I also posted an open question regarding "MS Best practice recommended E2K13 Server Configuration" under General Discussions.
Below is a more detailed list of questions that I have, and can't mentally get past, just by reading. If anyone that has information they are willing to share on any one or all of the points I ask -the would be super fantastic.
-My 2013 thought was to maintain a similar structure separating a 1 CAS that would be used for all OWA (we have a very large sales force that uses OWA locally and on the Web) access, from the 3 MB(+CAS?) servers I am planning for. This CAS would proxy to the users' home MB server's CAS or the Legacy (current E2k7 CAS) as appropriate.
1- I am confused if MS recommends leaving the CAS/MB paired; or separating them -allowing for future upgrade of components MB CAS individually. Is there an official MS stance on this?
I can see the benefit of having three CAS servers directly on each separate MB server using a virtual IP for webmail (CAS) to round robin each MB server if we're using more than 1 MB instance. **BUT** In our configuration there will only be 1 MB copy per each user on one (1) of the three (3) MB servers & there is no planned DAG at this time due to space limitations.
- There is no benefit (detriment possibly?) to using VIP round robin if we only have each MB on one of the three selection choices in the Virtual IP, correct?
Would separating the CAS that connects to the internet and is used to proxy to the appropriate MB server be;
a- more secure and
b- statistically a more direct route; you will connect to webmail & the CAS will know and direct you to the correct MB server first try rather than having a 1 in 3 chance of connecting to the right MB server the first time via round robin.
c- Understood that we are creating a single POF for external & initial internal CAS access (we will compensate with resources and VM resilliance).
d- Should each MB server have its own CAS or is the 1 standalone CAS (accounting for memory/processors/bandwidth) be better than OK?
2- I will need SAN certs for all of the 2013 CAS names and one for the 'webmail' site -that is used to connect to OWA both internally and externally- on the stand alone CAS, correct?
The 3 MB/CAS servers cannot be configured with the same 'webmail' site, correct? This would cause a lookup/routing issue, correct?
3- Lastly our intention is to replace the E2K7 HT (bridgehead) that services all traffic from the internet and to or from our parent company -that shares the same domain.com address space (using connectors to remote smart host) in a completely separate AD Domain. We are configured -as they are, as internal relay for our domain.com email addressing. They are running E2k7 on premise & office 365(cloud) and we share namespace with them. The BH would be last to go (we hope) so as to have no impact on them during our 2013 on premise migration until we are already completely configured using E2k13 locally.
What is the recommended solution for replacing a standalone 2k7 HT in the E2k13 configuration -since there is no E2K13 HT feature to be separately installed? Will they be affected after the BH is upgraded to 2k13 (assuming we have them repoint their send & receive connectors to the new E2K13 server which will just be a smart host for them). They will still be able to route through our HT & us to them (using connectors to remote smart hosts even though exchange versions are dissimilar). –Correct?
This opens the whole federation services configuration we need to look at for GAL & Calendar sharing -but I need to stop somewhere.
I have read numerous articles, white papers, tech notes, etc but hearing someone -most likely more knowledgeable than I, either validate or negate my though process helps. If anyone can provide some insight on any or all of these questions I would greatly appreciate it.