Deployment Best Practices for External User Access
Lync Server 2010
Topic Last Modified: 2011-02-28
To enhance Edge Server performance and security, and to facilitate deployment, apply the following best practices when you deploy your perimeter network and Edge Servers:
Deploy Edge Servers only after you have tested and verified operation of Microsoft Lync Server 2010 communications software inside your organization.
We recommend that you deploy Edge Servers in a workgroup rather than a domain. Doing so simplifies installation and keeps Active Directory Domain Services (AD DS) out of the perimeter network. Locating AD DS in the perimeter network can present a significant security risk.
Joining an Edge Server to a domain located entirely in the perimeter network is supported but not recommended. An Edge Server should never be part of a domain in the internal network.