Email Server Gets Boost to Go Past 2025
Today. Microsoft splashed out with a set of Exchange Server announcements to lay out the future for Exchange Server, address concerns about the longevity of the on-premises email server, and to emphasize their continued investment in the technology. The big announcement is a revision of their original plan announced at Ignite 2020 to ship a new version of Exchange Server in 2021 based on a subscription model. Instead, the next version of Exchange Server will appear in 2025, just in time to take over from aging and out-of-support versions.
Microsoft also announced that they’re bringing back the Microsoft Exchange Conference (MEC), albeit in a denuded virtual format. The event takes place on September 13-14, 2022. Finally, Microsoft is looking for customers and partners to join the Technology Adoption Program (TAP) for Exchange Server. Essentially, TAP gives access to pre-release builds of Exchange Server.
Exchange V.Next (Exchange Server 2025?)
Justifying their abandoned plans for a subscription-based version of Exchange Server, Microsoft pointed to the Hafnium attack in March 2021. It’s fair to say that Microsoft diverted many engineering resources to improve the security and resilience of on-premises Exchange since the explosion of attacks against poorly maintained and insecure on-premises servers, leading to new functionality like the Emergency Mitigation Service. It’s also reasonable that Microsoft went back to the drawing board to build a new plan for on-premises Exchange.
But it is surprising to read an assertion that “state sponsored threat actors were targeting on-premises Exchange servers.” IT professionals understood the dangers of allowing Exchange servers to connect to the internet without belt-and-braces security before the Hafnium attack happened.
In any case, it’s good news to have solid news about a new version, even if Microsoft didn’t give any details about Exchange V.next. Instead, they said that they’ll reveal pricing and licensing information and give insight into the functionality included in the new release in the first half of 2024.
Exchange 2007 was the first 64-bit version. Since then, Exchange upgrades have involved the purchase of new hardware and moving mailboxes from old servers to new servers. There’s a lot to like about the approach because it means that the new version of Exchange runs on new hardware. However, it’s an expensive method. Microsoft says that they will introduce an in-place upgrade from Exchange 2019 to Exchange V.next. This facility won’t be available for earlier versions, which is another good reason to move to Exchange 2019.
Exchange 2019 has hefty hardware requirements, especially in terms of server RAM, so it’s nice to see that customers will be able to upgrade these servers to run V.next. Cynics might say that Microsoft is able to do this because Exchange V.next will be just like a big cumulative update for Exchange 2019. There’s probably some truth in that assertion. I don’t anticipate (but could be surprised) that Microsoft will include any game-changing functionality in Exchange V.next like the introduction of the Database Availability Group in Exchange 2010.
Instead, it’s likely that Microsoft will continue along the path established by Exchange 2019 to improve the architecture and include new features over time, like security updates, compliance features to align with some of the functionality available in Office 365, and the work they are doing to introduce support for modern authentication to enable on-premises Exchange to move away from basic authentication.
Microsoft’s decision to go ahead with modern authentication for pure on-premises deployments of Exchange Server reverses their previous stance that they would not pursue this option, and it’s very welcome. As a reminder, the big basic authentication turn-off starts in Exchange Online on October 1, 2022.
In their post, Microsoft calls out the change made in Exchange 2019 CU12 to allow customers to turn off (but not remove from the organization) the last Exchange server in a hybrid organization. Perhaps they’ll include a GUI to support recipient management for hybrid organizations in V.next (if not, there’s always Steve Goodman’s tool).
The Experts Conference 2023 European Roadshow
Join Tony Redmond and other Microsoft MVPs April 17-21 for practical security insights into hybrid AD and Microsoft 365.Learn More!
The Support Question
Exchange 2019 is the only version of Exchange Server in mainstream support. Exchange 2016 is in extended support and will exit support on October 14, 2025. Exchange 2019 exits extended support on the same day, so this is clearly an important date for Exchange Server customers.
Microsoft isn’t changing the support dates for Exchange 2016 or Exchange 2019. Their advice is to migrate to Exchange 2019, but that doesn’t gain any extra support timeline. To go further, customers must move to Exchange Server V.next, which uses Microsoft’s Modern Lifecycle Policy instead of the more traditional support cycle. The most important points about the modern lifecycle policy are:
- Microsoft provides support on a continuous basis. In other words, regular updates with no end of support dates.
- Customers must apply the updates and stay current. AS Microsoft notes “Changes for these products and services may be more frequent and require customers to be alert for forthcoming modifications to their product or service.”
To help prompt customers about server updates, Microsoft plans to introduce a new server dashboard for hybrid environments later in 2022 (Figure 1). The data displayed in the new dashboard comes from logs and public records. Exchange 2019 is lined up to get a similar dashboard in early 2023.
Software Assurance Needed
Another important point is that Exchange V.next will be available only to customers with Software Assurance. Microsoft says that the new version will require Server and CAL licenses, just like current versions of Exchange Server.
Given that recent attacks managed to discover many unsupported and insecure servers, I’m not sure that the folks responsible for those servers will be motivated to purchase Software Assurance and migrate first to Exchange 2019 and then to V.next. And that’s OK because Microsoft wants to move the organizations with those servers to Exchange Online.
MEC is Back (Virtually)
The last in-person Microsoft Exchange Conference took place in Austin, Texas in March 2014. The advent of the Ignite conference, first run in May 2015, nixed plans for future MEC events. Microsoft plans to bring MEC back as a virtual event on September 13-14.
I hate the idea of a virtual MEC. Virtual events were an important part of keeping the technical community going during the pandemic, but I don’t care if I never attend another virtual event. They bore the pants off me. Virtual events lack personal interaction, passion, and excitement. They are a purely functional experience devoid of any community-building capability.
But virtual events have their place and it’s good that Microsoft recognizes that they need to foster and encourage the Exchange community. It would just be better in person, which is why I’m looking forward to TEC 2023 in Atlanta the week after MEC.