I run a very small managed services business in the UK. Presently I have 170 hosted Exchange mailboxes running on a single Exchange 2010 box with multi-tennant software running. It's co-located at a UK T3 DC and has half hourly Veeam backups run continually. Nightly a Veeam backup is transferred to a secondary T3 DC which is also colo.
The solution has been running almost 2 years and has been pretty reliable (bar one or two hiccups). However I anticipate gaining another 100 mailboxes in the next year and with 270 business mailboxes in mind would like to progress to something more resilient. Right now I feel exposed with many eggs in one basket (and right on cue last night, as if it knows, the Dell server running Exchange failed with a RAM error which prompted a 3AM - 6AM fix!).
Whilst I am aware of the Exchange 2013 HA features, such as DAGs, load balanced CAS servers and site HA, I'm also conscious that over-complicating things might bring upon problems - i.e. potential for false economy.
The fact I have 2 DC's to play with (100Mbps layer 2 link) it wouldn't take much to get a 3rd location running as a witness but as already mentioned, wonder if this is overkill/risk in itself.
What I am thinking instead, all in one site, is to build a new Exchange 2013 environment using 2 x MBX/CAS servers running as single VM's on separate physical hosts. I'll then ensure there are 2 x AD servers also running as VM's on these separate physical hosts. I'll then have a witness server placed on it's own VM on a 3rd physical host. Lastly to load balance the CAS traffic I shall use a basic DNS round robin function on my SonicWALL's (which are running in HA). (I would like to use a Kemp balance in HA but funds are unlikely to stretch that far [I also gather intelligent load balancing is less required with Exchange 2013 than previous versions]).
The above solution should make for robustness, however what I then intend to do is to use Veeam again to replicate the entire environment every hour to the secondary DC - which will effectively give us site resilience which although not as effective as Exchange site resilience, will be less complicated and expensive to setup.
Then at the second DC we have, create the whole lot again, but replicating the Veeam replications in the other direction and have both Exchange environments separate and active.
In summary we should then have 2 x completely separate and resilient Exchange 2013 environments which shouldn't cost the earth and have site resilience built in.