• Illustration: Backing Up Exchange with Veritas Backup Exec
• Illustration: Exchange 2003 Backup Process Flow
• Illustration: Restoring Exchange from Veritas Backup Exec
• Illustration: Exchange 2003 Restore Process Flow
• Sidebar: Limitations and Removed Features
• Sidebar: Why Exchange 2000 Posed Backup Difficulties
• Sidebar: What's in Exchange 2003 for ASPs?

Incremental improvements to the Exchange e-mail and collaboration server enable it to capitalize on new functionality and enhanced performance in Windows Server 2003. Exchange 2003 also has new features that are not dependent on Windows 2003, although most of these features won’t be apparent to end users. The new features could particularly benefit large corporate customers and application service providers (ASPs) by improving scalability, availability, and manageability, but they will lose some previous Exchange features, such as instant messaging, if they migrate. (See the sidebar "Limitations and Removed Features".)

Even if they do not find the new features compelling, organizations that want to host Exchange on Windows Server 2003 must first upgrade to Exchange 2003. When considering whether to upgrade, organizations should note that these incremental improvements augment other new Exchange 2003 and Outlook 2003 features targeted at mobile users. (For details on these new features, see "Improved Support for Mobile Exchange Users" on page 11 of the Mar. 2003 Update.)

Exchange 2003 Exploits New Windows Server 2003 Features

Although Exchange 2003 will run on Windows 2000 Server, many new features and improvements exploit new features added to Windows Server 2003.

Improved Message Recovery with VSS

Exchange 2003 can use Windows Server 2003’s new Volume Shadow Copy Service (VSS) to greatly reduce the time needed to back up or restore Exchange and to simplify recovery of data in individual user mailboxes, thereby improving availability and reducing management costs.

VSS is a Windows system service that lets applications, other operating system (OS) services, storage devices, and backup applications work together so that clean "shadow copies" (also known as "snapshots") of data can be made by most storage technologies with only a momentary pause to applications. Supporting VSS allows Exchange 2003 to address two longstanding problems: long restore times and poor support for recovering individual user mailboxes. (See the sidebar "Why Exchange 2000 Posed Backup Difficulties".)

Exchange 2003 includes two components that resolve these issues: the Exchange VSS writer, and the recovery storage group.

Exchange VSS writer. Exchange 2003 comes with a VSS "writer" that enables backup applications to take snapshots of data on a live Exchange server through the VSS service. (See the illustration "Exchange 2003 Backup Process Flow".) This scheme reduces the impact of backup on Exchange servers in that once a snapshot has been taken the backup program can then copy it to tape without involving Exchange. In addition, the VSS writer can speed restores dramatically: if the snapshot of the Exchange database is still on disk, a restore operation (and the resulting service interruption) takes only minutes instead of many hours.

Backup applications must be specifically written to take advantage this feature. Since the NTBackup application bundled with Windows does not, organizations must use third-party backup products to exploit VSS for Exchange backup. Most major backup and storage vendors for Windows plan to offer VSS support, and Veritas Software’s popular BackUp Exec product will be one of the first, available soon after Exchange 2003 ships. (See the illustration "Backing Up Exchange with Veritas Backup Exec" for more details.)

Recovery storage group. To enable administrators to recover user mailboxes, Exchange 2003 adds support for a "recovery storage group." This new feature allows an administrator to temporarily connect Exchange to an older version of storage group files restored from a VSS snapshot. Once connected, Exchange 2003 includes a mailbox merge utility that can be used to select and move mailboxes from the recovery storage group back into their current live storage group. (For more details, see the illustrations "Restoring Exchange from Veritas Backup Exec" and "Exchange 2003 Restore Process Flow".)

These improvements will make it more practical to support very large Exchange databases, and large corporations and ASPs will be able to consolidate many existing mail servers into a smaller number of large servers, reducing overall management costs. (For more information on Exchange 2003 benefits for ASPs, see the sidebar "What’s in Exchange 2003 for ASPs?".)

Leveraging Windows 2003 Performance and Availability Features

Exchange 2003 can now scale better to support larger numbers of users and more complex Active Directory (AD) environments by taking advantage of additional Windows Server 2003 features, such as the following:

Internet Information Server (IIS) 6.0 support. IIS 6.0 introduces a new, more reliable "worker process isolation mode" that ensures that each application’s processes and associated extensions are isolated from all other Web applications.

Exchange makes extensive use of native IIS services, such as Simple Mail Transport Protocol (SMTP) and Web Distributed Authoring and Versioning (WebDAV). It also installs Web applications, such as Outlook Web Access (OWA) and Outlook Mobile Access, which gain stability and reliability by running natively in worker process isolation mode.

Because IIS 6.0 installs in a "secure by default" configuration, it should also reduce the vulnerability of Exchange servers to viruses targeting IIS.

Improved clustering. In addition to being able to take advantage of the 8-node clustering supported by Windows Server 2003 Enterprise Edition (up from 4 nodes on Windows 2000 Advanced Server), Exchange 2003 will fail over to an alternate node significantly faster than it previously did on Windows 2000, resulting in less impact on users.

Improved memory usage. Windows Server 2003 reuses blocks of virtual memory more efficiently than Windows 2000. Because memory fragmentation degraded the performance of heavily loaded Exchange 2000 servers, this should increase the number of users a single Exchange server can support. The Standard Edition of Windows Server 2003 also allows applications to take advantage of up to 3GB of physical memory, so Exchange customers don't have to purchase the more expensive Enterprise Edition of Windows Server 2003 to exploit that much memory.

Leveraging Active Directory Improvements

Exchange 2003 takes advantage of improvements to the AD security and configuration database in Windows Server 2003. The fact that organizations must migrate to AD before using recent versions of Exchange has slowed migration from Exchange 5.5, but Windows Server 2003 contains many improvements to make AD deployment easier, which should reduce this migration barrier.

For example, Windows Server 2003’s new AD has a "cross-forest trust" feature. Cross-forest trust enables organizations to combine previously independent AD installations ("forests") after organization changes such as mergers, while giving the merged organizations administrative autonomy over users and computers. Exchange 2003 Enterprise Edition comes bundled with Microsoft Metadirectory Services, which enables organizations with multiple forests to automatically create "contacts" synchronized with user accounts in other forests. These contacts allow each forest’s AD and Exchange servers to maintain an enterprise-wide global address list (GAL) and support distribution groups containing contacts representing accounts in other forests.

Outlook 2003 also benefits from AD and Windows Server security. Unlike prior versions of Outlook, Outlook 2003 can use Kerberos—the native authentication protocol of Windows 2000 and Windows 2003—to authenticate with Exchange 2003 servers. The Kerberos protocol is less vulnerable to attack than the older NT 4.0 authentication protocol and lets Outlook 2003 work better in multiforest organizations. Using their normal log-on credentials, users from one forest can access mailboxes or public folders hosted by an Exchange Server belonging to another trusting forest.

Combating Viruses and Spam

Of the Exchange 2003 features that don't require Windows Server 2003, many of the most important are designed to combat unwanted e-mail ("spam") and to prevent users from being victimized by viruses and worms delivered in e-mail.

Connection filtering through blacklists. Exchange 2003 supports connection filtering based on real-time blacklists (RBLs), third-party databases of known sources of unsolicited e-mail; dial-up user account lists used for spam; and mail servers that have been left open, allowing spammers to conceal their real address by passing mail through the open "relay." Well-known databases of these types include those at sbl.spamhaus.org, dun.dnsrbl.net, and relays.ordb.org. Administrators can configure Exchange to use several connection filters based on the types of data in the blacklists and prioritize the order in which each filter is applied.

Enhanced Outlook Web Access security and spam prevention. OWA now has the attachment-blocking functionality introduced several years ago in the full Outlook client. This is particularly useful for keeping users of OWA, Exchange's browser-based e-mail client, from activating viruses and worms by opening or sending attachments with potentially dangerous file extensions.

Like Outlook 2003, Exchange 2003’s new OWA client can warn users when they have received messages containing "Web beacons" or "Web bugs," and it allows users to delete them without triggering them, even when viewed in the preview pane. Web beacons are tiny, often-transparent embedded graphics in HTML-formatted e-mail messages that can report a mail recipient’s IP address, cookie information, and referring URL back to a spammer’s site. Because a beacon can confirm that the recipient address is valid, the recipient can then be targeted by even more spam.

Although unrelated to protecting against viruses or spam, Exchange 2003 also allows administrators to prevent OWA users who log on from the Internet from downloading file attachments. Because copies of downloaded OWA message attachments are stored on the local machine, the downloaded data could be viewed by unauthorized persons if the local machine is a public Internet terminal that others use. Administrators can now block downloads to such computers while still allowing OWA users in their office or connected to the corporate network over a VPN to open and read attachments.

Other Administrative Improvements

Finally, several Exchange 2003 features simplify administration of servers and clients.

Query-based distribution groups. Exchange can create query-based distribution groups (QDGs) in AD that provide the same functionality as standard (and static) distribution groups, but that dynamically build membership based on predetermined AD queries that return accounts matching one or more user attributes (for example, "all users reporting to manager John Doe"). If AD attributes have the information needed to determine group membership, QDGs can save administrators from manually maintaining the list of members, but because QDG membership is dynamically generated each time mail is sent, these groups have limitations: users cannot view the membership of the group, and QDGs can impose a performance hit on domain controllers.

Client-side performance monitoring. Exchange 2003 Server can collect information about the end-user client experience by recording connection latencies and errors observed by the Outlook 2003 client. On subsequent successful connections, this data is forwarded to the Exchange server’s event log and performance counters. The event log data, which can also be collected by Microsoft Operations Manager (MOM) or other centralized server monitoring tools, can be used to notify administrators about severe client-side error conditions.

MOM application pack included. Exchange 2003 will include the Exchange Management Pack for MOM, which allows MOM to monitor Exchange 2003 service and server availability; detect problems and alert administrators; and track system usage for trend analysis and capacity planning. The application pack includes rules for monitoring and filtering data from more than 1,600 select events and performance counters in Exchange. It also provides critical information and links to relevant Microsoft Knowledge Base articles.

Although MOM server licenses must still be purchased separately, customers wanting to use MOM to monitor Exchange servers no longer have to purchase a US$349 Application Management Pack license for each monitored Exchange server.

No In-Place Migration for Exchange 5.5 Servers

Organizations on Exchange 5.5 (nearly half of all Exchange servers are still running this version) cannot upgrade those servers in-place to Exchange 2003. Instead, they must build new Exchange 2003 servers and move existing mailboxes and public folders onto them. Although many organizations will use the migration as an opportunity to upgrade their Exchange server hardware and possibly to consolidate servers, other organizations will see this as a step back from Exchange 2000’s migration path, which supports in-place upgrades.

However, customers already on Exchange 2000 can perform in-place upgrades relatively painlessly, and Exchange 2000 and 2003 servers can readily coexist in an Exchange system, so organizations can upgrade gradually.

Finally, Exchange 2003 retains many of the scalability limitations of Exchange 2000, lacks some of its optional features (such as instant messaging), and does not provide full backward compatibility for some client-side applications. Organizations considering server consolidations on Exchange 2003 will have to find out whether the remaining limitations are bottlenecks in their current installations, and all organizations considering a move to Exchange 2003 will have to verify that they don't depend on any of the removed features and application programming interfaces.

Availability and Resources

Exchange 2003 is expected to ship during summer 2003, close to the ship date of Office 2003, which contains the updated Outlook client. Exchange 2003 will also be available in three new localizations: Chinese Traditional, Chinese Simplified, and Korean, in addition to the English, French, German, Italian, Japanese, and Spanish localizations previously available. Pricing and packaging has not been announced.

For more information and to download the beta, see www.microsoft.com/exchange/evaluation/ti.

For more background on Volume Shadow Copy Service (VSS) in Windows Server 2003, see "Windows .NET Server Supports Enterprise Storage" on page 3 of the Dec. 2002 Update.

For background on Greenwich, which replaces Exchange IM, see "‘Greenwich’ to Support Windows IM, Real-Time Communications" on page 6 of the Nov. 2002 Update.

For more on how Windows 2003 Server makes deploying Active Directory easier, see "Active Directory Improvements Remove Many Migration Roadblocks" on page 3 of the Aug. 2002 Update.

For more on improvements to IIS in Windows Server 2003, see "Rewritten IIS Anchors Windows .NET Server" on page 3 of the July 2002 Update.

For background on Exchange Conferencing Server, which is being eliminated from Exchange 2003, see "Exchange 2000 Conferencing Server to Enable Virtual Meetings" on page 6 of the Aug. 2000 Update.

For information on Microsoft's efforts to appeal to ASPs in earlier versions of Exchange, see "Exchange 2000 Targeted at ASPs" on page 3 of the Nov. 2000 Update.

For a list of common filtering services, see www.email-policy.com/Spam-black-lists.htm.