Overview

Revision as of 15:48, 23 December 2022 by Ltalaschus (talk | contribs) (→‎Multi Server Mode)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


Architecture

MailStore Service Provider Edition's architecture consists of the following three components:

  • Management Server
  • Instance Host
  • Client Access Server

As the name already points out the Management Server is used to manage and monitor all components of the MailStore Service Provider Edition centrally.

Instance Hosts are responsible for operation of the archive instances, whereby the number of possible instances is practically unlimited if there are enough Instance Hosts. Instances directly access email server for archiving and directory services for synchronizing and authenticating users.

End customers can access their own archive instances through a Client Access Server. By using multiple client access servers load-balancing as well as security concepts can be implemented effectively.

The graphic below provides an overview of the whole MailStore Service Provider Edition architecture with all its components and communication channels.

Msce overview architecture.png

Scenarios

Due to its modular design MailStore Service Provider Edition is suitable for implementing virtually any imaginable scenario.

Smaller service provider with a limited number of customers are able to provide hosted email archiving on just one physical or virtual server by setting up MailStore Service Provider Edition in single server mode, whereas service providers with a large number of customers will find a scalable solution by setting up MailStore Service Provider Edition in multi server mode.

No matter how MailStore Service Provider Edition was initially set up, it is always possible to change modes by adding or removing Instance Hosts and Client Access Servers.

Find further information about three typical setups in the following.

Single Server Mode

The simplest way to setup MailStore Service Provider Edition is a single server mode setup. In that type of setup the Management Server, Instance Host and Client Access Server roles are installed on a single virtual or physical server as shown in the graphic below.

Msce overview single server 01.png

This setup is suitable for smaller service providers with a limited number of customers and end users. If the number of customers increases or the server no longer has enough available resources, further Instance Host and Client Access Server can be added at any time, which will change the setup over to a typical multi server mode setup as described below.

Multi Server Mode

In opposite to a single server mode setup the different roles are distributed among several servers. This allows to achieve a scalable and highly available setup of MailStore Service Provider Edition.

Msce overview multi server 01.png

For accessing instances it does not matter to which Client Access Server a user connects. Upon each new incoming connection the Client Access Server requests information about the Instance Host on which the user's instance is running from the the Management Server.

If there will be multiple Client Access Servers (CAS) and a load balancer is installed in front of these CAS, the load balancer must be configured in such a way that a user's sessions terminate on the same CAS (sticky sessions).

Virtual Private Clouds

In environments where each customer is provided a protected private network and servers (often referred to as virtual private cloud), MailStore Service Provider Edition copes well with the higher security requirements.

Due to the fact that each MailStore component is fully trusted once it is paired with the Management Server, it is important to keep in mind that the security of the whole MailStore infrastructure also depends on who has administrative rights on the servers' operating system.

The following two options provide solutions for both scenarios where the service provider is solely the administrator (Central Management Server) and where customers have full administrative access to the servers' operating system in their virtual private cloud (Dedicated Management Servers).

Central Management Server

If the service provider is the only one who has administrative access, a central management server can be used to centrally administrate the Instance Hosts and Client Access Servers.

Msce overview private cloud 01.png

By setting up a dedicated Instance Host and Client Access Server in each customer's virtual private cloud and preventing communication with Instance Hosts and Client Access Server of other virtual private clouds, it is not possible to access instances running on others than the customer's own Instance Host.

Dedicated Management Servers

In case customers have administrative access to the operating system of servers where MailStore Service Provider Edition components are installed on, it is highly recommended to not interconnect these components through a central management server for security reasons. Instead each customer is provided his own, fully independent MailStore Service Provider Edition environment as shown below.

Msce overview private cloud 02.png

Please contact us for multiple activation keys for the management servers.