[Sussex] Semi useless info

Jon Fautley jon at geekpeople.net
Mon Jun 7 12:56:58 UTC 2004


Mark Harrison wrote:
> It's a very OLD number.

Ah, fair enough :)

> OWA has improved substantially recently. The only major performance hit is
> if you try to use SSL certificates directly against the server (which is why
> my clients use Apache as an SSL -> HTTP bridgehead.) Yes, Apache works very
> well with Exchange - rather better than flipping ISA server does :-)

Surely that still means that you're sending sensitive info over the wire 
though? Or does apache+OWA run on the same machine?

> The main problem with OWA these days is that if the process DOES crash, then
> Exchange is a bit monolithic, and it often brings down the whole server. In
> the typical MS installation where 90% of users run a MAPI client, then this
> has the potential for much user dissatisfaction :-(

Ouch! ISTR (Again, could be old stats) that that's pretty much the 
standard mode of operation for all microsoft internet services - if one 
process crashes, the whole box dies. If memory serves, if you run CGI 
pages on an IIS server in a totally seperate memory space (i.e. so if 
the script goes mental, it doesn't screw the whole box over) then you 
suffer a MAJOR performance hit, hence IIS (5 iirc) runs CGI scripts in 
the same memory space as the server processes, so if a script decides to 
go postal, it kills the server?


But don't worry, Microsoft Windows is the industry standard, and it's 
perfectly adequate to run businesses on! :)

> Hence it's best practice to run OWA on a separate machine from the Exchange
> server.

S'fair enough. It's generally good practise to keep as many services as 
seperate as possible, so if one service is compromised, then the cracker 
doesn't gain complete access to your email/contacts/files/webpages/etc

Jon




More information about the Sussex mailing list