November 2022 Security Updates for Exchange
This week Microsoft released new security updates for the following Exchange versions:
- Exchange...
On July 24, 2018, the Exchange Product Group released the preview version of Exchange Server 2019. This version is the third version of modern Exchange Server. Like the previous versions, Exchange Server 2019 benefits from the product developments tested and implemented in Exchange Online. But not all features available in Exchange Online are available in the on-premises version of Exchange Server. Additionally, not all features that are announced for the new release will be available when the RTM build is released. That is something that we have learned with previous releases of the product.
Does Exchange Server 2019 provide enough new features to justify a migration? Let’s have a look at the new features and the things that are missing in the new release of Exchange Server.
The most important new feature comes with a new option for operating Exchange Server; to finally, install Exchange Server on Windows Server Core Edition. The lack of unnecessary graphical user interface components reduces the attack surface. I recommend operating Exchange Server 2019 on Windows Server 2019 Core Edition to implement the maximum security available. This option will not be available until Windows Server 2019 RTM has been released. The preview version of Exchange Server 2019 therefore allows for installing the product on Windows Server 2016 and Windows Server 2016 Core. Whether this option will still apply for the RTM version of Exchange Server 2019 remains to be seen. In any case, the use of Windows Server Core Editions should not worry you, as Windows Admin Center provides an excellent web management interface.
The performance of Exchange Server is the next important topic, following the operational security. With each version of Exchange Server, the Product Group has improved the performance using proven technology solutions. Whether you have benefited from these improvements always depended on how you have implemented Exchange Server.
The planning and operating Exchange Server 2019 is also governed by the Preferred Architecture (PA) (http://www.enowsoftware.com/solutions-engine/the-right-exchange-architecture) recommendations. The Product Group recommends running Exchange Server on real hardware. The main reason for this recommendation is that high availability is implemented at the application level (aka DAG) and a Hypervisor only adds complexity without providing real value. The next version of Exchange Server supports server systems with up to 48 processor cores and 256GB of memory. Remember that the virtualized operation of Exchange Server, regardless of CPU and memory configuration, requires that processor cores and memory are configured as fixed reserved resources. Nothing changes with this requirement with Exchange Server 2019.
In recent years, mailboxes have become larger and larger, and thus the required hard disk space. To further increase performance for large databases, Exchange Server 2019 offers an optional SSD-based cache option. As with the HDD-JBOD recommendation, the SSD-Cache option recommends using cost-effective components to ensure a good cost-benefit ratio. Unfortunately, this SSD-Cache is not available in the Preview Version of Exchange Server 2019.
The search engine previously used in Exchange Server was based on the FAST engine and has given many Exchange administrators sleepless nights. The Exchange Team’s blog post announced the integration of a new search engine based on "Bing Technology". First, it's good to finally get rid of the FAST search and no longer worry about corrupt search indices, but secondly, some readers will certainly cringe at the term "Bing". The Bing search engine available on the web has a very different perception of the quality of the search results, especially when used in non-English countries. However, in the context of Exchange Server 2019, the focus is less on the word "Bing" but on the term "Bing Technology".
The key advantage of the new search is that the storage of metadata and indexes is no longer stored in a separate folder structure in the file system of each server, but in the mailbox database. The information is kept synchronized using the native and robust log-shipping mechanisms. This technological trick allows an even faster activation of a passive database copy in the case of a switchover or failover. By storing the search information in the database it’s automatically part of a backup.
New features for end users are mainly focusing on new calendar features and simpler calendar sharing with external partners. An important compliance feature that finds its way from Exchange Online to Exchange Server 2019 is "DoNotForward". This function prevents users from forwarding messages, including invites, to other recipients. In addition, editing of existing (recurring) meetings stored in user calendars using PowerShell is available to Exchange Administrators. This is always an important topic when users (meeting organizers) leave the company.
Outlook on the Web is increasingly becoming the central interface for accessing e-mails and works perfectly with all major browser versions. Keep in mind that the use of all Exchange Server 2019 mailbox functions can only be guaranteed if a current Outlook for Deskop (Windows / Mac) version is used.
There hasn’t been an Exchange Version in the past without discontinued features. And no, public folder are still there.
The Unified Messaging feature, which was no not available as a separate feature role in previous versions of Exchange Server, no longer exists in Exchange Server 2019. Microsoft gives you the choice of using Cloud Voicemail while using Skype for Business Server 2019 or integrating a third-party solution.
Alternatively, you can use Exchange Server 2016 and its Unified Messaging features until this Exchange Server Version reaches the end of support. A comparison table about the supported options for using VoiceMail can be found here.
More information and recommendations for dealing with the discontinuation of the Unified Messaging features will be available at the Ignite 2018 conference next month.
What are your options for the coexistence of other Exchange Server when migrating to Exchange Server 2019?
Exchange Server 2019 also follows the well-known N-2 principle. A coexistence of the current Exchange Server version (N) is only possible with the last two Exchange versions (-2). This means that you cannot install Exchange Server 2019 in a direct coexistence with Exchange Server 2010. If you still run Exchange Server 2010 and want to migrate to Exchange Server 2019, you must perform an interim migration to Exchange Server 2016. Exchange Server 2013 is not a viable option, because mainstream support has ended in June 2018.
More information and recommendations on coexistence will also be available at the Ignite 2018 conference in September.
Even with Exchange Server 2019, the major version number is not incremented. The product version is 15.2. Angry voices will now say that following the good-ole Microsoft versioning this release must be Service Pack 2 for Exchange Server 2013. Of course, that is not the case. Exchange Server 2019 is a stand-alone product.
The architecture changes and support for Windows Server Core promise to deliver high performance and secure operation of Exchange Server 2019, leveraging the experience in the Office 365 cloud service. The new search engine is a result of operating a very large Exchange environment.
The benefits for end users are in my view plain comfort improvements. It is up to you, whether these alone justify a migration to Exchange Server 2019.
In September, the Microsoft Ignite 2018 conference will be held in Orlando. It will be exciting days with interesting breakout sessions and talks on the new features and changes in Exchange Server 2019.
This week Microsoft released new security updates for the following Exchange versions:
On February 14, 2023, Microsoft released new security updates rated ‘Important’ for: