To help increase security in your perimeter network, we recommend that you deploy Edge Servers in the following way:
- Create a new subnet from your perimeter network router for
Office Communications Server.
- Verify that traffic coming to the Office Communications Server
subnet does not route to other subnets.
- On your perimeter network router, configure rules to ensure
that there is no routing between your Office Communications Server
subnet and other subnets (with the exception of a management subnet
that can include management services for your perimeter network).
- On your internal router, do not allow any broadcasts or
multicasts coming from the Office Communications Server subnet in
the perimeter network.
- Deploy the Edge Server between two firewalls (an internal
firewall and an external firewall) to ensure strict routing from
one network edge to the other.