I'm upgrading our organization from Exchange 2010 to 2013. Right now we're using Forefront TMG as a bridge between internet clients and the CAS 2010, and I'm noticing TMG is not available for Exchange 2013. Does this mean the 2013 CAS is prepared to interact directly with internet clients? If so, what's the best practice?
Right now Forefront TMG and a couple other edge servers (Lync Edge, Edge Transport) are dual-horned, with the internet-facing adapters resting in our DMZ. That gets routed via our firewall to the internet. Should the 2013 CAS also be dual horned? Or should the firewall route directly to the CAS's internal IP?
The CAS will need to service both internal and external clients. For now I'm only going to have one CAS, though once I decommission Exchange 2010 I might bring up a second. We have no NLB installed and have no immediate plans for one.
Any links Best Practice whitepapers and such would be appreciated. A simple Google search doesn't return very satisfactory results.
----------- Ron E Biggs Network Administrator Entertainment Studios