15 Tips to Optimize an Exchange 2010 Infrastructure

Introduction Since its birth at 1996, Exchange Server has been one of the most successful products in history of Microsoft. One can argue the reasons behind this success, but theres no doubt that, since the beginning, the Exchange Product Team has done a terrific job regarding functionality, interoperability, security, manageability and performance. Exchange Server is simply rock solid, period. But it keeps getting better and better Which makes my work writing these tips a little bit more difficult, since I started this series of optimization articles with Exchange Server 2003. 1. Thou Shalt Know Thy Product Although the articles at MSExchange.org dont get rated on the Microsoft scale 100-400, according to the technical knowledge required, I would classify this article, at least, as a level 200. This means that in order to correctly apply the information here exposed, there is expected to be a minimum level of technical knowledge about Exchange Server. And the deeper the knowledge about the product someone responsible for an Exchange infrastructure has, the better it will perform and will be less likely to suffer from downtime due to misconfigurations. And this is even true for those Organizations that completely outsource their IT systems. I often get asked by people seeking to improve their Exchange Server knowledge what is the best way to achieve the desired level of expertise and what are the technical learning resources available. It is not an easy answer, just because there are so many resources available, most of them free. Instructor led training and attending conferences and technical events are quite obvious ones. If you cant afford attending Microsoft Tech.Ed, most of the content is available online at Channel 9. And then, of course, there are lots and lots of places on the Internet where the technical community shares knowledge. Just to name a few:

MSExchange.org Exchange Server TechCenter Exchange Team Blog (aka You Had Me at EHLO) Exchange TechNet Wiki Exchange Server Webcasts and Podcasts

2. Planning and Deployment are Critical Plan > Deploy > Operate, thats the order, carved on stone, of the lifecycle of any Microsoft product (it applies to any product, really). So, first things first, and since we dont want to skip any step, one should always start with the planning phase. Thorough planning is crucial for the health of any Exchange Server infrastructure. Its the time to make all critical decisions that will ultimately affect how the overall system behaves. Fortunately there are some amazing tools that significantly lower the risk of making bad decisions:

Exchange Pre-Deployment Analyzer: The Exchange Pre-Deployment Analyzer performs an overall topology readiness scan of your environment and provides you with a list of decisions that need to be made before you deploy Exchange Server 2010. Exchange 2010 Mailbox Server Role Requirements Calculator: The mother of all planning tools, will assist you with sizing the hardware components of the most crucial Exchange Server role, the Mailbox Server (including multi-role servers). Exchange Server Jetstress 2010: Simulate disk I/O load on a test server running Exchange to verify the performance and stability of your disk subsystem before putting your server into a production environment

There are all kinds of things that can go wrong with deployment, from software bugs to misbehaved hardware, so the advice here is to go by-the-book. Follow exactly the design that came up from the deployment phase. Again, there are some neat tools and resources that provide huge help:

Deployment Assistant: This tool asks a few questions about the current environment and then generates customized instructions to upgrade to Exchange 2010 on-premises or in the cloud. Install Guide Templates: Document templates you can use to create customized installation guides for your organization's Exchange Server 2010 server role installations. Exchange Tested solutions: In the Exchange 2010 Tested Solutions white papers, Microsoft and participating server and storage partners examine common customer scenarios and reveal key design decision points facing customers who plan to deploy Microsoft Exchange Server 2010. Examples of well-designed, cost-effective Exchange 2010 solutions deployed on tested hardware are available.

3. Performance & Scalability There is no silver bullet to dramatically improve performance of an Exchange Server system. And there are a couple of reasons for that: first, Exchange Server does a pretty good job tuning itself and taking the most of the available hardware and second, there are so many components involved, hardware and software, that it is increasingly complex to improve general performance without affecting other parts of the infrastructure. Nevertheless, here are a few recommendations:

Sizing is the key to good performance. Read Exchange 2010 Sizing Cheat Sheet, Understanding Exchange Performance and use some of the many tools available to help you design the solution. The Exchange 2010 Mailbox Server Role Requirements Calculator is probably the best one. Partition Allocation Unit size for Mailbox servers When formatting the volumes that will host Exchange databases, it is recommended the use of a NTFS allocation unit size of 64KB. The recommendation of 64KB is based on the performance improvements seen with large sequential read operations, such as streaming backup and some eseutil tasks Disk defragmentation is supported, but not required nor recommended for Mailbox servers. Multi role servers: Actually multi role is not only supported, but encouraged by Microsoft. Start with the most simple (and cheaper) solution: multi-role servers with JBOD storage. Just make sure that your processor utilization isnt over 39% (this is just a safe number, since CPU utilization for a single role should not exceed 80%).

Network: Much of the network interface subsystem is tuned automatically. Server-based network adapters are capable of detecting the type and level of traffic passing through the network interface, and they self-tune to reflect this information. Ensure that the latest device drivers are maintained on the server. Hyperthreading should be disabled by default for production Exchange servers and only enabled if absolutely necessary as a temporary measure to increase CPU capacity until additional hardware can be obtained. Active Directory: The following table shows the recommended ratio of Exchange 2010 servers to Active Directory global catalog (GC) servers for each site containing Exchange 2010 Mailbox servers or users. Exchange will ignore Read Only Domain Controller (RODC) and will not connect to it, unless an administrator manually set it, so please make sure you dont do any manual configuration to force this connection 32-bit 64-bit 1:8 you must have enough memory installed on the directory server to cache the entire Active Directory database (NTDS.DIT) in memory

GC:Mailbox server core ratio

1:4

Table 1: Global Catalog to Mailbox server core ratio 4. Compliance & Archiving Rather than recommending a compliance and archiving strategy, the purpose of this tip is solely to focus on the performance issues of stubbing, the mechanism most (or all) 3rd party archiving solutions use to give the illusion of an infinite mailbox. Stubbing refers to a process where a third-party archival product takes a large message and turns it into a smaller item, or stub. It typically does this by deleting the attachments and modifying the message body to be smaller. Although stubbing made some sense to use with Exchange 2003 and older, recent Exchange Server versions have come up with the necessary mechanisms to use a different approach, like leveraging bigger mailboxes, providing archive mailboxes and configuring proper retention policies. This is a purely a performance tip, as stubbing can have quite an impact on Exchange Server performance, particularly on Mailbox servers. So whats the tip? Dont use stubbing! For further information on the topic, please read:

Exchange, Stubbing, and Database Space Reclamation Archiving Questions: Do Tiered Storage and Stubbing make sense? Exchange 2010 Large Mailbox Vision Whitepaper

5. Tools, Tools, Tools There are lots and lots of tools for Exchange Server available. The best place to find most of the tools is at the Exchange Server Wiki, which lists tools that should be in every serious Exchange 2007 or 2010 administrator's toolkit.

Here is a short selection from the vast collection available:

Exchange Best Practices Analyzer: one of the bests, should be run regularly. Calendar Checking Tool for Outlook (CalCheck): checks Outlook Calendar for potential problems. Exchange Client Network Bandwidth Calculator: helps to predict network bandwidth requirements for a specific set of clients. Exchange Remote Connectivity Analyzer (ExRCA): provides a test system for administrators to use to validate external connectivity to Exchange. Microsoft Outlook Configuration Analyzer Tool (OCAT): provides a quick and easy method to analyze Outlook profiles for common configurations that cause problems. Microsoft Exchange PST Capture: discover and import PST files into Exchange Server or Exchange Online. Exchange Server Deployment Assistant (ExDeploy): generates custom instructions for moving your organization to Exchange 2010 or Office 365. MFCMAPI: provides access to MAPI stores through a GUI to facilitate investigation of Exchange and Outlook issues and to provide developers with a canonical sample for MAPI development. Microsoft Active Directory Topology Diagrammer: reads Active Directory configuration using LDAP, and automatically generates a Visio diagram of your Active Directory and/or Exchange topology. Microsoft Exchange 2010 Visio Stencil: contains a Microsoft Office Visio stencil with shapes for Microsoft Exchange Server 2010 and later. Exchange 2010 Architecture Report: this script collects information about an Exchange 2010 organization. It generates an output HTML report to present all the collected data. With this report you can see very quickly what is working and what is not.

There are also some good scripting resources Id like to recommend:

Script Repository & TechNet Gallery: Download resources and applications for Windows 7, Windows Server 2008 R2, Windows Server 2008, SharePoint, System Center, Office, and other products. Find resources written in VB Script, PowerShell, SQL, JavaScript, or other script languages. All-In-One Script Framework: All-In-One Script Framework is an automation script sample library for IT Professionals. The key value that All-In-One Script Framework is trying to deliver is Scenario-Focused Script Samples driven by IT Pros' real-world pains and needs.

6. Better Together: Outlook 2010, SharePoint 2010, Windows Server 2008 R2, Lync 2010 Outlook 2010 If you have any doubt that Outlook 2010 is the richest and best client for Exchange Server 2010, just look at the Outlook feature comparison table available at this Wiki article.

Figure 1: Outlook and Outlook Web Access (OWA) Versions and Features There are some Outlook related tweaks that can be done to further improve general performance: Force the use of Outlook cached mode:

Set-CasMailbox MailboxName MAPIBlockOutlookNonCachedMode:$true

Prevent previous versions of Outlook from connecting, by modifying the Registry (KB288894) or by running the following cmdlet:

Set-RpcClientAccess -Server CAS01 -BlockedClientVersions "0.0.0-5.6535.6535;7.0.0;8.02.4-11.6535.6535"

Windows 2008 R2 Dont waste too much time choosing the server OS for Exchange Server 2010, Windows Server 2008 R2 + SP1 is the right choice:

Less pre-requisites installation. Windows 2008 R2 SP1 includes the hotfixes required to install Exchange 2010 SP1.

It was compared the performance of the Exchange 2010 Client Access role supporting Outlook Anywhere users on both Windows 2008 SP2 and Windows 2008 R2, and found that the improvements the Windows Team has made in R2 more than doubles the number of concurrent users a given server can support, assuming CPU is the limiting resource.

SharePoint Server 2010 Using SharePoint 2010 together with Exchange Server 2010 also has its benefits:

Having SharePoint integrated with incoming email through Exchange will assist in moving away from Public Folders. Messages can be sent to lists and libraries rather than Public Folders. Having SharePoint integrated with outgoing email will allow the tracking of items (lists, libraries and documents) as well as assisting administrators with messages regarding storage limitations being exceeded and so on.

Lync Server 2010 Exchange Server and Microsoft Lync Server 2010 work together to provide a seamless communication experience. Here are some of the leveraged features:

Unified contact list Integrated presence IM chat in OWA Unified Messaging integration: call answering, auto-attendant, Outlook Voice Access.

7. The Art of Load Balancing Im not sure if load balancing, per se, is an art, but it sure is important, or it wouldnt have an entire dedicated wiki page:Exchange 2010 Client Access Array and Load Balancing Resources (en-US). When planning a high-availability solution with load balancing, keep this tips in mind:

Hardware load balancer is recommended, but NLB can still be used (unless the server is part of a DAG) Important aspects are
o o o

Transparency Routing Persistence

Think about the Exchange workload. Use the following cheat sheet: Workload Preferred Session Persistence Method Client IP or Cookie Client IP or Cookie

HTTP-Based Workloads

Outlook Web App Exchange Control Panel

Exchange ActiveSync Exchange Web Services Outlook Anywhere Offline Address Book Autodiscover TCP Socket Oriented Workloads RPC Client Access Exchange Address Book RPC Endpoint Mapper Post Office Protocol (POP3) Internet Message Access Protocol (IMAP4) Table 1

Client IP or Authorization header Cookie, SSL ID or Client IP Client IP or No affinity/persistence None No affinity/persistence Client IP Client IP Client IP No affinity/persistence No affinity/persistence

SSL offloading can improve CAS performance, as it offloads intensive processor utilization from Client Access Server. Please read How to Configure SSL Offloading in Exchange 2010. Use MAPI static ports (Configure Static RPC Ports on an Exchange 2010 Client Access Server). Check with the vendor for setup and configuration guides. When combining the Client Access server, Hub Transport, and Mailbox server roles on the same machine, if the Mailbox servers are members of a DAG, additional planning is required. The clustering component added to Mailbox servers that are members of a DAG prevents Network Load Balancing (NLB) from being installed on the server. In this case, there are two main options:
o o

Purchase a hardware load balancing appliance. Virtualize the Exchange server roles and isolate the Mailbox server role onto a separate virtual machine running on the same physical server as the virtual Client Access server. With this isolation, you can run NLB for Client Access servers and Mailbox servers that are members of a DAG on the same physical server.

8. Security Best Practices The topic of security by itself could provide material for several articles. First of all, read Exchange 2010 Security Guide. Second, since its impossible to condense here all the prescriptive guidance provided by that document, consider applying the following ones:

Block legacy Outlook clients. Based on your requirements, you can configure Outlook client blocking to block legacy Outlook client versions. For more information, see Configure Outlook Client Blocking. If you deploy file-system antivirus software to protect your Exchange servers, consider the following:

You must exclude Exchange server directories where the Exchange mailbox and public folder databases are stored, from file system antivirus scanners. For details, see File-Level Antivirus Scanning on Exchange 2010. File system antivirus scanners only protect files. To protect e-mail messages, you should also consider implementing Exchange-aware antivirus or messaging security products such as including Microsoft Forefront, or suitable partner or third-party products

Use Windows Firewall. Exchange 2010 is designed to run with the Windows Server Firewall with Advanced Security enabled. Exchange Setup creates the required firewall rules to allow Exchange services and processes to communicate. It creates only the rules required for the services and processes installed on a given server role. For external client access mechanisms and protocols, such as Outlook Web App, POP3, IMAP4, Outlook Anywhere, and AutoDiscover, use certificates signed by a commercial certification authority (CA) that's trusted by clients accessing those services. Your Exchange servers rely on SSL certificates to encrypt data. Since SSL certificates expire, its a good idea to check regularly the expiration dates. If a certificate expires, then services like ActiveSync and OWA will fail. To check certificate usage, open the Exchange Management Shell (EMS) and enter the following command: Get-ExchangeCertificate | FL PsComputerName, IssuerName, Status, NotAfter You no longer need to use the Security Configuration Wizard (SCW) or the Exchange templates for SCW. Exchange 2010 Setup installs only those services required for a given Exchange server role, and creates Windows Firewall with Advanced Security rules to open only the ports required for the services and processes for that server role Some basic steps you can take to harden Windows Server 2008 R2 or Server 2008 include the following:
o

Design your organizational unit (OU) structure for role-based policies. For example, you can disable the POP or IMAP service for all Exchange servers but enable it for Client Access servers. For additional information on this topic, please read Designing OU Structures that Work. Implement the security policies identified in the Enterprise Client (EC) settings or the Specialized Security Limited Functionality (SSLF) settings. Audit the security logs on your server.

Use Microsoft Update to update the OS, Exchange Server and the malware signatures. Secure Exchange 2010 with Forefront TMG or Forefront UAG. Both options offer publishing wizards and security features to provide secure access to Exchange when it's accessed from outside the safety of the corporate network. To choose which product to use, decide first what features you need or think you may need: Forefront TMG Forefront UAG

Exchange Related Deployment Scenario or Feature

Publish Microsoft Office Outlook Web App and the Exchange Control Panel (ECP) using forms-based authentication Publish Outlook Anywhere using Basic or NTLM authentication

Publish Microsoft Exchange ActiveSync using Basic authentication Provide load balancing for HTTP-based protocol accessing from the Internet Support two-factor authentication for Outlook Web App Support two-factor authentication for Exchange ActiveSync Provide certificate-based authentication for Exchange ActiveSync, Outlook Web App, and ECP Perform mail hygiene for Exchange with installation of the Edge Transport server role and Microsoft Forefront Protection 2010 for Exchange Server Protect and filter Internet access for internal users from malware and other Web-based threats Provide support for scaled up Outlook Anywhere deployments by using multiple source IP addresses Check a client computer accessing Outlook Web App for presence of approved antivirus software, updates, etc. Thoroughly clean up the client following an Outlook Web App session with settings configurable by the admin

Table 2: Features available with TMG and UAG when publishing Exchange Server 2010 9. Mobility (Android, iPhone, Windows Phone) Mobility is no longer a trend, its now critical for most businesses around the world. Gone are the days of the early implementations of Exchange Server 2003 SP2s Direct Push, since then the world has standardized around Microsofts ActiveSync protocol. But even though ActiveSync is the de facto standard, different implementations of the protocol mean sometimes different features, so please be aware of the differences. Microsoft has recently launched the Exchange ActiveSync Logo Program to establish baseline for EAS functionality in mobile email devices. For more information on the topic, please read Understanding Mobile Phones. This is the list of issues you should be aware of:

Current issues with Microsoft Exchange ActiveSync and third-party devices 2711053 High CPU usage when you synchronize a mobile device to an Exchange Server CAS 2711181 Duplicate contacts are created when you synchronize a mobile device by using Exchange ActiveSync 2714118 Calendar items that are copied are missing in Exchange Server 2007

10. Outlook Performance When working within Outlook, you may experience some performance issues that have nothing to do with your Exchange backend servers. Instead these are expected behaviors that can be mitigated by following some best practices:

Large OST size Now that its common to have big mailboxes, the local cache file (.OST) can be the cause of some slow performance, especially if you are not using an SSD disk. There is a very good KB article on the subject (KB 940226). Basically, try to follow these guidelines (for Outlook 2007 SP1 or higher):
o o

Up to 5 gigabytes (GB): This size should provide a good user experience on most hardware. Between 5 GB and 10 GB: This size is typically hardware dependent. Slower hard drives, such as drives that are typically found on portable computers or early generation solid state drives (SSDs), experience some application pauses when the drives respond. More than 10 GB: This size is where short pauses begin to occur on most hardware. Very large, such as 25 GB or larger: This size increases the frequency of the short pauses, especially while you are downloading new e-mail. As described above, you can use Send/Receive groups to manually sync your mail.

o o

Overstuffed folders - When an Outlook user works with items in a folder that contains many items. Outlook must perform several operations against the Exchange server to retrieve the contents of a folder. Therefore, when there are many items in a folder, additional processing is required to respond to the Outlook requests. Maintain a maximum of 2,500 to 5,000 items in a folder and create more top folders to organize your messages. For further information on the topic, see KB 905803. Shared folders caching - By default, if a Microsoft Outlook 2010 profile is configured in Cached mode and you add another users mailbox or shared folder to your profile, all items in all the folders to which you have access in the shared mailbox are downloaded to your local cache. As you can imagine, this can slow things down a little bit. To prevent this behavior, you have to go to Account Settings in Outlook, select the mail profile, click Change, More Settings and then Advanced. Make sure that Download shared folders is not selected (Figure 2).

Figure 2: Download shared folders

Messages stuck in Outbox with Outlook Anywhere - Newer network devices have more aggressive timeouts. These timeouts can manifest as problems when using Outlook Anywhere; specifically, messages stuck in the Outbox. To resolve this issue, change the timeout for the RPC Proxy component to 120 seconds: HKLM\Software\Policies\Microsoft\Windows NT\Rpc\MinimumConnectionTimeout

Enable Logging for RPC Client Access Throttling - By default, no RPC Client Access throttling activity is logged.To enable PerfMon counters, to see how often throttling is occurring, modify theMicrosoft.Exchange.RpcClientAccess.Service.exe.config file in \Program Files\Microsoft\Exchange Server\V14\Bin. Add Throttling to the LoggingTag comma separated string, then restart the RPC Client Access service. <add key="LoggingTag" value="ConnectDisconnect, Logon, Failures, ApplicationData, Warnings, Throttling " />

Disable Mailbox Auto-Mapping in Outlook - Outlook 2007/2010 can map to any mailbox to which a user has Full Access and, through Autodiscover, automatically loads all mailboxes to which the user has Full Access. If the user has Full Access to a large number of mailboxes, performance suffers when starting Outlook. SP2 enables admin to disable this behavior by setting new Automapping parameter for Add-MailboxPermission to False. Follow these steps: Disable Outlook Auto-Mapping with Full Access Mailboxes.

11. Virtualization Best Practices Since virtualization is becoming popular in Exchange deployments, here are a few guidelines and recommendations:

Size for physical resources, add ~12% CPU overhead for hypervisor. Dont oversubscribe resources and disable dynamic memory. Server Virtualization Validation Program (SVVP) Support Policy Wizard helps to determine supported configurations. Be aware of major support limitations, such as snapshots & differencing/delta disks. Important TechNet articles:
o

Microsoft Support Policies and Recommendations for Exchange Servers in Hardware Virtualization Environments Exchange 2010 System Requirements

Here are some more detailed and specific guidelines for the 2 most used virtualization technologies: Windows Server 2008 R2 Hyper V The following recommendations are taken from the whitepaper Best Practices for Virtualizing Exchange Server 2010 with Windows Server 2008 R2 Hyper V.

The physical root server should run Server Core. Use fixed VHDs for the virtual operating system.

Storage used by Exchange should be hosted in dedicated disk spindles. This storage can be virtual storage of a fixed size (for example, fixed VHDs in a Hyper-V environment), SCSI pass-through storage, or Internet SCSI (iSCSI) storage. The following virtual disk requirements apply for volumes used to store Exchange data:
o o o

Virtual disks that dynamically expand are not supported by Exchange. Differencing VHDs and snapshots are not supported. Configuring iSCSI storage to use an iSCSI initiator inside an Exchange guest virtual machine is supported.

Never deploy Mailbox servers that are members of the same Database Availability Groups (DAGs) on the same root. Microsoft Exchange Server 2010 SP1 supports virtualization of the Unified Messaging role when it is installed on the 64-bit edition of Windows Server 2008 R2. Unified Messaging must be the only Exchange role in the virtual machine. Exchange server virtual machines (including DAG nodes) can be combined with host-based failover clustering and migration technology as long as the virtual machines dont save and restore state on disk when moved or taken offline. All failover activity must result in a cold start when the virtual machine is activated on the target node. All planned migration must either result in shut down and a cold start or an online migration that utilizes a technology such as Hyper-V live migration. Microsoft Remote FX must be disabled for production Exchange servers.

Vmware The following recommendations are taken from the whitepaper Microsoft Exchange 2010 on VMware Best Practices Guide.

The total number of vCPUs assigned to all the Exchange virtual machines should be equal to or less than the total number of cores on the ESXi host machine. Do not over-commit memory on ESXi hosts running Exchange workloads. For production systems, it is possible to enforce this policy by setting the memory reservation to the configured size of the virtual machine. Do not disable the balloon driver (which is installed with VMware Tools). Enable DRS to balance workloads in the ESXi cluster. DRS and reservations can guarantee critical workloads have the resources they require to operate optimally. It is preferable to deploy virtual machine files on shared storage to take advantage of vMotion, VMware High Availability (HA), and VMware Distributed Resource Scheduler (DRS). The standard VMware networking best practices apply to running Exchange on vSphere:
o

Allocate separate network adapters/networks for vMotion, VMware FT logging traffic, and ESXi console access management. Allocate at least two network adapters for Exchange production traffic to leverage VMware NIC teaming capabilities. Generally, at least four network adapters are recommended per ESXi host.

Use the VMXNET3 network adapter This is a paravirtualized device that works only if VMware Tools is installed on the guest operating system. To support VLANs in vSphere, the virtual or physical network must tag the Ethernet frames with 802.1Q tags using virtual switch tagging (VST), virtual machine guest tagging (VGT), or external switch tagging (EST). VST mode is the most common configuration.

12. Proactively Monitor the Exchange Environment Proactively can also mean preventive, as a good monitoring system can detect issues ahead of becoming real problems. There are many tools available to monitor Exchange Server, ranging from free tools and scripts, to more advanced solutions, like the one Id recommend: System Center Operations Manager 2012 with the Exchange Server 2010 Management Pack. The following table provides an overview of the monitoring functionality that is enabled through Operations Manager 2012 (taken from the Exchange Server 2010 Management Pack Guide): Exchange component Exchange Client Access Monitoring functionality

ActiveSync and OWA connectivity monitoring including synthetic transactions Performance measuring and alerting

Exchange Edge Transport Exchange Hub Transport Exchange Mailbox

Performance measuring and alerting Performance measuring and alerting

Information Store monitoring Mailflow and MAPI connectivity monitoring Performance measuring and alerting Unified Messaging connectivity monitoring including synthetic transactions Performance measuring and alerting

Exchange Unified Messaging

Configuration and Security Exchange Event Log monitoring

Exchange best practices

Comprehensive rules for Exchange ]Detailed product knowledge about events

Table 1

13. DAG Optimization Database Availability Groups (DAG) are the foundation of any Exchange Server 2010 high-availability strategy. Although configuring a DAG has become simpler than the previous Exchange clustered solutions, there are some guidelines you can follow to obtain the best performance and achieving greater reliability at the same time.

Use separate network adapters, Public and Private, for user access and dedicated replication, respectively. Change the network adapter binding order, configuring Public interface with the highest priority. Network Teaming: Microsoft does not support network teaming as this is hardware vendor supported and designed technology (unless using the newest Windows Server 2012 teaming). When using network teaming, only the client facing network should be teamed and configured for Network Fault Tolerance. Do not use any type of load balancing between ports. For non-client facing networks it is not necessary to implement teaming, as Windows clustering has the ability to balance and use all interfaces on the cluster. Microsoft Customer Support Services may require you to disable teaming for troubleshooting efforts. For more information about teaming, see KB article 254101. Disable TCP Chimney Offload and Receive Side Scaling on the network adapters netsh int tcp set global chimney=disabled netsh int tcp set global rss=disabled Check the network performance/latency and set the correct values to Replay Lag Time and Truncation Lag Time attributes accordingly: Set-MailboxDatabaseCopy -Identity 'MailboxDatabaseName\Exchange2010MainFQDNServerName' ReplayLagTime 0.0:5:0 -Verbose Set-MailboxDatabaseCopy -Identity 'MailboxDatabaseName\Exchange2010DRFQDNServerName' TruncationLagTime 0.0:5:0 Note: Verify these settings in a controlled environment before moving to production. Using incorrect values may lead to high downtime. Usually, if the DAG members reside in the same AD site and VLAN, theres no need to change the settings above. Use a CAS Array to provide a High Availability solution to the CAS role. Lower the TTL value of the CAS Array DNS record and also of the DAG DNS record Configure the Autodiscover Service to Use Site Affinity

If you virtualize DAG members, please follow these key points when performing live migration of DAG nodes:

Exchange 2010 SP1, or later, is required. To minimize offline time, use cluster shared volumes instead of pass-through drives where possible. In testing, performed by Exchange Server and Hyper-V engineering teams, offline time associated with moving storage resources was cut in half by using cluster shared volumes. If the server offline time exceeds five seconds, the DAG node will be evicted from the cluster. It is preferable to ensure that hypervisor and host-based clustering technology is able to migrate resources in less than five

seconds. If this is not feasible, the cluster heartbeat timeout can be raised, although we dont recommend raising it to more than 10 seconds.

If raising the heartbeat timeout threshold, testing should be performed to ensure that migration succeeds within the configured timeout. Ensure that the latest patches for the hypervisor are deployed to ensure optimal performance:
o

KB 2517329. Performance decreases in Windows Server 2008 R2 when the Hyper-V role is installed on a computer that uses Intel Westmere or Sandy Bridge processors KB 2000977. Hyper-V: Performance decrease in VMs on Intel Xeon 5500 (Nehalem) systems

On the live migration network, enable jumbo frames on the network interface for each host and ensure that the switch handling the network traffic was configured to support jumbo frames. On the live migration network, change receive buffers to 8192 on each host. Deploy as much bandwidth as possible for the live migration network.

14. Try Office 365 These are the days of the cloud, and e-mail is just one of those workloads that really fit the Software as a Service (SaaS) model. If you want to stop reading optimization articles like this one, why not give it a try to Microsoft Exchange Online in Office 365? Built to deliver the enterprise-grade security and reliability that businesses require, Microsoft Exchange Online provides the following features:

Built-in anti-virus and antispam filters Mobile sync to most of the devices available 99.9% uptime commitment with financially-backed SLA Live phone support 24 hours a day, 7 days a week, 365 days a year Large, 25 GB mailboxes for every user Seamless integration with Outlook Calendar sharing and federation with other companies Email archiving, eDiscovery Search, retention policies, and optional legal hold Security policies let you create approved mobile device lists, enforce PIN lock, and remotely wipe data from lost phones Free tools for migrating IMAP and Exchange Server mailbox data to Exchange Online

15. Prepare for Exchange 2013

By the time of writing this article, Exchange Server 2013 is in Customer Preview and its expected to RTM by the end of 2012. So now is probably the time to start preparing your infrastructure for it, since there are many exciting new features on the way and the architecture has changed dramatically.

Start by reading Exchange 2013 System Requirements Coexistence with Exchange 2003 will not be supported, so now is the time to finally remove those obsolete servers. Active Directory must be at Windows Server 2003 forest functionality mode or higher (if youre using Exchange Server 2010, this is not a problem) Exchange 2013 Preview supports the following minimum versions of Microsoft Office Outlook and Microsoft Entourage for Mac:
o o o o o

Outlook 2013 Preview Outlook 2010 SP1 with April 2012 Cumulative Update Outlook 2007 SP3 with July 2012 Cumulative Update Entourage 2008 for Mac, Web Services Edition Outlook for Mac 2011

Conclusion Optimizing an Exchange Server 2010 infrastructure is all about making it healthier, more stable and more reliable systems. I always like to make a disclaimer that some of the present recommendations may change in the future, as new service packs, service releases or new versions of the products are made available. The engineering teams can also make some changes on their recommendations, based on experience or due to hardware advances. In either case, the best to do is to keep up with the plethora of technical information and news widely available on the Internet (remember tip #1). Related Links

Exchange Server 2010 for IT Pros Exchange Server Tools Microsoft Exchange Whitepapers Exchange TechNet Wiki Enable Exchange 2010 SP1 Outlook Web App and IM Integration Publishing Exchange Server 2010 with Forefront Unified Access Gateway 2010 and Forefront Threat Management Gateway 2010