• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Exchange 2007 fully redundant design

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Exchange 2007 fully redundant design Page: [1]
Login
Message << Older Topic   Newer Topic >>
Exchange 2007 fully redundant design - 30.May2007 10:12:27 PM   
jdiddy

 

Posts: 1
Joined: 30.May2007
Status: offline
Could someone let me know if there are any problems with the current design I am planning?  I want to use ISA 2006 strictly to publish Outlook Web Access for Exchange 2007.  I just don't know how to cluster my ISA boxes/vms?  Also, does it make sense to put ISA boxes in a DMZ for what I am trying to do?  I plan to use DNS round robin for load balancing my Edge Transport servers.  I plan to use NLB to load balance my CAS boxes.  I think I can just have two hub transport servers for redundancy.

Internet
Firewall - Checkpoint NG
DMZ      (VMware ESX server with 1 ISA2006 VM and 1 Edge Transport VM)
             (VMware ESX server with 1 ISA2006 VM and 1 Edge Transport VM)

LAN       (VMware ESX server with 1 CAS VM and 1 Hub Transport VM)
              (VMware ESX server with 1 CAS VM and 1 Hub Transport VM)

2 Clustered Mailbox servers
Post #: 1
RE: Exchange 2007 fully redundant design - 5.Jun.2007 10:41:26 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
It would be a much better design to put the ISA Firewall array in parallel with the CP and making the array members edge devices. The ISA Firewall was designed as an edge firewall, and that's how MS uses them and hundreds of other companies, including my own (which is the most important company in the world to me). That will increase performance and provide better options for redundacy. Keep in mind that the ISA Firewall has a better security history than Check Point, so there is no change in security by putting them in parallel to the Check Point device.

HTH,
Tom

< Message edited by tshinder -- 5.Jun.2007 10:43:01 AM >


_____________________________

Thomas W Shinder, M.D.

(in reply to jdiddy)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Exchange Publishing >> Exchange 2007 fully redundant design Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts