Hardware Load Balancing for Optimal Microsoft Exchange Server 2010 Performance



Similar documents
F5 White Paper. The F5 Powered Cloud

Connecting to the Cloud with F5 BIG-IP Solutions and VMware VMotion

F5 provides a secure, agile, and optimized platform for Microsoft Exchange Server 2007 deployments

Optimizing VMware View VDI Deployments with F5

Integrating F5 Application Delivery Solutions with VMware View 4.5

Deploying F5 Application Ready Solutions with VMware View 4.5

F5 and Secure Windows Azure Access

Presented by Philippe Bogaerts Senior Field Systems Engineer Securing application delivery in the cloud

Configuring a single-tenant BIG-IP Virtual Edition in the Cloud

BIG-IP LTM VE The Virtual ADC Your Physical ADC Has Been Missing

High-Performance DNS Services in BIG-IP Version 11

Deploying F5 with IBM Tivoli Maximo Asset Management

Deliver Secure and Accelerated Remote Access to Applications

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

ScaleN: Elastic Infrastructure

Post-TMG: Securely Delivering Microsoft Applications

F5 and the 8 Ways to Virtualization

Filling the Threat Management Gateway Void with F5

The F5 Intelligent DNS Scale Reference Architecture.

Deploying the BIG-IP System v11 with LDAP Servers

F5 and Microsoft Delivering IT as a Service

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Microsoft Exchange Server 2007

Load Balancing 101: Firewall Sandwiches

Achieve Unified Access Control and Scale Cost-Effectively

Deploying the BIG-IP LTM with IBM QRadar Logging

Accelerating Mobile Access

VMware DRS: Why You Still Need Assured Application Delivery and Application Delivery Networking

Optimize Application Delivery Across Your Globally Distributed Data Centers

Deploying the BIG-IP System v11 with SAP NetWeaver and Enterprise SOA: ECC

Deploying the BIG-IP System with Microsoft Lync Server 2010 and 2013 for Site Resiliency

Deploying F5 BIG-IP Virtual Editions in a Hyper-Converged Infrastructure

F5 and Oracle Database Solution Guide. Solutions to optimize the network for database operations, replication, scalability, and security

Deploying the BIG-IP System for Microsoft Application Virtualization

Security F5 SECURITY SOLUTION GUIDE

Deploying the BIG-IP System with VMware vcenter Site Recovery Manager

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

Deliver More Applications for More Users

Oracle Database Firewall

F5 and VMware. Realize the Virtual Possibilities.

Deploying the BIG-IP LTM with. Citrix XenApp. Deployment Guide Version 1.2. What s inside: 2 Prerequisites and configuration notes

F5 and VMware Solution Guide. Virtualization solutions to optimize performance, improve availability, and reduce complexity

Deploying the BIG-IP LTM with IBM WebSphere MQ

Secure iphone Access to Corporate Web Applications

Configuring the BIG-IP LTM for FAST Search Server 2010 for SharePoint 2010

Deploying F5 to Replace Microsoft TMG or ISA Server

The On-Demand Application Delivery Controller

The VDC Maturity Model Moving Up the Virtual Data Center Stack

Achieve Unified Access Control and Scale Cost-Effectively

Guide to Deploying Microsoft Exchange 2013 with Citrix NetScaler

Getting Started with BIG-IP

Load Balancing for Microsoft Office Communication Server 2007 Release 2

BEST PRACTICES. Application Availability Between Hybrid Data Centers

This course is intended for IT professionals who are responsible for the Exchange Server messaging environment in an enterprise.

Document version: 1.3 What's inside: Products and versions tested Important:

Resonate Central Dispatch

Mobile Secure Desktop Maximum Scalability, Security and Availability for View with F5 Networks HOW-TO GUIDE

Application Security in the Cloud with BIG-IP ASM

Accelerating SaaS Applications with F5 AAM and SSL Forward Proxy

Deploying NetScaler with Microsoft Exchange 2016

Application Traffic Management

10135A: Configuring, Managing, and Troubleshooting Microsoft Exchange Server 2010

Building an Enterprise Cloud with F5 and IBM

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with IBM WebSphere 7

Getting More Performance and Efficiency in the Application Delivery Network

MS Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

Deploying the BIG-IP System v11 with DNS Servers

Availability Acceleration Access Virtualization - Consolidation

F5 Networks Overview Maximizing the Performance and Delivery of Your Mission Critical Enterprise Applications

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

F5 and Microsoft Exchange Security Solutions

EMC VPLEX FAMILY. Transparent information mobility within, across, and between data centers ESSENTIALS A STORAGE PLATFORM FOR THE PRIVATE CLOUD

Microsoft Exchange Server

Intelligent Layer 7 DoS and Brute Force Protection for Web Applications

MS Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010

Simplify Data Management and Reduce Storage Costs with File Virtualization

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH MICROSOFT WINDOWS SERVER 2008 TERMINAL SERVICES

Deploying the BIG-IP System v11 with Microsoft Exchange 2010 and 2013 Client Access Servers

DEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP Edge Gateway for Layered Security and Acceleration Services

Build Your Knowledge!

Cloud Balancing: The Evolution of Global Server Load Balancing

Load Balancing Microsoft Exchange 2013 with FortiADC

KEMP LoadMaster. Enabling Hybrid Cloud Solutions in Microsoft Azure

Configuring, Managing and Troubleshooting Microsoft Exchange Server 2010 Service Pack 2

Configuring the BIG-IP LTM v11 for Oracle Database and RAC

Transcription:

F5 White Paper Hardware Load Balancing for Optimal Microsoft Exchange Server 2010 Performance A comprehensive F5 solution readies application infrastructure for a successful implementation of the re-engineered Microsoft Exchange Server 2010. by Lori MacVittie Technical Marketing Manager

Contents Introduction 3 Exchange Server 2010 3 What s Changed 3 Effect on Application Infrastructure 4 Scale Out or Scale Up? 4 Migration versus Cutover 5 F5 Solutions for Exchange Server 2010 5 F5 Solution Components 6 Virtualization Support 9 Conclusion 10 2

Introduction According to a study conducted by Ferris Research in 2008 i Microsoft Exchange Server holds approximately 65 percent market share in email and communications across all organizations. In healthcare organizations with more than 5,000 employees, it enjoys 75 percent penetration; in telecommunications organizations with at least 1,000 employees, it does even better, garnering a 90 percent penetration rate. Small businesses, too, are particularly drawn to Exchange Server: In the Ferris Research survey, nearly all organizations with up to 49 employees currently use Exchange Server 2007. With such a broad distribution across organizations of different sizes and throughout multiple industries, the effect of core changes on the Exchange Server 2010 architecture is significant when it comes to migration. It is no longer possible to simply replace existing installations and migrate mailboxes from one version to another. Instead, changes to Exchange Server 2010 architecture make it necessary to employ a migration strategy that includes re-evaluation of the supporting network architecture. Exchange Server 2010 What s Changed Normalization of user connectivity is the biggest change in the architecture of Exchange Server 2010 for which organizations need to prepare. In previous versions of Exchange Server, users might or might not connect directly to mailbox servers, depending on their particular client. Exchange Server 2010 no longer permits direct access to mailbox servers regardless of client type. Now, all client access is brokered through the Client Access server role. The Client Access server role supports services for mailboxes, public folders, calendar items, the global address list, and related data. Also new to the Client Access server role in Exchange Server 2010 is RPC Client Access, which provides traditional native access to Exchange Server mailboxes via Messaging API (MAPI), but it moves the connectivity point from the Mailbox server role to the Client Access server role. These changes, along with new requirements regarding the use of load balancing and hardware load balancers specifically to deploy Exchange Server 2010 have a significant effect on the application infrastructure. 3

Effect on Application Infrastructure The changes in the internal architecture of Exchange Server 2010 mean that even internal users must be routed through a Client Access server role in order to access email. Such a requirement might necessitate network-level changes, such as new or modified routes and VLAN configurations, as well as new policies on firewalls. Furthermore, Exchange Server 2010 now requires load balanced Client Access server role implementations for internal connections. Microsoft now recommends a hardware load balancing ii solution rather than a software solution in all deployment scenarios requiring high availability. This is a change from previous recommendations that based the use of hardware load balancers on the number of CAS servers or Exchange Server roles deployed on a single machine. In essence, Microsoft s recommendation moves hardware load balancing to a required core component of a highly available Exchange Server 2010 deployment. Microsoft has engineered Exchange Server 2010 for high scalability and efficient deployment, and it recommends that multi-role servers be employed for optimal scalability. The recommendation to utilize hardware load balancing solutions when scaling Client Access server roles comes from the ability to intelligently route requests at the application layer. This capability is common to what is often referred to as the modern load balancer, an Application Delivery Controller (ADC). An ADC offers additional application-focused features and functions beyond simple load balancing that can be leveraged to further improve the reliability, performance, and security of the applications it delivers. This includes the ability to apply other optimizations such as caching, compression, TCP connection optimization, and SSL offload that increase availability, performance, and security for Exchange Server, making hardware load balancers a natural fit in an Exchange Server environment. Organizations employing multiple nodes to support a large user base might require changes to the network architecture, upgrading infrastructure, or investing in additional infrastructure to provide the same level of reliability and performance as previous Exchange Server installations. Scale Out or Scale Up? The decision whether to scale up (larger hardware) or out (load balanced multiple servers) must be made by the individual organization. Decision makers should consider information provided by Microsoft that comes from the company s unique understanding of the architecture of Exchange Server 2010 in large-scale deployments. 4

Scaling out provides the following at low cost: - Large mailboxes - High availability - Rich feature set Scaling up: - Increases risk that an outage or failure will affect more users - Usually costs more, and can force feature decisions due to hardware choices ii It is noted that scaling up usually costs more; however, there also are costs associated with scaling out, particularly if an organization does not currently take advantage of a load balancing solution. Organizations that have already invested in a load balancing solution will find the costs of scaling out significantly lower than scaling up even if upgrades or deployments of additional functionality are required. Migration versus Cutover When organizations determine it is time to make the move to Exchange Server 2010, it is often too complex to support both the existing and upgraded installations. Some organizations will therefore choose to simply cut off the old system and move to the new one overnight. This is a perilous process that often incurs additional support costs as users are unable to access Exchange resources. Most organizations generally prefer a phased migration approach in which batches of users are migrated from existing Exchange mailboxes to the new infrastructure. This, too, comes with administrative costs and potential infrastructure issues, but is less likely to cause a disruption in service and allows organizations enough time to ensure the deployment is stable at each phase of the migration. F5 Solutions for Exchange Server 2010 The F5 solutions for Exchange Server 2010 focus on providing security, availability, acceleration, and secure remote access to internal and external users of Exchange Server 2010. It is designed to simplify the process of scaling out Exchange Server 2010 based on Microsoft recommendations for highly available deployments. Not every deployment will require the use of all F5 components. Secure remote access, acceleration, message security, and global load balancing are 5

optional components that, while enhancing the overall user experience, security, and availability of email services, are not required to meet Microsoft recommendations. F5 Application Ready Network Unified Communications Microsoft Exchange Server 2010 Microsoft Exchange Server 2010 BIG-IP Edge Client Internet Router BIG-IP Edge Gateway DMZ Users Firewalls BIG-IP Edge Gateway BIG-IP Edge Gateway BIG-IP Global Traffic Manager DMZ BIG-IP Global Traffic Manager Client Access/ Hub Transport/ Mailbox Microsoft Outlook Users BIG-IP Local Traffic Manager + Access Policy Manager Application Security Manager Message Security Module BIG-IP Local Traffic Manager + Access Policy Manager Application Security Manager Message Security Module Client Access Edge Transport Hub Transport Microsoft Outlook Users Client Access Edge Transport Hub Transport Microsoft Outlook Users Mailbox Mailbox BIG-IP Local Traffic Manager + WAN Optimization Module BIG-IP Local Traffic Manager + WAN Optimization Module For additional information, please contact MicrosoftPartnership@f5.com. Deployment architecture for complete F5 solution for Exchange Server 2010 2010 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, icontrol, TMOS, and VIPRION are trademarks or registered trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Microsoft, Office, and Exchange Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The Deploying F5 with Microsoft Exchange Server 2010 guide includes detailed configuration assistance for each F5 solution component. F5 Solution Components BIG-IP Local Traffic Manager With its core load balancing support, the F5 BIG-IP Local Traffic Manager (LTM) Application Delivery Controller addresses the minimum requirement for deployment of Exchange Server 2010. BIG-IP LTM provides basic load balancing as well as advanced load balancing features that are necessary for some architectures in which Exchange Server 2010 might be deployed. In a recommended deployment, BIG-IP LTM load balances traffic for Client Access server roles and for incoming mail destined for Exchange Server 2010 Edge Transport server roles. This way, mail can be routed to Edge Transport server roles without interfering with the native routing built into both SMTP and Exchange Server 2010 that manages communication between different Exchange Server 2010 environments and from Edge Transport to Hub Transport server roles. 6

Beyond simple load balancing support for Exchange Server 2010, BIG-IP LTM can also improve application performance through features such as persistence (server affinity), connection optimization, and custom application control. Advanced health monitoring options provide a variety of mechanisms for evaluating Exchange Server 2010 components to ensure high availability of the entire Exchange Server 2010 infrastructure. The minimum requirement to meet Microsoft recommendations for a highly available Exchange Server 2010 implementation is the deployment of BIG-IP LTM for load balancing. All other components of this solution, while certainly recommended by F5 to increase resiliency, security, and performance of Exchange Server 2010 implementations, are optional. BIG-IP WAN Optimization Module The combination of BIG-IP WAN Optimization Module (WOM) with isessions a symmetric, optimized network tunneling feature of the BIG-IP platform provides a secure tunnel through which optimized data can be exchanged with remote sites. When moving Database Availability Groups (DAGs) across data centers, BIG-IP WOM ensures that they are transported quickly and securely, making the process much less time consuming. By deploying BIG-IP WOM on BIG-IP LTM, organizations can simplify their architecture by eliminating the need to employ separate WAN optimization controllers to enhance the transfer of large data files such as DAGs between locations. BIG-IP Global Traffic Manager BIG-IP Global Traffic Manager (GTM) provides cross-site and data center redundancy, failover, and load balancing. BIG-IP GTM is particularly adept at collaborating with BIG-IP LTM to enforce performance requirements on Exchange Server 2010 in multi data center deployments by choosing the site that best fits the needs of the user, especially when the user is traveling or at a remote location. For global organizations, the IP geolocation capabilities of BIG-IP GTM can further assist in building an optimized, global Exchange Server infrastructure based on user-specific location. These options enable more sophisticated deployments that are not only highly available but also highly localized and specialized based on the location of the users and the Exchange Server components. 7

BIG-IP Message Security Module BIG-IP Message Security Module (MSM) provides reputation-based, perimeter anti-spam functionality that significantly reduces the volume of spam processed by Exchange Server 2010 Edge Transport server roles, reduces the amount of storage required to comply with retention policies, and improves performance of Exchange Server 2010 by eliminating unnecessary messages from mailbox stores. These benefits mean fewer Exchange Server Edge Transport server roles must be deployed, which results in a need for fewer physical servers and lower costs associated with maintaining critical email infrastructure. BIG-IP Access Policy Manager BIG-IP Access Policy Manager (APM) is a dynamic authentication and authorization management solution built on the BIG-IP core platform. Combined with BIG-IP LTM, BIG-IP APM removes the time and complexity barriers often associated with Exchange migration by allowing migration to occur over time with no interruption to service. Because BIG-IP APM integrates with Active Directory (AD), only authenticated user sessions are allowed access to corporate resources, eliminating security risks associated with remote user access. BIG-IP APM continues to add value after migration to Exchange Server 2010 is complete by continuing to perform authentication duties in the DMZ, thus preventing access to corporate resources to any but those with authorized access. By providing a single, unified point of access (a single URL) for all remote users of Outlook Web Access, ActiveSync, and Outlook Anywhere regardless of device, location, or network, a combined BIG-IP LTM and BIG-IP APM solution reduces administrative overhead and simplifies the process of securing Exchange components from unauthorized remote access. BIG-IP Edge Gateway F5 BIG-IP Edge Gateway offers accelerated remote access support to Exchange Server 2010 via secure connections (including HTTPS, POP3S, or IMAPS, depending on choice of web browser or email client). Edge Gateway contains further guidance on the implementation of endpoint security checks in addition to the configuration of accelerated remote access to email via Microsoft Office Outlook and Outlook Web Access. Endpoint security checks can assist in the enforcement of corporate policies regarding client security 8

such as requiring anti-virus software and scanning for virus infections before permitting access to corporate resources. This level of visibility and contextual awareness gives administrators flexibility in designing access policies based on location, device, or user, and it enables finer-grained control over access to corporate resources. Edge Gateway further simplifies management of and access to corporate Exchange Server 2010 components by providing a single URL through which all remote users access Outlook Web Access, ActiveSync, and Outlook Anywhere regardless of device, location, or network. F5 Management Pack The F5 Management Pack for Microsoft System Center Operations Manager 2007 is a software plug-in that provides comprehensive monitoring for a range of F5 devices. The information produced and aggregated by the F5 Management Pack for Microsoft System Center Operations Manager can be used for trending and analysis, maintenance, diagnostics, and recovery actions. For Exchange Server 2010 integration, the F5 Management Pack for Microsoft System Center Operations Manager can be combined with the Exchange Server 2010 Management Pack, to build up an aggregated (roll-up) model to manage the health of the Exchange Server 2010 distributed application environment. A typical usecase scenario for implementing this aggregated health model would be to map a group relationship between the Client Access server roles and the corresponding BIG-IP LTM pool members, using a distributed application health model in System Center Operations Manager. The F5 Management PRO Pack for SCVMM also includes support for Live Migration and other Enterprise Private Cloud scenarios. Virtualization Support It is important to note that Exchange Server 2010 is not virtualization aware iii. In testing, the hypervisor adds approximately 12 percent of processor overhead, which needs to be accounted for when sizing Exchange Server 2010 implementations. In addition to providing availability, scalability, and performance improvements for Exchange Server 2010, BIG-IP LTM can further improve the efficiency of Exchange Server 2010 when deployed in a virtualized environment. The use of connection optimization features such as OneConnect in BIG-IP LTM improves 88 percent of IT organizations improved virtual machine density by 10 to 40 percent on a typical server with F5. Source: TechValidate TVID: 975-FFD-F8D 9

the efficiency of TCP connection management in Exchange Server 2010 and can increase the capacity of virtualized applications. Virtual machine density improvements with F5 Using BIG-IP LTM optimization features can further improve the density of virtual machines deployed on a single, physical server by increasing efficiency and reducing the impact of the overhead associated with virtualization. Deploying Exchange Server 2010 in a virtual environment does not change the architectural requirements in any way; load balancing for Client Access server roles deployed in multiple roles and in implementations of eight or more will still require hardware load balancing services, whether those servers are virtual or physical. BIG-IP LTM supports both virtual and physical deployments of Exchange Server 2010 as well as combinations thereof with equal alacrity. Conclusion With the release of Exchange Server 2010, Microsoft has re-engineered the architecture of its enterprise-class email and communications services to better support scalability, reliability, and high availability. But these changes have consequences on existing installations, and Microsoft recommendations regarding the use of hardware load balancers have been made after extensive internal testing using a variety of high-availability techniques. Migration of corporate mail services from one version of Exchange Server to another does not happen overnight. Maintaining two completely separate deployments is difficult enough without needing to potentially maintain multiple application delivery components (each with their own configuration and management needs) as well. Leveraging an F5 solution enables a simpler management and deployment infrastructure capable of simultaneously supporting both Exchange 2003/2007 and 2010 deployments during migration and enabling a smoother transition to a unified access and application delivery architecture that better supports the more unified Exchange Server 2010 architecture. Microsoft IT has published its own architectural white paper describing how its teams architected and deployed a high-availability Exchange Server 2010 implementation leveraging hardware load balancing. The paper, Exchange Server 2010 Design and Architecture at Microsoft: How Microsoft IT Deployed Exchange Server 2010, highlights the need for a robust Application Delivery 10

Controller in Exchange Server deployments that supports a variety of persistence methods across the different client access types. In general, the addition of a load balancing solution might require some changes to network and application infrastructure. The F5 solution for Exchange Server 2010 helps make the implementation of a Microsoft-recommended compliant deployment as painless as possible by providing step-by-step guidance on an F5-tested configuration of all F5 solution components. A complete load balanced F5 implementation supporting Exchange Server 2010 can enhance the performance, availability, reliability, and security of the organizational email infrastructure protecting both capital and operational investments. i http://www.ferris.com/2008/01/31/email-products-market-shares-versions-deployed-migrations-and-software-cost/ ii Getting the Most out of Microsoft Exchange Server 2010: Performance and Scalability [UNC309] iii Microsoft Exchange Server Virtualisation: Does It Make Sense? [UNC03-IS] http://www.slideshare.net/louisgohl/unc309-getting-the-most-out-of-microsoft-exchange-server-2010- performance-and-scalability http://download.microsoft.com/download/8/5/d/85d61478-8719-4219-96ba-e5c53dd4f436/0941_ ExchangeServer2010ArchitectureTWP.docx F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119 888-882-4447 www.f5.com F5 Networks, Inc. Corporate Headquarters info@f5.com F5 Networks Asia-Pacific apacinfo@f5.com F5 Networks Ltd. Europe/Middle-East/Africa emeainfo@f5.com F5 Networks Japan K.K. f5j-info@f5.com 2011 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, BIG-IP, ARX, FirePass, icontrol, irules, TMOS, and VIPRION are registered trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. CS01-00032 0111

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information