In his article Office 365 and the Development of Exchange 15, Windows IT Pro writer B.K. Winstead writes:
…it makes me wonder if in Exchange 15 or a later version of Exchange we might see the Edge server role disappear altogether, its function subsumed by the FOPE service. By all accounts, the Edge role hasn’t been widely used in Exchange 2010 or Exchange 2007 deployments as it is. Presumably, organizations are already using other security measures along the lines of FOPE and haven’t felt the need of the extra overhead of deploying the Edge role.
His comments are based on a quote from Microsoft’s Exchange General Manager Kevin Allison:
“The Edge server role and transport generally have been combined with what has traditionally been the FOPE stack,” Allison said. “We’re focusing on protection relative to the FOPE service coming on, focusing it on an online service versus something that we’re delivering as a server itself. Today in the Office 365 world, all of our message gateway into the product is through that edge service, which is now FOPE. And we’re transitioning the on-premises business into this online mode as well.”
Although customers I work with to this day run Edge Transport servers, I’ve certainly worked with plenty that do not. When I surveyed Exchange Server Pro readers last year on their usage of the Edge role these were the results:
When the Edge Transport server role first appeared in Exchange Server 2007 the timing was awkward. Most customers I worked with at the time were well invested in third party email security systems, whether that be a dedicated server/appliance or a software product installed on the Exchange server itself.
The Edge Transport server didn’t have a compelling reason at the time for customers to make the switch. Although over the years I’ve seen plenty of scenarios where it is useful (for example, those customers with a specific security policy about allowing SMTP directly into the internal network), the emergence of cloud-based email security products, including those from vendors who previously made on-premise solutions only, has shifted the focus more in that direction.
Indeed, Microsoft’s own Forefront Online Protection for Exchange (FOPE) is a good option and makes a lot of sense considering the hybrid on-premise/cloud environments that are becoming more common. And with the engineering focus that Office 365 and FOPE receive these days, it can only get better.
Which just leaves those 34% of survey respondents above. If the Edge role disappears in Exchange 15 then 1/3rd of organizations may be faced without a simple “like for like” migration scenario to move to Exchange 15. Historically Exchange Server customers have not been happy to have major features with decent adoption rates taken away (case in point, public folders are still around and many organizations still strongly depend on them).
Perhaps Exchange 15 will be the Edge Transport server role’s “one last time”.
What do you think? Does Exchange 15 need to maintain the Edge Transport server role? Or has it become irrelevant in your organization?
We’ve got the 2010 exchange environment with edge and looking forward to demoing 2013. In the lab we will try 2013 with 2010 edge but what other alternatives would you all recommend preferably onsite virtualized or maybe cloud spam/smart hosts?
No particular recommendations. I suggest you work out what your actual budget, business and technical requirements are and then select 2-3 products or services to evaluate.
Pingback: Shock Exchange server 2013 |
Pingback: Exchange Server 2013 Mail Flow and Transport Services
Pingback: Exchange Server 2013 Server Roles
I do not see the edge role going forward due to the expenses of licensing and availability of other, less expensive options.
I do wish that Hub Transport servers offered the address re-write ability. To be honest, the Exchange licensing model would be better served if it was similar to Lync, requiring that the mailbox servers are licensed and ancillary roles are essentially free.
Pingback: The UC Architects » Episode 1: In the beginning…
Edge Transport is Microsoft’s “me too” approach to SMTP gateways. THere are so many other products that fill this niche on dedicated hardware or virtual images, I can’t see using up a server, a Windows licence and an Exchange licence to achieve it.
(Yes, you could virtualise the server, but the other two points still stand)
Does FOPE provide all of the custom filtering that Edge Transport does? For example, no NDRs for non-existant users, to protect against AD data harvesting? Also, for any US Government people out there, is FOPE DISA compliant? Are we still able to view Agent logs?
The idea of managing Exchange from a single interface to me is one powerful attribute that the Exchange team should leverage on. Introducing the edge servers is additional administrative headache. I’d rather use hosted spam/smart hosts.
By the way are there any speculations on having native CAS HA like the Hub Transport server?
Don’t think Edge is needed. Most of the companies which use E-Mail have already that kind of solutions in their DMZ and there is no need for Edge at additional costs for OS and Application.
Bernd
I think we should still have it, it doent need to be in corporate AD and can be puit in DMZ. So still using it as a smart host to deliver mails from my hub to my hosted spam/mail provider.