Office Communications Server uses Exchange Server 2007 Service Pack 1 (SP1) Unified Messaging (UM) to provide voice mail, call notification, and auto-attendant services. An Exchange UM dial plan supports three different security levels: Unsecured, SIPSecured, and Secured. You configure security levels by means of the UM dial plan’s VoipSecurityparameter. The following table shows appropriate dial plan security levels depending on whether MTLS, SRTP, or both are enabled or disabled.
Table 1. VoIPSecurity Values for Various Combinations of Mutual TLS and SRTP
| Security Level | Mutual TLS | SRTP |
|---|---|---|
|
Unsecured |
Disabled |
Disabled |
|
SIPSecured |
Enabled (required) |
Disabled |
|
Secured |
Enabled (required) |
Enabled (required) |
When integrating Exchange UM with Office Communications Server 2007 R2, you need to select the most appropriate dial plan security level for each voice profile. In making this selection, you should consider the following:
- MTLS between Exchange UM and Office Communications Server is
the default configuration. Therefore, the dial plan security level
of SIPSecuredor Securedis recommended. The use of SIP dial plans
with a security level of Unsecured is not supported.
- Office Communicator 2005 does not support SRTP. Instead, it
uses Data Encryption Standard (DES) media encryption, which is not
supported by Exchange UM. If you require Exchange UM to take calls
from Office Communicator 2005 clients, you need to set the UM dial
plan to SIPSecured. In addition, the Office Communicator 2005
client encryption level must be set to rejected or optional.
- If you set the dial plan security to SIPSecured, SRTP is
disabled. In this case, the Office Communicator 2007 R2 client
encryption level must be set to rejected or optional.
- If you set the dial plan security to Secured, SRTP is enabled
and required by Exchange UM. In this case, the Office Communicator
2007 R2 client encryption level must be set to optional or
required.