Exchange Admin Activities

Introduction In part 2 of this multi-part article, I showed you how to create and configure the virtual services required for the Exchange 2010 protocols/services as well as how you went about and changed the external and internal URLs for each respectively. In this part 3, I will show you how to enable SSL offloading so that SSL sessions are terminated on the HLB solution instead of on the Exchange 2010 CAS servers in the CAS array. Why enable SSL Offloading? There are several benefits of enabling SSL offloading when using a hardware load balancer (HLB). When you enable SSL offloading you terminate the incoming SSL connections on the HLB instead of on the CAS servers. By doing so you move the SSL workload (encryption and decryption tasks) which are CPU intensive from the CAS servers to the HLB device(s). With CAS servers getting more and more responsibility with the introduction of new features such as MailTips, Move Request Service (MRS) and because it now also is the endpoint

Introduction In part 1 of this multi-part article I talked about why it is a good idea to use a hardware load balancer (HLB) solution with your CAS array as well as explained what type of persistence (affinity) settings that are preferred for each protocol/service. Finally, I briefly talked about suggested timeout values for the miscellaneous Exchange 2010 protocols/services. In this part 2, I will show you how to create and configure the virtual services required for the protocols/services as well as how you go about changing the external and internal URLs for each respectively. Now organizations that have a reverse proxy solution based on TMG/ISA/IAG/UAG deployed in the perimeter network will typically use the web server farm load balancing capabilities in the solution to publish HTTP based clients and services to clients and applications located on an external network such as the Internet. However, it’s still a good idea to create virtual services to use HTTP, so that internal

Introduction With Exchange 2010, Outlook MAPI clients use the Client Access Server (CAS) role in the middle tier as the RPC endpoint, which has resulted in this role being even more critical than in previous versions of the product. Because of this, all organizations (big and small) should consider making this role highly available by introducing multiple CAS servers in each Active Directory site as well as load balance the protocols and services provided by this role. In this previous multipart article of mine I, among other things, explained how you load balance the RPC CA service using Windows NLB and HLB technology, but I did not go into the details on how you configure load balancing for protocols and services such as Outlook Web Access (OWA), Exchange ActiveSync (EAS), Exchange Control Panel (ECP), Offline Address Book (OAB), Post Office Protocol (POP), Internet Message Access Protocol (IMAP), Exchange Web Services (EWS), and AutoDiscover (AutoD). In this multipart article,

How to Configure SSL Offloading in Exchange 2010. This Exchange Wiki article explains how to configure SSL offloading for the Exchange 2010 protocols and client access services on an Exchange 2010 Client Access server (CAS). When using a hardware load balancer to load balance traffic to CAS servers belonging to a CAS array, it can depending on the Exchange 2010 topology be beneficial to enable SSL offloading for the Exchange 2010 protocols and client access services on each CAS server in the CAS array. Table of Contents Configuring SSL Offloading for Outlook Web App (OWA) Configuring SSL Offloading for Exchange Control Panel (ECP) Configuring SSL Offloading for Outlook Anywhere (OA) Configuring SSL Offloading for the Offline Address Book (OAB) Configuring SSL Offloading for Exchange ActiveSync (EAS) Configuring SSL Offloading for Exchange Web Services (EWS) Configuring SSL Offloading for the Mailbox Replication Proxy Service (MRSProxy) Configuring SSL Offloading for A