I'm looking into what all needs to be done as far as switching from an existing security appliance for e-mail to a different one, in a mixed Exchange 2010/2007 environment.
The new appliance we'd be switching over to will have a new/different IP address than the existing e-mail security appliance.
At this point, I think what all I need to do is, besides configuring the actual email security appliance itself:
Open minimum ports needed for new security appliance in the DMZ to communicate with on-premise servers (complete)
Setup Receive Connectors on the Hub Transport servers to receive e-mail from the security appliance
Add SPF record to allow the new IP address of the appliance
Change MX record to point to the new appliance's external IP address
Update send connector in Exchange to use the new appliance
anything else I may be missing here?