Exchange 2019: Building an environment from scratch

Are you finally ready to take the plunge into Exchange 2019? If you are building a brand-new environment, this can be done in a lab or you can start clean, which some people have done. Another scenario is that this can be a brand-new company with new sites that need to have Exchange provisioned for the acquisition of other companies. This topic, however, is much bigger than one post can cover, so we will split up the articles.

First, if you had an old domain that was trashed or lost due to an outage or hardware failure and are going to build a new one, you could use your old domain name for Active Directory or create a new one. If this is a lab, then you can give it any name you want. If this is a brand-new company, then domains need to be thought about and registered. So, to dive into this, let’s take a look at what we need to build our Exchange 2019 and Windows Server 2019 domain. This briefly covers hardware, software, networking, licensing, IT staff, and certificates.

So many choices! A checklist

Before you being the journey to Exchange 2019, there are several options you must weigh. Let’s look at them.

VMs or physical servers

A) A virtual machine for the domain controller. If you go this route, better to have more than one so you have redundancy.
B) Virtual machines for your Exchange 2019 servers. Better to have a database availability group (DAG) than a single server.
C) Ensure that you allocate enough resources (CPU/RAM) to your servers so you don’t hit backpressure limits. Make use of the Exchange calculator provided by Microsoft.

Network

A) If this is a large organization, then you need to plan to have enough IPs to grow. But the same theory applies to a smaller organization: You don’t want to under-provision with too few IPs.
B) VLANs: Decide how you going to split your traffic, for example, management NIC on one VLAN and replication NIC on another VLAN.
C) WAN links, bandwidth per site or for redundant links to ensure 99 percent SLA.

Software

A) Windows Server 2019 GUI or Core.
B) Exchange Server 2019 (latest CU).
C) Office packages for all staff: Are you running an old version that needs updating or do you have the latest already?
D) Windows client operating systems to support the new versions of Outlook or be in line with support from Microsoft.

Remember that you need to have an MSDN or Visual Studio subscription to be able to download Exchange 2019. Also, take note of the client access licenses (CALs) required for Windows and for Exchange.

Storage

Shutterstock

Admins too often under-provision storage and when it comes time to expand, they can’t. Remember, Exchange is handling all email for your organization and the SLA today on mail is generally higher than any other application. As for storage:

A) Decide whether you will use a storage-area network or direct-attached storage (DAS).
B) Choose if you want to use fiber channel or SMB shares. Each one has its pros and cons.
C) You also need licensing for Brocade if going fiber channel.
D) Select where you are going to place your storage, either in a datacenter or locally at the home office. If you have branches, you need to see if you require storage for servers.

Antivirus

This one always falls short. People have the attitude that “we won’t get infected or we can’t get hacked.” I’m not saying AV is foolproof but at least it is an extra layer of security. You need to ensure the proper exclusions are in place so you do not have the AV removing log files or scanning your database.

This item needs careful planning and consideration. You need to decide if you are going to have a central hub that everyone connects to or if you are going to put in datacenters in each region.

Each set of servers you deploy needs to be licensed and needs to be purchased. You will need networking in each of these and in storage if you decide to go with a datacenter solution or locally. You need to ensure that your MPLS links that put all your branches on the same network have enough bandwidth to handle not only Exchange but other traffic. This is also a big cost, depending on where you are located in the world.

The company might decide to go with local servers for now but a change in management could see all that move to a datacenter or to a central point at the home office and then, yes, everything needs to be redone.

IT staff

Do you have enough IT staff to support Exchange 2019 and the environment? This will be additional costs that will need to be considered. As for your IT managers, will they be central or will you have one per site? This will depend on the size of the organization.

Certificates

You will need to have a valid SSL certificate for your Exchange servers. This can be a wildcard certificate, which costs a bit more but can be used at all sites vs. buying individual certificates for every site.

Hardware

Typically, companies decide on a brand and buy Dell, HP, or Microsoft Surface machines. These will be running Outlook and so you also need to license the Windows machines. Some companies will rent computer equipment and software on an SPLA license to try to save costs.

As you can see, there is quite a lot to think about in terms of designing or setting up a new site. There will be CapEx (capital expenditure) and OpEx (operational expenditure) costs.

Stay tuned!

In the next part of this series, we will take a look at building an environment, setting up a new Windows Server 2019 domain controller, and then setting up Exchange 2019.

Featured image: Shutterstock

Edward van Biljon

Edward van Biljon is an experienced messaging specialist working in the IT and services industry. He is skilled in WSUS, domain name system, datacenters, printer support, and System Center Configuration Manager (SCCM). He has a background as a strong IT professional and has an international diploma in programming focused on computer programming.

Share
Published by
Edward van Biljon

Recent Posts

Managing Azure VMs with System Center Virtual Machine Manager

You may not know it, but System Center Virtual Machine Manager can be used for…

13 hours ago

Best and most secure VPN services for small businesses

As we adjust to a new remote work culture due to coronavirus, a secure VPN…

17 hours ago

Exchange security: Get your SPF, DMARC, and DKIM records in place

Every Exchange admin lives with the constant fear their system will be breached. Having SPF,…

20 hours ago

GE data breach exposes thousands of employee records

A GE data breach exposed a hacker’s treasure trove of employee records, including Social Security…

2 days ago

Getting speed and consistency using Linux text editors and console

Ready to go back to the future? Here’s a look at some Linux text editors…

2 days ago

Amazon GuardDuty unveils new, lower pricing tiers

The Amazon GuardDuty threat-detection service has unveiled some lower price tiers, which will be especially…

2 days ago