Solved

forefront verses edge transport server role

Posted on 2009-07-10
1
1,021 Views
Last Modified: 2012-05-07
We are replacing our Exchange 2003 servers with Exchange 2007.  Currently I have an Exchange 2003 server with Postini handling our spam and antivirus scanning.  I have configured three Exchange 2007 Servers, one clustered Mailbox server, one disaster recover server that uses SCR replication to duplicate the Exchange server, and one client access server that is also the hub transport server.

My biggest confuision (sorry I am new) is the difference between the forefront application and and edge transport server?  It seems that they both do Antispam, virus protection, phishing filters etc?  Why would you choose to deploy one over the other?  Also, we currently have Postini to do AntiSpam and Antivirus.  The solution works well except for the staff time we have to spend going through the message logs and freeing up false positives.  How would Postini rate compared to the other two options?

What I am considering doing is configuring the hub transport servers as internet facing hub transport servers and leaving Postini for now.  This would be one less thing to change, then eventually I want to use the Microsoft technologies-I just don't know which one!
0
Comment
Question by:brentc3114a
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 7

Accepted Solution

by:
LANm0nk3y earned 500 total points
ID: 24829842
The edge transport server doesn't protect you against virus or phishing.  The edge transports as I thought is to allow you to put this box in the DMZ and synchronize your transport policies.  The edge will allow you to add rules and antispam filters before it gets inside your network.  Forefront is a lot more extensive.  There are five antivirus engines running to scan for virus/malware/phishing it.
If you're looking at your current config, it doesn't quite make sense the need to ge forefront because you have [mail]-->[spam filter/antivirus server]-->exchange.  However Forefront will scan your mailboxes.  Sure you depend on your desktop antivirus to take care of this, but what about people who uploads file through owa?
I use forefront, and i must say it works very well.  I used GFI email security test and nothing got through forefront.  Forefront isn't going to answer all your problems about spam -- I think it lacks on some of the spam, but I have never gotten anything weird other than things I subscribe to.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
In-place Upgrading Dirsync to Azure AD Connect
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month4 days, 6 hours left to enroll

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question