Embed Size (px)
Citation preview
www.digicomp.ch 1
Was ist neu in Exchange 2013
Herzlich willkommen
Vorstellung der Referenten
Markus Luchsinger
Datacenter und Microsoft Solution Architekt
connectis AG
EMBA FH, IDV-TS, MCITP und MCT
Seit 2001 Trainer bei Digicomp
Markus Hengstler
Senior Systems Engineer
UMB AG
MCITP, MCT und «Microsoft Certified Master: Exchange 2010»
Seit 2001 Trainer bei Digicomp
www.digicomp.ch 2
www.digicomp.ch 3
Was ist neu in Exchange 2013 - Agenda
• Architekturänderungen
• Client Zugriff
• Vertiefte Integration mit SharePoint und Lync
• Management
• Anbindung an die Cloud
• Installation / Migration
• Was fehlt..
• Q&A
Architectural Changes - Overall
www.digicomp.ch 4
Evolution from 2000 to 2010
Ex Ex
Ex Ex
2000/2003
• Manual config
• Backups and hardware solutions for “reliability”
CAS HT
MBX
MBX
2007
• Separate roles
• Support cheaper storage
C C C H H H
MBX
MBX
MBX
MBX
L7 LB
2010
• Separate HA solutions
• DAG
• RBAC
• Hybrid deployments
Architectural Changes - Overall
www.digicomp.ch 5
Exchange 2010 Role Architecture
Internal Network
Phone system
(PBX or VOIP)
Web
browser
Outlook
(remote user)
Mobile phone
Line of business application
Mailbox
Stores mailbox and
public folder items
Unified Messaging
Voice mail and
voice access
Client Access
Client connectivity
Web services
Outlook (local user)
Layer 7 LB
AD
External
SMTP servers
Edge Transport
Routing and
AV/AS
Hub Transport
Routing and policy
Forefront Online
Protection for Exchange
Architectural Changes - Overall
www.digicomp.ch 6
Problems…
Version compatibility – all roles needs to have the same version
Geo-affinity – CAS/HT/MBX has to be on present on every site
to work
Complicated deployments
“Correct” load balancing is complex to achieve and costly
Many namespaces needed for site resilient designs
Architectural Changes - Overall
www.digicomp.ch 7
NEW Exchange 2013 Architecture
2 Building Blocks
Client Access Array
Database Availability
Group
Loosely coupled (Versioning)
Deployment simplicity
L4 LB
2013
• Simplify for scale, balanced utilization and isolation
• Integrate HA for all roles
• Simplify network architecture
L4 LB
C M C M
Architectural Changes - Overall
www.digicomp.ch 8
Wrap-Up
Ex Ex
Ex Ex
2000/2003
CAS HT
MBX
MBX
2007
C C C H H H
M
M
M
M
L7 LB
2010 2013
L4 LB
C M C M
Architectural Changes - Overall
Exchange 2010 Role Architecture
Internal Network Phone system
(PBX or VOIP)
Web
browser
Outlook
(remote user)
Mobile phone
Line of business application
Unified Messaging
Outlook (local user)
Laye
r 4 L
B
AD
External
SMTP servers
Edge Exchange
2010 Transport
Rout. and AV/AS
Exchange Online Protection
CAS Array
DAG
Architectural Changes - Overall
www.digicomp.ch 10
Every Server is an Island
Protocols, Server Agents
Business Logic
Storage
EWS
RPC CA
Transport
Assistants
MRS
MRSP
roxy
XSO
MailItem Other
API
CTS
Store
ESE
Content
index
File
system
EWS
RPC CA
Transport
Assistants
MRS
MRSP
roxy
XSO
MailItem Other
API
CTS
Store
ESE
Content
index
File
system
Server 1 Server 2
SMTP
MRS proxy
protocol
EWS protocol
Custom WS
Architectural Changes - Overall
www.digicomp.ch 11
OAB
OAB generation is not bound to a specific server anymore
OAB is generated by each MB-Server that hosts the
“Organization mailbox”
OAB for user download is not stored on the CAS – only proxies
the file from the correct MB-Server to the client
More to come on the EHLO-Blog …
Architectural Changes – Overall
www.digicomp.ch 12
Managed Availability
Monitor and recovery is integrated within Exchange
Detects (includes integrated synthetic transactions) and recovers
automatically if possible (or to take the server offline in the worst case)
It’s user focused – if you
can’t measure it, you can’t
monitor it
Also focus on problem
resolution and not on
root cause analysis
© blogs.technet.com
Architectural Changes – Overall
www.digicomp.ch 13
Anti-Spam / Anti-Malware
Anti-Malware now included
(Exchange 2010 native only possible with implementing of transport
rules AFTER the Virus was identified)
The included Anti-Spam agents are relatively unchanged from
Exchange 2010
Online Protection for Exchange (FOPE) hosted email filtering service
is still available - Microsoft Exchange Online Protection (EOP) is the
new version of this service
Architectural Changes – Client Access Server
www.digicomp.ch 14
Consist of of three components:
Client access protocols (HTTP, IMAP, POP)
SMTP
UM Call Router
Thin, stateless (protocol sess.), nothing remains in memory, disk etc.
(no session affinity needed for Load balancing)
“Exchange-aware proxy server”
Supports proxy and redirection logic for client protocols
Capable of supporting legacy servers with redirect or proxy logic
Public folder access finally also going through CAS
No more RPC/MAPI Access for the clients
Can be deployed with a single world-wide namespace
Architectural Changes – Client Access Server
www.digicomp.ch 15
Access to the CAS (and Mailbox)
MDB
HTTP Proxy
Client
Access
RPC CA
Mailbox
IIS
RPS
OWA, EAS,
EWS, ECP,
OAB
POP,
IMAP SMTP
POP IMAP Transport UM
MailQ
RpcProxy
SMTP
Redirect
SIP
+ R
TP
IMAP OWA PowerShell Outlook EAC EAS
LB
Telephony
UM
Load Balancer
IIS
NA-DC2NA-DC1
VIP #1 VIP #2
DAG US
Architectural Changes – Client Access Server
www.digicomp.ch
Single Common Namespace Example with Round-Robin DNS
NA-DC2NA-DC1
mail.firma.ch
VIP #1 VIP #2
DAG CH
DNS Resolution
Peter
(Somewhere in CH) Round-Robin
between # of VIPs
DNS Resolution via Geo-DNS
Round-Robin
between # of VIPs
Peter
(Traveling in US)
Architectural Changes – Mailbox Server
www.digicomp.ch 17
Access only through CAS for everything
Server that hosts the components that process, render and store
Exchange data – includes now all components
(previously spread out in different roles)
The database is still ESE, but the engine is using FAST and provides
better and much faster search and index performance
Rewritten store – each DB has it’s own Store worker process
99% less IOPS then in Exchange 2003
Possible to have multiple DBs per LUN
Use a single logical disk partition
per physical disk
The number of database copies
configured per volume should be
equal to the number of copies of
each database
Architectural Changes – Mailbox Server
www.digicomp.ch 18
Public Folder
Public folders are stored in public folder mailboxes - no public folder
databases anymore
Each public folder mailbox will have unique data
There is no PF replication as in previous versions. As the public folder
data is stored in PF mailboxes, DAG can be used for high availability.
No more multi-master replication
As Outlook 2003 & earlier clients are not supported in 2013, there is
no need form system public folders
Public folders can be administered using the EAC & Shell
(fully integrated now)
Architectural Changes – Transport components
www.digicomp.ch 19
Split of former Hub Transport role into Front End Transport, Transport
Service and Mailbox Transport Service
Architectural Changes – Transport components
www.digicomp.ch 20
Delivery Groups are the new targets in Routing decisions: DAG,
Mailbox DG, Connector Source Server, AD Site, Server List (DL
Expansion)
Architectural Changes – Transport components
www.digicomp.ch 21
Safety Net (former Transport Dumpster) with configurable retention
time (2 days) – works in conjunction with Shadow Redundancy
In-Place eDiscovery allows searches for content in all Wave15
products Exchange, Sharepoint and Lync simultanously
In-Place Hold (Legal Hold) is more granular and can be adjusted to
specific time ranges or for specific objects. Also, archived Lync content
can be searched inside the Exchange Mailbox
Data Loss Prevention (DLP) warns or restricts if sensitive content is
about to be sent out of the organization
www.digicomp.ch 22
Architectural Changes – Compliance
Client Access - Outlook 2013
Outlook 2013 connects to CAS by OA (RPCoverHTTPS) only
Support for Apps for Office (e.g. Bing Maps or Weather)
Office Web Apps Server is used by all Wave15 products to preview or
view Office documents
Attachment Reminder
Sync Slider for Cached Mode allows setting of time range
OST about 40% smaller than before
People Hub integrates information from social networks in contacts
Active Sync can be used to connect Outlook to Exchange (Hotmail)
www.digicomp.ch 23
Client Access - Outlook Web App 2013
Offline Support with HTML5. Requirement: IE 10, Chrome 17+ or
Safari 5
Support for Outlook Apps
Automatic optimization for tablet- or smartphone sized screens(Touch-
Wide, Touch-Narrow) (?layout=twide or tnarrow)
www.digicomp.ch 24
Integration – Lync 2013
Requirements:
Mailbox must be on Exchange 2013
OWA/Lync Integration
Exchange 2013 Autodiscover Data accessible from Lync
S2SOAuth Trust between Lync and Exchange
Lync Storage Service and Unified Communications Managed API
Features:
Archiving Integration uses hidden folder (Purges) inside the Mailbox to
archive conversations (instead of Lync SQL archive)
Unified Contact Store accesses EWS on Exchange to store and
retrieve contacts. Initialy, Lync contacts get migrated to the mailbox
High Resolution Photos: AD – 48x48, Outlook – 96x96, Lync -
648x648
UM Integration: The UM role is split between CAS and MBX
www.digicomp.ch 25
Integration – SharePoint 2013
eDiscovery with SharePoint eDiscovery Center over multiple
SharePoint farms and Exchange Servers
Site Mailboxes allow access to mails inside Sharepoint and to
Sharepoint documents from Outlook
www.digicomp.ch 26
Integration - Demo
Lync
SharePoint
Public Folder
www.digicomp.ch 27
Exchange Administrative Center
Web-based administration through ECP website
Allows administration of on-premises and online deployments
Can be made accessible from outside the intranet
Mailbox has to be on a Exchange 2013 server to work properly.
Otherwise ?ExchClientVer=15 can be added to the URL
www.digicomp.ch 28
Cloud integration
www.digicomp.ch 29
Prerequisites
Office 365 for enterprises
AD sync
Autodiscover DNS records
Improvements
Reduction of config tools
Easier wizard process
Two-factor (strong) authentication possible (need single sign-on)
Office 365 – Exchange Online
www.digicomp.ch 30
Preview status!
Consider
Cost
HA
Storage
Security, privacy and regulatory compliance
Migration
Applications
Installation / Migration
www.digicomp.ch 31
Exchange 2010 need SP3, required for co-existence with Exchange 2013, is scheduled for first half of 2013, same for Exchange 2007 SP3 (Update Rollup)!! -> not mentioned in Technet only on Blogs…
Coexistence also possible with mixed 2007/2010 environments
AD 2003 forest functionality mode is enough (Schema update needed)
8 GB RAM minimum for MBX / 4 GB for CAS and 2008 R2 or 2012 OS
2013 mailbox users can access public folders hosted on Exchange
2010 or 2013. 2010 mailbox users can only access 2010 PFs.
Install Mailbox role first
Outlook 2013 works out of box. Outlook 2010 and 2007 needs an
update to connect to Exchange 2013.
Outlook 2003 and earlier are not supported with Exchange 2013
What’s missing
www.digicomp.ch 32
Edge Server role
No Public Folder access in OWA (most probably SP1)
Only SSL-Bridging for CAS supported (no offloading)
UAG cannot publish CAS 2013. A fix is expected in SP1 of 2013.
TMG will work fine though.
BUT TMG cannot be ordered after 01.12.2012!!
Important discontinued Feature
RPC over TCP (MAPI from the “clients”)
Exchange 2013 does not support MAPI access (RPC), also not for
third-party products. Outlook Anywhere (RPC over HTTPS) is the only
method by which Outlook can connect, internally & externally
Exchange 2013 is the LAST release that supports MAPI/CDO
– switch to EWS
Wrap up
www.digicomp.ch 33
Building Blocks loosely coupled
Simplified upgrade and inter operability
No more direct access from clients to the MB-Server
Rewritten Store service
Public folder integration
DLP
Integration in Lync and SharePoint
Outlook ost-File/Cache mode enhancements
Outlook Web Access enhancements
New Admin Center
www.digicomp.ch 34
