ENS2 Deployment Options

You can deploy ENS2 as a cloud-hosted service or host your own ENS instance an on-premises installation.

ENS2 deployment methods are explained in the following sections.

Deploying ENS2 as a cloud-hosted service with Office 365 or on-premises Exchange
Deploying ENS2 as a cloud-hosted service with Office 365 or on-premises Exchange with SEGv2 proxy
Deploying on-premises ENS2 with Office 365 or Exchange in a single and multidata center
Deploying on-premises ENS2 with SEGv2 as the EWS proxy for Office 365 or Exchange in a single and a multidata center

Note: Deploy ENS2 as a cloud-hosted service with Office 365 unless there is a requirement to deploy on-premises ENS2 with Office 365 or Exchange in a single and multidata center or deploy on-premises ENS2 with SEGv2 as the EWS proxy for Office 365 or Exchange in a single and a multidata center.

ENS2 on-premises deployments can be used with multiple email servers concurrently, including mixed-mode Exchange on-premises and Office 365 environments.

Deploying ENS2 as a Cloud-hosted Service with Office 365 or On-Premises Exchange

In this deployment scenario, ENS2 and Office 365 are in a cloud-hosted environment. To subscribe to ENS2 and get email notifications, the external devices such as iOS, Android, and so on, can access ENS2 and Office 365 through port 443.

In an on-premises Exchange setup, as shown in the following topology, to subscribe to ENS2 and get email notifications, the on-premises Exchange server can access ENS2 and Office 365 through port 443. ENS2 and the Exchange server interact with each other over port 443 through the EWS protocol.

Deploying ENS2 as a Cloud-hosted Service with Office 365 or On-Premises Exchange with SEGv2 Proxy

In this deployment scenario, ENS2 and Office 365 are in a cloud-hosted environment. To secure your organization's email infrastructure, you can configure ENS2 with the SEGv2. When an external device initiates a registration request to ENS2, ENS2 sends the request to SEG, and then the request is routed to the Office 365. Any email exchanges or push notifications are routed through the SEG proxy.

On an on-premises setup, all traffic from ENS2 to the Exchange is routed through the SEG v2. However, the Exchange server can directly interact with ENS2.

Deploying On-Premises ENS2 with Office 365 or Exchange in a Single and Multidata Center

In a single data center ENS2 deployment scenario, as shown in the following topology diagram, ENS2 is hosted on an on-premises network within the DMZ zone so that ENS2 is publicly accessible. External devices such as iOS, Android, and so on, have access to ENS2 through port 443 to subscribe to ENS2 and get email notifications.

ENS database server can be hosted on the on-premises network behind the internal firewall and ENS2 can communicate with ENS database through the internal firewall. ENS database server can be scaled vertically to upgrade the capacity of the existing ENS database server.

Note:

ENS application servers can be scaled horizontally.
ENS application servers can have any transparent proxy or load balancer in front of the application server.
ENS database servers are scaled vertically and not load balanced.
ENS database HA/DR is supported through SQLAlwaysON.

The following topology shows ENS2 deployed in a multidata center, where there might be more than one data center to support a failover. In every data center, for each instance of ENS, there is always a paired instance of ENS database and each ENS database can host their own data. In case, the data center 1 fails then the data center 2 becomes active to support failover scenarios.

On-Premises ENS2 with Office 365 or Exchange in a multidata center

Note:

ENS application servers can be scaled horizontally
ENS application servers can have any transparent proxy or load balancer in front of the application server
ENS database servers are scaled vertically and not load balanced
ENS database HA/DR is supported through SQLAlwaysON

Deploying On-Premises ENS2 with SEGv2 as the EWS Proxy for Office 365 or Exchange in a Single and a Multidata Center

In this deployment scenario, ENS2 is hosted on-premises and the SEG is installed in between the external devices and the on-premises Exchange. All the EWS traffic coming from the external devices must pass through the SEGv2 and then reach the on-premises Exchange. However, the on-premises Exchange can directly communicate with ENS2.

On-Premises ENS2 with SEGv2 as the EWS proxy for Office 365 or Exchange in a single data center

The following topology shows ENS2 deployed in a multidata center, where there might be more than one data center to support a failover. ENS2 is hosted on-premises and the SEG is installed in between the external devices and the on-premises Exchange. All the EWS traffic coming from the external devices must pass through the SEG and then reach the on-premises Exchange. However, the on-premises Exchange can directly communicate with ENS2. In every data center, for each instance of ENS2, there is always a paired instance of ENS database and each ENS database can host their own data. In case, data center 1 fails then the data center 2 becomes active to support failover scenarios.

On-Premises ENS2 with SEGv2 as the EWS proxy for Office 365 or Exchange in a multi data center

Note:

ENS application servers can be scaled horizontally
ENS application servers can have any transparent proxy or load balancer in front of the application server
ENS database servers are scaled vertically and not load balanced
ENS database HA/DR is supported through SQLAlwaysON

Difference between ENS2 Cloud-hosted Deployment and ENS2 On-Premises Deployment

The following table describes the benefits and limitations of deploying ENS2 through a cloud-hosted service and an on-premises deployment.

ENS2 Cloud-hosted Deployment	ENS2 On-Premises Deployment
Benefits of deploying ENS2 through a cloud-hosted service: Easiest method of deployment as no infrastructure or maintenance is required. Easily scalable as you can automatically scale up to meet the increasing demands of the user. ENS2 supports the Office 365 cloud strategy deployments.	Benefits of deploying ENS2 on-premises: Controls the upgrade cadence and can be deployed to the DMZ without exposing the Exchange Web Services (EWS).
Limitations of deploying ENS2 through a cloud-hosted service: ENS2 requires an internet-facing or proxied EWS endpoint (can be restricted to IP ranges) and the email data flows outside the organization network.	Limitations of deploying ENS2 on-premises: Requires additional manual installation and maintenance of ENS2 and the CNS components. Requires periodic updates to stay updated. Environment scaling requires additional setup and maintenance. High availability requires additional installation and manual resource allocation. Requires additional licensing (Microsoft Windows Server and Microsoft SQL Server) and hardware.

ENS2 Cloud-hosted Deployment

ENS2 On-Premises Deployment

Benefits of deploying ENS2 through a cloud-hosted service:

Easiest method of deployment as no infrastructure or maintenance is required.
Easily scalable as you can automatically scale up to meet the increasing demands of the user.
ENS2 supports the Office 365 cloud strategy deployments.

Benefits of deploying ENS2 on-premises:

Controls the upgrade cadence and can be deployed to the DMZ without exposing the Exchange Web Services (EWS).

Limitations of deploying ENS2 through a cloud-hosted service:

ENS2 requires an internet-facing or proxied EWS endpoint (can be restricted to IP ranges) and the email data flows outside the organization network.

Limitations of deploying ENS2 on-premises:

Requires additional manual installation and maintenance of ENS2 and the CNS components.
Requires periodic updates to stay updated.
Environment scaling requires additional setup and maintenance.
High availability requires additional installation and manual resource allocation.
Requires additional licensing (Microsoft Windows Server and Microsoft SQL Server) and hardware.