Corba SSL - Risks and benefits

I've been supporting business objects 4.2 SP3 patch 8.

Our security team mandated mandates that we secure all internal communication with SSL if it's an option. Because of that all of our experience with Business Objects has been with Corba SSL enabled.

It seems that not many environments use corba ssl and i've seen several SAP notes that corba ssl causes a memory leak.

Is setting up Corba SSL inside business objects 4.2 sp3+ a recommendation?

If corba SSL is not setup, is the internal BO communication insecure?