locked
why need an EDGE transport role when HUB transport role can play the same role? RRS feed

  • Question

  • Why would someone want to have an Edge transport server role when a HUB transport server can play the same role as EDGE Transport server?.. is there something that the HUB transport server can't do that the EDGE server role can?

    Monday, May 11, 2009 9:09 AM

Answers

  • Since Edge Transport server role is deployed in perimeter network as a stand-alone server or as a member server of a perimeter-based Active Directory domain which minimize the attack surface and provides additional layers of message protection and security with series of agents that run on the Edge Transport server like anti viruses and spam and apply transport rules to control message flow.

    • Since it is deployed outside of your network to scan for antivirus, antispam and security attack from there so provide more protection compare to Hub transport role.
    • Hub Transport role can't provide you Address Rewriting feature which Edge can provide.
      Planning for Address Rewriting

    Amit Tank | MVP - Exchange | MCITP:EMA MCSA:M | http://ExchangeShare.WordPress.com
    • Proposed as answer by Arun_Kumar Tuesday, May 12, 2009 4:23 PM
    • Marked as answer by Amit Tank Tuesday, May 12, 2009 4:28 PM
    Monday, May 11, 2009 10:46 AM

All replies

  • Since Edge Transport server role is deployed in perimeter network as a stand-alone server or as a member server of a perimeter-based Active Directory domain which minimize the attack surface and provides additional layers of message protection and security with series of agents that run on the Edge Transport server like anti viruses and spam and apply transport rules to control message flow.

    • Since it is deployed outside of your network to scan for antivirus, antispam and security attack from there so provide more protection compare to Hub transport role.
    • Hub Transport role can't provide you Address Rewriting feature which Edge can provide.
      Planning for Address Rewriting

    Amit Tank | MVP - Exchange | MCITP:EMA MCSA:M | http://ExchangeShare.WordPress.com
    • Proposed as answer by Arun_Kumar Tuesday, May 12, 2009 4:23 PM
    • Marked as answer by Amit Tank Tuesday, May 12, 2009 4:28 PM
    Monday, May 11, 2009 10:46 AM
  • Here are some points which clearly indicates the difference between EDGE and HUB Roles.

    Edge:

    The Edge Transport role is installed on the edge of the network and therefore is installed on a standalone server that is not a member of the Active Directory domain. Because the server is not a member of the Active Directory domain, Active Directory Application Mode (ADAM) is used to sync AD with the Edge Transport server. ADAM and a component called EdgeSync are used to perform scheduled one-way synchronization of the configuration and recipient information from Active Directory. This allows the Edge Transport to perform recipient lookups and Spam filtering.

    Hub:

    The Hub Transport role is responsible for all internal mail flow. This role is similar to the bridgehead server in an Exchange 2000/2003 organization. In fact it originally was called the Bridgehead Role until it was changed.

    Edge:

    The Edge Transport role performs a number of functions including Anti-spam and Anti-virus protection. The Edge Transport uses connection filtering, content filtering, recipient filtering, SenderID, sender and IP reputation to reduce the amount of Spam delivered to the end users inbox. Mail tagged as Spam will sit in a Spam quarantine from which administrators can delete or allow messages tagged as Spam. One of the top features is the ability for Outlook 2003 and 2007 clients to merge their Spam settings (like white and black lists) to the Edge Transport server to increase the efficiency and accuracy of the filters. The built in VSAPI has been improved and the introduction of transport agents will allow third party AV applications to provide stronger AV filtering.

    Hub:

    The Hub Transport server, as well as the rest of the server roles, is installed on member server(s) in an Active Directory domain. There is no need for ADAM on this, or any other role aside from the Edge Transport. Because it is a member of an AD domain, all its configuration information is stored in AD and any other Hub Transport servers you install will get their configuration from AD.

    Edge:

    Edge Transport Rules are used to protect the Exchange organization by applying rules and, based on whether the message passes or fails, appropriate action is taken. Unlike the Anti-virus and Anti-Spam processing, Edge Transport rules are based on SMTP and MIME addresses, words in the subject or message body, and SCL rating. The Edge Transport role also handles address rewriting; in Exchange 2007 an administrator can modify the SMTP address on in or outbound mail.

    Hub:

    The Anti-Spam and Anti-virus features of the Edge Transport can be configured on the Hub Transport in order to reduce the number of servers required. It is quite feasible that you may only have one server in your Exchange organization with all the roles installed on it. In this case you cannot have an Edge Transport and all those features will be passed on to the Hub Transport role.

    Edge:

    The Edge Transport server is also responsible for all mail entering or leaving the Exchange organization. Mail travels inbound through the Edge Transport and once the Edge Transport Rules have been applied the message is passed on to the Hub Transport server. Because the Edge Transport is responsible for all in and outbound mail, you can configure multiple Edge Transport servers for redundancy and load balancing.


    So in short, Edge can be installed on a standalone workstation and which doesn't need AD, but Hub can't be installed on a stand alone server. Edge can be installed in DMZ but hub has be be in the corpnet.


    Arun Kumar | MCSE - 2K3 + Messaging | ITIL-F V3
    • Proposed as answer by Arun_Kumar Monday, May 11, 2009 11:02 AM
    Monday, May 11, 2009 11:02 AM
  • Thank you Amit, to the point and that's the answer i was looking for.

    Tuesday, May 12, 2009 5:58 AM
  • Dear Arun,

         Thank you for your explanation but however it didn't answer my question. Your answer would more suit a question as Explain a HUB transport role and an EDGE transport role.

    Tuesday, May 12, 2009 6:00 AM