Exchange Environment Recommendation

sdotbrucato

[H]ard|Gawd
Joined
Oct 7, 2005
Messages
1,722
We have a client that is currently running an Exchange 2003 environment with 150+ users. They are looking to moving to Server 2008 R2 with Exchange 2010 environment. I'm not sure how to even approach this one in regards to specing out the server, as I've never dealt with anything this big.

Can anyone provide me with insight on this?

Thanks,
 
Some things to consider....typical mailbox size? Do most of the employees deal with large files or not? Lots of remote users? (outlook anywhere, etc).

How many other servers in the mix?
 
It's for a specialized medical office. Not a lot of large files going to or from. Mainly just typical documents, everything else goes through their EMR/EHR systems. I'd say the typical mailbox size is under 500MB, with a few physicians and C-Levels with 1GB+. About 25 users with iPhones.

Currently they're going to be moving to a mainly virtualized environment, but have 30 servers in production at the moment. Let me know if I could provide any more information. Thanks.
 
I'd say, availability is the major question you'd need to answer as that answer will determine how complex the environment will have to be.

A standalone with the 4 roles installed might be sufficient. Split up the log and database files, RAID1 and RAID5/6/10 respectively, lots of memory and dual quads.
 
For single server with all roles and lets say 175 mailboxes here is what I would build for myself (in a virtualized environment).

4x CPUs
10GB RAM (Microsoft recommends 8GB as a minimum to run all the roles, I personally build in +1GB for every 75 mailboxes.)
60GB C drive for OS, Exchange, and Pagefile
500GB Storage drive for mailboxes.

Also remember that exchange can get very I/O heavy for an organization that has a lot of mail flow, so you may want to consider putting it on SAS drives if possible.

For external connectivity Outlook anywhere is a must, and activesync comes standard. Outlook anywhere takes about 10 seconds to configure, and uses port 443 to communicate, so there really isn't any reason you shouldn't have it.

Personally I have 264 mailboxes in my organization right now and that is what I am running (though I have 14GB of RAM). I have not found any reason to have more then 1 mailbox DB, 1 public folders, and 1 journal DB. Runs very smoothly and even under heavy load mail doesn't slow down.
 
So it seems the general consensus is splitting the roles among two servers wouldnt be needed?
 
So it seems the general consensus is splitting the roles among two servers wouldnt be needed?

IMHO unless you have more then 500 heavy use mailboxes there is no need to split up the roles unless you are doing a CASArray / DAG for redundancy.

Not to mention you are going to need 1 windows and 1 exchange license for each server.
 
Don't forget you will need lots of disk space, exchange never gives disk space back so you need quite a lot of storage to hold all the white space. I have sen so many exchange servers out of space within 2 years.
 
Don't forget you will need lots of disk space, exchange never gives disk space back so you need quite a lot of storage to hold all the white space. I have sen so many exchange servers out of space within 2 years.

Right now the mailstore is at ~50GB so I'm not too horribly concerned with storage yet The old enviroment is running with a 200GB RAID and they have plenty of space. Unless the migration from 2003 to 2010 will make this size grow exponentially, I think the recommendation of a 600GB RAID10 will be fine for the Database partition, correct?
 
We have a client that is currently running an Exchange 2003 environment with 150+ users. They are looking to moving to Server 2008 R2 with Exchange 2010 environment. I'm not sure how to even approach this one in regards to specing out the server, as I've never dealt with anything this big.

Can anyone provide me with insight on this?

Thanks,

You're building a totally new server (virtual or physical), installing Windows Server 2008 R2 and Exchange Server 2010 SP1 on it, and then migrating the data from Exchange Server 2003 to new appliance, right? Any spam/filtering appliance or backup solution in place at all?
 
You're building a totally new server (virtual or physical), installing Windows Server 2008 R2 and Exchange Server 2010 SP1 on it, and then migrating the data from Exchange Server 2003 to new appliance, right? Any spam/filtering appliance or backup solution in place at all?

Correct, we arebuilding a new box to replace the 2003 environment. The client has licensing for Symantec Anit-SPAM, and we have a BDR NAS onsite doing backups and sending to a data center. (Zenith InfoTech)
 
Do you have to deal with any sort of compliance regarding the mail delivery between the different parties? I'm curious to know if you have to use something like Cisco's Ironport for any sort of transport/tunnel mode.
 
First thing is first, consider Office365. Cloud isn't for everyone but you may find it's a more cost effective option depending what hardware they already have - you won't be able to give it more redundancy than Microsoft can, but obviously you compromise some control and flexibility.

If you do keep it in-house, Microsoft's Exchange Teams current recommendation is, unless there's a strong reason not to do so, to use multi-role servers.

Start with one, add more if/when you want to bring in things like CAS Arrays and DAGs.

If you're going virtual stick to similar rules as you would with a physical box.

2 vCPU's should be plenty, give it as much RAM as you can, no such thing as too much, and keep in mind that Exchange 2010 is an order of magnitude different (better) from Exchange 2003 so you won't need to throw as many IOPS at it.

Use this and it will give you some idea what you want to be looking at:

http://blogs.technet.com/b/exchange/archive/2011/10/12/released-v17-8-of-the-exchange-2010-mailbox-server-role-requirements-calculator.aspx
 
I would honestly do a DAG using shared storage. If a SAN isn't available, then using local disk is fine.

A DAG is trivial to setup and provides some redundancy and continuity. I would also create at least 2 mailbox databases. As Jay points out, Exch doesn't recover white space. To do so, you can move mailboxes in between the mailbox db's to free up the space if you wish.

Also, I'd implement an edge server on a DMZ instead of having your exch/owa direct facing. Don't setup the CAS as a hostname of a machine, instead use a cname in case you ever want to utilize a CAS array.

I use the 7 instance approach. 3 DAG (I run backup-less), 2 CAS (using a Kemp load balancer) and 2 Edge but this is total overkill for small orgs.
 
I wouldn't recommend DAG unless you have at minimum 3 machines. With a 2 system DAG you run into a lot of problems recovering after a host failure. Also for CAS servers a CASArray will work just fine instead of using a physical (or virtual) load balancer, unless you are doing large scale enterprise or hosted exchange.
 
I have no Exchange experience. We just recently went Office 365 (non profit) on the E1 plan. $4 per user(per month $10 regularly I think). 25Gig mailbox size. Sharepoint access, Lync, 500mb added per user to sharepoint storage. OWA for all users. 5 device limit per IMAP user. 110 users.


Allows domain integration where it syncs the users in your domain with the outlook users. You can then assign/not assign licenses to who you want/however many you bought.
 
We have a client that is currently running an Exchange 2003 environment with 150+ users. They are looking to moving to Server 2008 R2 with Exchange 2010 environment. I'm not sure how to even approach this one in regards to specing out the server, as I've never dealt with anything this big.

Can anyone provide me with insight on this?

Thanks,

If you've never done an exchange migration, you need to find someone who has. It's not particularly difficult, but 150 users of medical data isn't something you play with. From a technical standpoint, anyone should be able to spec out a server. That's not the hard part at all. Migrating AD from 2003 to 2008, plus the server roles and everything else will be the challenging part. This may help:

http://exchangeserverpro.com/exchange-2010-mailbox-server-requirements-calculator-updated
 
If you've never done an exchange migration, you need to find someone who has. It's not particularly difficult, but 150 users of medical data isn't something you play with. From a technical standpoint, anyone should be able to spec out a server. That's not the hard part at all. Migrating AD from 2003 to 2008, plus the server roles and everything else will be the challenging part. This may help:

http://exchangeserverpro.com/exchange-2010-mailbox-server-requirements-calculator-updated

I assure you, this is not something I, or anyone else in my office plan on taking on alone. We're looking into other consultants that could assist in the project. I was tasked with specing out hardware for the prelim quote.
 
First thing is first, consider Office365. Cloud isn't for everyone but you may find it's a more cost effective option depending what hardware they already have - you won't be able to give it more redundancy than Microsoft can, but obviously you compromise some control and flexibility.

If you do keep it in-house, Microsoft's Exchange Teams current recommendation is, unless there's a strong reason not to do so, to use multi-role servers.

Start with one, add more if/when you want to bring in things like CAS Arrays and DAGs.

If you're going virtual stick to similar rules as you would with a physical box.

2 vCPU's should be plenty, give it as much RAM as you can, no such thing as too much, and keep in mind that Exchange 2010 is an order of magnitude different (better) from Exchange 2003 so you won't need to throw as many IOPS at it.

Use this and it will give you some idea what you want to be looking at:

http://blogs.technet.com/b/exchange/archive/2011/10/12/released-v17-8-of-the-exchange-2010-mailbox-server-role-requirements-calculator.aspx

365 is good stuff, affordable, easy, and best of all.... you don't have to assure uptime. That's worth the money to me right there.
 
A quad core system with 8GB would probably be overkill for that amount of users and mailbox size but one thing you should definitely do is get a real RAID controller and 10k or 15k SAS disks. One thing to keep in mind though that a software AV scanner will increase resource usage quite a bit. A separate spam filter or email encryption device would offload all of that load.
 
Exchange 2010 is very very very well done in that you don't need expensive SAS or raid arrays for the storage / database any more unlike 2007 and before.

i run our exchange 2010 box, soley exchange, on an older Dell PE 2850 with 2 dual cpu Xeons (socket 604) with HT 2.4Ghz each and 8G of DDR 1 ram. I have 3 x raid 1 arrays using Ultra320 SCSI drives, 2 drives in each array. OS is 73G , Logs is 36G and database is 143G.

i seldom see CPu usage above i would say %30, system is fast, it has 86 mailboxes, about 20 access in outlook over OWA and everyone else uses the OWA webmail.

i do recommended GFI mail essentials,. worth every penny for us.

Spend the money on a decent quad, 8G of ram and some good SAS drives, then build a good backup box to dump backups to.
 
I think this was already mentioned but not addressed - what are you going to do to address email encryption for HIPAA compliance? Even if they won't admit it, they more than likely send PHI over email, and if so it must be encrypted - unless they are willing to pay up to a $650K fine per incident.
 
I run an on-site ExchangeServer for ~15 users. It runs on a PowerEdge T300 C2D 2.13 Originally with 4GB, upgraded to 12GB. Server2K8r2, Exchange2010sp1, Forefront for Exchange.
4xSATA 2TB RAID10
Multiple users have 2GB mailboxes, send large files all day long, no issues. Probably only thing I would change is a beefier processor. Outlook anywhere, office computers use Outlook, mobile use ExchangeSync on Android, websync on blackberry. We had it up and running on 4GB but it was just thrashing around- adding 8GB makes it run like buttah.
 
I think this was already mentioned but not addressed - what are you going to do to address email encryption for HIPAA compliance? Even if they won't admit it, they more than likely send PHI over email, and if so it must be encrypted - unless they are willing to pay up to a $650K fine per incident.

Email encryption is all done through a ZIXMail appliance onsite. Encryption on the fly by keywords. Really nice appliance.
 
I'll architect your whole environment for you. Just send me $500 through PayPal. :)
 
$500 eh, so you're valueing yourself at under $35/hr for this? Sounds like a steal, but no thanks,we got this handled.
 
Back
Top