Applies to: Exchange Server 2010 SP2
Topic Last Modified: 2011-07-29
The Edge Transport server role is typically deployed on a computer located in an Exchange organization's perimeter network and is designed to minimize the attack surface of the organization. Available in Exchange 2007 and Exchange 2010, the Edge Transport server role handles all Internet-facing mail flow, which provides SMTP relay and smart host services for the Exchange organization. Additional layers of message protection and security are provided by a series of agents that run on the Edge Transport server and act on messages as they're processed by the message transport components. These agents support the features that provide protection against viruses and spam and apply transport rules to control message flow.
Learn more about Edge Transport servers at: Overview of the Edge Transport Server Role
Edge Transport Server in Hybrid Deployments
Exchange Online uses Microsoft Forefront Online Protection for Exchange (FOPE) instead of Edge Transport servers to provide SMTP relay and smart host services and manage the anti-malware and anti-spam features for cloud-based organizations. For message communications between your on-premises and cloud-based organizations, these services are handled differently in a hybrid deployment than in a typical stand-alone on-premises Exchange organization.
In both a hybrid and stand-alone Exchange deployment, the on-premises Edge Transport server handles message protection and security for inbound and outbound mail routing to external organizations and recipients. However, the on-premises Edge Transport server is bypassed for message routing between the on-premises and cloud-based organizations in a hybrid deployment. Instead, the on-premises hybrid server and the cloud-based FOPE service handle message routing between the two organizations. Additionally, the cloud-based FOPE service handles all message protection and security for messages between the on-premises and cloud-based organizations.
Edge Transport Server Configuration in Hybrid Deployments
Adding the hybrid server changes message routing configuration and the way that messages are processed within your Exchange organization in several ways:
- The hybrid server remains as an available Hub Transport
server in your Exchange organization Because
the hybrid server was already configured with the Hub Transport
server role, it automatically continues to assist other Hub
Transport servers in your organization with routing all incoming
messages to your on-premises mailbox servers. From the Edge
Transport server's perspective, the hybrid server remains as simply
another Hub Transport server in the Exchange 2010 organization. The
hybrid server automatically continues to assist in the routing of
incoming messages from the Internet to on-premises recipient
mailboxes, not just cloud-based recipients in your organization.
This behavior is by design when you are using Edge Subscriptions to
route Internet mail.
Learn more at: Overview of the Hub Transport Server Role
- The hybrid server assists with handling journaling and
transport rules for your Exchange 2010
organization When the hybrid server is
configured in your existing Exchange organization, all existing
journaling and transport rules are already included from your
previous on-premises Hub and Edge Transport server configuration.
The hybrid server will continue to apply these rules when
processing messages just like any other Hub Transport server in
Learn more at: Understanding Transport
- The hybrid server assists with your organization's EdgeSync
synchronization duties Because you’re
configuring an existing Exchange 2010 server, the hybrid server
participates in EdgeSync duties just like any other Hub Transport
server in your organization. If you prefer that the hybrid server
doesn't participate in EdgeSync synchronization, you can disable
the Microsoft Exchange EdgeSync service on the hybrid server.
Learn more at: Understanding Edge Subscriptions