Hi,

I've the following question: what are the security risk if our company are going to enable external communication via Lync?

We use Microsoft Lync 2013 and are now looking at the security risks facing our business as we allow external contacts.

Can someone say something about this?

Thanks!

Wick

Hi,

For the security consideration, you may need to add a Director Server:

A Director is a separate, optional server role in Lync Server 2013 that does not home user accounts, or provide presence or conferencing services. It serves as an internal next hop server to which an Edge Server routes inbound SIP traffic destined for internal servers. The Director preauthenticates inbound requests and redirects them to the users home pool or server. By preauthenticating at the Director, you can drop requests from user accounts that are unknown to the deployment.

A Director helps insulate Standard Edition servers and Front End Servers in Enterprise Edition Front End pools from malicious traffic such as denial-of-service (DoS) attacks. If the network is flooded with invalid external traffic in such an attack, the traffic ends at the Director. For details about the use of Directors, see Scenarios for the Director in Lync Server 2013.

Regards,

Melon Chen
TechNet Community Su

Hi Melon,

Are there more risks we may face if we are going to allow external communications ?

What are your experiences with organizations allow external contacts in Lync ?

Thanks.

Wicky