Practical 365

You are here: Home / Exchange Server / Taking the Edge Out of Hybrid Configurations

Taking the Edge Out of Hybrid Configurations

by 2 Comments

Share5
Share6
+1
Shares 11

At the recent Microsoft Ignite conference my friend and fellow MVP Michael Van Horenbeeck delivered a short presentation titled Edge Transport servers and Hybrid: Why, or why not?

You can check out the slide deck here, but to summarize the main points, the reasons to run Edge in a hybrid environment are:

  • You have a technical/security requirement to terminate incoming SMTP (from Exchange Online) in your DMZ
  • You need to re-route messages before they enter your on-premises Exchange organization
  • You need the Edge Transport server's address rewriting capabilities

The reasons not to deploy Edge are:

  • You have more servers to manage
  • Edge Transport mail filter (e.g. anti-spam) features are not as effective as other solutions
  • It increases the complexity to your environment

Michael also notes that managing Edge Transport is PowerShell only, which may be a downside for some admins.

I happened to be running an Edge Transport server in my hybrid test lab, and hadn't really thought about whether I needed it until I saw the tweets during Michael's presentation. Originally I deployed the Edge Transport server in my lab to route email to some separate labs on different domains. Occasionally my lab's mail flow would break, and I had to deal with the added complexity of troubleshooting an environment that has an Edge server deployed. So I decided to get rid of it.

Removing an Edge Transport server from a hybrid environment is not a difficult task in itself, but you might have environmental factors that increase the work involved. The steps I followed were:

  1. Re-run the Hybrid Configuration Wizard to reconfigure my hybrid mail flow to use the Exchange 2016 Mailbox servers, instead of the Edge Transport server.
  2. Updated my inbound NAT for SMTP (TCP port 25) to point to the Exchange 2016 Mailbox server (I made this change immediately after running the HCW).
  3. Sent some test messages and waited 24 hours, then confirmed with message tracking logs on the Edge Transport server that no new messages had traversed the Edge server.
  4. Removed the Edge subscriptions.
  5. Uninstalled the Edge Transport server.
  6. Shut down and decommissioned the VM.

The result is a simpler Exchange hybrid environment with fewer servers to operate, maintain, and troubleshoot.

Paul Cunningham
Paul is a Microsoft MVP for Office Servers and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul is a co-author of Office 365 for IT Pros and several other books, and is also a Pluralsight author.
Share5
Share6
+1
Shares 11

Comments

  1. I also dont see need for edge in hybrid. If you go hybrid you “trust” o365 and extend your Exchange organization to o365, so its one org. Also you can only allow o365 ip adresses on firewall for the hybrid mail flow fqdn if you not use mx record.

    Reply

Leave a Reply

eBooks and Training

Recommended Resources

About This Site

Practical 365 is a leading site for Office 365 and Exchange Server news, tips and tutorials, run by Paul Cunningham, Microsoft MVP, author, speaker, and consultant. Read more...

To stay up to date: