The Edge Transport server role

Download Report

Transcript The Edge Transport server role

Overview of Server Roles in Exchange Server 2010
In Exchange Server 2010, servers are installed with specific functional roles:
• Hub Transport Server role
• Mailbox Server role
• Edge Transport Server role
• Client Access Server role
• Unified Messaging Server role
www.NetComLearning.com
Enterprise Level Fault Tolerance
•
•
•
•
•
Database Availability Groups
SAN hosted Databases
Personal Archives of PST files
Shadow Redundancy
Centralized access through Client Access
Server arrays allow hardware load balancing
www.NetComLearning.com
What Is a Database Availability Group?
A DAG is a collection of servers that provides the infrastructure for replicating and
activating database copies. DAGs:
• Require the failover clustering feature, although all installation and configuration
is done with the Exchange Server management tools
• Use Active Manager to control failover
• Use an enhanced version of the continuous replication technology that Exchange
Server 2007 introduced
• Can be created after the Mailbox server is installed
• Allow a single database to be activated on another server in the group without
affecting other databases
• Allow up to 16 copies of a single database on separate servers
• Define the boundary for replication
www.NetComLearning.com
What Is Active Manager?
Active Manager:
• Runs a process on each server in the DAG
• One node is the Primary Active Manager
• Remaining nodes are Secondary Active Managers
• Manages which database copies are active and which are passive
• Stores database state information
• Manages database switchover and failover processes
• Does not require direct administration configuration
www.NetComLearning.com
How Are Databases Protected in a
Continuous replication protects
databases across servers in the DAG
DAG?
DB1
DB2
DB2
DB2
DB3
DB3
DB4
DB4
DB4
www.NetComLearning.com
Understanding the Failover Process
If a failure occurs, the following steps occur for the failed database:
Active Manager determines the best copy to activate
The replication service on the target server attempts to copy missing log files from
the best “source”:
• If successful, the database mounts with zero data loss
• If unsuccessful (failover), the database mounts based on the
AutoDatabaseMountDial setting
The mounted database generates new log files (using the same log generation
sequence)
Transport dumpster requests are initiated for the mounted database to recover lost
messages
When original server or database recovers, it determines if any logs are missing or
corrupt, and fixes them if possible
www.NetComLearning.com
How Personal Archives Work in
Exchange Server 2010
Exchange Server 2010 Personal Archives require a secondary or archive mailbox for
the user
The Personal Archive:
• Must be in the same mailbox database as the
primary mailbox
• Appears as a folder in Outlook 2010 or Outlook Web App
• Is indexed and searchable
• Is not cached in Outlook
• Can be managed using messaging records management
policies
Personal Archives can help organizations meet legal and corporate requirements by
ensuring that all messages are stored
in an Exchange server mailbox
www.NetComLearning.com
Disaster Mitigation Options in
Exchange Server 2010
Risk
Loss of a message
Loss of a mailbox
Loss of a database
or server
Logical corruption
in the database
Mitigation Option
• Configure recoverable items folder and deleted
item retention settings
• Recover messages from backup by using the
recovery database
• Configure and use mailbox retention settings
• Configure hold policy, and recover it
• Back up the Exchange Server data, and recover
database to a recover database
• Create a DAG on another server
• Recover the server from backup
• Install Exchange with /m:RecoverServer option
• Create a lagged database copy in a DAG
environment
• Backup the Exchange Server data, and recover
database
www.NetComLearning.com
Disaster Recovery Options for Mailbox
Exchange Server 2010 provides theServers
following disaster recovery features for Mailbox
servers:
• Disaster recovery with DAGs
• Mailbox servers in a DAG can host other server roles
• Point-in-time database snapshot with lagged copy of DAG
• Recovery database to recover mailboxes, folders, or items
• Lower cost of DAG backup compared to existing backup
www.NetComLearning.com
What Is Database Mobility?
Database mobility enables you to move mailbox databases between Mailbox servers
To move a mailbox database to another server:
• Perform a soft recovery on the database
• Create the destination mailbox database
• Move the database files and mount the database
• Reconfigure the user mailboxes
High Availability Solution for Mailbox
Mailbox data high availability: Servers
• Single database failover
• Requires failover clustering feature
• Allows up to 16 copies of each database
• Allows up to 14 days for lag copies
Public Folder high availability:
• Leverages Public Folder replication
• Is similar to previous Exchange Server versions
www.NetComLearning.com
What Is the Transport Dumpster?
The transport dumpster:
• Protects against Mailbox server failures when transaction logs have been lost
• Keeps copies of all messages delivered in the transport queue (mail.que) until
the transaction logs have replicated to all servers in the DAG, or until the
maximum dumpster size is reached
• Redelivers missing e-mail messages when a failure occurs
www.NetComLearning.com
How Shadow Redundancy Provides High
Availability for Hub Transport Servers
Transport server delays message deletion until it verifies that the message has been
delivered past the next hop
Edge1
Hub
External SMTP
Mail Server
Edge2
www.NetComLearning.com
Exchange 2010 integration with the
Cloud
• Integrates with Office 365
• On Premise Mailbox server with:
– Hosted Client Access Server
– Hosted Hub Transport Server
– Hosted Lync Server uses on-premise mailbox DB
www.NetComLearning.com
Options for Integrating Exchange
Server 2010 and Exchange Online
Services
Exchange Online Services:
• Is part of the Business Productivity Online solution
• Enables e-mail and calendar functionality hosted
by Microsoft
• Enables e-mail co-existence and migration of mailboxes
and global address lists
• Enables both on-premise and hosted mailboxes
with Exchange Server 2010
Powershell 2.0 and Exchange
Management Shell
• Version 2.0 provides Remote Management
• Exchange Management Shell is a superset of
Powershell
www.NetComLearning.com
What Are the Exchange Management
Shell and Windows PowerShell?
• The Exchange Management Shell is a command-line interface used for
administering Exchange Server 2010
• The Exchange Management Shell is built on Windows PowerShell 2.0 remoting
• Windows PowerShell is an extensible scripting and command-line technology that
developers and administrators can use to:
• Perform a specific task
• Combine cmdlets to perform complex administrative tasks
www.NetComLearning.com
The Benefits of Remote Windows
PowerShell
Remote Windows PowerShell 2.0 enables:
• Role Based Access Control
• Client/server management model
• Standard protocols allow easier management through firewalls
www.NetComLearning.com
Exchange 2010 provides ongoing
protection through:
• Discovery Group
• ALL e-mails go through the Hub Transport
• Domain Security filtering
www.NetComLearning.com
What Is the Edge Transport Server
The Edge Transport server role provides:
Role?
Internet message delivery
Antivirus and anti-spam protection
Edge transport rules
Address rewriting
The Edge Transport server role:
Cannot be deployed with any other server role
Should not be a member of the internal
Active Directory domain
Should be deployed in a perimeter network
www.NetComLearning.com
Forefront Protection 2010 for Exchange
Benefits of Forefront Protection 2010 for Exchange Server include:
• Antivirus scan with multiple scan engines
• Full support for VSAPI
• Microsoft IP Reputation Service
• Spam signature updates
• Premium spam protection
• Automated content filtering updates
www.NetComLearning.com
Forefront Protection 2010 Deployment
You can install Forefront ProtectionOptions
2010:
• Only on an Edge Transport server or a Hub Transport server
• On an Edge Transport server or a Hub Transport server
and a Mailbox server
When installing Forefront Protection 2010, consider:
• The number of scan engines required
• The types of scan engines that should be used
www.NetComLearning.com
POLLS
www.NetComLearning.com
Overview of Spam-Filtering Features
Filters messages based on:
Feature
Connection
Filtering
The IP address of the sending SMTP server
Content Filtering
The message contents
Sender ID
The IP address of the sending server from which
the message was received
Sender Filtering
The Sender in the MAIL FROM: SMTP header
Recipient Filtering
The Recipients in the RCPT TO: SMTP header
Sender Reputation
Several characteristics of the sender, accumulated
over a period of time
Attachment
Filtering
Attachment file name, file name extension, or file
MIME content type
www.NetComLearning.com
How Exchange Server 2010 Applies Spam Filters
Exchange Server 2010
Edge Transport server
IP Allow List
Connection Filtering
Internet
IP Block List
RBL
Sender Filtering
Recipient Filtering
Sender ID Filtering
Content Filtering
Outlook Safe Senders
List
Exceed SCL Threshold
Below SCL Threshold
www.NetComLearning.com
What Is Domain Security?
Uses mutual TLS with business partners to enable secured message paths over the
Internet & shows an icon in Outlook
To set up mutual TLS:
• Generate a certificate request for TLS certificates
• Import and enable the certificate on the
Edge Transport server
• Configure outbound Domain Security
• Configure inbound Domain Security
www.NetComLearning.com
When to Use SharePoint Instead of
Public Folders
Scenario
Using Public Folders?
New to Public
Folders?
Document
Sharing
SharePoint may be a
better option
SharePoint is a better
option
Calendar Sharing
Depends on Outlook
version
Integrates with
Sharepoint
Contact Sharing
More difficult
Sharepoint aggregates
Discussion Forum
Less dynamic
Sharepoint is better
Distribution
Group Archive
No need to move
Use either
Custom
Applications
SharePoint may be a
better option
SharePoint may be a
better option
Organizational
Forms
No need to move
Use InfoPath
www.NetComLearning.com
Client Access Changes
•
•
•
•
•
•
Outlook now goes through CAS
HW load balanced CAS arrays
Exchange Control Panel
Access File Shares
Access Sharepoint Libraries
Allows Web Ready documents
www.NetComLearning.com
How Client Access Works
Domain
Controller
Client Access
Server
3
Mailbox
Server
4
RPC/MAPI
1
2
RPC/MAPI
HTTPS
IMAP4
POP3
www.NetComLearning.com
Services Provided by a Client Access
Server for Outlook Clients
Service
RPC Client Access
Service
Description
Enables MAPI connectivity to user mailboxes
Autodiscover
Enables automatic configuration for Outlook
and mobile clients
Availability
Provides free or busy information
MailTips
Provides notifications regarding issues with
sending a message
Provides offline address book download for
Outlook clients
Offline Address Book
download
Exchange Control
Panel (web Based)
Provides User & Administrative
interface for accessing mailbox and
recipient information
Exchange Web
Services
Provides a developer interface for accessing all
Exchange server content and settings
Service Outlook
Anywhere
Enables RPC over HTTPS access to user
mailboxes
Introducing the Exchange Control
Panel
ECP provides Web-based user access to self-manage:
• Outlook Web App features
(signature, message options, etc.)
• Deleted item recovery
• Inbox rules
• ActiveSync (report wipes, logs)
• Automatic replies
• Text message configuration
• Report delivery
• Account information (location,
phone numbers, etc.)
• Call Answering Rules
• Public groups
www.NetComLearning.com
What Is File and Data Access for
Outlook Web App?
File and data access for Outlook Web App enables users to access attachments and
files stored on other servers
With file and data access, you can configure:
•
WebReady document viewing
•
Direct file access
•
Different settings when users connect from public or private computers
•
Access to files stored on Windows SharePoint Services servers and Windows
file shares
•
Restrict access to files based on file types or internal servers
www.NetComLearning.com