Deployment tips for the Exchange 2007 Edge Transport server role

Although Exchange 2007 has undergone a major overhaul and sports brand new features, the most noticeable additions to the product are the Edge Transport services and Unified Messaging. A full Unified Messaging deployment can be complex, but the actual role installation on an Exchange server is a piece of cake. The Edge Transport server, however, has some unique requirements and recommendations.

Recommendations

• Install the Edge Transport server to a computer that is not a member of your Active Directory organization. In this way, the Edge Transport server can be considered expendable when it comes to the possibility of facing an attack from the outside.
• Install the Edge Transport server on a computer that is in your organization's DMZ. Don’t put it completely outside the firewall, and don’t place it on the inside of the network.

Requirements

• The Edge Transport server role can't coexist with any other Exchange 2007 server roles. It must be installed on its own hardware.
• The Edge Transport server must have a primary DNS suffix before the role can be installed. This isn’t an issue for machines that are members of your domain, but on standalone machines, is a step that is sometimes forgotten.
• You must install Active Directory Application Mode (ADAM) on the Edge Transport server before you install the new role. During the ADAM installation, accept all of the defaults. The Edge Transport server installation process will handle the ADAM configuration.
• The computer on which you install the Edge Transport server role has the same software requirements as a normal Exchange 2007 server. Make sure that the .NET Framework 2.0, the Microsoft Management Console 3.0, and PowerShell 1.0 are installed before you proceed.
• You must change your external DNS MX record to point to the Edge Transport server.
• The IP address for the Edge Transport server must be in your DNS and accessible by the Hub Transport server.

The following ports must be open on the firewall between your Edge Transport server and Hub Transport server.

Once you complete the installation of the Edge Transport server, you must either manually create SMTP send and receive connectors between the Edge Transport and Hub Transport servers or subscribe the Edge Transport server to the Exchange organization.