Exchange Server 2010 Hardening

Posted on 2012-12-22
Medium Priority
Last Modified: 2012-12-26
Hi ,

We are planning to upgrade Exchange from Exchange 2007 to Exchange 2010. Please let me know what is the best practices to do the Exchange Serevr 2010 Hardeing before putting into Production environment.
Question by:padas6
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38715153
What is your current infrastructure and do you have the budget for HA ?
Look i dont think anyone can give you a complete answer before knowing your thoughts and basic requirements

- Rancy
"Merry Christmas and Happy New Year"

Author Comment

ID: 38715168
Hi Rancy,

Current Infrastructure is Exchange Server 2007 SCC model with Single HUb & Single CAS, duel Iron Port is being used for SMTP gateway with 2000 user mailbox .

We are planning to Migrate with below feature,

1. Two HUB & CAS in Cas Array
2. Two Mailbox Server is in DAG Functionality.

We are already going to start to installation but I have couple of queries which I posted today itself.

I just wanted to know if any good guidelline is availble for Exchange Hardening.
LVL 52

Expert Comment

by:Manpreet SIngh Khatra
ID: 38715179
Perfect for your concern for point 1 & 2

Look i would suggest use Storage Calculator to understand whats best with number of Mailbox DB's you should have .... (Ram, Storage, Bandwidth)

Are you not getting a EDGE but using Ironport itself i guess ?
What exactly do you mean by Hardening ?

- Rancy
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 38715189
Server haredening, sany Minimum port opening, renaming local administrator account, basically you can server Server Hardening & if any thing I can focus on Exchange part.
LVL 52

Accepted Solution

Manpreet SIngh Khatra earned 900 total points
ID: 38715197
Look Ports i guess should be opened for it to communicate with DC\GC and fr port25 and HTTP and HTTPS rest depends if there is some additional ports you need to open on it.




- Rancy

Author Closing Comment

ID: 38720872
Usuable link.

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month13 days, 19 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question