Creating an Exchange Lab POC Hybrid Cloud
Microsoft Exchange is the cornerstone of many organizations messaging systems. In addition to providing email capabilities, it also provides them with a calendar, contact lists, task management, and via integration it is the foundation for many business critical systems. Exchange Server has changed since it was first released and can now be deployed in on premise data centres, private cloud, public cloud such as Microsoft Azure, online via Microsoft Exchange Online or Office 365, and via any hybrid combination of these options as suits an organisation’s needs.
Because Exchange Server is so widely used, can be deployed in so many ways, and is so business critical it is important for IT departments to ensure that Exchange messaging systems are robust and resilient. A popular way to do this today is to embrace the hybrid model and have the Exchange infrastructure span multiple deployment models with user mailboxes located where they make the most sense based on the user’s needs. It’s also vital that the additional services and infrastructure that Exchange Server needs to function are deployed in a fault tolerant manner. Microsoft Active Directory, Windows Server, the virtualization platform, and the network itself all should be resilient.
When adopting this model of Exchange deployment, it is vital to present the whole messaging system as a unified entity irrespective of where mailboxes are located. Exchange Server itself does have capabilities that help to ensure high availability. These include Database Availability Groups (DAG), managed availability via active monitoring of services, managed public folders and more can all help to deliver the uptime needed for Exchange server deployments.
However, to fully make a distributed Exchange Server deployment seamless and resilient it is best to use load balancers to distribute incoming traffic across servers and locations. Kemp LoadMaster is ideally suited for this task and can provide all the application delivery needs and load balancing functionality required for Exchange and the other Window Server services necessary for resilient Exchange operations.
Microsoft used to recommend that their ForeFront TMG product was used with Exchange Sever for a variety of tasks, including helping with simple load balancing. The TMG product has been discontinued, but Kemp LoadMaster can be used to plug the gap this has left. We outline this in more detail here.
If you already have LoadMaster deployed in your organisation for application delivery or web server load balancing, then adding Exchange Server and other Windows Server services into the mix shouldn’t be too difficult. Best practice dictates that you should first deploy new Exchange Server solutions in a TEST lab. If you don’t already have LoadMaster implemented in your organisation and want to get up to speed on how it can help deliver your hybrid Exchange service, how do you get started?
We provide a fully functional edition of Kemp LoadMaster that can be used for free for many purposes including for use in testing, proof of concept labs, DevOps, and even in low throughput production deployments. Like the commercial versions of LoadMaster the free version can be deployed on premise, in the cloud, and in hybrid deployments. This makes it ideal for use in a proof of concept lab for testing Exchange Server load balancing implementations. A comprehensive list of the features available in the free LoadMaster edition is available here, and we won’t rehash them in this article.
Detailed deployment guides for using LoadMaster with Exchange Server can be found on our support site here. There are also preconfigured templates that can be used to set up LoadMaster for use with Exchange Server. Some of the main features that LoadMaster provides when load balancing and providing other services for Exchange Server deployments are summarised below. See the detailed implementation guides for more information:
- Web application load balancer – used for Exchange Outlook on the Web (formerly Outlook Web Access) servers to ensure a consistent connection load across web servers, and to link into Active Directory and Azure Active Directory Domain Services to provide federated authentication and single sign-on.
- The unified authentication and single sign on mentioned above can also be extended via federation to hybrid Office 365 email deployments via a LoadMaster acting as an AD FS server either deployed locally or on Azure.
- VPN access management – LoadMaster can take VPN traffic from remote sessions and distribute it to the correct nodes on the network. This includes being an endpoint on premise for services that are in Azure or Office 365.
- SSL/TLS offloading – Exchange uses security certificates for encrypting data in transit. Decrypting and encrypting this traffic is a resource intensive activity. This task can be offloaded from the Exchange server to LoadMaster, which is optimised to handle SSL/TLS data packets in an efficient manner.
- Web Application Firewall (WAF) – LoadMaster includes a comprehensive web application firewall that will guard Exchange Server (and other web services) against common threats, including those on the OWASP top 10 list.
- Reverse Proxy for Exchange – LoadMaster is easily configured as a reverse proxy to provide Exchange services to clients without them having to connect to the backend servers.
- Global Server Load Balancing – the GSLB features in LoadMaster can be used to automatically identify which endpoint services are on premise and which are in the Cloud on Azure or Office 365. From a user’s perspective, they just connect, and LoadMaster handles the routeing of their connection to the appropriate resource.
The world is quickly adopting the hybrid model for delivery of applications and services over the web. Microsoft Exchange has been in the vanguard of this trend, and over time more organisations will use Exchange with this deployment model. It’s essential that deployments are tested in non-production systems before rollout. The free edition of LoadMaster is ideal for use in non-production testing and proof of concept scenarios. It allows the testing environment to model global Exchange Server deployments in a way that is manageable, convenient, and most importantly, realistic.
Kemp have a team of consultants and engineers who have the experience of over 40,000 LoadMaster installations to call on. Download the free edition of LoadMaster today, and contact us with any questions.