Step by step configuration of Exchange 2010 Edge Transport server


Edge Transport server role has been designed to provide improved antispam and antivirus protection for Exchange 2010 environment. The Edge Transport server role is deployed in your organization's perimeter network as a stand-alone server or as a member server of a perimeter-based Active Directory domain. Designed to minimize the attack surface, the Edge Transport server handles all Internet-facing mail flow, which provides Simple Mail Transfer Protocol (SMTP) relay and smart host services for the Exchange organization. Additional layers of message protection and security are provided by a series of agents that run on the Edge Transport server and act on messages as they are processed by the message transport components. These agents support the features that provide protection against viruses and spam and apply transport rules to control message flow.

   Prerequisites for Edge Transport server 2010.

1.Microsoft .NET Framework 3.5
2.Windows Remote Management (WinRM) 2.0
3.Windows powershell v2 CTP3
4.Active directory Lightweight Directory services(ADAM).
The computer that has the Edge Transport server role installed doesn't have access to the Active Directory directory service. All configuration and recipient information is stored in the Active Directory Application Mode (ADAM) directory service. Edge Transport server keep AD Application Mode instance that is synchronized with internal structure via mechanism called Edge sync. This help to reduce the surface attack area of Exchange server.




   



 Edge server computer is not part of domain, it is a standalone machine.

 
        



   














Manually configure the correct DNS suffix for the Edge Transport server role before you install Exchange 2010. If a DNS suffix isn't configured, setup will fail. In the current scenario the name of the edge server (EDGESERVER2) and name of domain (BYTES.COM),after applying DNS suffix the computer name changes to EDGESERVER2.BYTES.COM,but computer still remains in workgroup.





Enabling Name Resolution Lookups between the Edge Transport and Hub Transport Servers.

Edge Transport server and any Hub Transport servers in your Exchange 2010 organization are able to see each other using name resolution. To accomplish this goal, you can create the necessary host record in a forward lookup zone on the internal DNS server used by the edge transport and Hub Transport servers. Edit the Hosts file on the Edge Transport server to include the Host records for the Hub Transport servers.

This file maps host names to IP addresses, and the file is stored in the %Systemroot%\System32\Drivers\Etc folder. This file maps host names to IP addresses, and the file is stored in the %Systemroot%\System32\Drivers\Etc folder.
























































  Add host record of  Edge server in local DNS server.


 




























 


 Create Edge Subscription File
After finishing the installation ,create a Edge Subscription file ,after subscribing ,the Edge server establishing one way replication of recipient and configuration information from Active directory to ADAM using the EdgeSync service.Creating a New EdgeSync Subscription File using the following command.


 New-EdgeSubscription -FileName “C:\ \EdgeServerSubscription.xml”



The Edge file is created in C drive.


 




Copy the Edge file to Hub server to create New EdgeSubscription. Open Exchange Management Control  in Hub server , open New EdgeSubscription.

After creating NewEdgeSubscription next step is to verify the synchronization process,if you don,t want hours before the replication occurs,you can force Edgesync synchronization manually. open EMC on Hubserver and type Start-EdgeSynchronization.

we can see synchronization process is success or failed. 


 
       

Popular posts from this blog

Computer Equipment Disposal policy

Computer Equipment Disposal policy To minimize security risks associated with equipment disposal through ensuring the secure destruction of discarded data stores. Technology equipment often contains parts which cannot simply be thrown away.  Proper disposal of equipment is both environmentally responsible and often required by law.  In addition, hard drives, USB drives, CD-ROM's and other storage media contain various kinds of data, some of which is considered sensitive. To prevent information being stolen by dumpster divers. Dumpster diving is the colloquial name for going through somebody's garbage, which will usually be in dumpsters for large organizations. This is a powerful tactic because it is protected by social taboos. Trash is bad, and once it goes into the trash, something is best forgotten. The reality is that most company trash is fairly clean, and provides a gold mine of information. Phone lists Helps map out the power structure of the company, and gives po...
Read more

Audit your computer using Helix Incident response Live CD

Image
Helix is a live Linux CD carefully tailored for incident response, system investigation and analysis, data recovery, and security auditing. It is geared toward experienced users and system administrators working in small-to-medium, mixed environments where  threats  of data loss and security breaches are high .Helix is a very powerful tool. Helix focuses on Incident Response and forensics tools. But with great power comes great responsibility, and as a potential forensics investigator, it is your responsibility to learn how to use this tool properly.Let us check one of the fine tool for auditing windows based PC . WinAduit is a freeware program available for free download.  WinAudit can generate various amounts of information that is of interest only to the specialist user. The default behavior is to audit all categories except for Loaded Modules, System Libraries and Finding Files.WinAduit allows to save the audit ...
Read more