Script

Configure clients prior to deploying an Office Communications Server network by following the recommended safety measures:

• Use Windows XP or Windows Vista with the latest Service Pack.
  
  
• Set appropriate group policies on the Office Communicator client for media encryption. For details, see Microsoft Office Communicator 2007 R2 Group Policies.
  
  
• Use Office Communicator group policies to disable features as appropriate for your deployment. For details, see Microsoft Office Communicator 2007 R2 Group Policies.
  
  
• Configure Office Communicator to use TLS, which provides encrypted signaling. The confidentiality even of otherwise encrypted communications, such as media, is not protected when a user connects to the server using TCP. The encryption key can be intercepted by an attacker and used to decrypt the message. If you must allow client connections over TCP, be aware of this vulnerability.
  
  
• When adding tabs or Help menu content to Office Communicator, use HTTPS.
  
  
• File transfer between users is peer to peer. All file transfers are encrypted by default. Instruct users to run a virus check before opening transferred files.
  
  
• Consider restrictions on client connections and messages.
  
  
• Isolate users according to usage requirements.
  
  
• Run antivirus software on the client.
  
  
• Frequently check and apply updates and security patches.
  
  
• Use strong password best practices.
  
  
• Run only necessary services and applications.
  
  
• Enable the Require SIP high security mode Group Policy setting for the users GPO.