Office Communications Server supports an internal firewall, an external firewall, or both an internal and an external firewall for Edge Servers. A configuration with both an internal and an external firewall is strongly recommended.

The internal firewall, the external firewall, or both can consist of multiple firewall computers behind a hardware load balancer.

In addition to being supported as a reverse proxy, Microsoft Internet Security and Acceleration (ISA) Server is supported as a firewall for Office Communications Server 2007 R2. The following versions of ISA are supported as a firewall:

If you use ISA Server as your firewall, configuring it as a NAT is not supported, because ISA Server 2006 does not support static NAT.

The firewall requirements for correct functioning of Edge Servers are as follows:

For details about default ports and required firewall settings, see Ports and Protocolsin the Planning and Architecture documentation.