Microsoft Exchange 2000 Server is much more than an email server for LAN and Internet mail. Exchange 2000 also offers a fast, lightweight Web mail interface (Microsoft Outlook Web Access—OWA), and it comes with a wide range of collaboration capabilities (in addition to the optional Exchange 2000 Conferencing Server product). Exchange 2000 offers better scalability, robustness, security, and functionality than Exchange Server 5.5, but even Exchange 2000 doesn't do everything—a thriving market exists for third-party products that fill in the gaps that Exchange leaves.
This third-party market has evolved because although Microsoft is a huge company with top-notch developers, the company can't build products to meet every possible customer need. Even if it could, good reasons exist for not doing so. It's in the company's best interest to keep vendors happy by making Exchange a platform that third parties can extend and enhance. Thus, Exchange doesn't include some messaging functions, which means you must go shopping if you want these functions. The following overview summarizes some of the most important product categories and offers suggestions for choosing the right product for your needs.
Antivirus Products
Not long ago, antivirus products were a luxury—administrators who could afford antivirus products might buy them but more out of a desire for completeness than necessity. Certainly that situation has changed: Exchange administrators now realize the importance of effective server-based antivirus protection. But knowing how these products work and what they can and can't do is valuable information when you're choosing an antivirus solution.
Antivirus products use different methods to access stored messages, and each method has strengths and drawbacks:
Antivirus scanners can use the familiar Messaging API (MAPI) interface to log on to each mailbox during a scan or when a message arrives at a mailbox. This method works on all Exchange versions, but it's slow and can impose a significant load on the server if you want to scan all messages in an Exchange Store database. In addition, a MAPI scanner receives notification that a new message needs to be scanned at the same time the client receives notification that the new message is available. This simultaneous notification means that a user might open the message before the antivirus software scans it. Worse still, MAPI scanners can't scan outbound SMTP mail or scan messages that POP3, IMAP4, or OWA submit.
Microsoft has introduced an antivirus API (AVAPI) to give antivirus software vendors a faster (than MAPI), Microsoft-supported method to access messages and attachments. The initial version of AVAPI lacked some important features that vendors need; the current versions (version 2.5 for Exchange Server 2003 and version 2.0 for Exchange 2000) let external products perform scheduled or on-demand scans of messages submitted to the Store for processing and delivery.
Some intrepid vendors (notably Sybari Software) reverse-engineered the Extensible Storage Engine (ESE) interfaces that Exchange uses internally so that the vendors' antivirus products have unfettered access to the Store's contents without the performance overhead that MAPI requires. Microsoft cautions that changes to the ese.dll code can break antivirus scanners that use this approach. In addition, the Microsoft article "XADM: Exchange and Antivirus Software" (http://support.microsoft.com/?
kbid=328841) says that when you use such products, you "run the risk of database damage and data loss if there are errors in the implementation of the software." If you call Microsoft Product Support Services (PSS) for help troubleshooting an Exchange problem, PSS will likely ask you to turn off this type of antivirus scanner as part of the troubleshooting process. This precaution is understandable, but in all fairness to Sybari, its product has been remarkably stable and problem-free in the field, and, until Microsoft released AVAPI 2.0, Sybari provided the best set of scanning features. Sybari's products now support AVAPI, so those users who are worried by Microsoft's stance can do without the ESE-access layer.
Most antivirus products use a combination of access methods, which is a good strategy because it offers more flexibility. For example, AVAPI does a good job of scanning messages before email client software tries to open them, but it doesn't work as well for scheduled or manually initiated scans that look for old viruses or messages that weren't previously scanned. ESE-based scanners perform scheduled and manual scans better than AVAPI does, and even MAPI has its uses.
To effectively evaluate antivirus products, you need to decide which areas you want to protect. Exchange-based products protect your stored mail and might be able to scan the Exchange server for viruses, but they don't protect your desktops. You can buy licenses for antivirus client software and install it on each desktop. You can augment Exchange- and desktop-based protection by implementing a perimeter-based virus scanner that checks inbound and outbound messages for viruses.
During his first-ever Consumer Electronics Show (CES) 2009 keynote address last night in Las Vegas, Microsoft CEO Steve Ballmer announced the pending public availability of a feature-complete Windows 7, the final version of Windows Live Essentials, and ...
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
Order Your Fundamentals CD Today! Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Microsoft Learning Snack - Virtualization Basics With virtualization, computing components essentially become on-demand services, freeing each element of a system from the others. This short video explains the needs, benefits, and technologies behind virtualization.
Empower Your Processes with PowerShell 201 Paul Robichaux delves deep into PowerShell how-tos in 3 informative lessons, each followed by live Q&A—all on your own computer! Register today!
Microsoft Learning Snack - Green IT Through Virtualization Many organizations face rising operating costs caused by excessive energy consumption. Virtualization and "Green IT" can help cut these costs. Get the information you need to bring Green IT savings to your business.
New Release: Windows IT Pro Master CD 13 years of content archives, fast answers with advanced search tools, and full access to WindowsITPro.com—order today!
Previous
Register
