Upload
phillip-brown
View
240
Download
12
Tags:
Embed Size (px)
Citation preview
Exchange 2010: Ask the expert
Alastair Dick – Technology Strategist([email protected])
Brett Johnson – UC [email protected]
Top Ten Reasons to deploy Ex2010• Reduced deployment cost
- Exchange Server 2010 helps you reduce costs by addressing common infrastructure requirements such as backup, e-mail archiving, mobile e-mail access, and voice mail with no need for third-party tools.
• Simplified HA and DR- To help you achieve new levels of reliability and
reduce the complexity of delivering business continuity.
• Easier Administration - Exchange Server 2010 provides
new self-service capabilities to help users perform common tasks without calling the help desk.
• Flexible Access- Exchange Server 2010 offers an enhanced
universal inbox experience, which provides your users with access to all of their business communications from a single location.
• Decreased Inbox overload and increased productivity- Exchange Server 2010 adds new productivity
features which help your users organize and prioritize the communications in their inboxes efficiently.
• Voice mail Transcription- With Exchange Server 2010, users can receive
their voice mail messages in their inbox with text preview.
• Simplified Compliance and Archiving- Exchange Server 2010 delivers new integrated
archiving functionality to help simplify compliance and discovery.
• Safeguards for Sensitive Information- With centrally managed and enforced
information protection and control capabilities, Exchange Server 2010 makes it easy to encrypt, control, and moderate your company's communications.
• Reduced risk of malware and spam- Exchange Server 2010 actively helps protect your
communications through built-in defences against junk e-mail and support for an array of third party security products.
Exchange Server 2010 (inc SP1)BRETT JOHNSON UC TECHNICAL SPECIALSTSMICROSOFT UKHTTP://BLOGS.TECHNET.COM/BRETTJOTWITTER/BRETTJO
Coexistence
Deploy Exchange in the way that best fits your business needs
Cloud ServicesOn-Premises
Seamless User Experience
Optimised for Software & Services
Exchange
Fabrikam
Exchange
Microsoft cloud services
Azure Services Platform
ISV AppsISV AppsEnterpriseApps
EnterpriseApps
Microsoft Online
OC OnlineOC Online
Dynamics CRM OnlineDynamics
CRM OnlineSharePoint
OnlineSharePoint
Online
Microsoft Federation Gateway
Microsoft Federation Gateway
Exchange Online
Exchange Online
Federation and Exchange Online
Sharing with partners• Free/busy sharing• Full calendar sharing• Contact sharing
Cross-premises coexistence• Free/busy sharing• Full calendar sharing• Secure message delivery• Mailbox move
ADFSv2ADFSv2
Employee
Single sign-on/single identity• Exchange Online • Microsoft Online Services• Applications hosted on Azure™
Single sign-on
ActiveDirectory
ActiveDirectory
Federated sharing
Contoso
Optimise for Software + Services
• E-mail Archiving
• Protect
Communications
• Advanced Security
• Manage Inbox
Overload
• Enhance Voice Mail
• Collaborate
Effectively
• Continuous
Availability
• Simplify
Administration
• Deployment
Flexibility
Anywhere Access
Flexible and Reliable
Protection and Compliance
Disk Technology Futures
• Disk capacity trend predicted to continue• Sequential throughput increasing linearly based on areal density (2010
SATA = 250 megabytes (MB)/sec)• Random I/O performance not expected to improve substantially
SATA (3.5") 2006 2010 2013
Drive Capacity (GB) 750 2,000 8,000RPM 7.2K 7.2K 10k
Transfer Rate (Mb/sec) 930 2,000 5,000
Read Seek Time (ms) 8 7.2 6.5
FC/SAS (3.5”) 2006 2010 2013
Drive Capacity (GB) 300 600 2,400RPM 15K 15K 15K
Transfer Rate (Mb/sec) 975 2,000 4,000
Read Seek Time (ms) 3.7 3.3 2.8
I/O Reduction: ESE Changes
• Optimise for new Store schema- Allocate database space in contiguous manner- Maintain database contiguity over time : Online Defrag re-factored- Utilise space efficiently : Database Compression- Deprecation of SIS (per DB)
• Increase Database I/O Size- DB page size increased from 8 KB to 32 KB- Improved read/write I/O : Gap coalescing- Provide improved async read capability : Pre-read
• Increase cache effectiveness - 100 MB checkpoint depth : HA configurations only- Cache compression : Dehydration- DB cache priority : Fast evict
Deployment Flexibility
Wide Range of Storage Hardware Options Enabled By Scalability and Performance
Enhancements
Storage Area Network (SAN)
Direct Attached w/ SAS Disks
JBOD SATA(RAID-less)
Direct Attached w/ SATA Disks
• Continual platform innovation yields 70% reduction in disk IO• Disk IO patterns optimized for better hardware utilization• Resilience against corruption through automated page-level repairs
Exchange Server 2010 High Availability
Client
DB2
DB3
DB2
DB3
DB4
DB4
DB5
CAS/HUB
Mailbox Server 1
Mailbox Server 2
Mailbox Server 3
Mailbox Server 6
Mailbox Server 4
AD site: Dallas
AD site: San Jose
Mailbox Server 5
DB5
DB2
DB3
DB4
DB5
DB1
DB3
DB5
DB1
DB1DB1
DB1
Database Availability Group (DAG)
Microsoft IT Mailbox Architecture
Mailbox Distribution
DAG Model LocationNumber of
Actual Mailboxes
Number of Supported Mailboxes
11 Node DAG Redmond 29913 33000
11 Node DAG Redmond 28861 33000
10 Node DAG Redmond 26171 30000
16 Node DAG Dublin 33260 48000
16 Node DAG Singapore 37698 48000
Microsoft IT Mailbox ArchitectureStorage Architecture• Strive to ensure balance between capacity and performance when choosing a disk• JBOD (no RAID) can be used when you have sufficient number of copies• RAID5 can be used when disk IO requirements are well understood
- RAID-5 should not be used with 5.4K or 7.2K spindles due to performance implications
DAG Type Location Storage Architecture
Disk Type
3 Node DAG Reno JBOD 3.5” 1TB 7.2K SAS
3 Node DAG Redmond RAID-5 (5 disks)
2.5” 146GB 10K SAS
4 Node DAG Sao Paulo JBOD 3.5” 1TB 7.2K SATA
11 Node DAG Redmond JBOD 3.5” 1TB 7.2K SAS
10 Node DAG Redmond JBOD 3.5” 1TB 7.2K SAS
16 Node DAG Dublin &Singapore
JBOD 3.5” 1TB 7.2K SAS
Microsoft IT Mailbox ArchitectureFailure Model• Architecture is designed for a 3 server targeted failure model
- Requires MaxActiveDatabases to be set on each server• Consider 11-node DAG
- 35 database copies / server- ~300 mailboxes per database
• Requires Operational maturity
Number of Active Databases /
Server
Number of Active Mailboxes /
Server
Normal Runtime 10 3000
1st Server Failure 11 3300
2nd Server Failure 13 3900
3rd Server Failure 15 4500
Collaborate Effectively
A Familiar and Rich Outlook Experience Across Clients, Devices and Platforms
Desktop Web Mobile
Simplify Administration
Delegate Specific Tasks to Specialist Users with Role-based Administration
Compliance Officer
Human Resources
Conduct Mailbox Searches for
Legal Discovery
Update Employee Info in Company
Directory
Help Desk Staff
Manage Mailbox Quotas
LESS RESTRICTIVE MORE RESTRICTIVE
Classify Block ReviewAppend
Alert Protect Modify Redirect
• Apply the right level of control based on the sensitivity of the data
• Maximise control and minimise unnecessary user disruptions
Protect Communications
Safeguard communications with an array of information protection and control tools
Apply multiple alerts
MailTipsPrevent policy infractions before they happen
Protect sensitive data from accidental distribution
Create custom Mail Tips to prompt policy reminders
Protect Communications
Automatically Protect MessagesWith Centralized Rights Management Rules
Automatic Content-Based Protection:• Transport Rule action to apply RMS template to e-mail or voice mail• Support for scanning of attachments and searching of protected mail• Internet Confidential and Do Not Forward Policies available out of box• Information protection cross PC, web, and mobile device
Retention PoliciesAt the Folder or Item level
Policy applied to all e-mail within a folder
Policies automatically delete e-mail after x days and/or moved to archive
Expiration date label
Folder Item
Legal Hold PolicyPreserve edited and deleted items
Retention Hold suspends automated purge cycle
Legal Hold suspends manual purge/edits by users
Use Multi-Mailbox search to retrieve deleted/edited items indexed in recoverable items folder
Automatically generated Legal Hold alert
Why Archive Your Email?
Storage Management• Balance mailbox size demands with available storage resources• Reduce the proliferation of .PST files stored outside of IT control• Improve overall application and network performance
Data Retention• Meet industry and regulatory email data retention requirements• Support ongoing compliance, litigation, or personnel matters• Preserve valuable intellectual property and corporate assets
Discovery• Respond to strict timelines for legal discovery orders• Reduce costs involved in searching for and retrieving email data• Report on email communications as part of auditing procedures
Potential Barriers to Archiving
A Poor User Experience
• Unfamiliar experience for your users• Separate tools for searching and accessing archived email• Loss of full fidelity of Exchange user productivity features
Complex Administrative Experience
• Difficulty deploying add-ins and impact to Outlook® performance• Different methods for conducting multi-mailbox searches• Complexity managing high availability and access to the archive
High Costs and Overhead
• Separate archive infrastructure investment• Additional archive management overhead• User training and education costs
What Is The Archive?
Outlook/OWA
Archive Mailbox
Exchange Server 2010 (Beta) DB + Copies
DAS Storage
Primary Mailbox
Recoverable Items (14 Days)
Recoverable Items (14 Days)
1-2 yrs of emailSize < 10 GBOffline and Online
1- 10 yrs of emailSize < 10 - 30 GBOnline Only
AD
User Account
Exchange Admin/ Compliance Officer
Archive is an additional mailbox associated with an
existing user account
IT Pro manages Archive mailboxes same as existing
Exchange mailboxes
Archive availability and reliability is the
same as existing Exchange mailboxes
Archive mailbox is end user accessible from Outlook and
OWA
Support for Tiered Storage in SP1
• Users primary and archive mailboxes can be located on the same or separate databases
• Mailboxes can be moved together or separately
• Allows for different strategies for current and historical email:- Different storage hardware- Separate Database Availability
Groups- Different backup and recovery
windows (RTOs/RPOs)
Improved Workflow in SP1
• Search preview provides info on estimated number of results with keyword statistics before copying result set to designed discovery mailbox
• De-duplication of search results copies only one instance of a message• Searchable annotation offers tagging of reviewed items
Advanced Security
Stop Malicious Software and Spam from Entering into the Messaging Environment
Antivirus and anti-spam protection for Exchange Server 2010 Server Roles
On-Premise SoftwareHosted Service
Hub Transport Server Mailbox Server Client Access Server
Internet SMTP
• Multiple scan engines throughout the corporate infrastructure• Tight integration with Exchange maximises availability and
performance• Easy-to-use management console for central configuration and
operation
Coming in Service Pack 1 …
New Exchange Control Panel Management UI• Create and configure transport rules• Create and configure journaling rules• Manage Exchange ActiveSync policies• Manage RBAC Roles Groups and User Roles• Create and manage resource mailboxes• Create and manage security groups• Create and manage Allow/Block/Quarantine policies
Improved High Availability and Disaster Recovery• Improved Continuous Replication (Block Mode)• Improved client experience for cross-site failover• Improved support for 2-node datacenter resilient topologies• Faster failovers with improved post-failover client experience• Active Mailbox database redistribution
Flex
ible
and
Rel
iabl
e
Coming in Service Pack 1 …
Improved Outlook Web App UI• Simplified UI better optimizes for small screens – e.g., Netbooks• Support for calendar printing• Support for adding inline images while composing new email• Themes and customization support
Improved OWA Performance• Long running operations do not block user experience• Auto-save drafts while composing new email
Better Mobile Experience• Conversation view experience on par with Outlook Web App• Photos supported in Global Address List contact card• Exchange ActiveSync (EAS) throttling support• Information Rights Management support in EAS• Block/Quarantine notification to mobile device via EAS
An
yw
here
Acc
ess
Coming in Service Pack 1
Personal Archive Enhancements• Support for archive and primary mailboxes on separate databases• Outlook 2007 support (i.e., user’s personal archive folders appear)• .PST file import/export for archive and primary mailboxes• Support for “admin enabled” delegate access to archive• Archive provisioning and configuration with Exchange Control Panel• Exchange Web Services access to the archive mailbox
*requires Windows Server 2008 R2 Service Pack 1
New Information Protection and Control Capabilities• View protected documents with OWA Web Ready Document Viewer• Improved support for federated B2B IRM scenarios*
Retention Policy Management Enhancements• Create and Configure Retention Tags and Policies in EMC• User Self-service for selection of optional Retention Policies in ECP
Multi-Mailbox Search Enhancements• Search results preview including item count and keyword statistics• De-duplication of search results (optional)
Prot
ectio
n an
d Co
mpl
ianc
e
Exchange 2010 Deployment Tools
• Profile Analyser• Exchange 2010 Mailbox Calculator
- New version released Friday – 3.2- http://msexchangeteam.com/archive/2009/11/09/453117.aspx
• Exchange BPA (Part of EMC Tool Console)• LoadGen• Jet Stress• Remote Connectivity Analyser (OWA, EAS, OA)• Exchange 2010 Deployment Assistant
- http://technet.microsoft.com/en-us/exdeploy2010/default.aspx
Tools Process Flow
Exchange Profile Analyser
Performance Monitor
Exchange Load Generator
Exchange Storage Calculator
Exchange Jet Stress
UserProfile
Mail Flow & Other Stats
IOPS
UserProfile
Deployment PrerequisitesActive Directory Domain Services (AD DS)
• AD DS minimum- Windows Server® 2003 SP2 global catalog server is installed
in each Exchange AD DS site - Windows Server 2003 forest functional level- AD DS RAP is recommended
• AD DS supported- Active Directory 2003 R1 and R2- Active Directory 2008 R1 and R2
36
Mailbox Role : Memory Sizing
• Design servers with a lot of memory (32-64GB)- Deep checkpoint depth + 32KB pages allow E2010 to benefit
from larger memory configurations than E2K7
• More DB Cache = less IOPS/Mailbox
User type (usage profile) Send/receive per day Database cache per
user
Light 5 sent/20 received 2 MB
Average 10 sent/40 received 4 MB
Heavy 20 sent/80 received 6MB
Very heavy 30 sent/120 received 8 MB
Extra heavy 40 sent/160 received 10 MB
37
Processor and Memory Configuration
RoleRecommendedMax Processor Configuration
RecommendedProcessor
Configuration
RecommendedMax Memory Configuration
Recommended Memory
Configuration
Hub Transport 12 cores 4 cores 16 gigabytes (GB)
1 GB per core or 8 GB
(minimum)
Client Access Server 12 cores 8 cores 16 GB
2 GB per core or 8 GB
(minimum)
Mailbox 12 cores 8 cores 64 GB
4 GB plus 2-10 megabytes (MB) per mailbox
Unified Messaging 12 cores 8 cores 16 GB
2 GB per core or 4 GB
(minimum)
Multiple Role Server 24 cores 8 cores 64 GB 8 GB plus 2-10
MB per mailbox
38
Processor Core Scalability
• Single Role Servers- Recommend 12 cores maximum (based on 2 socket
platform)- Expect diminishing returns moving to 16+ cores - Known issues updating memory across cores
• Not Non-Uniform Memory Access (NUMA)-aware or optimized for scale around data locality
• Code takes longer to execute; transaction costs rise
• Multiple Role Servers- Recommend 24 cores maximum for high-scale “Enterprise
Multiple Role Server”- Multiple processes from different roles help us scale better
39
Role Ratio Guidelines
• Processor core ratios- Client access server (CAS) : Mailbox = 3 : 4- Hub Transport server (HUB) : Mailbox
• = 1 : 7 (no A/V on Hub)• = 1 : 5 (with A/V Hub)
- Global Catalogue (GC) : Mailbox• = 1 : 4 (32–bit GC)• = 1 : 8 (64-bit GC)
40
Virtualisation
• The hardware virtualization software is running:- Windows Server 2008 with Hyper-V technology- Windows Server 2008 R2 with Hyper-V technology- Microsoft Hyper-V Server 2008- Microsoft Hyper-V Server 2008 R2- Any third-party hypervisor that has been validated under the Windows Server
Virtualisation Validation Program.
• The Exchange guest virtual machine:- Is running Microsoft Exchange 2010.- Is deployed on the Windows Server 2008 with SP2 or Windows Server 2008 R2 operating
system.- Doesn't have the Unified Messaging server role installed. All Exchange 2010 server roles,
except for the Unified Messaging server role, are supported in a virtualization environment. This is due to the real-time response requirements associated with voice communications with the Unified Messaging server role.
• Boston Example : 4 x MBX servers for 1000 users
Supported Upgrade Path
• In-place upgrades are not a valid scenario• You cannot add an Exchange Server 2010 server to an existing Exchange
organization if it contains Exchange Server 5.5 or 2000 servers• You cannot add Exchange Server 2007 servers to an Exchange Server 2010
organization that doesn’t have existing Exchange Server 2007- Greenfield 2010- Upgraded directly from 2003 to 2010
• Exchange organization must be in Native mode• Exchange Server 2003 and 2007 servers must be at the following service
pack levels to add 2010 servers to the org:- Exchange Server 2003 Service Pack 2 (SP2)- Exchange Server 2007 SP2 for the following:
• All CAS servers in the organization• All UM servers in the organization• All Exchange Servers in any AD DS site that will contain Exchange Server 2010 servers
42
Deployment PrerequisitesSupported Upgrade Path
• Deployment sequence- Client Access server role- Hub Transport server role- Unified Messaging server role (optional)- Mailbox server role- Edge Transport server role (optional) on separate server - AKA as the CHUM file deployment order
43
Upgrade in a Nutshell
Internet facing AD Site
Internal AD Site
Inte
rnet
FE, BE, CAS, HUB, UM, MBX 2003 or
2007
CAS, HUB, UM,
MBX 2010
Upgrade Internet facing sites first
Upgrade Internal sites second
CAS, HUB, UM, MBX
Deploy E2010 serversCAS first; MBX last• Start with a few• Gradually add more servers as you move mailboxes
2
https://legacy.contoso.com
Move Mailboxes5
CAS-CASproxy
Upgrade existing servers to SP2
1
‘Legacy’ hostname for old FE/CAS• SSL cert purchase• End Users don’t see this
hostname• Used when Autodiscover and
redirection from CAS2010 tell clients to talk to FE2003/CAS2007 for MBX2003/MBX2007 access
3
https://mail.contoso.com
https://autodiscover.contoso.com
Decommission old servers
6
Move • Internet hostnames to CAS2010
• UM phone number to UM2010• SMTP end point to HUB2010
4
© 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.