Ensuring Secure, Reliable and Highly Available E-mail Using Microsoft Exchange Server 2013
Application Layer Traffic Management (aka Layer 7) has been a critical component of an optimized Exchange 2010 architecture for addressing some very specific challenges around application awareness, load balancing and connection persistence. By leveraging the application layer intelligence in the BIG-IP Local Traffic Manager, Exchange 2010 system administrators have been able take advantage of benefits such as faster end user response times, increased server performance, and enhanced perimeter security. In Exchange 2013, Microsoft has removed the persistence requirement, transforming the Client Access Server into a stateless proxy. This may lead some folks to believe that the role of the Application Delivery Controller to support a Microsoft Exchange deployment has been minimized, if not eliminated altogether. Even without the persistence requirement, the reality is that there is still significant benefit in the Layer 7 awareness that an ADC provides in an Exchange architecture, and the overall ADC value prop that includes Layer 7 in fact reaches far beyond just that, providing enterprise-class scale, performance, reliability and integration that can only be achieved via a flexible and intelligent ADC. Let’s take a look at a few of the key reasons that an Application Delivery Controller is still the right solution for the upcoming Exchange 2013.
Perimeter Security… Exchange services continue to be deployed and exposed to the edge of the network where they are susceptible to anonymous attack. This is a serious concern that cannot be ignored. It is critical to make sure that there is a security perimeter around the Exchange environment that includes provisions for corporate and personal compute and mobile devices. The bottom line is that no connection or user should ever be allowed to the Exchange system unless it has been authenticated and authorized.
Performance… As Exchange adds integration into real time communication systems such as Lync, low level network issues (jitter, latency) start to have a real effect. Having an ADC that provides a full suite of network optimizations, from TCP to HTTP, will have a positive and noticeable impact on end user experience.
Application Delivery Platform… The integration between Exchange, Lync, and SharePoint in Office 2013 is tighter than ever, and most customers are going to want to leverage the same device for providing application delivery for all 3 (and possibly more!). There are simply functions, such as using the load balancer as your Lync Reverse Proxy, that you can’t do with a simple layer 4 device. Make sure you consider all the applications that will leverage this appliance before you make the decision to go with a basic networking solution designed to provide a single primary function, like load balancing and SSL offload.
Application Awareness… Nothing is more frustrating than connecting to an Exchange Server that is down, slow, or misbehaving. You should always be able to count on being sent to an Exchange Server that is available and performing well. Having an ADC that is capable of checking the availability and health of an Exchange Server, before the client attempts to connect, and using that information in its load distribution algorithms, translates into users always being sent to the optimal server.
Multi-site Awareness…. Exchange now supports (and promotes!) leveraging multiple active datacenters for scaling and redundancy. This is a feature that more and more customers are taking advantage of, and which a layer 4 local load balancing device simply can’t manage. An ADC that integrates with a Global Server Load Balancer (GSLB) will make sure e-mail and users are sent to the best datacenter for their respective services.
Enterprise Class Hardware… Sorry partner, but PCs were not built to be network devices (I love it when I see a load balancer with a sound card!). Redundant power supplies, advanced clustering/failover options, lights out management, true Layer2-4 networking chipsets, dedicated SSL/compression hardware, capacity on demand are all requirements for meeting the enterprise Datacenter SLAs. It can’t be stressed enough that having the reliability and performance of enterprise class ADC hardware is critical in an Exchange environment
Monitoring & Reporting…. Having a load balancer divvy up traffic between a farm of servers using a ‘magical’ algorithm is one thing, but actually reporting on why those decisions were made, health of the servers, and end user performance is where the real value is. The load balancer needs to expose this type of information, and it needs to have well documented integration into the tools such as System Center that sys-admins use today.
Scalability… We continue to talk to customers who maintain multiple mail deployments for a myriad of reasons, including acquisition. You shouldn’t be caught in the situation of not being able to consolidate mail systems because your network infrastructure can’t scale when you need it to.
E-mail is widely considered one of the most critical applications in the enterprise today, and when the e-mail system performs poorly, or becomes unavailable all together, there is often a significant and measurable cost to business. Regardless if you need layer 7 persistence or not, today’s enterprise can’t leave the core messaging systems to chance with a cheap off-brand load balancing solution. A properly tuned Application Delivery Controller can provide significant safeguards that ensure the highest levels of availability, performance, and performance. The reasons for investing in Enterprise class advanced ADC go far beyond layer 7 persistence.