F5 Solution for Microsoft Exchange 2010 James Hendergart Business Development Manager Helen Johnson Solution Engineer What’s new in Exchange Server 2010? 1. Elevation of Client Access Server (CAS) role • All client connections, regardless of protocol, are with CAS servers • CAS servers rely on ADC for high-availability CAS is critical 2 Exchange 2010 Architecture Enterprise Network Edge Transport Routing and AV/AS Phone system (PBX or VoIP) Hub Transport Routing and policy External SMTP servers Mobile phone Web browser Mailbox Storage of mailbox items Unified Messaging Voice mail and voice access Client Access Client connectivity Web services Outlook (remote user) Line of business application Outlook (local user) 3 What’s new in Exchange Server 2010? • Elevation of Client Access Server (CAS) role • All client connections, regardless of protocol, are with CAS servers • CAS servers rely on ADC for high-availability CAS is critical • Microsoft recommends hardware load balancing ADC for for every Exchange 2010 deployment highest availability • ADC recommended over NLB • Includes multi-role Exchange server installations • Includes installations with Microsoft clustering services 4 The F5 Solution for Exchange Server 2010 • Prevent these pains – Dropped sessions re-authentication, reconnection – Failed network connections retries, delay – Slow response trapped users • These capabilities – – – – Health monitoring and intelligent load-balancing Client persistence Server off-load Availability of servers, arrays and sites 5 What’s new in Exchange Server 2010? 1. Elevation of Client Access Server (CAS) role • All client connections, regardless of protocol, are with All clients CAS servers need BIG-IP 2. Microsoft recommends hardware load balancing over NLB HWLB for • Multi-role Exchange server installations highest • Installations with Microsoft clustering services availability Technical white paper on the MS internal Exchange design: http://technet.microsoft.com/en-us/library/ff829232.aspx 6 The F5 Solution for Exchange Server 2010 • • • • High-availability and superior user response Site resilience Reduced time and cost to replicate mail store SPAM filtering and web client security Availability • Intelligent load balancing • Acceleration • SSL offload Performance Security • Server optimization • Bi-directional proxy • Client connection acceleration • Protection against application layer attacks • Reduced bandwidth use • Application template for error-free, fast configuration • DevCentral online user community • SPAM filter • Cross-site resilience • Reduce DAG replication time Configuration • AuthN/AuthZ from the perimeter • Integration with systems management 7 F5 Solution for Exchange Server 2010 A C B D 8 Configuration - we have a template for that 9 Availability • Health monitoring – Port/protocol requests – Real-time in memory connection tables • Intelligent load-balancing – BIG-IP always knows the most available server – Least connection method – See application template • Cross site availability – Site level health – Prioritized decision tree 10 Persistence • Also known as affinity, or sticky sessions, persistence can help enhance a user’s application experience • Different types of persistence: – Source IP – Cookie – SSL ID • Each Exchange client connection type has a recommended persistence method 11 Configuring persistence profiles in BIG-IP LocalTrafficProfilesPersistenceCreate Cookie Source IP and SSL ID 12 Performance - SSL termination • Reduce cost and overhead of managing certificates by moving them to BIG-IP • BIG-IP is designed with dedicated chipset for encryption/decryption calculations • Increase Exchange server CPU utilization and network connections per second 13 Security • • • • • Bi-directional proxy Secure remote access Pre-authentication Application layer security for web clients SPAM filtering 14 Multi-datacenter considerations • Multiple datacenters provides additional options for redundancy and load-balancing – – – – Load-balancing and Failover across locations DNS management Secure, accelerated application data synchronization Seamless integration with systems management tools • Key enabling functionality – – – – BIG-IP LTM – GTM communication iSessions iControl F5 PRO-Enabled Management Pack 15 Summary • Highest availability through intelligent, hardware-based loadbalancing of client connections to CAS servers • Dramatically increased server processing power through off-loading of SSL, caching, compression and client connection isolation. • F5 enables cross-site availability and resilience • Pre-authenticate users in the perimeter network • F5 devices can be controlled using PowerShell and Management Packs 16 Next steps • Reply to your Coffee Talk calendar invite or your follow-up email to schedule an appointment with your F5 customer team. • Please complete our 30-second survey and receive your $5 Starbuck’s coffee card! 17 Exchange related resources • Sysmex case study – http://www.f5.com/pdf/case-studies/sysmex-america-cs.pdf • F5 video demo – how to configure BIG-IP for Exchange 2010 – http://www.vimeo.com/album/1537190 • F5 Deployment Guide – http://www.f5.com/pdf/deployment-guides/f5-exchange-2010-dg.pdf • F5 Solution page for Exchange Server – http://www.f5.com/solutions/microsoft/exchange • F5 online user community for Microsoft solutions – http://devcentral.f5.com/microsoft • Technical white paper on Microsoft’s internal deployment – • Load-balancing requirements from Microsoft TechNet – • http://download.microsoft.com/download/8/5/D/85D61478-8719-4219-96BAE5C53DD4F436/0941_ExchangeServer2010ArchitectureTWP.docx http://technet.microsoft.com/en-us/library/ff625247.aspx Microsoft TechNet wiki – http://social.technet.microsoft.com/wiki/contents/articles/exchange-2010-client-access-array-amp-load-balancingresources.aspx 18