Solved

exchange server deployment design

Posted on 2015-01-31
6
78 Views
Last Modified: 2015-02-25
Dear Experts,

I attached a design for windows 2012 active directory plus exchange 2013 for a primary data center and backup data center, I need to check if this design is correct and I need to know if TMG license required in this ?
also do I have to make DNS server together with edge server?

Thanks,
Design.jpg
0
Comment
Question by:oamal2001
6 Comments
 
LVL 16

Expert Comment

by:Ivan
ID: 40582333
Hi,

there are no Hub servers in Exchange 2013. Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.
You don't need to have DNS server in that DMZ where Edge is installed. Edge is available only in Exchange 2013 SP1 or later.

TMG don't have license as far as I know?

Regards,
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40582379
Hub is incorporated into CAS role, so you should have dual CAS role in stead of that Hub.

This is actually not true. CAS has a Front-End Transport service on all CAS servers but this really only proxies to the mailbox server where the true Mailbox Transport service / Transport services live. The Transport services on the mailbox servers does all of the routing for mail not the CAS server.

Edge server requirements
https://technet.microsoft.com/en-us/library/dn635117(v=exchg.150).aspx

TMG licensing
https://social.technet.microsoft.com/Forums/forefront/en-US/d215e114-dfbb-492e-96ce-cbe4fed14748/forefront-tmg-license

Will.
0
 

Author Comment

by:oamal2001
ID: 40582474
Hi to all,

Is the attached design better, do I have to install forefront on the edge server and put the TMG client license on it?

Thanks,
Design-mod1.jpg
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40582541
I am wondering why you want to use TMG anyways. They are no longer having mainstream support for this as of April 2015. Anyways in Exchange 2013 the security fetures have been enhanced which is one of the reason why they have cut support for TMG. The below link illustrates Exchange 2010.

EDGE and TMG

I would also look into something like UAG as well to replace TMG or another 3rd party product.

Will.
0
 

Author Comment

by:oamal2001
ID: 40582686
Thank you , but I need a product that protect my emails from spam,malwares,viruses,sywares and all risks that could come from email.
Also I need to know if the design is OK or not please?

Thanks,
0
 
LVL 7

Expert Comment

by:dsnegi_25dec
ID: 40583361
to protect emails from spam,malwares,viruses,sywares and all risks that could come from email.

their are lots of email gateway. Like  Exchange online protection / Postini / Mimecast  etc .

I had worked with all three vendors but EOC is the best on service basis
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now