exchange server deployment design

Dear Experts,

I attached a design for windows 2012 active directory plus exchange 2013 for a primary data center and backup data center, I need to check if this design is correct and I need to know if TMG license required in this ?
also do I have to make DNS server together with edge server?

Thanks,
Design.jpg
oamal2001Asked:
Who is Participating?
 
Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.

This is actually not true. CAS has a Front-End Transport service on all CAS servers but this really only proxies to the mailbox server where the true Mailbox Transport service / Transport services live. The Transport services on the mailbox servers does all of the routing for mail not the CAS server.

Edge server requirements
https://technet.microsoft.com/en-us/library/dn635117(v=exchg.150).aspx

TMG licensing
https://social.technet.microsoft.com/Forums/forefront/en-US/d215e114-dfbb-492e-96ce-cbe4fed14748/forefront-tmg-license

Will.
0
 
IvanSystem EngineerCommented:
Hi,

there are no Hub servers in Exchange 2013. Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.
You don't need to have DNS server in that DMZ where Edge is installed. Edge is available only in Exchange 2013 SP1 or later.

TMG don't have license as far as I know?

Regards,
0
 
oamal2001Author Commented:
Hi to all,

Is the attached design better, do I have to install forefront on the edge server and put the TMG client license on it?

Thanks,
Design-mod1.jpg
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
Will SzymkowskiSenior Solution ArchitectCommented:
I am wondering why you want to use TMG anyways. They are no longer having mainstream support for this as of April 2015. Anyways in Exchange 2013 the security fetures have been enhanced which is one of the reason why they have cut support for TMG. The below link illustrates Exchange 2010.

EDGE and TMG

I would also look into something like UAG as well to replace TMG or another 3rd party product.

Will.
0
 
oamal2001Author Commented:
Thank you , but I need a product that protect my emails from spam,malwares,viruses,sywares and all risks that could come from email.
Also I need to know if the design is OK or not please?

Thanks,
0
 
dsnegi_25decCommented:
to protect emails from spam,malwares,viruses,sywares and all risks that could come from email.

their are lots of email gateway. Like  Exchange online protection / Postini / Mimecast  etc .

I had worked with all three vendors but EOC is the best on service basis
0
All Courses

From novice to tech pro — start learning today.