Skip over navigation

Main Navigation

Subnavigation Area

 

About Us > Know-How

PREMIER KNOW-HOW

 

New York, NY June 9, 2009

Premier Know How Image

Exchange 2007 Migration Guidelines

contributed by Mike Cunningham

After an initially slow adoption rate, Exchange 2007 deployments have picked up steam in 2008 and 2009. Exchange 2007 offers several advantages over previous versions of Exchange, including:

  • A much-improved, more secure Outlook Web Interface (OWA)
  • Up to 70% disk I/O improvements, allowing firms to further consolidate servers
  • Improvements in clustering capabilities, including more flexible site-to-site replication options
  • Comprehensive protection from spam, viruses and phishing attacks
  • Unified messaging- users can receive e-mail, voice mail and faxes through a single inbox that can be accessed from anywhere

Premier has guided several firms through the migration to Exchange 2007 and while the migration is well documented by Microsoft, Premier has gained valuable real world experience and insight into some of the challenges faced during such a migration. This article will outline some best practices or guidelines you should consider when deploying Exchange 2007.

Consider Windows 2008

If you are planning to deploy Exchange 2007 and have not yet introduced Windows 2008 into your server infrastructure, now may be the time. Windows 2008 includes a number of improvements and enhancements that will directly benefit servers running Exchange 2007. For example, a Windows 2008-based cluster can be split across data centers, with one node residing in one geographic region while the other node is hosted in another region, a feature not available with Windows 2003. Additionally, Windows 2008 offers significant improvements in the areas of clustering, disk I/O performance, and networking.

Utilize Virtual Servers

While firms have been rapidly moving to virtual servers, they have been hesitant to deploy Exchange servers on a virtual server platform. This may be at least partly attributed to Microsoft's cloudy support policy of Exchange running on virtual servers. In recent months, several firms have successfully deployed Exchange 2007 on virtual servers and Microsoft has clarified their support position (http://go.microsoft.com/fwlink/?LinkId=124624). With Exchange 2003, the greatest challenge in deploying mailbox servers on virtual servers centered on disk I/O - virtual disks were not fast enough to support mailbox servers with several hundred mailboxes. However, with disk I/O improvements in Exchange 2007, this barrier has been removed for all but the largest Exchange deployments. Virtual servers offer several advantages including a more efficient use of hardware resources, reduced power consumption, and flexible recovery options and should be considered for Exchange 2007 deployments. Even if you choose not to host your mailbox servers on virtual servers, you should consider using virtual servers for the Hub Transport, Client Access, and Edge Transport server roles.

Carefully review your Active Directory environment and understand Exchange 2007 dependencies before installation

Microsoft introduced Active Directory integration with Exchange with the release of Exchange 2000 and expanded this integration with each subsequent release. Exchange 2007 is no different. Exchange 2007 is the most tightly integrated release yet. It is very important for firms to understand Active Directory dependencies before deploying Exchange 2007 in the organization. For example, Exchange 2007's internal message routing is based on your Active Directory site topology. Therefore, it is important to verify or improve your AD site topology and site connectors before introducing Exchange 2007. Additionally, Exchange 2007 modifies Active Directory with forest-wide changes and domain-level changes. It is important that you understand what changes Exchange 2007 will make to Active Directory before proceeding with these modifications. This is especially true for environments with multiple domains. Careful planning at the beginning of the project may save you a lot of aggravation down the road.

Review 3rd Party or custom application integration

If you have been running Exchange for a while, you probably have a number of third party products that integrate with your e-mail system. These solutions might include backup software, e-mail archiving, anti-virus, or custom reporting tools. You should use this opportunity to review your existing tool set and compare them to similar products or compare them to native functionality offered in Exchange 2007. In some cases, firms forego an opportunity to take advantage of more advanced tools because they have grown comfortable with their existing tool set. Use this opportunity to explore other product offerings. Regardless of the product chosen, you should thoroughly test all third party applications in a development environment prior to deployment. You will also find that many third party applications require an upgrade to support Exchange 2007, further enhancing your case to reevaluate these tools.

Take advantage of ForeFront Security for Exchange

Forefront Security for Exchange Server provides multi-layered protection for Exchange 2007 Edge, Hub and Mailbox server roles that is hard to match. Forefront allows you to run up to five virus-scanning engines at once, ensuring a high level of protection, and reducing the window of exposure to any given threat. Forefront Security for Exchange Server uses the antivirus transport stamp in Exchange Server 2007 to ensure that if a message is scanned once at an Exchange Server 2007 Edge or Hub server, it does not need to be scanned again later in the pipeline. Finally, Forefront provides anti-spam capabilities that can be used as your primary or supplemental protection against spam. Given the breadth of its features, along with its tight integration with Exchange 2007, firms should consider using Forefront to secure their Exchange 2007 environment.

Understand Certificate requirements for Exchange 2007 and plan accordingly

Exchange 2007 utilizes X.509 certificates to negotiate secure Transport Layer Security (TLS) and Secure Sockets Layer (SSL) transport channels of communication for protocols, such as HTTPS, SMTP, POP, and IMAP. By default, Exchange 2007 installs with self-signed certificates and most communication is secure by default. These self-signed certificates, while perfectly valid, are not intended for long-term use. For Internet-facing Exchange servers, we recommended obtaining a certificate that supports Subject Alternative Names (SAN) from a public CA such as Verisign or Thawte. While internal Exchange 2007 servers will function fine with self-signed certificates, a better, longer-term approach is to replace the self-signed certificates with certificates generated from an internal PKI infrastructure.

Learn and use the Exchange Management Shell

New in Microsoft Exchange Server 2007 is the Exchange Management Shell, a powerful management interface, built on Microsoft Windows PowerShell technology. You can use the Exchange Management Shell to perform every task available in the Exchange Management Console and tasks that you can't perform in the Exchange Management Console. You will find yourself using the Exchange Management Shell early in the migration to Exchange 2007 (probably out of necessity). While at first, you may be slow to embrace the management shell, you will soon discover that tasks are easier to complete and executed more quickly when performed in the shell. You can also use shell scripts to streamline tasks that require multiple steps or to automate frequently performed tasks. Furthermore, the Exchange Management Shell is here to stay; the shell will be the heart of Exchange 2010 administration. Learn and use the EMS early in the migration effort; it will make your life easier down the road.

Summary

The topics outlined highlight a few items you should consider before migrating to Exchange 2007. Premier has been assisting firms migrate to Exchange for several years and has obtained in-depth knowledge on the challenges faced during e-mail migrations and how to overcome these challenges.

more Know How

Contact Premier

OFFICE CONTACT INFO

Footer Navigation

Copyright © 2002- Premier Technology Solutions. All other trademarks property of their respective owners.