What is a Co-existence solution?
A Co-existence solution, as the name suggests, is a solution where 2 or more mailing systems work seamlessly together to provide a common/ shared address space (email domain name like acmecorp.com), a centralized directory for authentication and personal properties of entities (users, groups), and common contacts of all mailing systems to all users.
Such a solution allows the organization to host separate groups of users on different systems depending on their usage requirements. E.g. in an organization with 1000 users, a typical co-existence between Connect Xf and MS Exchange will allow the organization to host 100 users on MS Exchange and 900 on Connect Xf, sharing a common domain name in their email ids, and with seamless mail flow between the users of both systems.
The main reasons to deploy multiple Email solutions as a hybrid are:
- Your critical requirements are not met entirely by one solution, but the benefits offered by that solution cannot be ignored either. E.g. some of the key management people, who are using MS Outlook and Blackberry smartphones, wish to have a seamless anytime, anywhere, any-device access to their email and calendar. This basically means their mailbox, address books and calendar should synchronize between the server, MS Outlook and Blackberry (over a BES server) which is only available via proprietary solutions like MS Exchange or Lotus Notes. The Blackberry Enterprise Server (BES) and MS Outlook are both proprietary, closed-source products, and hence do not readily integrate with an open-source email server software. BES does not support open standards like CalDAV for calendar or LDAP for address book sync, and will only work with the supported proprietary solutions.
- You wish to take a phased approach to migrate from one solution to another and in the interim, to keep disruptions minimum and the transition smooth, you would like to maintain a hybrid solution.
But why shouldn’t I standardize a single proprietary Email Solution across the organization?
This option would ensure that the key management people will get access to features/ functionalities like Email, Address Book and Calendar sync across access devices (mainly Blackberry).
However, the flip side of this is the huge investment required in deploying proprietary Email solutions. Closed and proprietary systems like MS Exchange might require a costly overhaul of an existing hardware/ infrastructure setup along with the latest version of the software. Even a back-of-the-envelope estimation of the fully loaded cost of email, factoring in costs of hardware, server software, client software, spam protection, staff, maintenance, storage, archiving, mobile email, and financing, can throw up an astoundingly high figure [Forrester].
Empirical research shows that the investment required for deploying a proprietary Email solution in a centralized, high-availability setup for organizations can be between 10-15 times (1000-1500%) of the investment required for a comparable Email and Collaboration solution based on Open Source platform.
Question to be asked here is whether the incremental benefits offered by the proprietary Email solution over a comparable Open Source based Email Solution would outweigh (or even rationalize) the huge investments required in implementing a full-scale proprietary Email solution? This question is all the more relevant in the present economic situation, which demands that CXOs take a hard look at their Email & Collaboration infrastructure and look for ways in which they can bring down the cost substantially without compromising on business benefits.
A case for Co-existence
So what is the best way forward?
To analyze the costs of providing email in a way that reveals where costs can be controlled, it’s important to segment your employees based on what they actually need in an email and collaboration application.
Typically in any organization, while the top executives would require a fully loaded email solution with Blackberry & Outlook sync, the other users would need most of the basic email and collaboration features minus the frills.
This presents a strong case for a hybrid setup comprising of a proprietary Email solution like MS Exchange and an open source solution, with a few key users being hosted on MS Exchange and the rest to be hosted on the open source solution.
A hybrid email setup serves three critical purposes:
- It provides the critical features/ functionalities required by the top management in a way they would want.
- It also enables the organization to save big time on the overall infrastructure, management and upgrade costs, by ensuring that a majority of the users remain on a low-cost, resource-efficient system.
- It brings in value from the open world, which gives the business an IT edge, like archival, commodity mobility, access to free clients and applications like Thunderbird, Jabber chat clients etc. E.g. With open technologies, you could use any Android based phone/ pad/ tab, iPhone, iPad, to get seamless access to email, calendar, chat, and address book, while on the move. A possibility like this allows the field force to be more connected to each other and not just the top management.
Can Mithi offer a solution?
Mithi proposes the following solution.
- Identify which of the current users in your organization would need functionalities like Blackberry & Outlook sync.
- Divide the users amongst the two solutions. Mithi Connect Xf would seamlessly integrate and co-exist with the proprietary Email solution like, MS Exchange on the same domain, offering single-point user management, common address book, single-point authentication (on ADS) etc. In fact, that’s one of key distinguishing factors of Mithi Connect Xf as compared to other open source based mailing solutions.
Besides lowering the total cost of ownership (TCO) of the email system tremendously with no compromise on the critical mail-messaging features and functionalities, Mithi Connect Xf also offers better built-in security, better manageability and better scalability, rich and free clients to access the applications, while ensuring lesser resources are required
Is Co-existence an accepted industry practice? Which customers are already using Mithi Connect Xf in co-existence with MS Exchange?
Aditya Birla Group, Aegon Religare Life Insurance, Aditya Birla Minacs BPO etc. are some of Mithi’s customers who have deployed Mithi Connect Xf alongside MS Exchange to reap these benefits. The Aegon Religare case study is enclosed for your reference. Incidentally, this has been featured by CIO Magazine under Business Leadership as one of 10 best business idea implementations driving cost benefit to business.
In the words of Mr. Srinivasan Iyengar, CIO, Aegon Religare Life Insurance:
“The implementation of Mithi Connect XD at Aegon Religare resulted in impressive savings of between 40 and 50 percent. The results are way beyond our expectations. Which is why I don’t see the reason why more organizations won’t follow this approach given that mailboxes are a commodity. By default you don’t expect much from a mailbox. Unlike an app you don’t wonder what business value it can offer or the sort of revenue it can generate. It’s just a mailbox.
The Open Source solution is also scalable. We have tested this system for up to 20,000 users. And I don’t have to deal with sophisticated or high-end servers. Mithi’s solution has also been routinely taken through a stringent third-party security audit by the Aegon Religare IT team, and has come out with flying colours every-time.”
Encouraged by the savings with Connect XD, Aegon Religare has recently migrated more than 1000 users from Outlook to Thunderbird to further consolidate the cost gains.
Thunderbird, what’s that?
Mozilla Thunderbird is a free open source POP and IMAP email client developed by Mozilla.org, the same folks who brought you Firefox. Feature-wise it is comparable to MS Outlook with very similar interface, which means that switch-over from MS Outlook to Thunderbird can be smooth. Even the data migration from MS Outlook (PST) to Thunderbird is hassle-free and can be done by the users without much intervention by the IT team.
Some of the key differentiating features of Thunderbird include:
- Built-in spam filtering and RSS reader
- Message color coding
- Fast and intuitive (as-you-type) email search
- Anti-phishing measures
- Spell check as you type
- Kerberos authentication
- The ability to view your mail in conversational threads
- Views, tags, filters and smart folders help you manage your mail better
- Searches can be saved to virtual folders that automatically aggregate relevant mail
- S/MIME support lets you encrypt and sign mail in Mozilla Thunderbird
- Calendar, browser, organizer and many more plug-ins/extensions to enrich your experience
- Thunderbird email files can be indexed by the Google, Yahoo! and Copernic desktop search programs
On top of this, Thunderbird is more secure and robust than other proprietary Desktop Email solution, and can easily handle large mailboxes. Both Mithi Connect Xf and Thunderbird, being based on same open standards, work perfectly together and allow seamless access and synchronization for mail, calendar, address books etc. A special Thunderbird plugin by Mithi, allows the users to control some of their key properties from the client itself (e.g. password, quota, etc)
So how would Mithi’s solution work?
Mithi will set up the solution as follows (this is a sample setup for a 1000 user Endeavour Email setup):
- Mithi will install and configure the following servers in local data center
- Mail Routing Server
- Hot standby server for the Mail Routing server (Optional)
- Mailbox Server
- Hot standby server for the Mailbox server
- Compliance Archive server
- Mithi will set up the co-existence and directory connectors to integrate with MS Exchange
- Mithi users would connect to the designated Mithi mailbox server and send and receive mail using any email client
- Exchange users would connect to their designated Exchange server to send and receive mail using MS Outlook.
- Mithi Connect XF will deliver mail locally for all Mithi users
- Mithi will then configure the archival server and the Hot standby server
Components/ Functions and Mailflow
|Component||Description of role it plays in the setup|
|Connect Xf Mail Routing Server||The Mail Routing Server will be the landing server for all mails on the designated domains from the Internet via the Firewall/Security Applicance. It will also be configured to deliver outgoing mail from the domains to Internet (via the Firewall/Security Applicance). It will be configured to archive the incoming and outgoing mails of the designated users onto the Archival server. It will also host the mail policies.The mails for all the users on MS Exchange as well as Mithi Connect Xf will land from the Internet via the Firewall/Security Appliance service on to the Mail Routing Server. After scanning the mails for mail policies, the mails will be relayed to the respective Mail Servers (MS Exchange / Mithi Connect Xf) , where they will be delivered in to the respective mailboxes.Similarly, all outgoing mails (internal as well as external) from all users on Exchange the mails and Mithi Connect Xf will be routed via the Mail Routing Server.|
|DR for Mail Routing Server (optional)||This is configured in Active-Active mode with the Primary routing server.|
|Connect Xf Mail Server||This server will be configured to receive mail for the Connect Xf users from the Mail Routing Server and deliver them into the respective mailboxes. It will provide the SMTP, POP, IMAP and HTTP services to the user.
Mail policies would be enabled to control mail flow.
|Disaster Recovery/ Hot Standby for Mail Server||This is a passive standby to the Mail server, and syncs data in real time. The switch over from the Primary to the DR server is automatic in case of a network or hardware failure on the Primary server.A separate Mithi Connect Server would be configured as a Disaster Recovery Server in a hot standby (HSB) mode for the Mail Server. Data would be synchronized between the two servers. In case of any downtime to the Mail Server, users would access the HSB Server. This would ensure minimum downtime. The mailstore would be replicated periodically (once or twice a day as appropriate). In case of a primary failure, a restore would need be done from the Primary system backup, and the switchover would be an automatic process|
|Compliance Archival server||A separate Mithi Connect Xf server would be configured as an Archival server. A copy of all incoming as well as outgoing (internal as well as external) mails for the designated users will be forwarded by the Mail Routing Server to the Archival server. The archiving will happen through this server onto a separate partition on a shared storage or on the local storage. Compliance Archive server will be deployed, which will receive all mail sent/received by all the users. A single interface will be available through which the selected management or administration staff can search for mail.Note: In a multiple domain setup, all mail for users of all domain will be deposited into the same archival system. When a manager or administrator searches for mail through the Archive search interface, he can view mail of any domain. There is no provision to restrict rights to specific users to search through mail only of their specific domain.
Note: If it is required to have the Compliance Archival server in a separate location, this can be easily done by routing all archive mail traffic to the server at this location. You may want to do this to secure the archive data to another location.
|Backup||We recommend a scheduled once a day full/incremental backup of the system using a third party backup solution. The backup data to be taken on another server/medium for redundancy. Please note that this will have to be in place before we go live.Note: Do this for all servers|
|Authentication||Users are authenticated with the local directoryIf the system is integrated with an external directory server like MS ADS or RHDS, users are directly authenticated with this directory server. This means that the password change operation is done only on the external directory and passwords are not synced to the Mithi directory.Note: There is an option to specify separate authentication servers for each user if required.|
|Access by end users||There are a variety of desktop clients available such as Outlook Express, Outlook, Thunderbird etc. Either of these can be configured to access the mailboxes over IMAP/POP/SMTP.
Calendar access is possible via Baya (Web client) or any CalDAV compliant client like Thunderbird, iPhone, Android phones.Chat can be accessed using free desktop jabber clients like pidgin, exodus, etc. The same can be accessed from the iPhones and Android phones. Address book can be accessed using LDAP from the desktop clients, mobilie clients (supporting LDAP like iPhone, Android, etc)The users may also access their Mail, Calendar, Address books via the integrated Baya Web client using a compatible browser over HTTP.Some of these clients are free and some are paid.
|Provisioning of entities & Address Books||User creation/deletion is performed on the directory/administration server of Connect Xf Mail Server.The users use the GAB (Global Address Book) from Connect XF to access all the contacts in the system. The GAB is populated with the directory of the local domain users and external contacts.In a co-existence setup (shared SMTP address space or split domain), the user provisioning is done on both the systems separately with no automatic connector between the two.The personal properties of users in the global address books however can be synchronised automatically using a periodic sync connector. This will populate the global address books of the domains on the Mithi server from the external directory server.
Exchange users see the entire list of users (including Mithi users and Exchange users) in their GAL, while Connect Xf also sees the entire list of users.
Benefits of Mithi’s proposed solution
- Real-time replication of directories, address books, configurations, mail-store etc. across the Mail and DR servers
- Negligible Downtime (Instant switch-over)
- Architecture based on commodity components and OS editions. No need for expensive clustering software and tools.
- Clean, fast mail flow
- Ability to handle heavy mail traffic efficiently
- Hassle-free management of users, domains and data (mailstore, directories etc.)
- Access to advanced features like shared Calendar, Intelligent Search, Email-to-SMS, Automatic Backup, Archival etc.
- Low licensing costs
- Low infrastructure costs – enhanced availability setup with just two servers
- Low deployment costs
- Low maintenance costs
- Low migration costs
Seamless Integration with MS Exchange setup
- Seamless integration with MS Exchange setup for mail flow and address book synchronization
- Both Exchange and Mithi users will have access to consolidated global address book across the domain
- Same setup is scalable to accommodate multiple domains and large no. of (external) users
So what is not possible with the Co-existence
The solution offers seamless connectivity in
- Address Books
- Authentication (single password)
And due to the inherent proprietary nature of the following, it is not possible to synchronize them across the two systems
- Calendar (means an Exchange user cannot share his calendar with a Mithi user)
- Chat (means an Exchange user cannot chat with a Mithi user with the same identity)
- Blackberry sync of Calendar, contacts and chat (which is inherent to BES supported only by Exchange and Lotus Notes)
Can we have a co-existence solution working across the Internet, i.e. my Exchange server is in premise, and I take up Mithi’s hosted email service for the remaining users?
Essentially in a hybrid setup, the Exchange server, MSADS server and the Mithi servers connect to each other over standard protocols over the LAN. If we are to set this up such that the Exchange and MS ADS servers are in premise, while the Mithi service is hosted at an ISP, all communication between the two systems will happen over the Internet. While this is not much of a problem for mail flow (performance), it is not recommended for integrating with the MS ADS over the Internet, since authentication requests from the Mithi server to the MS ADS are very large in number and very frequent (for every service running on the Mithi server) and would slow down user response.
This implies that we possibly could look at setting this up, but with local authentication. This means that Mithi users will have a local password, which may or may not be the same as their ADS password (won’t be in sync).
Additionally the address books will also have to be managed manually (every time an employee joins or leaves the organisation)
Read more about External Directory Integration