I am thinking of installing OWA with a FE/BE topology. Any good/bad feedback on this? Also, do I need 2 copies of Exchange to do this license wise or does 1 copy license you for both the FE and BE server?
If you only have 2 Exchange servers in your entire Exchange infrastructure, I'd advise against FE/BE structure. In the FE/BE, no mailboxes actually reside on the FE server and it is just used to access BE servers, usually through a firewall. This means if the FE goes down, nobody outside of your firewall can access email at all. It also means that if the BE goes down, ALL email is down.
I always like to have mailboxes for an organization split between two servers. That way if one server goes down, the whole organization is not down. Also, if the down server is unrecoverable (major hardware failure, fire, etc), you can simply create new mailboxes for the users on the good server and restore their old email later.
Your email storage locations also make a big difference. Loss of an email server is not so disastrous if mail is not being stored on the Exchange server (Mail delivered to PST files on desktops or on network shares). If all user mail is being stored on the server (no PST files in use), then loss of that server means the users have nothing unless you restore it.
We only have about 50 users on Exchange and only 2-4 will be using OWA. It seems wasteful to have a bunch of servers for less than 5 people, who would use the OWA part infrequently, doesn't it? Tho those that are requesting this are the decision makers, so they get pretty much what they want.
Since I already have a webserver would it be a good thing to use it as the FE or better to just skip the FE thing and just pop IIS on the Exchange server and just go that route?
You have to buy 2 copies of Exchange to do FE/BE and that would definately be overkill for 50 users. As for popping IIS on the Exchange server, you are stuck with that no matter what. Exchange 2000 requires the installation of IIS. You can restrict access, but you cannot have Exchange 2000 without IIS.
Actually, if you have implemented a firewall (please say yes), you'd be better off placing it safely inside, and blocking all external client access to your Exchange server except via HTTPS. You'll still need to open SMTP to/from your server to the internet, but it should be proxied by the firewall.
The web-interface is user friendly enough, that there is just no need to expose your system to MAPI/IMAP/POP3 access from the internet. A few users may complain a little, but nothing like when the servers gets violated. Going a few years without getting hit by any virus, used as a SPAM relay, or otherwise abused have made me a believer in HTTPS-only for external users. Having Port 80 blocked and forcing SSL connections has saved me a few times.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.