The Client Access server (CAS) role is one of five server roles for Microsoft Exchange Server 2010. CAS is placed in a DMZ or perimeter network facing internet that means CAS configured with a public IP accessible to external network. There are six components of CAS. Components are Outlook Web App, Exchange ActiveSync client applications, Post Office Protocol version 3 (POP3), Internet Message Access Protocol (IMAP) version 4, the Availability service and Auto discover Service. The Client Access server role also provides access to free/busy data by using the Availability service and enables certain clients to download automatic configuration settings from the Auto discover service.
The Client Access server role accepts connections to Exchange server 2010 from software clients such as Microsoft Outlook Express, Microsoft office Outlook and Eudora use POP3 or IMAP4 connections to communicate with the Exchange HT server. Hardware clients such as mobile phones, use ActiveSync, POP3 or IMAP4 to communicate with the Exchange server. You must install the Client Access server (CAS) role in every Exchange organization and every Active Directory Domain site that has the Mailbox server (HT) role installed.
Operating System requirement is similar to other Exchange Server roles. CAS does not store any mailboxes. CAS acts as a media in-between clients and HT server. you don’t need big storage for CAS server but the following Windows Server 2008 features must be installed. Outlook web access is a secure https web access. Web certificate and computer certificates must be installed in CAS server. To configure Outlook Anywhere you need to buy a SSL certificate from third party vendor such as verisign or godaddy.
Once you finish installation and configuration of CAS role. You have to create Outlook web publishing rule in Forefront TMG 2010 or ISA server otherwise you will be blocked by Forefront TMG.