Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 - Virtualization and Load Balancing

Posted on 2013-05-20
3
Medium Priority
?
323 Views
Last Modified: 2013-06-11
Hello!

I'm looking to reconfigure Exchange 2010 in a test environment, eventually with the goal to be put into production. Any help you could answer on the following would be greatly appreciated.

I plan on setting up my environment as follows:

               LoadBalancer
                         /\
               Edge Transport
                          /\
               CAS Array
                          /\
               Mailbox Database

Each tier is composed of multiple virtual servers, for a large organization type of environment.

I am able to do most of this, but have some embarrassing gaps in my knowledge:

1. Which tiers will need to have public IPs assigned? (i.e. Edge Transport, CAS)

2. Does the Edge transport interact with the CAS at all? or does it simply go straight to the Mailbox Database?

3. Will I need SSL certs for the CAS servers, or can I install them on my Load Balancer (Zen, at the moment)

4. Any additional security recommendations for the CAS / Edge servers?

5. Any recommendations or criticisms to my current model?

Thank you!
0
Comment
Question by:jmichaelpalermo4
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 39183470
I think your Edge should be in DMZ with public IP addresses. Then you would have load balancer in the internal VLAN. The load balancer would be configured with distribute the load between all the CAS servers.
Theen you would have CAS servers in the  internal VLAN and same with mailbox servers.
CAS array has nothin to do with the certificates . You need to have SAN certificate with the following domains

webmail.domain.com
autodiscover.com
casserver1.domain.com
casserver2.domain.com

http://blogs.technet.com/b/exchange/archive/2012/03/23/demystifying-the-cas-array-object-part-1.aspx
0
 
LVL 15

Accepted Solution

by:
msmamji earned 2000 total points
ID: 39183573
1. Your emails would eventually land on edge and using send connectors (created during edge subscription) would be sent inside to the HUB Transport server. NAT would be a better option then assigning public IPs directly to edge servers.

2. Edge send and receives messages to and from HUB transport server and has nothing to do with CAS.

3. SSL would be required on CAS but they are used for client access not mail flow.

4 and 5. CAS, HUB and MBX on the inside network. Edge on DMZ with NAT. Use LB for client access protocols as well among other things.
0
 
LVL 1

Expert Comment

by:ssk_2k3
ID: 39184073
I would say that please have Edge servers on DMZ and place the load balancer's for CAS server requests. So that it can mange MAPI and internet requests well for users.

Once the load balancer placed point the CAS array IP to that to get work well.

SAN certificate should require to installed on CAS servers.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Unified and professional email signatures help maintain a consistent company brand image to the outside world. This article shows how to create an email signature in Exchange Server 2010 using a transport rule and how to overcome native limitations …
The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question