Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
Exchange
2000.active.directory
2000.admin
2000.announcements
2000.app.conversion
2000.applications
2000.clients
2000.clustering
2000.connectivity
2000.development
2000.documentation
2000.general
2000.information.store
2000.interop
2000.kms
2000.misc
2000.protocols
2000.realtime.collabo.
2000.setup
2000.transport
2000.win2000
admin
application.conversion
applications
clients
clustering
connectivity
design
development
misc
mobility
setup
tools
  
 
date: Mon, 30 Jan 2006 16:18:11 -0600,    group: microsoft.public.exchange.design        back       


architecture design    
Hi all,

We currently have a single box running SBS 2003 & Exchange 2003. We are in 
the process of architecting a solution where we will be able to split 
Exchange & ISA onto seperate boxes for various reasons including 
performance.

CURRENT SETUP:-

Corporate Office:-

1. SBS Server dual homed w/ ISA
    a. Public NIC - 172.18.2.250 (connects via WAN point to point to our 
data center (20 miles away) to their firewall)
    b. Private NIC - 10.0.0.x
2. Domain - mycompany (mycompany.local)

Data Center:-

1. Several Web & DB Servers (Production Stuff)
2. 3 Networks
    a. 172.18.1.x - Middlenet - used for internal communications
    b. 172.18.2.x - web nlb load balanced
    c. 10.2.18.x - backnet to monitoring & SAN
3. Domain - mycompanydatacenter (datacenter.mycompany.local)


FUTURE SETUP (CONTEMPLATED):-

Corporate Office:-

1. Dedicated Domain Controller - mycompany.local - root of forrest
2. ISA on DC

Data Center:-

1. Redo Domain - datacenter.mycompany.local - make sub-domain of 
mycompany.local
2. Dedicated Exchange Server

Operations Office:-

1. Point to Point to Corporate Office
2. Seperate Domain Controller - operations.mycompany.local


Questions:-

1. Am I on the right track with the architecture? Or am I totally off base? 
The goal is to have a scalable and eventually high availability solution.
2. Would the Exchange box in the data center need to be on the same network 
as the clients in each of the offices? Or does that not matter? Would users 
need to login everytime in Outlook if the Exchange was on a seperate 
network?
3. How would I setup the ISA? Dual homed nic?
4. What would be the best practices way to set this up?

TIA!
date: Mon, 30 Jan 2006 16:18:11 -0600   author:   am

Re: architecture design    
My thoughts in-line

Al
<param@community.nospam> wrote in message 
news:e%23fpPseJGHA.2828@TK2MSFTNGP12.phx.gbl...
> Hi all,
>
> We currently have a single box running SBS 2003 & Exchange 2003. We are in 
> the process of architecting a solution where we will be able to split 
> Exchange & ISA onto seperate boxes for various reasons including 
> performance.
>
> CURRENT SETUP:-
>
> Corporate Office:-
>
> 1. SBS Server dual homed w/ ISA
>    a. Public NIC - 172.18.2.250 (connects via WAN point to point to our 
> data center (20 miles away) to their firewall)
>    b. Private NIC - 10.0.0.x
> 2. Domain - mycompany (mycompany.local)
>
> Data Center:-
>
> 1. Several Web & DB Servers (Production Stuff)
> 2. 3 Networks
>    a. 172.18.1.x - Middlenet - used for internal communications
>    b. 172.18.2.x - web nlb load balanced
>    c. 10.2.18.x - backnet to monitoring & SAN
> 3. Domain - mycompanydatacenter (datacenter.mycompany.local)
>
>
> FUTURE SETUP (CONTEMPLATED):-
>
> Corporate Office:-
>
> 1. Dedicated Domain Controller - mycompany.local - root of forrest
> 2. ISA on DC -

IIRC, putting ISA on a DC is not a good idea at all.  In fact, putting ISA 
on anything other than dedicated hardware is usually self-defeating. Not 
always, but ...


>
> Data Center:-
>
> 1. Redo Domain - datacenter.mycompany.local - make sub-domain of 
> mycompany.local
> 2. Dedicated Exchange Server
>
So if your datacenter is the highly available, center of your universe, why 
isn't your root domain location? That's odd. While we're at it, any 
particular reason to use more than one domain?  Why?


> Operations Office:-
>
> 1. Point to Point to Corporate Office
> 2. Seperate Domain Controller - operations.mycompany.local
>
>
> Questions:-
>
> 1. Am I on the right track with the architecture? Or am I totally off 
> base?
See above questions about ISA and the forest/domain topology.

> The goal is to have a scalable and eventually high availability solution.
Be sure to have at least 2 dc's per domain you deploy.  That way, if you 
lose one, you have a chance to bring it or another one like it back without 
loss of service.

> 2. Would the Exchange box in the data center need to be on the same 
> network as the clients in each of the offices? Or does that not matter? 
> Would users need to login everytime in Outlook if the Exchange was on a 
> seperate network?
You would want them to logon, but it's integrated with their domain logon 
depending on how you have it setup. For this and depending on your network 
setup, check out RPC/HTTP. That might be of great benefit to you here.

> 3. How would I setup the ISA? Dual homed nic?
See above suggestion about the hardware.  They also make some really 
appliances that can greatly simplify this. Might be worth your time to look 
into those.

> 4. What would be the best practices way to set this up?
That so totally depends on your business requirements that it's next to 
impossible to begin that type of conversation in a newsgroup. :) We 
generally try to steer people away from multiple forests where possible and 
I usually try very hard to make sure I understand the business objectives 
before starting such a design. That's not always possible to get, but I try. 
I suggest you do the same and make sure that what you propose lines up with 
your business and network goals.

Al

>
> TIA!
>
>
>
date: Mon, 30 Jan 2006 22:19:31 -0500   author:   Al Mulnick

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us