Exchange Server 2010: Microsoft Explains It All

Exchange Server 2010 is all about new levels of control. The Transport Protection Rules system enables administrators to designate the extent to which the recipient of a message can utilize its contents. The dreaded Access Control List has been replaced with something better, and the archiving process can be completed in the background.

T he biggest change to Microsoft (Nasdaq: MSFT) Exchange Server 2007 was supposed to have been the introduction of something called “Unified Communications” — the introduction of a singular console for the handling of all forms of digital communication, wrapping voice mail, instant messaging, and email into a single delivery system. History may yet vindicate UC as the product’s singular achievement.

However, in the near term, administrators credit Exchange more for what it gives them than the world at large. In that light, the inclusion of PowerShell as not only the underlying language of the system but as its engine as well, changed everything for the admin. It may very well be why the product has surged to a two-thirds market share, by some estimates, over once formidable competition such as Lotus Notes.

Short Functionality Gap

So learning a lesson from history, the message from Microsoft with regard to Exchange Server 2010, which went on sale last week, is about new levels of control. The idea that email, or any kind of communication, once sent unto the vast Internet is out of the sender’s hands — like a paper sailboat launched from a river pier — is what the Exchange team has been working to combat. During a beta program which Microsoft says involved dozens of universities, signing up some 10 million participants worldwide, the company has completed development of a browser-based endpoint for ES 2010-delivered email that is not only more manageable than Outlook 2007, but that has beaten Outlook 2010 — the product it’s supposed to be derived from — to market by perhaps eight months.

What that means is, hopefully for a short time only, there will be a functionality gap between what the new Outlook Web App — hosted by ES 2010 — can deliver compared to what Outlook 2007 provides. If Julia White, Microsoft’s marketing Download Free eBook - The Edge of Success: 9 Building Blocks to Double Your Sales director for Exchange, has anything to say about it, that gap will be shorter rather than longer, but it’s not unnoticed.

White spoke with Betanews from Berlin, where she had just completed a TechEd Europe demonstration along with Corporate Vice President Stephen Elop. “Obviously Outlook Web Apps comes with Exchange, so they can use that today; when Outlook 2010 comes out, they can use that,” said White, “and we are absolutely planning support for Outlook 2007 in the roadmap here. So it’s on the agenda, and we will actually be getting to it.”

Much of what Exchange 2010 will deliver absolutely depends on this upgrade to Outlook 2007, as you’ll see. We asked White for her take on what she would consider the top three enhancements to administrator functionality in ES 2010.

#3: Transport Protection Rules

Number three on this list is the Transport Protection Rules system. It enables the administrator to designate the extent to which the recipient of a message can utilize its contents, based upon rules that enable Exchange to analyze the content itself. “In the demo this morning, I set a Transport Protection Rule based on a keyword. But actually another aspect of that is, those rules can be set based on the sender, the recipient, or even contents of an attachment,” White told Betanews.

“Any of those things can be triggered; and having the ability to centrally decide what gets encrypted and what doesn’t, is a really powerful tool. With end users, it’s hard for them to keep up with corporate policy, pay attention to it, or know about it. So oftentimes it’s unintended, versus intended, when information isn’t protected. Having that essentially managed brings peace of mind, for the users as well as the IT pros.”

The ability to analyze an attachment takes place on a granular level, White told us. If a PowerPoint presentation, for example, were to contain the words “Microsoft Confidential,” that fact alone would trigger a rule that automatically encrypts the message outgoing, and that restricts the recipient from being able to pass it on.

#2: Role-Based Access Control

One of the least loved features of Exchange, or anything Microsoft has ever done, disappears in ES 2010: The Access Control List is a Registry-based system for designating which identified and authenticated user had permissions to control specific objects. It has often been a ridiculous concept that starts one off with the assumption that everyone has rights to everything, and that ACLs provide the exceptions.

Exchange Server 2010 replaces this entirely with a concept that is much more rooted in Active Directory. Now, the administrator starts off in a universe where nothing is allowed until groups of users are added into the pool of permissions. Those groups that are added in are called “management role groups,” with the concept being that a predefined set of roles exist (a concept made popular by Windows Server 2008), and that groups of users or individual users are delegated those roles.

Julia White demonstrated how Role-Based Access Control enabled an otherwise unprivileged user to search for emails through multiple mailboxes on the company’s behalf (in this case, Microsoft’s usual fictitious firm, Contoso). Her system was delegated a role that let her perform the search, without having to delegate other responsibilities and privileges of a much higher administrative order. “A compliance officer might get that level of capability,” White explained to us, “but a help desk might have the rights to increase mail box quota size. Maybe HR would be given the ability to update contact information on behalf of employees. Extending all the way down to end users, even that same roles-based administration capability — end users can now create and manage their own distribution groups within Exchange. That no longer requires a call to the IT pro … usually that’s a lot of overhead.”

#1: Integrated Archiving

During the late 1980s and into the ’90s, Microsoft liked to centralize things, thinking that if everything were in one big pile — as Arlo Guthrie put it — that would beat two or more little ones. The System Registry is, and remains, one big pile. Another — which can stink just as bad — is the .PST file, the single personal folder file that is created on the client side by Outlook.

It is every Outlook user’s nightmare, especially since Office buries this file typically in a black hole within a hidden directory inside each user’s Documents folder. For individuals who receive hundreds of thousands of emails per year (I’m on that list, believe me), the archiving process has cost users many a weekend.

With Exchange Server 2010, Microsoft marketing director Julia White told Betanews, is the ability to perform this process completely in the background. However, in addition, the archived items remain indexed and available, still listed as part of “Personal Folder” but stored separately.

“Today, the vast majority of email actually sits on the local hard drive on those .PST files,” White remarked. The end users love it because they can file as much as they want in there, and they have access to it when they’re on their PC. But from an administrator’s perspective, they don’t like them because they’re very expensive to discover, they get lost, they get corrupted, it’s a liability and a lot of overhead for the IT organization.

“So with integrated archiving … it doesn’t have any change to the end user experience,” she continued. “That Personal Folder appears, but the archive shows up and it looks just the same, it’s another folder in your file directory, it looks like a secondary Inbox…The benefit is, it’s all sitting on Exchange, so it’s not going to get corrupted or lost. It’s very easy to discover — that time comes down dramatically. And as a user, you get access to it through Outlook Web App, [as opposed to] on the local hard drive.”

Here, White took the bold step of proclaiming OWA as superior to Outlook, in that users still get full access to their mail (albeit with transport restrictions), but without having to keep those multi-gigabyte .PST files locally:

“What got us into this in the beginning was when we talked to our Exchange customers as we were planning [ES] 2010, and we found out that 20 percent of Exchange mailboxes have an archive on them today, but over 60 percent said it was important to them. It’s scary, because there’s not a mailbox out there that shouldn’t be archived for one reason or another. What we heard from them was, 1) the cost and overhead of maintaining and managing another system — new tools to learn — was too expensive; and 2) the end-user experience. Oftentimes you have an archive today, you have to go to a different UI to retrieve the mail, or the performance is really poor on the archived mail. Because what they do is called ‘stubbing,’ which means they literally just leave a little bit of the email in the Inbox, and the rest of it sits out on a third-party system. So the performance has to go bounce between multiple systems, so it’s very slow.

“If end users don’t adopt it, it doesn’t work,” White remarked. “So this clears the hurdle of both the end user experience as the IT pro cost and management perspective.”

That 70 Percent Cost Savings Claim

During the presentation at TechEd in Berlin, Microsoft CVP Stephen Elop made the staggering claim that within a group of 100 companies testing Exchange Server 2010 over the last year, some were able to cut their administrative costs over earlier versions of Exchange by as much as 70 percent.

As is Betanews’ custom (and as is the custom of Betanews readers who see anything in double-digits beside a percentile mark), we asked how that figure was obtained. For instance, we’ve seen companies in the past that said the expenditure to do something this year was X percent lower than the expense to do something in the past, and that typically refers to the fact that memory or storage or processor power is just that much cheaper. That’s not really savings; that’s a factor of the economy.

So what is this 70 percent savings a factor of? “A big cost driver is storage,” responded White. “We know the storage aspect of email, it’s a lot of information and it can get expensive. Traditionally, Exchange was deployed always on a storage-area network, which was fine back in the day when you had a 200 MB mailbox. Obviously, that’s not sufficing anymore, and 10 GB is becoming more of a standard. Supporting that kind of mailbox storage size on a SAN becomes cost-prohibitive.

“So what we’ve done in Exchange 2010 is two things: First, we dramatically improved performance, tenfold over Exchange 2003. When I say that, I mean the time it takes to read and write information to the disk. What that enables is world-class support of low-cost storage options — direct-attached storage, SATA, even in a JBoss configuration. So big, slow disks, you can run Exchange without any performance or reliability impact.” NEC (Nasdaq: NIPNY) Philips (NYSE: PHG), for example, was able to increase its storage capacity by a factor of eight, while simultaneously reducing costs by a factor of four, White said; and Germany-based hosted service provider Elabs was able to reduce its storage costs by 70 percent.

Isn’t that saying that the expenditure this year is 70 percent or so less than the expenditure for a similar service in 2003? Yes, according to White, but that’s in terms of operating cost run-rate, which is figured according to time and not total investment, especially since companies don’t always purchase storage capacity all up-front.

Betanews also learned that Microsoft’s SMB Windows Server bundles, Small Business Server 2008 and Essential Business Server 2008, will not be updated immediately with Exchange Server 2010. Those bundles may continue to be sold with Exchange Server 2007 for at least several more months down the road.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: