Chapter 3: Understanding Core Exchange Server 2007 Design Plans


1 2 3 4 Page 4
Page 4 of 4

In addition to being secure by default, Exchange Server 2007 server roles are built in to templates used by the Security Configuration Wizard (SCW), which was introduced in Service Pack 1 for Windows Server 2003. Using the SCW against Exchange Server helps to reduce the surface attack area of a server.

Patching the Operating System Using Windows Software Update Services

Although Windows Server 2003 presents a much smaller target for hackers, viruses, and exploits by virtue of the Secure by Default concept, it is still important to keep the OS up to date against critical security patches and updates. Currently, two approaches can be used to automate the installation of server patches. The first method involves configuring the Windows Server 2003 Automatic Updates client to download patches from Microsoft and install them on a schedule. The second option is to set up an internal server to coordinate patch distribution and management. The solution that Microsoft supplies for this functionality is known as Windows Software Update Services (WSUS).

WSUS enables a centralized server to hold copies of OS patches for distribution to clients on a preset schedule. WSUS can be used to automate the distribution of patches to Exchange Server 2007 servers, so that the OS components will remain secure between service packs. WSUS might not be necessary in smaller environments, but can be considered in medium-sized to large organizations that want greater control over their patch management strategy.

Implementing Maintenance Schedules

Exchange still uses the Microsoft JET Database structure, which is effectively the same database engine that has been used with Exchange from the beginning. This type of database is useful for storing the type of unstructured data that email normally carries, and has proven to be a good fit for Exchange Server. Along with this type of database, however, comes the responsibility to run regular, scheduled maintenance on the Exchange databases on a regular basis.

Although online maintenance is performed every night, it is recommended that Exchange databases be brought offline on a quarterly or, at most, semiannual basis for offline maintenance. Exchange database maintenance utilities, eseutil and isinteg, should be used to compact and defragment the databases, which can then be mounted again in the environment.

Exchange databases that do not have this type of maintenance performed run the risk of becoming corrupt in the long term, and will also never be able to be reduced in size. Consequently, it is important to include database maintenance into a design plan to ensure data integrity.


Exchange Server 2007 offers a broad range of functionality and improvements to messaging and is well suited for organizations of any size. With proper thought for the major design topics, a robust and reliable Exchange email solution can be put into place that will perfectly complement the needs of any organization.

When Exchange design concepts have been fully understood, the task of designing the Exchange Server 2007 infrastructure can take place.

Best Practices

The following are best practices from this chapter:

  • Use site consolidation strategies to reduce the number of Exchange servers to deploy.

  • Separate the Exchange log and database files onto separate physical volumes whenever possible.

  • Install Exchange Server 2007 on Windows Server 2003 R2 Edition when possible.

  • Integrate an antivirus and backup strategy into Exchange Server design.

  • Keep a local copy of the global catalog close to any Exchange servers.

  • Implement quarterly or semiannual maintenance procedures against Exchange databases by using the isinteg and eseutil utilities.

  • Keep the OS and Exchange up to date through service packs and software patches, either manually or via Windows Software Update Services.

  • Keep the AD design simple, with a single forest and single domain, unless a specific need exists to create more complexity.

  • Identify the client access methods that will be supported and match them with the appropriate Exchange Server 2007 technology.

  • Implement DNS in the environment on the AD domain controllers.

Copyright © 2007 Pearson Education. All rights reserved.


Copyright © 2007 IDG Communications, Inc.

1 2 3 4 Page 4
Page 4 of 4
The 10 most powerful companies in enterprise networking 2022