Sometimes customers see slow performance when accessing OWA over Dial-up and using SSL.  Here are some things that you should check to make sure that you are getting the best performance.

  • Make sure that compression is enabled on the FE server. http://support.microsoft.com/?id=825371
  •  Make sure that your firewall or proxy doesn’t require that every http connection require another SSL negotiation.
  • Check and see if the SSL conversion is hammering your CPU. 
    • If it is, you might consider (in order of cost) a card that can offload the SSL load, upgrading your CPU, or load balancing with another FE.  The SSL card makes the most sense in almost all scenarios.  
    • The following options is not recommending that you turn off SSL!!!  It just is pointing out that you can offload the SSL to a server infront of the FE servers in a DMZ.  You can have the Exchange server in a DMZ with no outside access and a ISA server in front of it set to allow Anonymous connections:
      Location: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Rpc \ RpcProxy \
      Parameter: AllowAnonymous
      Data type: REG_DWORD

      value = 1

      Then you could offload the first connection (SSL) to an ISA server or a third party SSL accelerator.