Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risks and Benefits of Exchange 2013

Similar presentations


Presentation on theme: "Risks and Benefits of Exchange 2013"— Presentation transcript:

1 Risks and Benefits of Exchange 2013
Joe Hoegler, Kraft Kennedy September 1, 2015 Session #066

2 Introduction Joe Hoegler
Practice Group Leader, Infrastructure & Enterprise Systems at Kraft Kennedy Microsoft Certified Master | Exchange 2010 Microsoft Certified Master | Office 365: Exchange Online Microsoft Certified Solutions Master: Messaging Advised over 100 law firm clients totaling over 100,000 users on Exchange 2010/2013 projects Exchange TAP participant since 2011

3 Session Goals Exchange 2013: Architecture, Features, & Functionality
Highlight key differences and benefits relative to previous versions Discuss primary drivers for migration from previous versions Identify specific benefits for law firms Keys to Success with Exchange 2013 Common Pitfalls with Exchange 2013 Introduction to Exchange 2016 Questions

4 Exchange 2013: Architecture, Features, & Functionality

5 Overview of Key Considerations
Considered a “major upgrade” Another server role architecture change Outlook 2007 or later required No support for Outlook 2003 Exchange 2007 or later required for coexistence No supported direct upgrade path from Exchange 2003 Additional IOPS reductions Focus on mobility and consistency of user experience New and consolidated administration

6 Architecture Evolution: Exchange 2003

7 Architecture Evolution: Exchange 2007
Exchange Organization Edge Transport server role Hub Transport server role Client Access server role Internet CCR Environment Mailbox server role (Active) (Passive) Unified Messaging server role

8 Architecture Evolution: Exchange 2010
Enterprise Network Phone system (PBX or VOIP) Edge Transport Routing and AV/AS Hub Transport Routing and policy External SMTP servers Mailbox Storage of mailbox items Unified Messaging Voice mail and voice access Mobile phone Client Access Client connectivity Web services Web browser Outlook (remote user) Line of business application Outlook (local user)

9 Architecture Evolution: Exchange 2013
Enterprise Network Edge Transport Routing and AV/AS Mailbox Server Data Storage & Rendering HA/DR CAS HTS UM Public Folders External SMTP servers Client Access Server Protocol Proxy Client Connectivity Mail Routing IIS HTTP SMTP POP/IMAP UM (SIP/RTP redirect) Mobile phone Web browser Outlook (remote user) Line of business application Phone system (PBX or VOIP) Outlook (local user)

10 Exchange Preferred Architecture

11 Exchange Preferred Architecture
Single namespace, unbound model Layer 4 load balancing without affinity/persistence Physical server deployment 2U commodity servers 4 database copies, 2 in each of 2 data centers 1 copy lagged by 7 days JBOD storage Exchange Native Protection No dedicated replication networks Witness in third data center

12 Outlook Web App Adaptive interface Optimized for touch
Enhanced resiliency with Offline OWA

13 Apps for Outlook/OWA 2013 Available through the “Office Store”
Unified code for OWA and Outlook client Administrator control from Exchange

14 Site Mailboxes

15 In-Place Hold All changes/deletions kept in mailbox and recoverable
Captures BCC and DL expansion as of Exchange 2013 CU7 but not Drafts Hold can be exposed or hidden from user Content discoverable through Multi-Mailbox Search Enabled with New-MailboxSearch Cmdlt or via EAC Introduction of query and time based holds One In-Place hold can encompass many mailboxes

16 Data Loss Prevention (DLP)

17 Modern Public Folders Renewed investment in public folders
Legacy Public Folders Public Folders in Exchange 2013 Public Folder Databases Public Folder Mailboxes Public Folder Replicas Database Availability Groups Public Folder Hierarchy Public Folder Hierarchy Mailbox Public Logon Renewed investment in public folders Public folders move to mailboxes Inherit all features and functionality (e.g. DAG) as traditional mailboxes

18 Keys to Success with Exchange 2013

19 Plan, Plan, then Plan Some More
High Availability and Site Resiliency Virtual vs. Physical Deployment Sizing – Compute, Network, Storage Server Topology and Specifications Namespace Planning Load Balancing Coexistence and Migration Decommissioning

20 Architecture Fails..

21 Supported And Unsupported
Virtualization - Supported All server roles SVVP hypervisors Hypervisor HA and clustering VMotion and Live Migration Jetstress in-guest (ESX 4.1 or later) Block-level storage and SMB 3.0 for VHD No direct access to SMB shares

22 Supported And Unsupported
Virtualization - Unsupported Memory overcommit, memory reclamation, dynamic memory, mega memory, voodoo memory, etc. Static memory required for all Exchange workloads Greater than 2:1 CPU oversubscription Differencing/delta disks Thin provisioning not recommended (not supported for OS volume) Avoid other storage “magic” Hypervisor snapshots Apps on the root (OS, A/V, management/monitoring only)

23 Supported And Unsupported
Hyperthreading Whoohoo, free cores!! *Not* supported for physical deployments Supported for virtual deployments Issues with .NET garbage collection don’t apply to virtual deployments

24 Supported And Unsupported
NFS Not supported for physical or virtual deployments Includes VMDKs stored on NFS shares History of issues with performance and reliability Performance less of an issue now Reliability still concerning Forced Unit Access / Write-Through Write Ordering Torn I/O Protection No plans to change support stance

25 Supported And Unsupported
Strongly recommended to stay within support boundaries Unsupported doesn’t mean the solution won’t work Unsupported = risk

26 High Level Sizing for Exchange 2013

27 High Level Sizing for Exchange 2013
CPU, RAM and storage capacity requirements increased significantly over E2010 Due to architecture changes and move to Search Foundations (FAST) CPU requirements increased ~2-3x RAM requirements increased ~4x Storage capacity requirements increased 20% Storage performance requirements decreased 30-50%

28 High Level Sizing for Exchange 2013
Understand design requirements for high availability, site resiliency, etc. Start with Mailbox Server role Need user message profile and average message size Determine required storage capacity Verify achievable IOPS from capacity match user load Verify Background Database Maintenance based on database copy count Determine megacycles and CPU count – don’t forget ActiveSync devices!!! Determine memory requirements Size Client Access Server role based on Mailbox Server role

29 Sizing for Virtual Deployments
Size for physical then virtualize CPU and RAM requirements significantly increased in Exchange 2013 Virtualization still provides benefits but need to understand cost vs. benefit Ensure accurate user message profile data before sizing Do not assume either value – you will undersize or oversize Consider issues of oversizing when virtualizing Jetstress is critical to validate the design Virtualizing Exchange != server consolidation Choose virtualization for availability/flexibility benefits

30 Sizing for Virtual Deployments
2:1 CPU oversubscription supported 1:1 CPU strongly recommended If heterogeneous host environment, must ensure slowest host can handle Exchange CPU requirements Memory overcommit unsupported Use reservations to guarantee memory for Exchange Choose the right storage presentation method VMDKs in VMFS Host-based RDMs In-guest presentation

31 Sizing Conclusion Exchange Role Requirements Calculator
Just use it Complete it accurately Be sure to understand SPECint value for host vs. vCPUs assigned to the guest Include hypervisor overhead Also include mobile device and other overhead Example client design increase (900 users): E2010: 2 x HTS/CAS with 2 vCPUs and 8 GB RAM each; 2 x MBX with 2 vCPUs and 32 GB RAM each E2013: 2 x Multi-Role with 8 vCPUs and 96 GB RAM each

32 Load Balancing Changes
Exchange 2010 Layer 7 with session affinity/persistence required Required SSL to terminate on load balancer Either re-encryption or SSL offload to CAS Exchange 2013 CAS always proxies to the “correct” MBX Session affinity/persistence no longer required Layer 4 load balancing without SSL termination possible Load balancing is now flexible with multiple options Use to ascertain up/down status of protocol to rewrite now included within Exchange (HTTP to HTTPS still required if desired)

33 Client Access in Coexistence
E2013 will proxy or redirect all protocols to the correct endpoint E2007 requires a legacy namespace

34 Not Running Jetstress Common reasons for skipping Jetstress
My storage vendor said Jetstress is unrealistic and “always fails” My storage is brand new and couldn’t possibly have issues IOMeter says I will achieve 50,000 IOPS I’m feeling lucky.. What could possibly go wrong?

35 Real World Issues Uncovered By Jetstress
Dramatically insufficient spindle count for storage performance requirements Saturation of storage networking fabric (fiber channel or iSCSI) RAID controller lost flush issues only encountered under load Firmware issues resulting in drive failures only encountered under load Storage traffic occurring over single iSCSI NIC and without jumbo frames A/V software causing 85%+ reduction in IOPS even with proper exclusions Bug in VMware vSphere 5.0 PVSCSI adapter causing I/O failures

36 Understanding Failure Domains
Exchange VMs on same single host Database copies on same VMFS, RAID group, SAN, etc. Network pathing Dependencies on surrounding systems – AD, file share witness, etc.

37 Common Pitfalls with Exchange 2013

38 OAB Download Storm Issue Impact Mitigation Status
E2013 creates an OAB in a new format and, if a legacy mailbox database does not have a default OAB defined, the E2013 OAB will be chosen. Impact Full OAB download occurs, which can be painful for a large number of clients simultaneously and/or across a WAN. Mitigation Define default OAB on all mailbox database prior to first E2013 server installed. Status Documented -

39 Delegate Mailbox & Legacy PF Access
Issue E2013 uses a new form of authentication called RPC Anonymous (displayed as Anonymous Authentication in Outlook), which is not properly understood by E2010/2007. Impact E2013 user opening legacy mailbox or PF resources will be prompted for authentication continuously. Mitigation Force NTLM authentication in E2013 until all mailboxes are moved. Status Documented -

40 E2013 Mailboxes Appear Larger
Issue E2013 calculates the true size of a mailbox more accurately than in previous versions, accounting for mailbox impact on database-level tables, etc. Size on disk is unaffected but the reported size may increase by 30-40%. Impact Clients using mailbox quotas may see mailboxes above/at/near quota immediately following a mailbox move to E2013. Mitigation Increase mailbox quotas by 50-70% prior to migration. Status Documented -

41 E2013 CAS Array Namespace Usage
Issue In E2010, it was common to use the RPC CAS Array namespace for both RPC connectivity as well as web-based connectivity (e.g. OWA, EWS, etc.). E2013 CAS does not have an RPC endpoint. Impact If cas.client.com is moved to E2013 as part of client access cutover, internal client access for E2010 mailboxes will be broken. Mitigation Force Outlook Anywhere for E2010 connectivity, change the RPC CAS Array FQDN in E2010, or use load balancer configuration to fork traffic. Status Documented -

42 Legacy PF Access Issues Impact Mitigation Status
Legacy PF access is not possible for E2013 mailboxes connecting via EWS (e.g. Outlook 2011 for Mac, Entourage, EWS API, etc.) Legacy PF access not available in OWA Legacy PF access not available from Windows XP Impact See above Mitigation Windows XP access is possible in SP1 (through CU6) Status Documented – Various Locations

43 Clients with E2003 Issue Impact Mitigation Status
Direct migration from E2003 to E2013 is not possible, including cross-forest Impact See above Mitigation Double-hop migration to E2007/2010 then E2013, PST export/import, third party, Office 365 Status Documented – Numerous Places Note Microsoft’s history and the impact on E2007

44 Delegate Sent Items Storage
Issue E2010 SP2 RU5 introduced the ability to have items sent as a manager to be stored in the manager’s Sent Items, sender’s Sent Items, or both. This functionality is missing in E2013. Impact Items sent as others will exist in the sender’s Sent Items folder. Mitigation Behavior returns with E2013 CU9 Status Blogged but not formally documented.

45 Cross Site RPC Client Access
Issue Configuring AllowCrossSiteRpcClientAccess on a DAG to True was common in E2010 to allow a seamless client experience when databases activated across site boundaries. Setting this to True in E2013 causes unexpected Outlook Anywhere endpoints to be used. Impact If an unexpected endpoint is used, there could be performance issues across a WAN and outages if servers are rebooted. Mitigation Leave this at the default of False. Status “Working As Designed” Undocumented – K&K discovered.

46 Database Copy Auto Activation Policy
Issue DatabaseCopyAutoActivationPolicy on an MBX is used to control database copy activation behavior, most commonly to restrict out-of-site copies. Setting this to anything other than Unrestricted breaks client access when those copies are activated. Impact Outage for users in affected databases unless DCAAP is set back to Unrestricted. Mitigation Leave DCAAP at default of Unrestricted. Status “Working As Designed” Blogged but not formally documented.

47 Logging Size Issue Impact Mitigation Status
E2013 leverages extensive logging, creates PerfMon captures to gauge server performance, etc. This can quickly consume a large amount of disk space on the Exchange binaries volume. Impact Exchange binaries volume could run out of space, causing an outage. Mitigation Leverage PowerShell script as Scheduled Task to purge after X days. Status Blogged but not formally documented.

48 NodeRunner CPU Utilization
Issue During mailbox moves, NodeRunner (Search Foundations) causes 100% CPU utilization, even with 16 cores assigned. Impact High CPU utilization, some level of user performance issues. Mitigation Throttle CPU utilization for NodeRunner via registry. Status Under Investigation

49 Other Issues/Notes XML configuration file changes overwritten with CUs/SPs MapiBlockOutlookRpcHttp Multi-role E2007 and Outlook Anywhere Kerberos token bloat

50 Introduction to Exchange 2016

51 Disclaimer Exchange 2016 is still in development
All information is subject to change

52 Overview of Key Changes
Another server role architecture change Resource requirements TBD Focus on collaboration and anytime, anywhere access from any device Outlook 2010 or later required Exchange 2010 or later required

53 Architecture Evolution: Exchange 2016
Single building block Client access proxy components Includes core server protocols Database availability group Loosely coupled Functionality Versioning User partitioning Geo affinity

54 Exchange 2016 Supported Platforms
Operating System Windows 2012, Windows 2012 R2, and Windows Server 10 (eventually) Exchange Coexistence with Exchange 2010 SP3 RU11 and/or Exchange 2013 CU10 or later only Outlook Outlook 2010 SP2 (with hotfixes), Outlook 2013 SP1 (with hotfix), or Outlook 2016 RPC/HTTPS and MAPI/HTTP supported Active Directory Minimum: Windows 2008 domain/forest functional level (was Windows 2008 R2) Recommended: Windows 2012 R2 domain/forest functional level Deprecated Outlook 2007, Entourage 2008 Web Services MAPI/CDO (yes, it’s dead…) Note supportability about reintroducing legacy Exchange versions

55 Exchange 2016 Coexistence Option 1 – Exchange 2013 Up-Version Proxy
Leverage existing Exchange 2013 CAS to proxy to Exchange 2016 as it is deployed Avoids needing to fully deploy all Exchange 2016 infrastructure to support the entire environment Option 2 – Exchange 2016 Down-Version Proxy Deploy entire Exchange 2016 infrastructure and cutover client access namespaces Similar to previous migrations to Exchange 2007, 2010, or 2013 DAGs are still version-bound, in place upgrades unsupported

56 Client Access in Coexistence

57 Office Web Apps Server Previously for Lync/Skype PowerPoint streaming
Used by Exchange 2016 for rich browser-based content viewing Enables side-by-side viewing and edit/reply in OWA

58 Document Collaboration
Integrated with OneDrive for Business Send an attachment as a file or link Access anytime, anywhere and from any device Streamlined attachment view View attachments inline within a message Frictionless collaboration Edit attachments and reply in a single view Make attachments smarter

59 Document Collaboration: Sharing

60 Document Collaboration: Attachment Preview

61 Document Collaboration: Attach as File or Copy

62 Document Collaboration: Attachment Upload

63 Document Collaboration: Inline Attachment

64 Document Collaboration: Attach From Cloud

65 Document Collaboration: Requirements
Exchange 2016 New attachment experience, photo preview/thumbnail, download attachments only Office Web Apps Side-by-side document preview, edit/reply normal attachments SharePoint 2016 SharePoint links, edit/reply cloud attachments, save to OneDrive for Business

66 Search Enhancements Faster performance More accurate/complete results
Search suggestions with “fuzzy” matching, tailored to you Search refiners

67 Search Optimizations in Exchange 2016
MBX2016 MBX2016 Mailbox DB Idx Passive Transport Transport Content transformation Service Mailbox Local delivery Store ExSearch CTS Index node Reliable event Read content Log DB Idx Log

68 Inbox Enhancements (Outlook)
Inline previews for URLs Inline video player Intelligent recipient selection and people search

69 Inbox Enhancements (OWA)
Improved HTML rendering One-click archive Common typos/suggestions Import contacts from CSV Better attachment view

70 Data Loss Prevention New sensitive information types
PolicyTips extended other Office apps Extension of DLP to SharePoint

71 eDiscovery & Archiving
Search re-designed for improved reliability and speed In-place hold for public folder data Equivio Zoom in cloud for advanced analytics

72 Additional Technical Enhancements
Database corruption discovery via database divergence detection Loose truncation to avoid long-term outages resulting in lack of free space dismounting the database ReFS support – decreases file system corruption, reseed/rebuild times Faster database activations Faster site resilience activations Additional IOPS reductions (> 22% lower vs. Exchange 2013 currently but subject to change)

73 Ongoing Release Cadence
Cloud-first Delivery Continuous Updating in Office 365 Quarterly Cumulative Updates On-Premises Potentially Service Packs On-Premises Periodic Major Platform Versions On-Premises

74 Questions


Download ppt "Risks and Benefits of Exchange 2013"

Similar presentations


Ads by Google