Microsoft has recently made changes to their Roadmap Exchange Server. We are excited to share these updates with you. We know that some of our customers have reasons to use Exchange Server On-Premise and we are committed to supporting them.
Microsoft has moved the release date of the next version ofExchange Server to the second half of 2025. The next version will require Server and CAL licences and will only be available to customers with Software Assurance, similar to the SharePoint Server and Project Server Subscription editions. . Microsoft will provide more details on naming, features, requirements and pricing in the first half of 2024.
We will maintain the current support dates for Exchange Server 2013 , Exchange Server 2016 and Exchange Server 2019; however, Microsoft plans to support the next version of Exchange Server beyond 14 October 2025. Microsoft will continue to support Exchange Server as long as there is substantial market demand.
Two of the main challenges of previous versions ofExchange Server with regard to upgrading to the next version are that (1) the next version has always had greater hardware requirements than the previous version, and (2) customers always had to move mailboxes from the old version to the new version. Microsoft is addressing these challenges in the next release by introducing the ability to upgrade in-place fromExchange Server 2019. This means you may not have to purchase new hardware.
Our advice to all customers Exchange Server to upgrade to Exchange Server 2019 as soon as possible. If you are already running Exchange Server 2019, our advice is to always keep your servers up to date. Exchange Server 2019 includes several features not available in previous versions, including a new and improved web-based Outlook, improved security, better performance and scalability, modern architecture, integration with SharePoint Server and OneDrive, and new and updated message policy and compliance features.
With the H1 2022 CU release, Microsoft has added new features to Exchange Server 2019 (including one that could allow you to shut down your last server Exchange ), they have also added hybrid server licensing at no extra cost, and we are adding even more features, as detailed below.
Investments in Exchange Server 2019
In the coming months and years, Microsoft has plans to add functionality to Exchange Server 2019 and will continue to support regulatory and data privacy requirements. Their continued investment in Exchange Server 2019 enables them to improve security, deployment and management capabilities, and reliability - the attributes our customers tell us they need most fromExchange Server .
Security investments
The Exchange servers often contain the most sensitive data of the company, and host the company's address book, so it is important to protect these servers and data. Microsoft will therefore continue to focus on the security ofExchange Server .
Modern Authentication Update
Historically, Exchange Server has used basic authentication (also known as Legacy Authentication) for client/server and server/server connections. Basic authentication is an obsolete industry standard, and it is imperative for organisations to move away from it as quickly as possible, in order to reduce attack surfaces and unnecessary risk.
Microsoft is working to make basic authentication obsolete in Exchange Online and move users to something more secure: authentication based on OAuth 2.0, or what they call modern authentication. OAuth 2.0 is the industry standard protocol for authorization.
In approximately 120 days, on October 1, 2022, Microsoft will begin disabling basic authentication for specific protocols in Exchange Online for those customers still using it. If you are a Exchange Online or Exchange hybrid customer, be sure to read the latest announcement to learn what you need to do to prepare for this change.
Modern authentication allows for enhanced authentication features, such as multi-factor authentication (MFA), smart cards, certificate-based authentication and third-party security identity providers. Among the many benefits and improvements of modern authentication is that it helps mitigate security issues with basic authentication. For example, enabling modern authentication is an important step towards protecting your organisation from brute force and password-spam attacks.
Microsoft is currently working on adding modern authentication to pure on-premises Exchange Server environments (e.g., not cloud or hybrid). They plan to share their timeline for modern authentication support for every Outlook client later in 2022.
Support for TLS 1.3
they have recently introduced support forExchange Server 2019 on Windows Server 2022. By default, Windows Server 2022 uses Transport Layer Security (TLS) 1.3, which encrypts data to provide a secure communication channel between two endpoints. TLS 1.3 eliminates obsolete cryptographic algorithms, improves security over older versions, and aims to encrypt the handshake as much as possible.
WhileExchange Server 2019 supports Windows Server 2022, they are still working on adding support for TLS 1.3. They plan to support TLS 1.3 in Exchange Server 2019 next year.
Software update dashboards for Exchange Online and Exchange Server
UpdatingExchange Server is an essential security practice, which is why Microsoft also invests in helping you stay up to date with the latest updates toExchange Server .
Later this year, they will introduce a new experience in the Microsoft 365 administration centre to display the update status of Exchange servers in hybrid environments. This new experience is designed to show administrators which Exchange servers are in need of updates and which servers are approaching or have ended support.
This experiment provides a view of Exchange On Premise servers that is organised using data from several sources, such as data that customers agree to send, data from Microsoft Online Services processing logs, and publicly available data such as DNS records.
A similar experiment is expected to be added to Exchange Server 2019 early next year.
Restoration of the emergency mitigation service Exchange
The Exchange Emergency Mitigation Service (EEMS) that they added to Exchange Server last year helps secure your servers by applying Microsoft mitigations to address any potential threats to your servers. EEMS is an integrated version of EOMT that provides protection against security threats that have known mitigations.
Once a mitigation applied by EEMS is no longer required, an administrator can manually remove the mitigation. To simplify the process, Microsoft is currently working on a PowerShell script that administrators can use to remove any mitigation that is no longer needed. They plan to release the script next year.
Hybrid experience improvements
To help administrators manage hybrid environments, we are making even more changes to the Hybrid Configuration Wizard (HCW). Today, the HCW performs several tasks, including configuring federation approval, updating connectors and email address policies, and configuring endpoints and OAuth between on-premises and Exchange Online. Once the wizard has completed its tasks, administrators often customise the environment.
When running HCW again, most of the initial configuration tasks are not necessary. But since HCW does not allow skipping steps, custom configurations created after the first HCW run may be lost, which may result in a bad hybrid state.
To address this issue, we are changing the HCW to allow an administrator to choose which steps to perform and ignore those that are not necessary. We plan to publish an updated HCW with these changes later this year.
Call to action for customers Exchange Server
For many organisations, Exchange Online in Microsoft 365 offers the best productivity, security and compliance features and is the most cost effective solution and experience. If you are a Exchange Server customer and would like to migrate to Exchange Online, contact the team Lambert Consulting team today for help and advice from start to finish.
As we said earlier, we know that customers have reasons to run Exchange Server and we are committed as Microsoft to supporting them.
Our advice to customers running Exchange Server is to upgrade to Exchange Server 2019 now.
Exchange Server 2019 already includes several features not available in previous versions, including :
- Support for Windows Server 2022 and Windows Server Core
- Client/server connections use TLS 1.2 by default
- New research infrastructure based on Exchange Online
- Modern hardware support
- Improvements in schedule, customer experience, compliance (onsite archiving, retention, eDiscovery), data loss prevention, performance and scalability
- Upgraded management tools Exchange which eliminates the need for Exchange servers used solely for recipient management purposes
- The latest updates to the hybrid experience, including support for using MFA compatible administrator credentials with hybrid agent command applets
Soon, Exchange Server 2019 will include support for TLS 1.3, modern authentication, etc., and will provide the smoothest and easiest path to the next version ofExchange Server in 2025.
Before deploying Exchange 2019 in your organisation, you need to do some careful planning, so make sure you carefully review the information provided by the EDA.
If you are planning a hybrid environment Exchange, be sure to review the hybrid deployments Exchange Server and the information that accompanies them.
Let's go further together!
If you have a question or a suggestion, we are at your disposal to answer it by email or by phone.