Edge Server Necessary?


I have inherited a very messy and un-maintained Windows network.  (You should see the Event Logs!!!)

My experience is strong with 2003, but much less so with 2007.

The company has an Exchange 2007 hub and edge server, both installed on 2003 R2.  With around 20 employees, I'm doubting whether we need the Edge Transport server.  (I'm trying to optimize our network by removing superfluous servers and network equipment.)

Strangely, both have a Public and Private network adapter.  (Do external devices (i.e. smartphones, iPads, etc.) connect to the Edge or Exchange server?)

I'm considering removing Edge from the mix and having the Exchange server handle mail directly.

Staff use OWA, Android and iOS devices for external email access.

My question: What technical and non-technical considerations should be had before removing the Edge server?  

(Should I decide to remove the server, I'll ask a new follow-up question for the most direct and comprehensive set of instructions for doing so.)


Who is Participating?
HeshamMousaConnect With a Mentor Commented:
Edge server is used as an internet facing SMTP server to filter spam msgs but you can remove it and install the spam agents on your HUB transport server using powershell

but you need to publish SMTP from your firewall directly to your hub server
Carol ChisholmCommented:
For that many user you can manage with only one server. make sure you configure the anti-spam blacklists to drop connections from know spammers IP addresses.

I would think TMG (ex ISA) server would help you more for security by publishing your OWA.
Allowing SMTP (a limited pprotocol on one port) to route to one machine (and Exchange server) is not a massive risk, but allowing https: for OWA and ActiveSync (especially Andoird devices) is a much bigger risk. I would re-use the Edge hardware for TMG (which can also do e-mail filtering if you want)
akerriganAuthor Commented:

I think it's going to be best to remove Edge.  Both Edge and Exchange are attached directly to the internet; no (separate) firewalls, no routers.  I plan to implement a Netgear or Linksys router between Exchange and the internet once Edge is removed.


Your advice is well put.  Considering I'll be implementing a router between Exchange and the internet, I'm more confident in the security of the situation.  Currently, the only firewall is the built-in Windows Firewall.


Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.