Del via


Security framework for Lync Server 2013

 

Topic Last Modified: 2013-11-08

This section provides an overview of the fundamental elements that form the security framework for Microsoft Lync Server 2013. Understanding how these elements work together is essential to making informed decisions about securing your particular Lync Server 2013 deployment.

These elements are as follows:

  • Active Directory Domain Services (AD DS) provides a single trusted back-end repository for user accounts and network resources.

  • Role-Based Access Control (RBAC) enables you to delegate administrative tasks while maintaining high standards for security.

  • Public Key Infrastructure (PKI) uses certificates issued by trusted certification authorities (CAs) to authenticate servers and ensure data integrity.

  • Transport Layer Security (TLS), HTTPS over SSL (HTTPS), and mutual TLS (MTLS) enable endpoint authentication and IM encryption. Point-to-point audio, video, and application sharing streams are encrypted using Secure Real-Time Transport Protocol (SRTP).

  • Industry-standard protocols for user authentication, where possible.

  • Windows PowerShell provides security features that are enabled by default so that users cannot easily or unknowingly run scripts.

These fundamental security elements work together to define trusted users, servers, connections, and operations to help ensure a secure foundation for Lync Server 2013.