Current environment consists of exchange 2016 CU21 in hybrid setup. Operating system on server is windows 2012 r2
Is it recommended to enable HSTS on exchange 2016 servers
Ref : https://docs.microsoft.com/en-us/answers/questions/334626/enable-http-strict-transport-security-hsts...
If you are running Windows Server 2016, open the Internet Information Services (IIS) Manager and click on the website. Double click HTTP Response Headers and add in a new header named "Strict-Transport-Security" The recommend value is "max-age=31536000; includeSubDomains