Deployment Best Practices for External User Access

Topic Last Modified: 2011-02-28

To enhance Edge Server performance and security, and to facilitate deployment, apply the following best practices when you deploy your perimeter network and Edge Servers:

• Deploy Edge Servers only after you have tested and verified operation of Microsoft Lync Server 2010 communications software inside your organization.
  
• We recommend that you deploy Edge Servers in a workgroup rather than a domain. Doing so simplifies installation and keeps Active Directory Domain Services (AD DS) out of the perimeter network. Locating AD DS in the perimeter network can present a significant security risk.
  
• Joining an Edge Server to a domain located entirely in the perimeter network is supported but not recommended. An Edge Server should never be part of a domain in the internal network.