Re: Exchange 2003 Front-end design

• From: Chris Wall <Chris.Wall@xxxxxxxxxxxxxxxxxxx>
• To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
• Date: Wed, 22 Dec 2004 12:53:05 -0500

Not really a valid solution...  During the day the gateways will update
their bayesian filters separately.  I need to be able to merge those db's
and GFI does not offer that feature.  They are supposedly working on
allowing a SQL db that can be shared, but even that solution will not work
for my remote SMTP gateways that have GFI installed...

No real solution at this point...

Chris

-----Original Message-----
From: Depp, Dennis M. [mailto:deppdm@xxxxxxxx] 
Sent: Wednesday, December 22, 2004 10:43 AM
To: [ExchangeList]
Subject: [exchangelist] Re: Exchange 2003 Front-end design

http://www.MSExchange.org/

Is it possible to replicate the databases to the remaining servers?  IE
make all the changes on Server1 and then have server2 periodically
replicate the database to server2.

Dennis

-----Original Message-----
From: Chris Wall [mailto:Chris.Wall@xxxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, December 21, 2004 9:50 AM
To: [ExchangeList]
Subject: [exchangelist] Re: Exchange 2003 Front-end design

http://www.MSExchange.org/

Dennis,

Thanks for the information.  I have set this up in a test environment
and
all seems to be working out...  I am using Dell 2650's (dual processors)
with 1 gb ram each. The only challenge that I have at this point is with
GFI
Mail Essentials and Mail Security.  This is a software SPAM/Virus
solution
and there is no way for the 3 machines to reference a single database
for
block lists, white lists, etc... In other words, the 3 machines will all
have different block lists, bayesian filters, etc.  This is not good.

 To over come this I have decided that the better design for my org is
to
have 2 Front-end NLB servers running Secure OWA and RPC over HTTPS.
Then
also have two SMTP Gateway FE servers with different MX record values
and
attempt to keep these  machines as 'similar' as possible with their GFI
block lists.

Thanks again for the info.

Chris

-----Original Message-----
From: Dennis Depp [mailto:dennis.depp@xxxxxxxxx] 
Sent: Tuesday, December 21, 2004 7:55 AM
To: [ExchangeList]
Subject: [exchangelist] Re: Exchange 2003 Front-end design

http://www.MSExchange.org/

Sorry for the late reply, but I didn't see anyone really answer your
questions.

1.  You don't say what type of servers you are running.  I have two
front end servers.  These are dual processor machines with 1GB ram.  I
have no problem with load on these servers.  I would estimate a
similar load to what you describe.

2.  I have not used NLB on the front end servers, but I am considering
it.  You can have NLB temporarily turn off for new connections and
then wait for existing connections to finish.  This allows for a more
seamless patching environment than our existing solution.

3.  Again I am not running NLB with Exchange, but I have no SSL issues
on other NLB servers I am running.

4.  Yes NLB is smart enough to forward all your requests to the same
front end server.  I believe this is configurable, but I have not done
any tinkering with it.

Dennis


On Thu, 16 Dec 2004 23:53:11 -0500, Chris Wall
<Chris.Wall@xxxxxxxxxxxxxxxxxxx> wrote:
> http://www.MSExchange.org/
> 
> 
> Currently trying to decide on the best Front-end deployment of
Exchange
2003
> for our organization...
> 
>  
> 
> I am leaning towards using windows 2003 server NLB (network load
balancing)
> on 3 servers in our DMZ.  These three servers will all perform SMTP
Gateway,
> OWA with SSL, RPC over HTTPS duties and each will have GFI Mail
Security
and
> Mail Essentials running on them...  These servers will not be
clustered -
at
> least they will not share an external NAS or SAN device for storage.
They
> will rely on their own disk stores individually.
> 
>  
> 
> A little info about our domain..
> 
> - I am estimating no more than 50 to 75 OWA users at any time.  RPC
over
> HTTPS will be used sporatically at best.  We receive on average 4
million
> e-mails per month, 85% of which is marked as SPAM.  I expect this
number
to
> drop drastically when GFI is installed on the Exchange 2003 FE servers
and
> can reject emails destined for non-existent e-mail addresses on our
domain.
> 
>  
> 
>  
> 
> My Questions/concerns are:
> 
>  
> Is this too much load on these servers?  (SSL encryption for OWA and
RPC,
> SPAM/Viral filtering, as well as SMTP delivery) 
> 
>       2.   Has anyone implemented NLB on their front end servers?  If
so,
> can you provide any Pros/Cons?
> Will I have SSL Certificate issues with NLB on FE servers? 
> How are the OWA and RPC sessions handled? In other words, if a user
connects
> to OWA in the NLB environment, will Windows NLB be smart enough to
forward
> all their exchange requests back to the original FE server so that the
> session is not dropped or cancelled? 
> 
>  
> 
> Microsoft recommends the use of NLB on FE servers, but I have yet to
find
> any real detail into possible issues or deployment recommendations.
After
> this, I hope to write a 'Help' document to be posted on MSExchange.org
as
> there isn't one there at this time.
> 
>  
> 
> Thanks for your expertise.
> 
> 
> Regards,
> 
>  
> 
> Chris Wall
> 
> Sr. Exchange Administrator
> 
> MCSE, MCSA
> 
> T - 919.460.3236
> 
> F - 919.468.4889
> 
>  
> 
> Global Knowledge Network
> 
> LEARNING. To Make a Difference
> 
> http://www.globalknowledge.com
> 
>  ------------------------------------------------------
> List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List
as:
> dennis.depp@xxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
Chris.Wall@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
deppdm@xxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
Chris.Wall@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts:

• » Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design
• » Re: Exchange 2003 Front-end design

1. Home
2. exchangelist
3. Archive
4. 12-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---