Solved

Load Balancing in Server Design

Posted on 2010-08-15
7
788 Views
Last Modified: 2013-11-13
I am doing some research into a suitable design to move a client from a SBS 2003 single server to perhaps multiple servers due to the heavy exchange usage and/or TS requirements.

Presently there are approx 16 Users where about half work remotely on Laptops and VPN in to collect email and access files. They are presently heavy users of email with Exchange 2003, where there are multiple 5GB+ mailboxes - restrictions on mailbox size were lifted some time ago which has given Users free reign on email. In saying that, I am interested to hear what people of done for mail archiving solutions.

The plan at this stage is to beef up with a new SBS 2008 Server with 16GB RAM, but wanted to consider other designs.
0
Comment
Question by:Flipp
  • 3
  • 3
7 Comments
 
LVL 2

Accepted Solution

by:
tekrage earned 250 total points
ID: 33442290

SBS 08 with 16GB of RAM should be more than enough for what you're describing.  With only 16 users I don't think I would invest in a mail archiving solution.  Most archiving solutions are meant for more users and allows the administrators to move infrequently used mail and old mail to a separate server.  This company doesn't sound like it needs a separate server if you build a beefy SBS server.  Just make sure you use SAS drives if possible.  They're more expensive but worth the performance gain.

I would ditch the VPN unless you need it for something other than e-mail.  Setup Outlook Anywhere for e-mail.  It's much easier for the user and easier for the administrator.  Users no longer need to worry about establishing VPN connections prior to opening e-mail.  Admins no longer need to support VPN connections.  Plus you get away from the problem where your users might experience the inability to connect to the VPN due to traffic restrictions in some hotels or other networks they may be in (for example if you have a sales guy visiting a client and wants to get his e-mail).  Outlook Anywhere uses SSL which is universally accessible over any internet connection.

Finally, if possible, deploy Outlook 2010.  The new Outlook 2010 x64 with Outlook Anywhere rocks.  You no longer get prompted for your password when opening Outlook (if you choose to let it remember your password) and it's faster than 2007, especially for those 5GB mailboxes.  Outlook 2007 would always prompt you for your password when connecting to Exchange and it was the one single complaint I used to get the most often from clients using Outlook Anywhere.  Moving to Outlook 2010 fixed that (among other things).  Of course only go to 64-bit Office if you have a 64-bit OS and don't have any old 32-bit plug-ins or add-ons that you still need to use.
0
 
LVL 6

Author Comment

by:Flipp
ID: 33442336
Thanks tekrage!

Maybe 'email archiving' in the sense of moving email to another server is what I meant. I suppose I am now in the position to ensure that Users manage their emails responsibly but aligns with business directives. In the world of Exchange 2003 I would look to utilise Public Folders to move bulk of email, but wanted to see if a 5GB mailbox should sound any type of alarm, or this is considered to be the norm these days.

SAS drives are already in the spec - I have used these from Dell before and am fairly happy with them.

I will be setting up a test network next week to test out possible solutions so it sounds like Outlook Anywhere is on the cards, and perhaps alongside Outlook 2010. For remote Users, it sounds like email over SSL with OA is the standard, but what about accessing file shares?

Probably will not be able to get them to a x64 OS as they are a small business with little cash flow - x32 seems fine for their needs.
0
 
LVL 2

Expert Comment

by:tekrage
ID: 33442429
If you're trying to move e-mail to another server then you can always just move the mailbox through Exchange if the server is in the same domain / exchange org.  If you're moving to a new domain then you can export the mailbox to a PST (just make sure you select the top of the mailbox and click "include subfolders" when exporting).  You can then import that massive PST into the new Exchange mailbox just make sure you have turned off quotas.  By default SBS 2008's default e-mail quota is 1GB.

Accessing file shares is a different story and a real pain in the rear if you ask me.  For my clients I have always implemented either a SSL VPN for file access or instituted Citrix or Terminal Services for remote access to files.  Users sometimes get really confused with the idea of local and remote files so I find that Citrix / Terminal Services simplifies the concept for them.  However if they really want to access files locally or need them offline then an SSL VPN is the way to go.  I use the Juniper SA's all the time and I love them.  You can set them up where they'll authenticate to the domain then pass along the user credentials to the file servers so the user only gets access to the files they're allowed to access.  It'll take a share and list all of the files in a web page so the user only needs to click on a file to download or open it.  It'll also list the sub or parent folders for navigation throughout the file share, allow them to create folders, upload files, etc.  Most modern SSL VPN's will do this.  I think it really beats the old VPN connectivity options of yester-year.
0
The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

 
LVL 56

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 250 total points
ID: 33442446
For the most part, I'm with tekrage on this. 16 users is really nothing, no matter *how* heavily they use the system. You think companies like IBM and Oracle have an exchange server for every 16 users?!? It scales *much* better than that.
With that said, I'd still implement mailbox limits, just to discourage packratting. Large mailboxes take up disk space (whcih is cheap, so don't be stingy, just don't give them free reign either) and more importantly increases the backup window. Look at a sampling of mailboxes and set a limit on what you think is *truly* appropriate, then users are responsible for meeting those limits. 5 gigs is nothing to worry about...again, this is more about instilling good habits.
Regarding your final question on file-shares, you can kill two birds with one stone here. One of the most common thigs that pushes up disk usage quickly is sending of files. If you set up a Sharepoint portal for users to collaberate, you gain a great repository for files with far more granular control, revision control, and a host of other features that a "file share" would never give you. You can offer that sharepoint service securely over the internet so no more VPNs, and you can encourage users to simply send sharepoint links when collaberating on a file instead of sending full files back and forth, thus pushing down mailbox abuses.
Once users actually start using some of the more advances sharepoint features, they'lll actually *want* to use that process, but it does take some dedication to the process of user education to get them used to the idea. A battle worth waging, and one I've never lost....because it really is that cool, and users really do love it that much once they get their hands on it.
I think if you implement those simple changes, you'll be quite happy with a solution built around SBS.
-Cliff
 
0
 
LVL 6

Author Comment

by:Flipp
ID: 33442462
I have not had a chance to review the migration guide that MS post for SBS 2003 --> 2008, but assume it will guide me through Exchange. I have used exmerge in days gone by, but assume that there are other ways to achieve the same result.

So for the mobile User, what is the best option:
1. Use a company laptop with Outlook 200x, SSL VPN and use the file shares already mapped
2. Use a company laptop with Outlook 200x, SSL VPN and Terminal Services for remote connection. Obviously when in office they simply use their laptop with no TS.

Now I start thinking about Virtualizing a Terminal Server on SBS 2008 hardware to support remote connectivity?

Considering I am working with small business and small budgets I need to weigh up cost and usability to come up with best solution.
0
 
LVL 6

Author Closing Comment

by:Flipp
ID: 33442481
Thanks guys - I have been trying to push SP for some of these SMBs I look after for some time, but you know the old game of 'why change' always comes up.
Thanks for your responses, time to do some testing .... :-)
0
 
LVL 2

Expert Comment

by:tekrage
ID: 33442571
I don't think using a VPN with file shares mapped is a good idea.  It's slow and prone to errors.  When you click on a share with 100 files in it then the laptop is going to slow to a crawl while it populates the list.  I've even seen computers that run slowly just because they're mapped to drives over a VPN (meaning you can disconnect the drives and everything speeds up dramatically).  Note I'm referring to using an SSL VPN different than a standard VPN in the sense that the SSL VPN is only being used to access file shares although the Juniper SA's and Citrix CAG's will also connect users to terminal servers / citrix servers via the SSL home page.

What you choose ultimately depends on your budget and performance trade-offs.  You can do a traditional VPN but it's more work for the end user and is slower in regards to file shares but a traditional VPN is also cheaper.  The SSL VPN option is better but more expensive.

A third option is to setup TS Web Access with TS RemoteApp on a server 2008 box.  That's as close as you can get to Citrix without paying the Citrix prices.  You can publish applications via a web page (encrypted with SSL of course) or just publish a TS desktop and let the users login to that to access their files.  The user would use Outlook & Outlook Anywhere for e-mail access.  The end result is no VPN and no SSL VPN.  If the box you're setting up is beefy enough and you're using Windows Server 2008 Enterprise then you could always do the TS Server 2008 box as a virtual machine although you'll have to purchase another Server '08 license which will include 5 cal's so if you only anticipate 5 concurrent users on the TS box then you won't have to purchase additional cal's.  The cost of the basic server '08 license would be cheaper than the SSL VPN gateway or Citrix CAG.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now