The question "why should I implement Exchange Modern Hybrid" is justified. Exchange Modern Hybrid is specially designed to simplify implementing Exchange Hybrid Mode by eliminating the requirement for inbound HTTPS connections to an on-premises Exchange organization. The technical specifications for Classic Exchange Hybrid are sometimes unsuitable for enterprises.
"Exchange Hybrid options? There are none. Just go Full Monty." - undisclosed Exchange consultant
That isn't quite right. But let me explain the concept of Exchange Hybrid first before we take a look at the available options.
October 13, 2020, is an important date for Microsoft for a variety of reasons. On this date, Microsoft will stop support for their 2010 suite of products like Exchange 2010, SharePoint 2010, Office 2010, etc. In addition, Microsoft will stop basic authentication in Office 365 as outlined in their post Upcoming changes to Exchange Web Services (EWS) API for Office 365 and their follow-up post Basic Auth and Exchange Online – February 2020 Update.
Azure Active Directory Conditional Access has been around since 2016. Conditional Access governs access to cloud resources by evaluating the conditions associated with the sign-in of a user or application accessing a resource. Conditional Access policies allow an admin to stipulate under what conditions certain actions are enabled. I like to think of them as If-then statements.
When it comes to collaboration, Outlook is still the most in common tool. It’s not only an e-mail client, it allows you also managing your appointments, tasks etc.
Especially the manager-delegate scenario, Outlook is THE tool to be used. But even we have great features, supporting our daily work and many scenarios, there are always limits. And these limits can cause a lot of trouble.
In their blog article, "Improving Security - Together," the Microsoft Exchange product group announced that the insecure Basic Authentication authentication method switches off on October 13, 2020, not just for Exchange Web Services (EWS), but also for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell.
In my previous blogpost, I wrote about how crucial it is to have all of your domains registered, Access Control Entries (ACE) on mailbox and folder level in a row and a reminder to keep things simple and you might revisit your architecture and the need of resource forests.
With the use of the Office 365 platform, application monitoring requirements have changed. In your on-premises IT infrastructure, you normally monitor the availability of applications by solely checking server reachability. In some cases, you might choose to implement enhanced application monitoring by accessing dedicated protocol endpoints.
There are several ways outlined by Microsoft that can be found here. This blogpost goes over migrating from an integrated Exchange server infrastructure to Exchange Online with a hybrid deployment. I will not cover third-party migrations, as this is not relevant for the topics mentioned in this post.
In February, Microsoft released the initial public preview version of the Hybrid Agent, about which was written here. The purpose of the Hybrid Agent, also branded as the “Exchange Modern Hybrid Topology”, is to simplify the process of setting up and deploying Microsoft Exchange Hybrid for Exchange 2010 and later deployments, where full “classic” Exchange Hybrid is not an option.