Traffic from the Internet to your peripheral network and from the peripheral network to your internal Office Communications Server infrastructure follows strict paths that you specify during the configuration of each server role. Similarly, traffic from your internal network to the Internet is strictly controlled.

Each edge server role, as well as the reverse proxy, has an external FQDN. Each edge server also has an internal FQDN that is explicitly defined for Office Communications Servers and pools. Each of these FQDNs corresponds to a separate network adapter card configured on each edge server and reverse proxy. Traffic arriving at the external edge can only travel to the configured internal FQDN of the internal server.

Traffic from an internal server or pool to the internal edge of an edge server follows a route that you define for that server or pool. The global settings for each Standard Edition server and Enterprise pool include the edge servers to which outbound traffic from those internal servers and pools is to be routed.

Traffic from an external source to an internal server or pool travels to a specified next hop. The recommended next hop for an edge server is an Office Communications Server Director.

The Director is an Office Communications Server 2007 R2 Standard Edition server or Enterprise Edition server that does not host users but that, as a member of an Active Directory domain, has access to Active Directory Domain Services for purposes of authenticating remote users and routing traffic to the appropriate server or Enterprise pool. By authenticating inbound SIP traffic from remote users, the Director helps insulate home servers and Enterprise pools from potentially unauthenticated traffic, while relieving them of the overhead of performing authentication.

A Director is optional but is strongly recommended in all topologies that involve connections across the Internet, especially those that support remote users. For details about deploying and configuring a Director, see the Deploying Edge Servers for External User Accessdocumentation.

Standard Edition servers configured as Directors cannot be load balanced. Enterprise Edition servers configured as Directors can be configured behind a load balancer if your requirements demand high availability.