zmagick
asked on
Recommended Exchange 2007 roles for two server environment
In an Exchange 2007 environment that will have only two physical servers, what is the recommended role placement? (The only roles to be implemented are the minimum: mailbox, HT, and CAS).
One server will have the mailbox role.
One server will have the CAS role.
Which server should have the hub transport? Given that there is no clustering or redundancy, is there an advantage to combining the hub transport with one role over the other?
One server will have the mailbox role.
One server will have the CAS role.
Which server should have the hub transport? Given that there is no clustering or redundancy, is there an advantage to combining the hub transport with one role over the other?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
I didn't mention in the original post, but there is already a firewall and anti-malware appliance in place. None of the Exchange roles would be in the DMZ, though the CAS would be reachable from the internet via a static NAT on the firewall.
The firewall and anti-malware is good but doesn't take the place of ISA/Forefront. The static NAT to the Exchange CAS server is against Best Practices, even more so with Exchange 2007. That setup would be flagged in a security audit, compliance audit, or through Microsoft's assessment services. I try to avoid that situation because if/when you call MS Support for an emergency, you're better off with a standard, Best Practices implementation that everybody is familiar with. Just my opinion.
You should consider sizing the environment based on user count, number of message sent/received daily, projected database size, quota size, etc. Because chances are you only need a single server for a small Exchange environment. ISA/Forefront will allow you to secure all of the CAS services in addition to allowing you to publish other applications, web servers, etc.