In order to become a Microsoft certified Exchange Server specialist, you need to pass the Microsoft Exchange Server 2010 designing and deploying messaging solutions, otherwise known as the 70-663 exam. If you are using Exchange on a daily basis, but at a lower level, than the 70-662 Exchange 2010 exam will suffice; however, if you use Exchange to advanced levels, such as in designing and deploying Exchange 2010 solutions, then you need to ensure you have a design exam for Exchange under your belt. The 70-663 exam looks to build on the knowledge and skills you have learned in the 70 662 configuration exam; however, there is a lot more detail covered at this level, and for the exam you will be expected to know all of the features of Exchange Server 2010 and what they do. Although it is recommended that you cover all of the exam topics outlined by Microsoft's 70-663 syllabus, there are a number of areas you should concentrate on for this exam as they are guaranteed exam question areas.
As you'd expect to find at the beginning of an application exam, the first consideration is to cover the requirements needed for a successful installation. Whereas the 70-662 exam focused on a mainly single site Exchange 2010 setup with all of the Exchange Server roles consolidated to one or two servers in a single domain, the 70-663 exam requires a lot more detail.
First of all you need to decide whether or not the Exchange Server will be installed "on-premise" or "hosted" out in the cloud; this is an important new consideration in Exchange Server 2010. Hosted solutions especially will only continue to grow as Microsoft's interest in the Cloud increases, so make sure you are informed for the exam. You may be designing a hosted Exchange platform that will be used for multiple domains, and you will need to use separate global address lists and namespaces. There are a large number of considerations based around Active Directory and DNS setup prior to installation. The boundaries of an Exchange Server are based on the Active directory sites, so you should know where in an organization an Exchange Server needs to be based, what accompanying roles need to be present, and how the internal email will flow. This leads onto another new feature in Exchange 2010: federation trusts. Previously, Exchange communication between forests relied on active directory trusts to communicate; however, the Microsoft federation trust allows you to use Microsoft as a third party broker between two sites to establish the trusted relationship.
The success of Exchange Server 2003 has meant that many companies held fast on upgrading until Exchange 2010 came on the market
, at a time when an upgrade was inevitable. Also, Exchange 2007 had mixed reviews, meaning that those who did subscribe were looking to transition to Exchange 2010 quickly for its new features. As a result, coexistence has become a big part of many Exchange environments, and in turn a large part of the 70-663 exam. The biggest challenges with coexistence is the intra-site message transport and ensuring Exchange 2010 is setup for the legacy features of the older Exchange versions. From a technical perspective then, checking routing group connectors are in place and working and making sure support for X500 and legacy Exchange DN's are in place are important. One thing to note is that upgrading from a legacy Exchange version to Exchange 2010 is called a transition, not a migration. The term migration is used for moving from another mail platform like Lotus notes, to Exchange 2010. It’s probably not worth correcting your colleagues in polite conversation about it, but it’s worth knowing for the exam. On the topic of migrations, you should be aware that you can coexist with other mail platforms; however, Microsoft isn't going to expect you to know that as well, just the bits that Exchange Server 2010 requires to support them.
3. Server role — ]Client Access Server
If you are familiar with the old Exchange 2003 infrastructure layout, then you can consider the Client Access Server (CAS) role as the front-end Exchange Server. Positioning your CAS in the right area is a vital part of getting the Exchange topology correct. There must be one at each site in order to service the client requests, whether it is through a straight MAPI connection, IMAP, POP3, or RPC over HTTP. For the 70-663 exam, you need to be able to plan the CAS deployment based on the devices accessing your network, the domains that are accepted for your company, and the storage required. And as planning is the name of the game for this exam, make sure you are fully aware of what is required to setup autodiscover, such as the correct namespaces, SRV records, SSL certificates and the authentication mechanisms used internally and externally.
4. Server roles — hub transport server
The hub transport server is responsible for the inter-site and intra-site transport of messages within Exchange Server 2010. The hub transport server is responsible the name spaces used in Exchange email address policies. When you are dealing with large scale Exchange Server deployments, make sure you have detailed knowledge of Exchange Server transport rules and how they can be used to affect mail flow within a company. The receive connectors within the hub transport roles are key for locking down external access to the Exchange Server, and like the send connector, allow granular settings in regard to message size limits, and allowed IP addresses and authentication. The edge transport server role is a standalone server, which as it implies, sits at the edge of the network. Make sure you understand why you would add an edge transport server role into an Exchange infrastructure in order to increase security of e-mail gateway and using server transport rules.
5. Server roles — Mailbox Server
One of the big considerations for the mailbox server role in Exchange 2010 is the required storage capacity, shortly followed by the performance of the storage capacity when it is under pressure. You will need to know the minimum hardware specifications for optimum mailbox server performance, as the demands are notoriously high. The next level of capacity planning is based on the mailbox databases, how many you are going to have, where they will be positioned, and how much space is allowed for them. As you may have guessed by now, the design exam is more interested in the positioning of the Exchange server roles rather than how it is configured. However, you still need to know how to deploy your design in a real-world scenario, and this includes all of the additional elements that you may change in the default configuration. For example, you need to consider address lists, public folders, public folder replication, and off-line address list information, and how this information is replicated amongst your Exchange environment.
6. Exchange security — Part 1
Security is a big part of any application exam, but where Microsoft Exchange Server 2010 is concerned, a particularly high risk of an attack is due to its processing of external information. From an external viewpoint, you need to make sure you design an Exchange environment that is secure from external attacks such as denial of service, virus-infected spam and mail relaying. In order to do this, you will use a number of the Exchange features related to security such as locking down an external server that is allowed to access Exchange, knowing how to use transport level security to encrypt messages, how to secure all routing between your Exchange organizations, and by ensuring that message hygiene is a strong as possible. You won't be expected to know the ins and outs of Microsoft Forefront for Exchange Server, but you should be aware of exam questions relating to Microsofts anti-spam product of choice. Many of the features Forefront uses are universally available in many anti-spam products, such as recipient filtering, content filtering, antivirus scanning, block lists, safer lists, and the use of spam confidence levels (where mail is rated on a 1 to 10 scale of severity, with 10 being the most severe).
7. Exchange Security — Part 2
From an internal perspective the security of your Exchange Server is based on many tried and tested methods used within all Microsoft servers, namely the use of multifactor authentication, access control lists, and security policies. these
that can be applied from within the Exchange management console the Exchange Management shell. Make sure you know the options available to you in the client access server when it comes to locking down ActiveSync and Outlook Anywhere features, this includes mobile devices, which are ever-growing concern in real-world networks. Even Outlook Anywhere features a number of policies such as segmentation and attachment handling, which can increase the security of external users accessing the Exchange Server.
As some companies enter into double figures in the number of years they have been using Exchange Server, it has raised the question of where to store old Exchange e-mails that are legally required to be kept for a set amount of time. Microsoft has now addressed the issue of archiving and has employed a new feature which can be used under the Microsoft Enterprise Premium Cal, which allows users to have a separate archive mailbox; this archives emails to the Exchange Server rather than their local PC. Microsoft also developed their message record management (MRM) feature, which allows for further control of how messages are handled by the Exchange Server, and subsequently by Outlook users. Retention policies prevent users from deleting important emails, which can be a legal nightmare for a company. All of these new features are guaranteed exam questions, so make sure you are aware what these features do and how to deploy them
Once you have designed your Exchange 2010 network, and it has been deployed with all of the features required, it is important to make sure you monitor the Exchange Server’s performance, and in turn report on your findings. In order to make sure you have no security holes, no messaging issues or configuration problems from the Exchange Server deployment, use the Exchange 2010 Toolbox to iron out any issues. Make sure you are familiar with the features included here, such as the mail flow troubleshooter, the best practice analyzer, and recovery tools.
10. High availability
As is the nature of any network these days, especially since the widespread acceptance of virtualization, there is a demand for 99.999% uptime and high availability of all Exchange services. In fact, if the options are available to you in your Exchange Server design, you will often choose to use high availability features on the mailbox server role and/or on the client access server role. Database availability groups were introduced in Exchange Server 2010 to replace Exchange 2007 Server’s Continuous Cluster Replication (CCR) feature. Database availability groups are a much more robust feature based on the original Exchange 2003 clustering. Therefore, they can only be applied to enterprise versions of the Microsoft operating systems). These employ the use of a separate witness server to monitor the active and passive copies of the Exchange databases so that they can be bought online as required. Make sure you know how to set up, configure, and deploy database availability groups; the best way to do this is by getting hands-on practice in a Microsoft lab. With regard to the client access server roles, Microsoft originally promoted the use of the built-in Network Load Balancing tool; however, due to its incompatibility with the Windows clustering service, it is no longer supported. When you are considering high availability for client access server roles, exam questions will often reference a third party hardware load balancer to carry out failover on the CAS array.
Overall, the level of detail you need to know for this exam is much greater with regards to planning the overall design of an Exchange deployment. You are focusing on the bigger picture. In-depth knowledge of the Exchange Management Console and the Exchange Management Shell are a given at this level of exam.