The Hub and Edge Transport Server Roles
The purpose of this post is to explain the differences between the two transport role servers, the Hub Transport and the Edge Transport.
We will look at some of the key aspects of transport servers including:
- Send/Receive Connectors
- Anti-spam and Anti-virus protection
- Transport Rules
- Hub/Edge Synchronization
Take for example a scenario where your company has configured enough of it’s organization that they want to be able to send and receive email in full production. Because of this, we should discuss the configuration elements involved in our transport role servers. In our example, we have more than just a Hub Transport server, we also have an Edge Transport server that we installed but never configured to work with our Hub.
You’re never really completely done with Exchange, there’s always something left to do, to monitor etc.
So to start, in the Hub Transport server in the EMC, and click on Organization Configuration -> Hub Transport, we have several tabs:
Send Connectors – Here you might not see any send connectors if none have been setup. Receive connectors are located under the Server Configuration-> Hub Transport. We don’t have any Anti-spam settings here yet in our Hub Transport role.
Edge Subscriptions – Here we will create a connection to our Edge Transport Server
Global Settings – we will go over this later
Email Address Policies – we will go over this later
Transport Rules – Here we can create transport rules, with conditions, actions, and exceptions – by default none.
Journal Rules – by default are blank
Remote Domains – we will go over this later
Accepted Domains – we will go over this later
If we remote into our “Edge” transport server, our EMC will be pretty much empty except for our Edge Transport settings. It’s one of the easiest server roles to work with because there is not much here to configure:
The five tabs we have to work with are:
Hub vs. Edge: – Hub is on the inside of the firewall
Edge Transport sits on the edge of the network, in the DMZ. It it isolated, but is there to defend the network. Edgesynch synchrononization is the connection between the hub and edge transport servers.
Hub handles all of the mail flow within the company: Applies Transport Rules, Journaling policies, delivers messages to mailboxes and more.
If there is no Edge transport role, the Hub will relay messages to the internet. The Edge Transport server minimizes attacks from the internet – virus, spam, etc. . You can have more than one Hub or Edge Transport servers for failover capabilities.
You can export settings from one Edge Transport server to a 2nd Edge.
Do you need to have an Edge Transport Server? No. However, it is recommended that you have some kind of protector in se.
Without an Edge Transport Server, by default you will be missing Anti-Spam solution, and certain Transport Rules.
You can enable Anti-Spam on the Hub transport server, or a 3rd party solution.
Mail will go through Hub and Edge transport servers. All mail will flow between them.
- If you have one HT and one ET, all mail will flow between them, both incoming and outgoing
- To make the connection between the HT and ET you need to make a manually configured synchronization. It is also called a subscription or an “edge synch process”
- It isn’t part of the domain
- It can cut down the spam at the front door
A large majority of the content provided in my Blog’s Exchange series is derived from J. Peter Bruzzese’ excellent Train Signals Exchange Server 2010 Video Disk Series, as well as my own Exchange 2010 lab. Trainsignal.com is an invaluable source for accurate, easy to understand, IT information and training. http://www.trainsignal.com