Need suggestions on setting up a new Exchange system...

[rpeach]

Suppose a small organization with 50 people wants to set up a new e-mail infrastructure using Exchange. They already have a leased-line Internet connection, a domain name, and an old Unix-based Postfix e-mail system. They currently have no Windows domain system.

They are willing to buy two servers. What is the most sensible thing to do with them?

-One server as a primary domain controller, another as an Exchange server?

-One server as a primary domain controller, another as an Exchange server AND secondary domain controller?

-Virtualization? With what combination? What do you suggest for RAM size for each server?

Also, would Windows 2003 be a more economical choice than Windows 2008? I heard that Exchange 2007 STILL cannot be backed up on Windows Server 2008.

Thanks.

 

[scorp508]

50 people? Is that going to ever (best guess) grow over 75 people?

Have you looked at Windows Small Business Server 2008 or Windows Essential Business Server 2008?


Neither of those editions suffer from the same "no backup" for Exchange 2007 like the full versions of 2008 Server does.

 

[rpeach]

Thanks. I will take a look at those.

However, suppose that there will be more than 75 users (potentially), and for the sake of technical discussion: What would you do if you have two machines and want to set up an Exchange system?

 

[scorp508]

I'd move to Essentials Server which is good up to 300 computers. -- --

If I only had two machines I'd look at getting them beefy enough to run Hyper-V (or ESXi) and virtualize everything to keep role seperation possible. Buying Windows Server 2008 Standard allows you to run one physical and one virtual instance (or 2 virtual). Buying Windows Server 2008 Enterprise increases these numbers to 1 and 4 (or 5 virtual). Datacenter is licensed per socket but that is beyond what you're looking for.

On each box I'd probably run three VMs:

1. A Global Catalog
2. A CAS & Hub Transport mixed role server
3. A MBX server.

Do you curently already have something in place for spam/virus filtering or would you need it to be part of these 2 servers?

 

[rpeach]

Thanks for the reply.

Currently they have nothing. No spam/virus filtering. That's why they want to get rid of the old system.

I assume that an Edge Transport server is another virtual machine, right?

 

[rpeach]

Also, if they choose to run different Exchange roles on different machines (virtual or physical), I assume that they do not need to buy a separate Exchange license for each machine, right?

 

[scorp508]

Each seperate Exchange server (virtual or physical) would need an Exchange license. Sorry, I should have taken that into consideration for a smaller place. That is one of the reasons why SBS or EBS are so awesome, one license to buy.

Keeping that in mind I'd be more tempted to do a hub/cas/mbx multirole server. Or do a single hub/cas and a single mbx. It really depends on what your needs are and if you require any kind of HA. You could easily put 50 people on one multirole server.

Edge if you choose to use it (I would if you're going to allow a direct internet connection) cannot be AD joined and must be on a seperate (phy or vir) server. The hub role can do a lot of what Edge can, but I don't like the idea of port 25 directly from the net to it.

 

[sjg]

Yeah, since Exchange CCR came along you can do nice little high-availability setups on two physical boxes with no shared storage which is rather nifty -- --

That does sound like overkill though, especially from a licencing point of view. If you're not that interested in high availability though, the Essential Business Server suite is awesome for companies of that sort of size - it fits nicely in that gap above SBS but below buying everything separately. You also get ISA (or whatever silly name it's getting now) in the "security server" role which is great if you'll be using mobile devices, OWA or Outlook Anywhere as nothing has to come straight in to your internal network. If you're going to go down the route of having machines in the domain, it comes with System Center Essentials too which is handy for managing them - even if not, the cost should work out cheaper than separate Server+Exchange.

You're allowed to virtualize EBS, and as there's three roles and you want two boxes I'd be inclined to stick the "management server" and "messaging server" on one beefy server (quad-cores and 8-16Gb RAM are pretty cheap now) and the "security server" on a something lighter.

If you were going down the separate product route, I'd say for the Edge server - for that many users outsource it to Messagelabs, Websense or one of the many others. They tend to be charged per user, so for smaller places that can work out better than another physical box and the costs of running it. Would save on upfront costs early on too. Revisit it once you hit 100 users, although there are plenty of companies that are much, much bigger that prefer to keep it outsourced.

 

[The ToOTaLL]

As an IT consultant who works with small/medium businesses and has deployed hundreds of networks over the past 8 years, let me throw my recommendations in the ring.

Here are the facts: in order to CORRECTLY run a native Exchange 2007 setup (meaning, not SBS), you need at least 2 servers. If you're not planning to support any Entourage clients you CAN get away with one; otherwise anything that requires access to the legacy Exchange virtual directory is broken on a single server because data from the CAS components cannot proxy to the mailbox server components (there's a lot more on this at the Exchange team's blog). Of course Microsoft fixed this in SBS2008, however no "offical" workaround otherwise.

Beyond the symmantics of Exchange, most resources advise against running Exchange on a domain controller, especially dating back to Exchange 2000/2003 and the issues with services starting/stopping due to timing with AD.

If you're runnning a small shop, SBS is by far the most cost effective solution. The SBS2008 Standard license is near $1000, and SBS2008 Premium is near $1900 (which is right on par with the extra Windows 2008 server license cost they include for a seperate SQL, TS, or VM server). Extra SBS CALs are cheaper in the 2008 version, under $400 for a 5 pack. To do the math, the cost is about $4600 for the server license AND 50 CALs.

Flip that around with all of the Exchange 2007 roles on one Windows 2008 server, for 50 people here is what you're looking at:

- Windows 2008 Server Standard = $700
- Exchange 2007 Server Standard = $700
- Windows 2008 User CALs - $27 * 50 = $1350
- Exchange 2007 Standard User CALs - $65 * 50 = $3250

Total = $6000

So going the SBS2008 route you save over $1500, which you can use to invest into things such as hosted spam filtering, online backup, and beefier hardware.