Ask the Expert

How enabling SSL for OWA affects bandwidth

We are in the process of allowing certain users to access their e-mail via Outlook Web Access from the Internet. I've read a lot of Microsoft's technical data, and just about anything that pertains to Outlook Web Access and security. Secure Sockets Layer (SSL) seems to be one of the best options. Can I run SSL on my Exchange 2000 server directly? (Let's assume I do not have a front-end server -- no money.) Will SSL wreak havoc on my bandwidth?

    Requires Free Membership to View

For security purposes, you have two choices -- run Secure Sockets Layer (SSL) or don't allow remote clients to connect to Outlook Web Access. Internet clients will most likely use Basic Authentication to connect to OWA. If you were to configure a front-end server, then Basic Authentication is the only authentication method supported on the front-end server for Outlook Web Access. You must use SSL to encrypt their usernames and passwords -- so my suggestion is, just do it.

Now, I may be preaching to the choir in your case, so let me answer your specific question. Will there be an increase in network traffic with SSL enabled? Yes. Will that saturate your bandwidth? That is hard to answer without knowing what your current bandwidth is.

What I can tell you, based on Microsoft's own performance testing, is that you will need 200% more processor power to handle the public key encryption (PKI) overhead. So, you will want to watch processor utilization carefully if you do enable SSL on your existing Exchange server. Again, enabling SSL is not an option in my opinion if you want to allow Internet users to connect.


Do you have comments on this Ask the Expert Q&A? Let us know.
Related information from SearchExchange.com:

  • Learning Guide: Exchange performance
  • SearchExchange.com Reference Center: Permissions and authentication


  • This was first published in November 2005

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: