Solved

exchange server deployment design

Posted on 2015-01-31
6
77 Views
Last Modified: 2015-02-25
Dear Experts,

I attached a design for windows 2012 active directory plus exchange 2013 for a primary data center and backup data center, I need to check if this design is correct and I need to know if TMG license required in this ?
also do I have to make DNS server together with edge server?

Thanks,
Design.jpg
0
Comment
Question by:oamal2001
6 Comments
 
LVL 15

Expert Comment

by:Ivan
ID: 40582333
Hi,

there are no Hub servers in Exchange 2013. Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.
You don't need to have DNS server in that DMZ where Edge is installed. Edge is available only in Exchange 2013 SP1 or later.

TMG don't have license as far as I know?

Regards,
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40582379
Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.

This is actually not true. CAS has a Front-End Transport service on all CAS servers but this really only proxies to the mailbox server where the true Mailbox Transport service / Transport services live. The Transport services on the mailbox servers does all of the routing for mail not the CAS server.

Edge server requirements
https://technet.microsoft.com/en-us/library/dn635117(v=exchg.150).aspx

TMG licensing
https://social.technet.microsoft.com/Forums/forefront/en-US/d215e114-dfbb-492e-96ce-cbe4fed14748/forefront-tmg-license

Will.
0
 

Author Comment

by:oamal2001
ID: 40582474
Hi to all,

Is the attached design better, do I have to install forefront on the edge server and put the TMG client license on it?

Thanks,
Design-mod1.jpg
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40582541
I am wondering why you want to use TMG anyways. They are no longer having mainstream support for this as of April 2015. Anyways in Exchange 2013 the security fetures have been enhanced which is one of the reason why they have cut support for TMG. The below link illustrates Exchange 2010.

EDGE and TMG

I would also look into something like UAG as well to replace TMG or another 3rd party product.

Will.
0
 

Author Comment

by:oamal2001
ID: 40582686
Thank you , but I need a product that protect my emails from spam,malwares,viruses,sywares and all risks that could come from email.
Also I need to know if the design is OK or not please?

Thanks,
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 40583361
to protect emails from spam,malwares,viruses,sywares and all risks that could come from email.

their are lots of email gateway. Like  Exchange online protection / Postini / Mimecast  etc .

I had worked with all three vendors but EOC is the best on service basis
0

Join & Write a Comment

Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now