Tapping Fundamental Best Practices of Exchange Server
Maintaining your Exchange Servers with the recent updates is a vital best practice. Staying up to date with the new developments of any software product is usually a good idea, as it implies you’re getting the latest bug fixes, security updates, and functional compatibility with any integrated components.
Specifically, Exchange Server has the obvious reasons to stay up to date:
• Exchange Server 2013 and 2016 mainly adopt servicing model of “Cumulative Updates”, also Microsoft greatly supports the latest CU. Support backup for the N-1 CU runs out 3 months after the release of the updated one. Taking into consideration the cumulative updates are delivered quarterly, you can usually consider N-1 to be supported. In case you’re running N-2 or earlier, you will not be backed up and supported. However, there is an exception for Exchange 2013 CU4, known with the name Microsoft Exchange 2013 Service Pack 1, and continues to get security updates. But, it is well out of date in contexts of bug fixes, and shouldn’t be used.
• Exchange Server 2010 Service Pack 3 is the only particular service pack which is still supported, under extended support, till 14th January 2020.
• Further, the Exchange Server 2007 Service Pack 3 is the only service pack which is still supported, under extended support till 11th April 2017.
Further, in addition to the supported status of those Exchange versions, Office 365 Hybrid configurations expect you to maintain your on-premises servers to at least N-1.
The word “supported” implies different things in different scenarios, however, for the purposes of this article it implies:
• In case you call Microsoft with a problem, they will respond you with the request to reproduce the problem on a supported version of the product before they do anything else for you. This is obvious, as you might observe a bug that does not exist in the supported versions.
• When security updates are launched, then they are only released for supported versions of the product. Running unsupported versions increase the probability of risk due to un-patched security vulnerabilities.
Implementing updates do imbibe some risk. Microsoft has launched updates in the past which introduced new bugs, however, there is also the risk which something unique to your environment will cause an unexpected issue.
Your organization requires balancing the risks of updates with the rising probability of the risks of doing nothing. What strongly recommended is that one should definitely update, and mitigate the risks via a thorough process of testing, or by using highly available implementations that will not suffer an outage because of an update to a single server. In case the pace and risks of updates are too much for you, then, Office 365 can also be considered.