Edge Server Deployment Guidelines

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

 

Topic Last Modified: 2013-06-26

To enhance Edge Server performance and security, as well as to facilitate deployment, use the following guidelines when deploying your perimeter network and Edge Servers:

• Deploy Edge Servers only after you have finished deploying Office Communications Server 2007 R2 inside your organization.

• Deploy Edge Servers in a workgroup rather than a domain. Doing so simplifies installation and keeps Active Directory Domain Services (AD DS) out of the perimeter network. Locating AD DS in the perimeter network can present a significant security risk.

• Deploy your Edge Servers in a staging or lab environment before you deploy them in your production environment. Deploy them in your perimeter network only when you are satisfied that the test deployment meets your requirements and that it can be incorporated successfully in a production environment.

• Deploy Edge Servers on dedicated computers that do not run anything that is not required. This includes disabling unnecessary services and running only essential programs on the computer, such as programs embodying routing logic that are developed by using Microsoft SIP Processing Language (MSPL) and the Office Communications Server API.

• Enable monitoring and auditing as early as possible on the computer.

• Use a computer that has two network adapters to provide physical separation of the internal and external network interfaces.

• Deploy the Edge Server between two firewalls (an internal firewall and an external firewall) to ensure strict routing from one network edge to the other.