Recommendations for Medium Organizations
Topic Last Modified: 2005-10-13
Organizations that have more than 75 users cannot deploy Small Business Server 2003. Instead, these organizations should run Exchange 2003 on a separate computer. Medium organizations might have up to 1,000 users in a central location, in which case a single Exchange 2003 server can host all mailboxes and public folders. A limited number of remote locations may exist that connect to the data center through virtual private network (VPN) connections over the Internet. Remote users may also use dial-up connections to the Internet to access their mailboxes through VPN connections or RPC over HTTP. The following figure illustrates a possible Exchange 2003 configuration for a medium organization that has 500 local and remote users.
An Exchange 2003 design for a medium organization
Consider the following recommendations when you develop a server consolidation strategy for a medium organization:
Deploy two domain controllers running Windows Server 2003, both configured as DNS servers and global catalog servers in a single domain Exchange 2003 requires a dependable DNS and Active Directory infrastructure, so it is important to deploy at least two global catalog servers. If you shut down one of the global catalog servers, the second global catalog server can continue to provide directory services to the Exchange 2003 organization, and users can continue to access their mailboxes, and send and receive messages.
Configure both global catalogs as DNS servers to provide sufficient redundancy in the DNS infrastructure. DNS is an extremely critical network service; without it, Active Directory and the Exchange 2003 organization cannot function. Messaging clients will query DNS to locate internal resources, such as domain controllers and mailbox servers. Exchange 2003, on the other hand, relies on DNS to retrieve Internet Protocol (IP) addresses of domain controllers for directory lookups and external Simple Mail Transfer Protocol (SMTP) hosts when it sends messages to the Internet. Running DNS servers on domain controllers enables you to integrate DNS zones with Active Directory. An advantage of Active Directory-integrated zones is that all DNS servers have writable copies, and changes to zone information are replicated between the DNS servers as part of Active Directory replication.
Note: It is possible and supported to install Exchange 2003 directly on a domain controller. This might be an option for organizations that do not want to deploy two extra servers that run Windows Server 2003 and Active Directory. However, this configuration has performance limitations. When Exchange 2003 runs on a domain controller, it must always use the local domain controller for directory lookups and cannot perform load balancing between multiple domain controllers that might exist on the network. Deploy dedicated domain controllers in the forest of an Exchange 2003 organization, especially if additional servers that also require Active Directory access exist, for example, File, Print, or SQL servers.
Deploy Exchange Server 2003 Standard Edition The Standard Edition of Exchange 2003 is designed to meet the messaging and collaboration needs of small and medium organizations. It costs approximately six times less than the base price of the Enterprise Edition. However, the Standard Edition does not support Windows cluster configurations, and supports only one mailbox database and one public folder database in a single storage group. The messaging databases are limited to 16 GB. If you find that the capabilities of the Standard Edition do not meet your service level requirements, you can deploy Exchange Server 2003 Enterprise Edition on Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter, or Windows Server 2003 Enterprise Edition. While the Enterprise Edition supports multiple databases per server without size restrictions and provides Windows Clustering support, keep in mind that its cost, combined with the cost of additional hardware might outweigh the benefits of server consolidation in a medium organization. For example, you might need to buy additional hardware to implement a two-node cluster in an active/passive configuration for the Exchange 2003 mailbox server.
In any case, design the storage subsystem with a RAID configuration to provide sufficient fault tolerance for the Exchange store. By default, all messaging databases and their transaction log files are in the \Program Files\Exchsrvr\Mdbdata directory. Exchange 2003 uses transaction logs to preserve transactions committed in the memory cache, which ensures that committed transactions are not lost if the server shuts down unexpectedly. By separating the transaction logs from the databases and placing them on a separate physical disk, you can increase the fault tolerance of the Exchange store. If the database hard disk breaks, you can replace the disk, create new databases, and then replay the transaction logs, which are still available because they reside on another disk. Your users can continue working as if nothing happened. If the disk on which the transaction logs reside fails, the databases are still available. Only the most recent transactions might be lost, if they were not incorporated into the databases before the problem occurred. The following figure illustrates a recommended hard disk configuration for a non-clustered server running Exchange Server 2003 Standard Edition.
An Exchange 2003 configuration that has databases and transaction log files on separate disks
Deploy a perimeter network to protect internal resources from the Internet You should separate the internal network from the Internet through an arrangement of dedicated, dissimilar firewalls. You should not use an Exchange 2003 server as a firewall. The outer firewall can be a packet-filtering router or a more sophisticated firewall system to provide controlled access to the resources on the perimeter network. If possible, enable network address translation on both the outer and inner firewall to hide actual IP addresses from potential attackers. On the inner firewall, consider deploying Microsoft Internet Security and Acceleration (ISA) Server 2000 because ISA Server and Exchange 2003 are designed to work closely together to provide a more secure messaging environment. If you deploy ISA Server 2000 with Feature Pack 1 on the inner firewall, you can protect the internal Exchange 2003 organization through Secure Sockets Layer (SSL) encryption, two-factor authentication, URL scanning, and SMTP filtering. At the same time, you can provide remote Internet users with VPN or RPC over HTTP connectivity and access to mailboxes through Post Office Protocol version 3 (POP3) or IMAP4 (Internet Message Access Protocol version 4rev1), Microsoft Outlook Web Access 2003, Microsoft Outlook Mobile Access, and Exchange ActiveSync. For more information about configuring ISA Server 2000 for Exchange Server 2003, see Using ISA Server 2000 with Exchange Server 2003. For information about using ISA Server 2004 with Exchange Server 2003, see Using ISA Server 2004 with Exchange Server 2003.
Note: To achieve high security, use dissimilar firewall products on inner and outer firewalls, so that an attacker cannot use the same techniques on outer and inner firewall to penetrate the internal network. If you use ISA server on the inner firewall, use a non-Microsoft product on the outer firewall, or vice versa. Furthermore, do not run Exchange 2003 on a firewall because an Exchange server runs many services that an attacker might be able to exploit.
Consider deploying an SMTP smart host on the perimeter network The Exchange 2003 environment in Figure 3 does not require an explicit messaging connector to send or receive messages over the Internet. If, through DNS, the Exchange server is able to resolve SMTP domain names into IP addresses of external SMTP hosts, the server can establish SMTP connections directly to send messages. You can configure ISA Server to accept incoming SMTP connections and forward accepted messages to Exchange 2003. However, many organizations prefer to deploy an additional SMTP smart host (or an arrangement of smart hosts) on the perimeter network to prevent any direct connections over the Internet to or from internal messaging systems. The SMTP smart host accepts messages from the Internet and relays them through the inner firewall to the Exchange server. In the opposite direction, the SMTP smart host accepts messages from Exchange 2003, queries DNS to find the destination SMTP host, and then sends the messages. You can configure the SMTP service in Exchange 2003 to forward all outbound messages to a smart host on the perimeter network. You can also use the standard SMTP service in Windows Server 2003 to implement a smart host.
Note: To increase the throughput and reliability of message transfer, consider deploying multiple SMTP smart hosts on the perimeter network. It is possible to register multiple mail exchanger (MX) resource records for an SMTP domain in DNS for load balancing and fault tolerance.