Topic Last Modified: 2011-05-06
This chapter provides an overview of the fundamental elements that form the security framework for Microsoft Lync Server 2010. Understanding how these elements work together is essential for making informed decisions about securing your particular Lync Server 2010 deployment.
These elements are as follows:
- Active Directory Domain Services (AD DS) provides a single
trusted back-end repository for user accounts and network
resources.
- Role-based access control (RBAC) enables you to delegate
administrative tasks while maintaining high standards for
security.
- Public key infrastructure (PKI) uses certificates issued by
trusted certification authorities (CAs) to authenticate servers and
ensure data integrity.
- Transport Layer Security (TLS), HTTPS over SSL (HTTPS), and
mutual TLS (MTLS) enable endpoint authentication and IM encryption.
Point-to-point audio, video, and application sharing streams are
encrypted using Secure Real-Time Transport Protocol (SRTP).
- Industry-standard protocols for user authentication, where
possible.
- Windows PowerShell provides security features that are enabled
by default so that users cannot easily or unknowingly run
scripts.
These fundamental security elements work together to define trusted users, servers, connections, and operations to help ensure a secure foundation for Lync Server 2010.
The topics in this section describe how each of these fundamental elements works to enhance the security of your Lync Server infrastructure.