Exchange 2003 Front /Back end

Posted on 2011-04-25
Last Modified: 2012-05-11
Any expert out there to explain why Microsoft came up with Exchange Front/Back end servers.?
I believe even without Exchange Front end , mobile users still can use OWA to access their mailboxes.

Is it a factor of security? most of the envuronments don't put the FE in the DMZ, they just put it in the same LAN as the Back end.
Do internet emails like Yahoo, Hotmail go through FE to get the message to exchange server?

Many Thanks
Question by:jskfan
    LVL 58

    Accepted Solution


    Typically the Front End is used when you have multiple mailbox servers. It allows incoming access to OWA, RPC over HTTPS or ActiveSync to be proxied to the proper back-end mailbox server.

    If you don't have a front-end server, you would have to expose every single Mailbox Server to the Internet on its own public IP address and DNS name, because one back-end server cannot proxy requests to other back-end servers.

    With a single mailbox server it is pointless installing a front-end server. It is a waste of licensing, hardware and the energy bill to run / cool it. It gives you no security or performance benefit in this scenario.

    Incoming email from the Internet and outgoing email would also typically pass through the front-end servers which then delivers it to the mailbox on the appropriate back-end server.

    LVL 116

    Assisted Solution

    by:Andrew Hancock (VMware vExpert / EE MVE)
    To sell more Licenses!!!

    But it it's security, but it does get expensive if you do it correctly, because if you use Load Balanced Front End Servers, you also need TWO (2).

    and also Microsoft ISA/Forefront, because you don't really want to open up all the ports from DMZ to internal LAN for AD to work as well! Because your front end servers also have to be in AD.
    LVL 116

    Expert Comment

    by:Andrew Hancock (VMware vExpert / EE MVE)
    As you Yahoo and Hotmail, they are using different systems.

    But they will have dediciated SMTP Servers, Anti-Virus, Anti-SPAM, appliances, before the email reaches the back-end mailboxes in their secure internal LAN.

    What we "see" is a secure front-end which has access to proxyied - back end servers via firewalls to back end servers containing all the mailboxes (and the mailboxes will be on multipe cloud based platforms and grid servers).

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
    Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
    In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
    This video discusses moving either the default database or any database to a new volume.

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now