Whenever a new service pack is released, it is typically like a grab bag of features that may or may not be applicable to your environment -- but you are happy to see them nonetheless. Service Pack 1 for Exchange 2013 (also known as Cumulative Update 4) follows this pattern.
Let's take a look at the major new features in Exchange 2013 SP1.
Windows Server 2012 R2 support: It's obviously nice to be able to install the latest version of Exchange on the latest version of Windows Server. Keep in mind: If you already have Exchange installed on Windows Server 2012, you cannot upgrade to Windows Server 2012 R2; you need to do a new install in that case.
Edge Transport 2013 has arrived: The Edge Transport role sits in the perimeter (or DMZ) and handles all Internet-facing mail flow, provides additional security through agents and transport rules, and in the process, reduces the attack surface. I'm not a huge fan of the Edge Transport role -- I prefer cloud-based or appliance-based alternative -- but I found it oddly absent in the original release of Exchange 2013. One note of caution regarding the Exchange 2013 SP1 Edge Transport role: You have to configure it through PowerShell in the Exchange Management Shell.
Exchange MVP Tony Redmond says, "Some will decry the lack of a GUI and the need to manage the server with PowerShell, but the tasks to set up an Edge server are relatively straightforward. And anyway, if you can't handle a few PowerShell commands, maybe you should not be setting up a server that acts as the secure inbound email access point for the organization." It's rare that I disagree with Redmond, but in this case I believe a system that will be primarily a set-and-forget type of server shouldn't be made more complicated by the lack of a simple GUI. If the tasks are "relatively straightforward," it should have been easy to give admins a GUI to keep it simple. Let admins focus on more pertinent matters. I suspect that due to the lack of a GUI, admins won't use Edge Transport and instead will go with alternative protection.
Exchange Admin Center cmdlet logging: I really liked this capability in Exchange 2010 and was disappointed that Microsoft removed it in the original release of Exchange 2013. With this capability, when you do something in the GUI, you can see the underlying PowerShell commands being executed. It is a great way to learn or simply understand what is happening under the hood. The returned logging feature allows you to capture and review recent commands executed (as many as 500). I really like this feature.
MAPI over HTTP: Now this is an interesting capability. I thought MAPI was dead with Exchange 2013, whose connections were focused on remote procedure calls (RPCs) over HTTP (aka Outlook Anywhere). But in SP1, this new feature (which requires that you run Outlook 2013 SP1) allows for MAPI across HTTP without using RPCs. This will, according to Microsoft, simplify connectivity troubleshooting and improve the user connection experience when resuming from hibernation or when switching networks. To get the full story of how it all works, check out MVP Redmond's "Exchange Server 2013 Transitions from RPC to HTTP" post.
DLP enhancements: Data loss prevention capability exists in the original Exchange 2013 releaase, built on existing features like transport rules and mail tips. SP1 adds new features such as DLP Policy Tips for OWA (Outlook Web Access) and OWA for Devices, DLP Document Fingerprinting, and DLP sensitive information types for new regions.
Along with those key feature updates, Exchange 2013 adds the following:
- ADFS for OWA: This is claims-based authentication for organizations working with Active Directory Federation Services.
- OWA formatting: OWA now has a rich text editor.
- S/MIME support for OWA returns: OWA users can send and receive signed and encrypted email. This feature requires IE9 or later.
- Database availability groups (DAGs) without Cluster Administration Server (CAS) access points: This optional DAG configuration (aka IP-less DAG) requires Windows Server 2012 R2.
- SSL offloading: This capability lets you move the SSL encryption/decryption workload for inbound CAS connections to a load balancer
SP1 also comes with a host of bug fixes.
Exchange 2013 SP1 brings a healthy set of improvements across the board and shows that the Exchange team at Microsoft is listening to requests and giving folks what they want and need.
This story, "What you need to know about Exchange 2013 SP1," was originally published at InfoWorld.com. Read more of J. Peter Bruzzese's Enterprise Windows blog and follow the latest developments in Windows at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.