Back to Blog

Why Modern Exchange Hybrid?

Image of Thomas Stensitzki
Thomas Stensitzki
person using laptop listing image

The question "why should I implement Exchange Modern Hybrid" is justified. Exchange Modern Hybrid is specially designed to simplify implementing Exchange Hybrid Mode by eliminating the requirement for inbound HTTPS connections to an on-premises Exchange organization. The technical specifications for Classic Exchange Hybrid are sometimes unsuitable for enterprises.

You can read more about the differences between the two Exchange Hybrid modes in ENow's blog post, "What are your Hybrid Options."

The following simplified diagram illustrates the configuration of Exchange Modern Hybrid. The base for a hybrid configuration is an Azure AD synchronization (grey line) with Exchange Hybrid mode enabled.

Note: Enabling Exchange Hybrid in Azure AD Connect does not configure a hybrid configuration in your on-premises Exchange organization. With Exchange Hybrid mode enabled, Azure AD Connect synchronizes Exchange attributes of AD objects that are relevant for hybrid operation.

The two green arrows are outgoing HTTPS connections from on-premises Exchange Server to Exchange Online. The left arrow is the connection used by on-premises Exchange Server for connecting to Exchange Online querying information for the local Exchange organization, e.g., free/busy information or mail-tips for mailboxes hosting in Exchange Online.


The right arrow is the outbound connection of the two Exchange Hybrid agents installed on the Exchange servers. This connection provides inbound communication for hybrid features from Exchange Online to the local Exchange organization, e.g., moving mailboxes to Exchange Online or querying free/busy information for mailboxes hosted on-premises.

Exchange Modern Hybrid simplifies hybrid communication for the HTTPS protocol. Mail flow between on-premises Exchange and Exchange Online requires an additional bidirectional connection. You can choose between two core variants. Variant A uses a direct two-way SMTP-connection between the local Exchange organization and Exchange Online. If you want to avoid a direct SMTP-connection traversing the perimeter network, you can route the mail flow through Exchange Edge Transport Server, located in the perimeter network, shown as Variant B.

There are two main use-cases for using Exchange Modern Hybrid.

  1. You want to migrate your local Exchange organization to Exchange Online as quickly as possible. In this case, Exchange Hybrid is used to migrate mailboxes to Exchange Online securely.
  2. You need a permanent Exchange Hybrid operation for your enterprise, but you have special network security requirements prohibiting incoming HTTPS connections from the internet to the local Exchange Server systems.

With Exchange Modern Hybrid, you have a robust and proven solution that allows you to set up and configure a hybrid configuration between your On-Premises Exchange organization and Exchange Online quickly and easily. However, this hybrid mode does not support all the hybrid features provided by Exchange Online. For an up-to-date overview of the Modern Hybrid limitations, see the Exchange Hybrid Online Documentation.

Before setting up an Exchange Server Hybrid configuration, you must have a clear understanding and a roadmap not only for setting up the hybrid configuration but also for continuous operation.

Hybrid is a Process

The implementation of a hybrid configuration does not only consist of adopting the technical requirements that enable Exchange Hybrid operation. Before you start the journey to Exchange Hybrid, you must find answers to the following questions:

  • Do you want to establish long-term hybrid operation providing mailboxes in the on-premises Exchange organization and Exchange Online?
  • Do users need to be able to access a user's free/busy times with a mailbox in the other Exchange environment?
  • Do you need a centralized and trusted mail flow between the on-premises Exchange organization and Exchange Online?
  • Are on-premises Exchange Servers accessible from the internet using HTTPS-protocol?
  • Does an existing Identity Management (IDM) software support the use of Microsoft 365 and thus Exchange Online?

This list is just a short selection of the questions you need to find answers to before starting with Exchange Hybrid.

The implementation of Exchange Hybrid differs in two process phases:

  1. Transition Phase: Transitioning of the existing operating model from pure Exchange On-Premises to Exchange Hybrid
  2. Operation Phase: Daily operation of the Exchange Hybrid organization

In the transition phase, you adapt existing business processes to the new requirements, .e.g., joiner/leaver process. The scope of the work required varies from company to company. The overall scope depends mainly on the degree of existing processes, business software requirements, and the technical requirements of the local IT infrastructure. The transition phase helps you to correct the considerations for Exchange Hybrid operation that you made during planning.

After adjusting the processes and configurations, you move on to the operational phase for the Exchange Hybrid. The continuous development of Exchange Online and other Microsoft 365 workloads requires regular evaluation and configuration of the cloud services.

If you need to integrate another company into your Exchange Hybrid operation as part of a takeover, you start with a new transition phase. Integration or migration of an existing Exchange Organization affects not only the other company's Exchange environment but also your Exchange Hybrid configuration.

Enjoy Exchange Online and Modern Hybrid!

Further reading 

Exchange Hybrid and Office 365 Monitoring and Reporting

On-premises components, such as AD FS, PTA, and Exchange Hybrid are critical for Office 365 end user experience. In addition, something as trivial as expiring Exchange or AD FS certificates can certainly lead to unexpected outages. By proactively monitoring hybrid components, ENow gives you early warnings where hybrid components are reaching a critical state, or even for an upcoming expiring certificate. Knowing immediately when a problem happens, where the fault lies, and why the issue has occurred, ensures that any outages are detected and solved as quickly as possible.

Access your free 14-day trial of ENow’s Exchange Hybrid and Office 365 Monitoring and Reporting today!

Hybrid Configuration Wizard in Exchange 2013

New Hybrid Configuration Wizard features in Exchange 2013 CU5

Image of Michael Van Horenbeeck MVP, MCSM
Michael Van Horenbeeck MVP, MCSM

As mentioned in a prior blog post, Microsoft released Cumulative Update 5 (CU5) for Exchange 2013....

Read more
Hybrid Configurations Microsoft

Using the Hybrid Configuration Wizard

Image of AmyKelly Petruzzella
AmyKelly Petruzzella

By establishing a hybrid deployment, you can extend the feature-rich experience and administrative...

Read more