Office Communications Server 2007 R2 includes the following security enhancements
- Consolidated Edge Servers allows use of network address
translation (NAT) for all server roles if a single Edge Server is
being used. Multiple Edge Servers behind a hardware load balancer
cannot use NAT, and the expanded edge configuration not supported.
- Reduced port requirements for audio /video support externally.
The requirement for the open port range of 50,000-59,999/TCP and
50,000-59,999/UDP inbound and outbound on firewalls is reduced to
specific scenarios. The base requirement for 443/TCP and 3478/UDP
are still required.
|If you federate with enterprises that are on Office Communications Server 2007 and need to use audio/video between your enterprise and the federated enterprise, the port requirements will be those for the older version of the Edge Servers that are deployed. For example, the port ranges required for Office Communications Server 2007 must be implemented for both enterprises until the federated partner upgrades their edge to Office Communications Server 2007 R2. At that time, port requirements can be reviewed and reduced according to the new configuration.|
A complete list and discussion of all new features in Office Communications Server 2007 R2 and Office Communicator 2007 R2 can be found in the documentation.
Trustworthy by Design
Office Communications Server 2007 R2 is designed and
developed in compliance with the Trustworthy Computing Security
Development Lifecycle (SDL), which is described at the Microsoft
Trustworthy by Default
Network communications in Office Communications Server 2007 R2 are encrypted by default. By requiring all servers to use certificates and by using Kerberos authentication, TLS, Secure Real-Time Transport Protocol (SRTP), and other industry-standard encryption techniques, virtually all Office Communications Server 2007 R2 data is protected on the network. In addition, role-based setup makes it possible to deploy Office Communications Servers so that only the services, and the permissions related to those services, are installed as appropriate on each server role.
Trustworthy by Deployment
The Office Communications Server planning guide, deployment guides, migration guide, and this guide all document best practices and recommendations to help you determine and configure the optimal security levels for deployment and assess the risks of activating non-default options.