- Title Page
- Copyright Page
- Dedication
- Contents at a Glance
- Table of Contents
- About the Authors
- Acknowledgments
- We Want to Hear from You!
- Reader Services
- Introduction
- Part I. Overview
- Chapter 1. What Is Microsoft Lync Server?
- Chapter 2. What Is New in Microsoft Lync Server?
- Introducing New Management Tools
- Topology Changes
- New Enterprise Voice Features
- New Call Management Features
- Integrated Mediation Server
- New Presence Features
- New Conferencing Features
- DNS Load Balancing
- Survivable Branch Appliances
- Operating System Support
- New Lync Client Features
- Client Appearance
- The “Me” Area
- Enhanced Contacts
- Privacy Relationships
- Integration with Office and Windows 7
- Whiteboarding and Application Sharing
- Improved Meeting Join Experience
- Conferencing Attendant and Scheduling
- PSTN Dial-In Conferencing Improvements
- Video Improvements
- Manager/Admin Improvements
- Improved Phone Experience
- Summary
- Chapter 3. Feature Overview of Microsoft Lync Server
- Chapter 4. Benefits of Microsoft Lync Server 2010
- Part II. Microsoft Lync Server 2010 Server Roles
- Chapter 5. Microsoft Lync Server 2010 Front End
- Chapter 6. Microsoft Lync Server 2010 Edge
- Chapter 7. Microsoft Lync Server 2010 Monitoring
- Overview
- Installation
- Configuration
- Administration
- Troubleshooting
- Best Practices
- Summary
- Chapter 9. Director
- Part III. External Dependencies
- Chapter 10. Dependent Services
- Chapter 11. SQL
- Chapter 12. Firewall and Security Requirements
- Part IV. Administration and Management
- Chapter 13. Monitoring Microsoft Lync Server 2010
- Overview
- OpsMgr Lync Server 2010 Monitoring
- What Is New in OpsMgr R2?
- How OpsMgr Works
- OpsMgr Architecture
- How to Use OpsMgr
- OpsMgr Component Requirements
- Advanced OpsMgr Concepts
- Understanding OpsMgr Deployment Scenarios
- Multiple Configuration Groups
- Deploying Geographic-Based Configuration Groups
- Deploying Political or Security-Based Configuration Groups
- Sizing the OpsMgr Database
- Defining Capacity Limits
- Defining System Redundancy
- Monitoring Nondomain Member Considerations
- Securing OpsMgr
- Installing Operations Manager 2007 R2
- Installing Edge Component Monitoring Certificates
- Installing the Lync Server 2010 Management Pack
- Best Practices
- Summary
- Chapter 14. Backup and Restore of Microsoft Lync Server 2010
- Chapter 15. Administration of Microsoft Lync Server 2010
- Chapter 13. Monitoring Microsoft Lync Server 2010
- Part V. Migrating from Older Versions
- Part VI. Voice
- Chapter 17. PBX Integration
- Chapter 18. Enterprise Voice
- Chapter 19. Audio Conferencing
- Part VII. Integration with Other Applications
- Chapter 20. Exchange 2010 and SharePoint 2010 Integration
- Overview
- Exchange 2010 Unified Messaging
- Call Answering Rules
- Exchange 2010 Unified Messaging Architecture
- Unified Messaging Users
- UM Web Services
- Supported IP/VoIP Hardware
- Unified Messaging Protocols
- Unified Messaging Installation
- Postinstall Configuration
- Data Storage in Unified Messaging
- Exchange 2010 Outlook Web Application
- SharePoint 2010 Integration
- Best Practices
- Chapter 21. UCMA
- Chapter 20. Exchange 2010 and SharePoint 2010 Integration
- Part VIII. Clients
- Chapter 22. Microsoft Communicator Client for Macintosh
- Chapter 23. Windows, Browser, and Silverlight Clients
- Chapter 24. UC Endpoints
- Part IX. Planning for Deployment
- Chapter 25. Virtualization
- Chapter 26. Planning for Internal Non-Voice Deployment
- Chapter 27. Planning for Deploying External Services
- Chapter 28. Planning for Voice Deployment
- Index
Ports to Open
,The specific ports needed to open on a firewall vary somewhat depending on what services are placed into the DMZ and which services need to be accessible from the Internet. This section summarizes commonly deployed DMZ roles and the ports necessary to support them. The description calls out the port, traffic type, type of firewall it applies to (internal or external), and the purpose for the opening.
Audio/Video Edge Service Port Ranges
TCP 50,000 through 59,999—Incoming, these ports are needed for connections with Federated partners running Lync Server. Federated partners still running OCS 2007 also need UDP 50,000 through 59,999. This is to support RTP (Real-Time Transport Protocol). Federated A/V to a partner running an OCS 2007 R2 edge environment works over 3478/UDP or 443/TCP. This applies to the external firewall.
TCP 443 (STUN/TCP)—Outbound, for media transfer between internal users and external users. This applies to both the internal and external firewalls.
UDP 3478 (STUN/UDP)—Inbound and outbound for media exchange between internal users and external users. This applies to both the internal and external firewalls.
TCP 5062 (SIP/MTLS)—Outbound, for authentication of A/V users. This applies to the internal firewall.
Access Edge Service Port Ranges
TCP 5061 (TCP/MTLS)—Incoming and outgoing, usually to a director or the virtual IP of a load balancer. This applies to the internal firewall.
UDP 53 (DNS)—Outgoing, to enable the Access Edge to find other systems. The Access Edge should be configured to use an external DNS, to avoid unnecessary openings in the internal firewall. This might require using the host file to find systems also in the DMZ. This applies to the external firewall.
TCP 80 (HTTP)—Outgoing, to enable the system to download Certificate Revocation Lists. This applies to the external firewall.
TCP 443 (HTTPS)—Outgoing, to enable the system to download Certificate Revocation Lists that are published with SSL. This applies to the external firewall.
TCP 5061 (SIP/MTLS)—Incoming and outgoing. This applies to the external firewall.
Web Conferencing Edge Service
TCP 8057 (PSOM/MTLS)—Outbound, for communications between Web Conferencing Servers and the Web Conferencing Edge Service. This applies to the internal firewall.
TCP 443 (PSOM/TLS)—Inbound for access of remote, anonymous, and federated users into internal Web Conferences. This applies to the external firewall.
All Edge Servers
TCP 4443 (HTTPS)—Inbound, to enable for replication of configuration data to Edge Servers from the Central Management Server. This applies to the internal firewall.
-
No Comment