Solved

forefront verses edge transport server role

Posted on 2009-07-10
1
1,018 Views
Last Modified: 2012-05-07
We are replacing our Exchange 2003 servers with Exchange 2007.  Currently I have an Exchange 2003 server with Postini handling our spam and antivirus scanning.  I have configured three Exchange 2007 Servers, one clustered Mailbox server, one disaster recover server that uses SCR replication to duplicate the Exchange server, and one client access server that is also the hub transport server.

My biggest confuision (sorry I am new) is the difference between the forefront application and and edge transport server?  It seems that they both do Antispam, virus protection, phishing filters etc?  Why would you choose to deploy one over the other?  Also, we currently have Postini to do AntiSpam and Antivirus.  The solution works well except for the staff time we have to spend going through the message logs and freeing up false positives.  How would Postini rate compared to the other two options?

What I am considering doing is configuring the hub transport servers as internet facing hub transport servers and leaving Postini for now.  This would be one less thing to change, then eventually I want to use the Microsoft technologies-I just don't know which one!
0
Comment
Question by:brentc3114a
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 7

Accepted Solution

by:
LANm0nk3y earned 500 total points
ID: 24829842
The edge transport server doesn't protect you against virus or phishing.  The edge transports as I thought is to allow you to put this box in the DMZ and synchronize your transport policies.  The edge will allow you to add rules and antispam filters before it gets inside your network.  Forefront is a lot more extensive.  There are five antivirus engines running to scan for virus/malware/phishing it.
If you're looking at your current config, it doesn't quite make sense the need to ge forefront because you have [mail]-->[spam filter/antivirus server]-->exchange.  However Forefront will scan your mailboxes.  Sure you depend on your desktop antivirus to take care of this, but what about people who uploads file through owa?
I use forefront, and i must say it works very well.  I used GFI email security test and nothing got through forefront.  Forefront isn't going to answer all your problems about spam -- I think it lacks on some of the spam, but I have never gotten anything weird other than things I subscribe to.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
This video discusses moving either the default database or any database to a new volume.

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question