I am doing an upgrade for a network that has 8 branch offices. Four of those offices have Exchange 2003 servers currently; all mail flows into one server and then is routed to the appropriate mailbox. We are upgrading to Exchange 2010 and I was wondering if anyone had suggestions for the topology to implement. From what I have been reading it looks like at each of the four locations I will want to install the CAS, Hub Transport, and Mailbox role. My question is since what would be the best way to set this up so I only have to purchase one SSL cert for OWA. Should I set up a proxy for the CAS? Since each location will have mailboxes I am assuming the proxy would then route them to their mailbox. Is the rest done via connectors as far as email flow - the emails will come into one location and then be dispersed. Is there a best practice way to do this? Any suggestions would be grealty appreciated. Thanks.
Ensure that you already have AD sites/subnets created for each office where you plan to install Exchange 2010
Install single server with all roles in each office
Publish the main office server to internet as internet facing CAS server(Or use TMG as reverse proxy).
The email flow will take care by AD site connectors, you do not have to create any extra connectors(except the internet Send Connector). It is not so easy to explain the complete steps :(
CAS to CAS proxy will be taken care by exchange 2010 itself.
When it comes to the SSL, you just need to buy for internet publishing URL including the CAS server names FQDNs as SAN(Subject Alt Names). Normally many third party CAs offer additional 4 SAN names with one Unified Communications Certificate.
There are many more to look at when designing(including CAS array, DAG etc), but this will help you to start with...