Jay Butler, Senior Support Consultant
Could your institution tolerate a full business day without Microsoft Outlook? It may very likely have to if your current Microsoft Exchange server failed. Recovering to backup hardware usually requires about that much time, even in the smallest business; moreover, users may have to tolerate some permanent data loss. A crash can only be recovered to the time of the last successful backup, so an end of day occurrence could mean the loss of a full day. Any problem with the backup could mean even more data loss, and backup problems are not always obvious until a restore attempt. How will you explain that to the set of users who rely so heavily on their Outlook data? What if their Outlook was down for two to three days or longer? Consider that these users are officers, executives, your superiors, and they need an immediate solution because most rely heavily on Outlook to help manage their work.
Therefore, you need to take the proactive approach by upgrading to Exchange 2007 before a failure ruins your week. Exchange 2007 significantly reduces the risk by maintaining an exact real-time copy of your mailbox data via Local Continuous Replication (LCR). Should the live mailbox database fail, the server can be switched to use the copy in minutes avoiding lengthy data restores. The copy can exist on any machine with adequate disk space including a NAS. Older Exchange versions require expensive third-party software for a comparable solution. LCR will save you from a database failure, but you need Cluster Continuous Replication (CCR) to recover as fast from a total server outage.
Exchange 2007 clusters do not suffer from the main weakness found in the traditional Microsoft server cluster environment. Those clusters consist of at least two servers connected to central data storage. Central data storage in that model is expensive, and it forms a single point of failure. If the data storage fails, the entire system shuts down and most likely for a long period of time because the central storage cannot be quickly replaced. Exchange 2007 Clustering eliminates the central data storage requirement by forming a cluster using the data storage of the mailbox servers. With CCR, a single server failure is a non-issue. Your end-users would never know it happened, and you would not have an emergency critical down to handle. The failed server could be recovered at your leisure while users enjoy uninterrupted access to Outlook.
Deploying Exchange 2007 CCR requires at least two servers running Windows Server 2003 64 bit Enterprise Edition in a Windows 2003 Active Directory forest. The servers may exist in different geographical locations to provide disaster recovery during catastrophic events as long as they are on the same subnet. Exchange 2007 Enterprise edition is installed on both servers after the initial cluster is created to form the CCR. Implementation and maintenance has been simplified to ease deployment compared to traditional clusters reducing overall cost.
The introduction of server roles extends the resiliency of Exchange 2007 further by distributing functions among multiple servers. CCR only works on the Mailbox server role to provide instant failover for Outlook mailbox access. The strategic implementation of additional servers to distribute the roles improves performance and reliability considerably. For example, the Edge Transport role responsible for handling inbound internet email may be distributed among multiple servers in the DMZ. During periods of high volume, the load would be balanced, and should a single server fail, email would still flow. The Hub Transport role can be used for the same advantages for internal mail traffic on the network. All but the Edge Transport role may be placed on a single server where budget limitations dictate, so a minimum of two servers should be used to deploy Exchange 20071. The five Exchange 2007 server roles are the Hub Transport, Edge Transport, Mailbox, Client Access, and Unified Messaging.
Exemplifying two main tenants of Microsoft Trustworthy Computing2 (MTC), Exchange 2007 features both improved reliability and security. After all, the two cannot be separated; excellent reliability does not exist without excellent security especially when it comes to mail servers. Mail servers accept non-authenticated connections from the Internet unlike most servers, so they are obvious targets for abuse. We witness the simplest form of it everyday with malware/spam in our mailboxes and from reviewing antivirus logs. The Edge Transport server works in the DMZ to filter this inbound malware preventing its arrival to the Mailbox server on the LAN. Reducing the email traffic arriving on the LAN maximizes internal server performance and improves overall security. Server roles combined with the new 64 bit architecture that surpasses current memory and processing limitations, Exchange 2007 scales with the growth of your mailbox store and mail flow.
Exchange 2007 can be deployed to ensure business continuity through its use of continuous replication and server roles. Because nothing is enabled by default during the installation, server roles also provide a security benefit by reducing the attack surface area of any given server. A theme found in all Microsoft software created since the MTC initiative, all components must be purposefully enabled during an implementation while previous versions of Exchange enabled them by default. It may seem trivial, but this is a radical shift in a Microsoft culture that once favored features and easy deployment over everything else. Now, Microsoft development sacrifices anything necessary to produce software that is secure as possible out of the box.
Mobile users will not be disappointed either with the vastly improved Outlook Web Access, now almost exactly like regular Outlook. They may also use Windows Mobile 5 handhelds for over the air synchronization to provide real-time Outlook anywhere. For office dwellers, adding Outlook 2007 to the desktop unleashes the full potential of the significantly streamlined user experience. Outlook 2007 automatically connects to Exchange 2007 easing deployment for administrators.
Security, performance, scalability, and fault tolerance converge in Microsoft Exchange 2007. Properly deployed to leverage all its innovation, Exchange 2007 forms an extremely resilient application where it is needed most. Outlook is not just email anymore. It is a business critical application that users cannot afford to be without. With the full power of Exchange 2007 Continuous Replication, they will likely never have to.
Continuous Cluster Replication topology diagram – basic deployment3
1Note: Although not recommended, it is possible to fully deploy Exchange 2007 on a single server by omitting the optional Edge Transport Server role.
2Microsoft Trustworthy Computing
3Diagram used from Microsoft Technet