Exchange 2010 Transport Server in Hyper V?

By KENNY P
in Microsoft (Windows)

 Share

Recommended Posts

Explorer

KENNY P

Posted
Posted

One of my customers is having us setup an Exchange 2013 cluster with Windows Server 2012, but they want us to use a DMZ Network on their firewall.

Because the server roles have changed, and Exchange will need Active Directory services, we're wondering if the best case scenario to meet there security expectations is to create a Virtual machine with Exchange 2010 transport roles in the DMZ.

Will this setup/configuration work or is this not recommended?

Will any ports have to be opened for the 2010 transport server to communicate with active directory?

Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

depending on how the dmz is setup, you will need ports 25 (for mail in and out), 50389 and 50636 (these two ports are for secure active directory) and if you want to manage with rdp 3389. You will be fine with putting this in a vm server.

Explorer

KENNY P

Posted
  • Author
Posted

depending on how the dmz is setup, you will need ports 25 (for mail in and out), 50389 and 50636 (these two ports are for secure active directory) and if you want to manage with rdp 3389. You will be fine with putting this in a vm server.

Thanks dude.... now is the Transport Server what we need to make this work with the DMZ? I'm installing Hyper V/Server 2k8 with Exchange 2k10 as we speak.....
Explorer

KENNY P

Posted
  • Author
Posted

What we want is to place the edge transport server in the DMZ with the least amount of open ports to meet the company's network security policies.

Can this server be a standalone server that is not a member of the domain with it's only purpose is to be a transport server?

Proficient

duddit2

Posted
Posted

Would you be wanting an edge transport server role then? Your wanting to simply have something in the DMZ to accept traffic on port 25 and perform simple spam/security checks which isn't AD reliant?

I think you maybe confusing Edge transport (not AD reliant and made for DMZ) with hub transport (AD Reliant, needs to be 'inside')?

Proficient

duddit2

Posted
Posted

Exchange 2010 Edge Transport

Edge Transport is an optional role that can be installed to prevent spam and virus. This role is meant to replace spam filtering devices such as Barracuda Spam firewall and Symantec mail security. This role is installed on a stand-alone server (workgroup) and uses ADAM to sync LDAP data from Active directory. This allows recipient filtering on Edge Transport server.

Proficient

duddit2

Posted
Posted

What we want is to place the edge transport server in the DMZ with the least amount of open ports to meet the company's network security policies.

Can this server be a standalone server that is not a member of the domain with it's only purpose is to be a transport server?

Sorry for my earlier posts, juts seen this of yours where you clearly state you want to put the Edge transport role in the DMZ.

You'll need to configure ADAM (Active Directory Application Mode) so that the edge transport server (workgroup not domain member) can 'talk' to AD and filter recipients correctly.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • The official Funny Pictures thread

      By +primortal · Posted

    • Microsoft kills AI-powered history search feature in Edge

      By Usama Jawad96 · Posted

      Microsoft kills AI-powered history search feature in Edge by Usama Jawad In June 2025, Microsoft began rolling out AI-powered history search functionality with Edge 138. The idea was simple: allow customers to use natural language phrases and synonyms to find their desired history items rather than matching keywords exactly. Although the company had already rolled out this capability in a phased manner, it has now decided to cancel it. In an update on its Microsoft 365 Roadmap, Microsoft has announced that it has decided not to move forward with AI-powered history search. The company has not detailed the exact reasoning behind this move, but it has apologized to customers for the inconvenience. The move is rather interesting as it seemingly could have improved user productivity. Edge users wouldn't have to worry about typos or exact keywords, and just focus on what they were trying to locate in their browser history. Microsoft had also assured users that an on-device AI model would be leveraged for this functionality, and no data would be sent to the cloud. IT admins also had the ability to control its availability through the EdgeHistoryAISearchEnabled policy. When the feature began rolling out last year, many of our readers called it creepy, noting that they couldn't trust Microsoft to keep their data on their device. Others also questioned its usefulness, saying that it's simply a way for Microsoft to insert more AI bloat into its products. Although the Redmond tech giant had stated that it will be more mindful about surfacing Copilot features in Windows 11 apps, we later discussed how this is mostly a rebranding exercise rather than an actual axing of AI functionalities. Indeed, a Microsoft executive later emphasized how they want to reshape Windows for the agentic AI era. That said, it does seem like at least AI-powered Edge history search isn't a part of that vision.
    • SpaceX reportedly plans a Starlink mobile service for U.S. consumers

      By PsYcHoKiLLa · Posted

      For you to jump on and defend your sweetheart? I agree, it didn't.
    • Politically funny images of the World

      By +primortal · Posted

    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By WaltC · Posted

      Not likely, of course, that we will see routine citizenship checks as they only involve compliance with existing federal voting laws already on the books for decades. This seems a non-issue entirely. Only fools would have the government rush headlong into an AI program few can understand or predict, or even debug...

  • Recent Achievements

    • Week One Done
      tuben earned a badge
      Week One Done
    • First Post
      OffsetAbs earned a badge
      First Post
    • Reacting Well
      OffsetAbs earned a badge
      Reacting Well
    • First Post
      Kolakid60 earned a badge
      First Post
    • Week One Done
      xvvxcvv earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      424
    2. 2
      +Edouard
      185
    3. 3
      PsYcHoKiLLa
      148
    4. 4
      Steven P.
      72
    5. 5
      FloatingFatMan
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!