Dear Team,
I'm planning Exchange 2013 Sp1 new email server installation with new AD setup.
I have 4 nos Exchange 2013 Licenses/
a. 2 Nos ET servers in DMZ ( These are VMs under Vmware ESXi 5.5 )
b. 2 Nos CA+MB servers in Secure zone. ( These are VMs under Hyper-V on 2 physical server blades ).
c. CA + MB roles configured on single server.
d. CA will be load balanced using Hardware load balancer
e. MB will use DAG
f. A separate VM will be created for File Share Witness ( Voting Disk ).
g. 2 Nos AD integrated Forward Lookup Zone on Local DC – 1) abc.local (For Desktops and internal servers)
2) abc.gov.in ( It will host cname record points to A record in abc.local zone)
h. A and MX record entry on ISP DNS for Email Delivery on email server
My Qs are
1) New Domain Name with “.local” ( Non-Routable Domain ) or “.com”,”.org” (Routable domain) to select for all member servers and desktops in the new forest in the secure Desktop zone?
2) In this case , SSL SAN certificate requirement is with domain Name used as accepted domain "@abc.gov.in" for Email Address and future web servers which will be accessed from internet
For example –
abc.gov.in ,mail.abc.gov.in , autodiscover.abc.gov.in , pop.abc.gov.in , smtp.abc.gov.in ?
https://erpportal.abc.gov.in ------ For Other web Servers ?
Can we get confirmation on successful working of above design considering security aspect and redundancy ?
T & R,
Kamlesh
kamlesh