Microsoft Exchange 2016 DEPLOYMENT GUIDE

Similar documents
Thunder ADC for Epic Systems

Microsoft Exchange 2013 DEPLOYMENT GUIDE

Deployment Guide Microsoft Exchange 2013

SAML 2.0 SSO Deployment with Okta

VMware View 5.0 and Horizon View 6.0 DEPLOYMENT GUIDE

Thunder Series for SAP BusinessObjects (BOE)

SharePoint SAML-based Claims Authentication with A10 Thunder ADC

AAM Kerberos Relay Integration with SharePoint

Deployment Guide Microsoft IIS 7.0

Setting Up a Kerberos Relay for the Microsoft Exchange 2013 Server DEPLOYMENT GUIDE

SSL Insight Certificate Installation Guide

DEPLOYMENT GUIDE. SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity

Deployment Guide Oracle Siebel CRM

Thunder Series for SAP Customer Relationship Management (CRM)

Deployment Guide MobileIron Sentry

Deployment Guide AX Series with Citrix XenApp 6.5

Deployment Guide AX Series with Active Directory Federation Services 2.0 and Office 365

AX Series with Microsoft Exchange Server 2010

Deployment Guide. AX Series for Microsoft Lync Server 2010

AX Series with Microsoft Exchange Server 2010

Deployment Guide. AX Series with Microsoft Exchange Server

Achieve Single Sign-on (SSO) for Microsoft ADFS

Load Balancing Security Gateways WHITE PAPER

A10 Networks LBaaS Driver for Thunder and AX Series Appliances

Resonate Central Dispatch

Deployment Guide AX Series with Microsoft Windows Server 2008 Terminal Services

Deployment Guide. AX Series with Microsoft Office Communications Server

Thunder ADC for SAP Business Suite DEPLOYMENT GUIDE

Deployment Guide. AX Series with Microsoft Office SharePoint Server

Healthcare Security and HIPAA Compliance with A10

A10 Device Package for Cisco Application Centric Infrastructure (ACI)

Deployment Guide. AX Series with Oracle Application Server

A10 ADC Return On Investment

Deployment Guide. AX Series with Juniper Networks SA Series SSL-VPN Appliances Solution

Deploying NetScaler with Microsoft Exchange 2016

Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC

Guide to Deploying Microsoft Exchange 2013 with Citrix NetScaler

Configuring and Implementing A10

Deployment Guide May-2015 rev. a. APV Oracle PeopleSoft Enterprise 9 Deployment Guide

Deployment Guide July-2014 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c

SSL Insight and Cisco FirePOWER Deployment Guide DEPLOYMENT GUIDE

SharePoint Performance Optimization

PCI DSS and the A10 Solution

Solutions Guide. Deploying Citrix NetScaler with Microsoft Exchange 2013 for GSLB. citrix.com

Load Balancing Microsoft Sharepoint 2010 Load Balancing Microsoft Sharepoint Deployment Guide

Technical Brief ActiveSync Configuration for WatchGuard SSL 100

Load Balancing Microsoft Exchange 2013 with FortiADC

Deployment Guide July-2014 rev. a. Deploying Array Networks APV Series Application Delivery Controllers for Microsoft Lync Server 2013

Deploying the BIG-IP System v11 with Microsoft Exchange 2010 and 2013 Client Access Servers

A10 Thunder and AX Series

Load Balancing Microsoft Exchange 2013 with FortiADC

Network Configuration/Bandwidth Planning Scope

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP system v10 with Microsoft Exchange Outlook Web Access 2007

APPLICATION ACCESS MANAGEMENT (AAM) Augment, Offload and Consolidate Access Control

Deploying the Barracuda Load Balancer with Microsoft Exchange Server 2010 Version 2.6. Introduction. Table of Contents

Thunder Series with Microsoft Lync Server 2013 for Reverse Proxy Deployments DEPLOYMENT GUIDE

VALIDATING DDoS THREAT PROTECTION

Advanced Core Operating System (ACOS): Experience the Performance

Outlook Web Access (OWA) WS-Federation SSO with A10 Thunder Series

Folder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016

Deployment Guide AX Series for Palo Alto Networks SSL Intercept and Firewall Load Balancing

Microsoft Exchange Client Access Servers

Brocade Virtual Traffic Manager and Microsoft Outlook Web Access Deployment Guide

Introduction to Mobile Access Gateway Installation

ALOHA Load-Balancer. Microsoft Exchange 2010 deployment guide. Document version: v1.4. ALOHA version concerned: v4.2 and above

Thunder ADC for SSL Insight and Load Balancing DEPLOYMENT GUIDE

Deployment Guide Jan-2016 rev. a. Deploying Array Networks APV Series Application Delivery Controllers with Oracle WebLogic 12c

Deployment Guide AX Series for Palo Alto Networks Firewall Load Balancing

Introduction to the EIS Guide

Microsoft SharePoint 2010 Deployment with Coyote Point Equalizer

Deployment Guide May-2015 rev. A. Deploying Array Networks APV Series Application Delivery Controllers with Microsoft Exchange 2013

Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide

Microsoft SharePoint 2013 with Citrix NetScaler

Load Balancing Microsoft Exchange Deployment Guide

Microsoft Office Communications Server 2007 & Coyote Point Equalizer Deployment Guide DEPLOYMENT GUIDE

Deploying F5 to Replace Microsoft TMG or ISA Server

Cisco Collaboration with Microsoft Interoperability

F-Secure Messaging Security Gateway. Deployment Guide

Deploying the BIG-IP System with Oracle E-Business Suite 11i

Load Balancing Exchange 2007 Client Access Servers using Windows Network Load- Balancing Technology

Implementing Microsoft Office Communications Server 2007 With Coyote Point Systems Equalizer Load Balancing

FortiBalancer Exchange 2010 Deployment Guide

DEPLOYMENT GUIDE Version 1.2. Deploying F5 with Microsoft Exchange Server 2007

Deployment Guide July-2015 rev. A. Deploying Array Networks APV Series Application Delivery Controllers with VMware Horizon View

Microsoft Exchange Server

Deploying NetScaler Gateway in ICA Proxy Mode

SonicWALL SRA Virtual Appliance Getting Started Guide

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.

Improving Microsoft Exchange 2013 performance with NetScaler Hands-on Lab Exercise Guide. Johnathan Campos

INSTALLATION GUIDE. A10 Thunder TM Series vthunder for AWS

Deployment Guide for Microsoft Lync 2010

Load Balancing Microsoft Exchange 2013 with FortiADC

Deploying Array Networks APV Application Delivery Controllers with Microsoft Exchange Server 2010

Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide

User Identification and Authentication

Single Sign On for ShareFile with NetScaler. Deployment Guide

EAsE and Integrated Archive Platform (IAP)

Outlook Express POP Instructions - Bloomsburg University Students

Load Balancing for Microsoft Office Communication Server 2007 Release 2

LoadMaster Deployment Guide

Transcription:

Microsoft Exchange 2016 DEPLOYMENT GUIDE

Table of Contents Introduction...3 Deployment Prerequisites...3 Accessing the Thunder ADC Device...3 Architecture Overview...3 Validating Exchange 2016 Configuration...4 Deployment Topology...4 A10 Deployment Overview...4 CLI Configuration...4 GUI Configuration...5 Summary and Conclusion...8 Additional Resources...8 Appendix...9 About A10 Networks...9 Disclaimer This document does not create any express or implied warranty about A10 Networks or about its products or services, including but not limited to fitness for a particular use and noninfringement. A10 Networks has made reasonable efforts to verify that the information contained herein is accurate, but A10 Networks assumes no responsibility for its use. All information is provided as-is. The product specifications and features described in this publication are based on the latest information available; however, specifications are subject to change without notice, and certain features may not be available upon initial product release. Contact A10 Networks for current information regarding its products or services. A10 Networks products and services are subject to A10 Networks standard terms and conditions. 2

Introduction Microsoft Exchange is the leading enterprise global Unified Communication Solution. Over the last few years, Microsoft has released versions of Exchange but with the Microsoft Exchange 2016 edition, it is comparatively far less complex than its previous versions. Microsoft Exchange 2016 has an architecture similar to Exchange 2013 both versions have consolidated the number of server roles from four to two Client Access Server (CAS) and Mailbox Server (MS). The Client Access Servers act as a proxy for Microsoft Office Outlook, Outlook Web App (OWA), Mobile Devices, POP and SMTP. The Client Access Servers can also perform authentication and redirection. This deployment guide shows configuration procedures for A10 Networks Thunder ADC line of Application Delivery Controllers to support a Microsoft Exchange Server 2016 solution. Deployment Prerequisites The Microsoft Exchange 2016 and A10 Thunder ADC integration shown in this guide is based on the following tested configuration: A10 Thunder ADC running on A10 Networks Advanced Core Operating System (ACOS ) version 4.0.x or higher. Microsoft Exchange 2016 that has been tested with A10 hardware and virtual appliances. A10 Thunder ADC that can be deployed in routed mode, one-arm mode and transparent mode. Accessing the Thunder ADC Device The ACOS platform can be configured on all A10 devices using a CLI (SSH) and GUI (Web browser). For detailed information on how to access ACOS, refer to the Default Access Information section of the System Configuration and Administration Guide 1 : Default Username: admin Default password: a10 Default IP Address of the device: 172.31.31.31 Architecture Overview The following shows the architectural overview of the Exchange 2016 deployment used in this guide. Outlook Web Client Thunder ADC Thunder ADC SQL AD DS CAS1 CAS2 Internal Client 1... Load Balanced CAS Servers Figure 1: Exchange 2016 lab overview 1 Go to https://files.a10networks.com/support-axseries/hardware-install-guides/index.html#thunder. Registration required. 3

Validating Exchange 2016 Configuration Before making configuration changes to the Thunder ADC, please use this section to validate the Exchange 2016 server configuration. Open a web browser and navigate to the Exchange Admin Center (EAC) portal (example: https://cas-ip-address/eac). Log in with valid domain credentials and verify that the exchange servers are configured properly. Navigate to the EAC portal and choose the Servers category, where a list of available Exchange servers should be posted. In the top menu, select Databases. A menu appears, listing the databases configured in your solution. The databases must be configured within database availability groups (DAGs) for redundancy purposes. To understand how to configure DAGs in Exchange 2016, please refer to the following guide: http://technet. microsoft.com/en-us/library/dd351172%28v=exchg.150%29.aspx. Once the prerequisites are configured, verify that incoming and outgoing mail can be received and sent before adding the A10 Thunder ADC device to the solution. Do not begin deployment of the ACOS solution unless Exchange 2016 is functioning correctly. Deployment Topology This deployment guide provides step-by-step instructions based on a Single VIP (Virtual IP Address) configuration with multiple services. This configuration offers a Layer 7 one-to-many mapping of a single VIP to multiple services. With this option, the Thunder ADC is configured with a single VIP bound to multiple Exchange services such as OWA, EAC, ActiveSync (Mobile), Offline Address Book (OAB), Outlook Anywhere and Auto Discover. This option provides a Layer 7 feature set, including SSL Bridge, SSL Offload and Optimization. A10 Deployment Overview The following section will be covering the CLI configuration, while the GUI instructions will be covered in the next section. In order for the admin to have ease of use, the IP address for VIP and servers can be replaced, and once replaced the configuration can be copied and pasted to the SSH session. Because the ACOS solution is based on templates, it is best to create the templates in preparation for the actual configurations such as session persistence, RAM caching, Client SSL template and others. CLI Configuration health monitor ping slb template connection-reuse ConnReuse slb template persist source-ip SIP slb template server-ssl backendssl cert backendssl key backendssl slb server Exchange1 3.3.3.10 port 443 tcp slb server Exchange2 3.3.3.20 port 443 tcp This is a template for health monitor (HM). It is used to send an ICMP check to a server or service group. Other HM options are available such POP, IMAP, HTTP/S, custom and others. This is a layer 7 feature template used to reduce the overhead associated with setting up TCP connections by establishing persistent TCP connections with backend servers and then reusing those connections for future TCP requests. The purpose of session persistence is to direct traffic from the same client to the same server. This is the encrypted/backend server SSL configuration. A valid certificate is required to use this feature. This is the section where an admin can enter the IP addresses of the Exchange server. 4

slb service-group SG443 tcp member Exchange1 443 member Exchange2 443 slb template client-ssl SSL chain-cert a10exchange cert a10exchange key a10exchange slb template cache RC accept-reload-req policy uri *.txt cache policy uri *.jpg cache policy uri *.png cache slb virtual-server VIP_Exchange 3.3.3.200 /24 port 443 https name HTTPS_443 snat-on-vip no-auto-up-on-aflex source-nat auto service-group SG443 template persist source-ip SIP template server-ssl backendssl template client-ssl SSL This is the section of guide explaining how to configure the members of your server group. This is the section to configuration that Client SSL template. The cert can be self-signed by the A10 Thunder ADC or admins can import their own cert and key. This section is the RAM Caching configuration. In this configuration below we have a policy URL to cache any.txt,.jpg or.ng files. This section is the VIP were all traffic enters before it gets load balanced to the exchange server. The templates created are now bound to the Virtual Port 443. GUI Configuration Health Monitor Template Configuration Navigate to ADC> Health Monitors > Health Monitors > Create. Note: Ping/ICMP health monitor is the default health monitoring (HM) option in ACOS. If you need to define other health monitor option, the HM can be configured in this section. 5

Connection-Reuse Configuration Navigate to ADC > Templates > Layer 7 Protocols. RAM Caching Configuration Navigate to ADC > Application > Create > RAM Caching. Source IP Persistence Template Navigate to ADC > Template > Persistence > Persist Source IP. SSL Certificate Configuration (Optional) Navigate to ADC > SSL Management > Create. Note: There is an option in ACOS to import and export certificates. For additional instructions on how to import or export certificates, use the ACOS System and Management Guide 2. In this guide, we will be using a selfsigned certificate and it can be generated from this location from the GUI: ADC > SSL Management. Note: Certificates can be created for Client-side or Server-Side SSL. Fill the necessary information and save certificate for future use. 2 Go to https://files.a10networks.com/support-axseries/hardware-install-guides/index.html#thunder. Registration required. 6

For Backend SSL Configuration Navigate to ADC > SSL > Server SSL. For Client-Side SSL Configuration Navigate to ADC > SSL > Client-Side SSL. Server Configuration To add the servers on the Thunder ADC, navigate to ADC > SLB > Servers > Create. Add all necessary servers needed for the server group. Service Group Configuration To add the servers on the Thunder ADC, navigate to ADC > SLB > Service Groups > Create. Virtual Server Configuration To add the virtual server configuration, navigate to ADC > SLB > Virtual Servers > Create. 7

To add the Virtual Port, navigate to ADC > SLB > Virtual Servers, click the Virtual Port Create. Finally, for all of the templates that have been configured earlier such as RAM Caching, Source IP Persistence and others, you can now bind them to the virtual port by using the drop down menu under the template section. Summary and Conclusion A10 Networks has successfully completed lab testing of the Thunder ADCs interoperability with Exchange 2016 for customer deployments. As a result of the testing, A10 has determined that Exchange 2016 did not introduce significant architectural changes when compared to Exchange 2013. The A10 Thunder ADC, powered by ACOS, enhances Microsoft Exchange 2016 by providing the following: Higher scalability Enterprises can easily scale Exchange 2016 by load balancing traffic across multiple CAS servers. Higher performance Higher connection counts, faster end-user responsiveness and reduced IIS server CPU utilization are realized by using advanced ACOS features: HTTP Compression, RAM Caching and Connection Reuse. High availability Exchange service availability is verified through periodic health checks. Additional Resources https://www.a10networks.com/products/thunder-series/thunder-application_delivery_controller https://www.a10networks.com/products/acos-technology-platform https://www.a10networks.com/products/ssl-offload https://www.a10networks.com/resources/deployment-guides https://www.a10networks.com/resources/solution-briefs 8

Appendix Sample Configuration slb server Exchange1 3.3.3.10 port 443 tcp! slb server Exchange2 3.3.3.20 port 443 tcp! slb service-group SG443 tcp member Exchange1 443 member Exchange2 443! slb template client-ssl SSL chain-cert a10exchange cert a10exchange key a10exchange! Slb template server-ssl backendssl cert backendssl key backendssl slb template cache RC accept-reload-req policy uri *.txt cache policy uri *.jpg cache policy uri *.png cache! slb virtual-server VIP_Exchange 3.3.3.200 /24 port 443 https name HTTPS_443 snat-on-vip no-auto-up-on-aflex source-nat auto service-group SG443 template persist source-ip SIP template server-ssl backendssl template client-ssl SSL 9

About A10 Networks A10 Networks is a leader in application networking, providing a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, California, and serves customers globally with offices worldwide. For more information, visit: www.a10networks.com Corporate Headquarters A10 Networks, Inc 3 West Plumeria Ave. San Jose, CA 95134 USA Tel: +1 408 325-8668 Fax: +1 408 325-8666 www.a10networks.com Part Number: A10-DG-16157-EN-02 Mar 2016 Worldwide Offices North America sales@a10networks.com Europe emea_sales@a10networks.com South America latam_sales@a10networks.com Japan jinfo@a10networks.com China china_sales@a10networks.com Hong Kong HongKong@a10networks.com Taiwan taiwan@a10networks.com Korea korea@a10networks.com South Asia SouthAsia@a10networks.com Australia/New Zealand anz_sales@a10networks.com To learn more about the A10 Thunder Application Service Gateways and how it can enhance your business, contact A10 Networks at: www.a10networks.com/contact or call to talk to an A10 sales representative. 2016 A10 Networks, Inc. All rights reserved. A10 Networks, the A10 Networks logo, ACOS, Thunder and SSL Insight are trademarks or registered trademarks of A10 Networks, Inc. in the United States and other countries. All other trademarks are property of their respective owners. A10 Networks assumes no responsibility for any inaccuracies in this document. A10 Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. For the full list of trademarks, visit: www.a10networks.com/a10-trademarks. 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information