Application architecture

  • Article

Each of the applications in Windows EBS contributes roles and services to the overall architecture. Some of these applications, such as the technologies that are available in Windows Server 2008 or in Exchange Server 2007, are also available as stand-alone products. The Windows EBS architecture also includes applications, roles, and services that are unique to Windows EBS, such as the Windows EBS licensing service and supporting tools. Most of these applications and services are introduced in the Product technologies section of this document. The remainder of the applications and services are discussed in the following sections.

Windows Essential Business Server

Windows EBS includes installation architecture and administration architecture.

Installation architecture

Windows EBS is installed through the Windows Essential Business Server Installation Launch Tool. The Windows Essential Business Server Installation Launch Tool is a centralized interface that contains wizards to help you prepare your current network, plan your Windows EBS installation, and install the Windows EBS software. From the Windows Essential Business Server Installation Launch Tool you can also download the Windows EBS deployment documentation from the Microsoft Web site.

Start by running the Preparation Wizard. The Preparation Wizard analyzes your current network, checks for compatibility issues that may prevent a successful installation of Windows EBS, and helps you correct those issues.

After you run Preparation Wizard, run the Planning Wizard. This tool helps you plan how to incorporate Windows EBS into your environment. It helps you collect existing network settings and the new settings that you need to assign, and it saves them to Active Directory Domain Services or to an .xml file. You can then apply them as the default settings during installation.

You run the Installation Wizard sequentially on the three servers on which Windows EBS is to be installed, starting with the Management Server. The Installation Wizard uses the output from the Planning Wizard to fill in applicable fields for you to review during installation. These settings are used across the installation on all three servers. After the Management Server software has been installed, you install the software on the Security Server, and then complete your installation on the Messaging Server. As new server roles are installed on each of the Windows EBS servers, the Installation Wizard connects with a Microsoft server to download current critical updates for them.

After the installation is complete, you migrate existing roles and information to Windows EBS. These tasks include migrating user mailboxes to the Messaging Server, and migrating DNS and other services to the servers running Windows EBS. The Configuration and Migration Tasks page (which opens when you start the Windows EBS Administration Console) guides you through these tasks.

The following diagram illustrates a simplified view of the installation process:

Windows EBS deployment process

Figure 7   Deployment steps for Windows EBS

The Guided Configuration and Migration Tasks page displays the tasks in the order that you should perform them. The page connects you to tools and documentation that you can use to complete the tasks. As you complete the tasks, you record them on the Guided Configuration and Migration Tasks page so that you can track where you are in the installation process. The Guided Configuration and Migration Tasks page is displayed each time you start the Administration Console until you have completed all of the tasks.

Administration architecture

The Windows EBS Administration Console is a tool that contains many of the management tasks that are frequently performed by administrators of businesses with up to 300 users or computers. The Administration Console unifies the status and key alerts from several of the product technologies. The key items that are presented through the console and data sources are listed in the following table:

Displayed object or objects Data source applications or technologies

System health service status

Active Directory Domain Services, System Center Essentials

User accounts

Active Directory Domain Services

Security groups

Active Directory Domain Services

Managed devices

Active Directory Domain Services, System Center Essentials

Licenses and license status

Windows EBS licensing service

Critical alerts

System Center Essentials

Security components

Exchange Server 2007, System Center Essentials, Forefront Threat Management Gateway, Forefront Security for Exchange Server

For more information about the Administration Console, see the Product technologies topic in this document.

Licensing architecture

The Windows EBS architecture includes a central licensing server and associated tools that help administrators install and manage their licenses for the Windows EBS. The licenses for all of the Windows EBS products are integrated into a single client access license, which enables access to all of the available Windows EBS services. Separate user or device licenses are not required for Windows Server 2008, Exchange Server 2007, or the other components that are included in Windows EBS.

The licensing architecture is implemented through a license server, a wizard, and values that are kept in Active Directory Domain Services. To install and prepare licenses that you can assign to user accounts or devices, follow these steps:

  1. Purchase CALs in multilicense packs from a vendor.

  2. Using the Install CAL Packs Wizard, enter the product key for each CAL pack, and install the licenses in Windows EBS.

  3. Activate the licenses online by connecting to a Microsoft Web site.

The activated licenses are stored in a license pack store and validated for integrity. The license server then serializes the license packs and maintains the store of serialized licenses in Active Directory Domain Services. These licenses are validated against the activated license pack store to maintain license integrity within the system.

After the licenses are installed and serialized, you can assign them to user accounts or devices and manage them through the Administration Console. The licensing architecture in Windows EBS provides the following additional features:

  • The license service monitors license usage. It alerts the administrator (through the Administration Console) when the number of licensed users or devices approaches the available number of licenses. It enforces license assignments when the number of installed licenses is reached.

  • The Windows EBS Administration Console enables the administrator to assign, revoke, or reassign licenses from user accounts or managed devices.

  • The Windows EBS license management tools enable the administrator to back up and restore licenses.

Windows Server 2008 Standard Edition technologies

Windows EBS uses Windows Server 2008 Standard Edition technologies as its core operating system. Windows Server 2008 technologies provide the basic network services that are accessed through Windows EBS.

For more information about the basic services that are listed below, see the Product technologies topic in this document.

  • Active Directory services

  • Domain Name System (DNS)

  • DHCP Server services

  • Terminal Services RemoteApp

  • Certificates
  • Internet Information Services (IIS)

  • File

  • Print

  • Virtual private network (VPN)

System Center Essentials

System Center Essentials is a management application that includes components to monitor, troubleshoot, and manage servers, roles, and services. System Center Essentials combines two primary server roles with their associated services, optimized for businesses with up to 300 users or computers.

For more information about the features in System Center Essentials, see the Product technologies topic in this document.

Monitoring, troubleshooting, and management for managed devices

System Center Essentials deploys agents on the managed servers that monitor and collect health and performance data and then transmit it to the System Center Essentials application. Another dedicated agent communicates information between Windows EBS and System Center Essentials. This information is displayed in the Windows EBS Administration Console. When you select an item to manage from list view in the Administration Console, you can perform associated tasks directly within Windows EBS, or you can start additional tools to edit properties or perform other management functions.

System Center Essentials provides technology to assist you with alert notification and troubleshooting tasks. Critical alerts are displayed in the Administration Console. You can configure Windows EBS to send an e-mail message to the Windows EBS Domain Administrator distribution list regarding critical alerts for the services or components that you select. For more advanced troubleshooting of server roles, services, or managed devices, you can open the System Center Essentials console directly to work with them.

Update management and software deployment

System Center Essentials provides tools that you can use to manually or automatically deploy the latest updates for Microsoft operating systems, hardware updates, drivers, and Microsoft and non-Microsoft applications. You can configure System Center Essentials to automatically check for updates that are relevant to your environment and notify you when updates are availabile. System Center Essentials transmits data on your current update status to the Windows EBS Administration Console.

System Center Essentials enables you to deploy a variety of server and client software types, including Windows Installer applications, Microsoft and non-Microsoft updates, and drivers. You can use System Center Essentials to prepare and deploy information worker packages, such as Microsoft Office 2007 or other productivity software.

Exchange Server Standard Edition 2007

Exchange Server 2007 enables Windows EBS with messaging capabilities for e-mail and Web-based e-mail access. Exchange Server 2007 includes anti-spam software, which is enhanced by the addition of the Forefront technologies.

Exchange Server 2007 Edge Transport server role

The Microsoft Exchange Server 2007 fulfills the gateway role, which provides improved antivirus and anti-spam software for your Exchange organization. This server role is deployed in the perimeter network and outside the Active Directory Domain Services forest. The Edge Transport server role accepts e-mail messages that come into the Exchange Server 2007 organization from the Internet, and it routes all outbound e-mail messages to the Internet.

The Exchange Server 2007 Edge Transport server role provides a collection of agents that work together to provide several layers of spam filtering. These agents filter incoming e-mail messages on the basis of:

  • Known or suspicious attachment types, file extensions, or names

  • Origination server IP address

  • Message content (using the Exchange Intelligent Message Filter)

  • Recipient

  • Sender name or IP address

  • Sender ID (using the Received: SMTP combined with a query to the sender's DNS Server service)

Exchange Hub Transport server role

The Exchange Hub Transport server role handles all e-mail flow within your organization, including internal and external messages. It contains the SMTP, which routes core services and delivers received messages to recipient’s mailboxes. The Exchange Hub Transport server role also interprets messages that are sent to distribution lists and applies forwarding rules that may apply.

The Exchange Hub Transport server role transfers messages to the Edge Transport server role for external delivery, and receives incoming messages from the Edge Transport server role for routing and delivery.

Client Access server role

The Client Access server role supports your users’ access to their e-mail from any Web browser, and it supports personal calendars and synchronizes mobile devices. It supports Microsoft Office Outlook® Web Access and the Microsoft ActiveSync® technology, and it can be configured to support the Post Office Protocol version 3 (POP3) and Internet Message Access Protocol version 4 rev1 (IMAP4). The Client Access server role also supports additional services, such as the Autodiscover service and Web services.

Mailbox server role

The Mailbox server role hosts mailbox databases that contain users' mailboxes and public folders. In Exchange Server 2007, the Mailbox server role integrates with Active Directory Domain Services. The Mailbox server role provides calendaring functionality, resource management, and offline address book downloads.

Forefront security role

Windows EBS includes Microsoft Forefront security components to provide network edge protection and to help secure Exchange Server 2007. These components are installed at different locations within the Windows EBS architecture to enhance network, server, and client computer security. The Forefront components that are installed on Windows EBS include Forefront TMG and Forefront Security for Exchange Server.

For more information about Forefront technologies, see the Product technologies topic in this document.

SQL Server Express Advanced with Service Pack 2

Windows EBS installs the Microsoft SQL Server® Express Advanced database software with Service Pack 2 (SP2), which provides database capabilities that support the application architecture. Databases in SQL Server Express Advanced with SP2 are used to store and manage data for the following applications:

  • System Center Essentials

    • Monitoring and management

    • Update and software deployment

  • Forefront TMG

  • Windows EBS Administration Console