company. I'm currently running a two-node Exchange 2000 cluster (using your basic Microsoft Clustering service). I have an SMTP server sitting out on my DMZ for incoming email (outgoing email just gets sent directly to the Internet). I also have an OWA server sitting out on the DMZ as well. (I personally would not put an OWA server on a DMZ, but this was inherited).
What sort of strategy would be recommended? From what I read and have heard in training classes, is a big push for Microsoft ISA on a DMZ that then publishes to a Client Access server for OWA access. In our smaller environment, that seems to be a bit overkill. Another option is to put a CAS on the DMZ (to act similar to our current OWA). But again, the whole "member server in the DMZ" bothers me. Any recommendations?
And finally, the difference between SCR and CCR, to me, is minimal. I understand that CCR takes away the whole shared data single point of failure theory, but I'm thinking more ease of setup and similar to our current environment. Any strong recommendations for CCR over SCR? What additional costs are involved with CCR? is it just the witness server?
Any thoughts or recommendations would be greatly appreciated.
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I don't use ISA personally. I have seen it implemented, most of my financial services clients use it, but I haven't done it myself. It depends on your attitude to risk. If the policy is nothing inside is accessible outside then you will have to use an ISA.
-M
-M
ASKER
What's your thoughts on the ISA Server option? We currently do not use ISA server, nor would I foresee using it for anything in the immediate future (other than Exchange 2007). To me, that seemed a tad overkill. Then again, the added security that the ISA server would provide may pay for itself.
My inclination is to use option 1. I guess I was just wondering if the risks were far too great.
thanks for your help