You can deploy ENS2 as a cloud-hosted service or host your own ENS instance an on-premises installation.
ENS2 deployment methods are explained in the following sections.
- Deploying ENS2 as a cloud-hosted service with Office 365 or on-premises Exchange
- Deploying ENS2 as a cloud-hosted service with Office 365 or on-premises Exchange with SEGv2 proxy
- Deploying on-premises ENS2 with Office 365 or Exchange in a single and multidata center
- Deploying on-premises ENS2 with SEGv2 as the EWS proxy for Office 365 or Exchange in a single and a multidata center
ENS2 on-premises deployments can be used with multiple email servers concurrently, including mixed-mode Exchange on-premises and Office 365 environments.
Deploying ENS2 as a Cloud-hosted Service with Office 365 or On-Premises Exchange
In this deployment scenario, ENS2 and Office 365 are in a cloud-hosted environment. To subscribe to ENS2 and get email notifications, the external devices such as iOS, Android, and so on, can access ENS2 and Office 365 through port 443.
In an on-premises Exchange setup, as shown in the following topology, to subscribe to ENS2 and get email notifications, the on-premises Exchange server can access ENS2 and Office 365 through port 443. ENS2 and the Exchange server interact with each other over port 443 through the EWS protocol.

Deploying ENS2 as a Cloud-hosted Service with Office 365 or On-Premises Exchange with SEGv2 Proxy
In this deployment scenario, ENS2 and Office 365 are in a cloud-hosted environment. To secure your organization's email infrastructure, you can configure ENS2 with the SEGv2. When an external device initiates a registration request to ENS2, ENS2 sends the request to SEG, and then the request is routed to the Office 365. Any email exchanges or push notifications are routed through the SEG proxy.

On an on-premises setup, all traffic from ENS2 to the Exchange is routed through the SEG v2. However, the Exchange server can directly interact with ENS2.
Deploying On-Premises ENS2 with Office 365 or Exchange in a Single and Multidata Center
In a single data center ENS2 deployment scenario, as shown in the following topology diagram, ENS2 is hosted on an on-premises network within the DMZ zone so that ENS2 is publicly accessible. External devices such as iOS, Android, and so on, have access to ENS2 through port 443 to subscribe to ENS2 and get email notifications.
ENS database server can be hosted on the on-premises network behind the internal firewall and ENS2 can communicate with ENS database through the internal firewall. ENS database server can be scaled vertically to upgrade the capacity of the existing ENS database server.

- ENS application servers can be scaled horizontally.
- ENS application servers can have any transparent proxy or load balancer in front of the application server.
- ENS database servers are scaled vertically and not load balanced.
- ENS database HA/DR is supported through SQLAlwaysON.
The following topology shows ENS2 deployed in a multidata center, where there might be more than one data center to support a failover. In every data center, for each instance of ENS, there is always a paired instance of ENS database and each ENS database can host their own data. In case, the data center 1 fails then the data center 2 becomes active to support failover scenarios.

- ENS application servers can be scaled horizontally
- ENS application servers can have any transparent proxy or load balancer in front of the application server
- ENS database servers are scaled vertically and not load balanced
- ENS database HA/DR is supported through SQLAlwaysON
Deploying On-Premises ENS2 with SEGv2 as the EWS Proxy for Office 365 or Exchange in a Single and a Multidata Center
In this deployment scenario, ENS2 is hosted on-premises and the SEG is installed in between the external devices and the on-premises Exchange. All the EWS traffic coming from the external devices must pass through the SEGv2 and then reach the on-premises Exchange. However, the on-premises Exchange can directly communicate with ENS2.

The following topology shows ENS2 deployed in a multidata center, where there might be more than one data center to support a failover. ENS2 is hosted on-premises and the SEG is installed in between the external devices and the on-premises Exchange. All the EWS traffic coming from the external devices must pass through the SEG and then reach the on-premises Exchange. However, the on-premises Exchange can directly communicate with ENS2. In every data center, for each instance of ENS2, there is always a paired instance of ENS database and each ENS database can host their own data. In case, data center 1 fails then the data center 2 becomes active to support failover scenarios.

- ENS application servers can be scaled horizontally
- ENS application servers can have any transparent proxy or load balancer in front of the application server
- ENS database servers are scaled vertically and not load balanced
- ENS database HA/DR is supported through SQLAlwaysON
Difference between ENS2 Cloud-hosted Deployment and ENS2 On-Premises Deployment
The following table describes the benefits and limitations of deploying ENS2 through a cloud-hosted service and an on-premises deployment.
ENS2 Cloud-hosted Deployment | ENS2 On-Premises Deployment |
---|---|
Benefits of deploying ENS2 through a cloud-hosted service:
|
Benefits of deploying ENS2 on-premises:
|
Limitations of deploying ENS2 through a cloud-hosted service:
|
Limitations of deploying ENS2 on-premises:
|