Before you deploy your perimeter network and implement support for external users, you must already have deployed your Microsoft Lync Server 2010 internal servers, including a Front End pool or a Standard Edition server. If you plan to deploy Directors in your internal network, you should also deploy them prior to deploying Edge Servers. For details about the Director deployment process, see Director in the Planning documentation.
The following table provides an overview of the Edge Server deployment process. For details about deployment steps, see Deploying Edge Servers.
The information in the following table focuses on a new deployment. If you have deployed Edge Servers in an Office Communications Server 2007 R2 or Office Communications Server 2007 environment, see the Migration for details about migrating to Lync Server 2010. Migration is not supported from any version prior to Office Communications Server 2007, including Live Communications Server 2005, and Live Communications Server 2003.
Edge Server Deployment Process
Create the appropriate edge topology and determine the appropriate components.
Run Topology Builder to configure Edge Server settings and create and publish the topology, and then use Lync Server Management Shell to export the topology configuration file.
Domain Admins group and RTCUniversalServerAdminsgroup
You can define a topology using an account that is a member of the local users group, but publishing a topology requires an account that is a member of the Domain Admins group and the RTCUniversalServerAdmins group.
Configure IP addresses for both internal and public facing network interfaces on each Edge Server.
Configure internal and external DNS records, including configuring the DNS suffix on the computer to be deployed as an Edge Server.
(Optional) Create and install public certificates. The time required to obtain certificates depends on which certification authority (CA) issues the certificate. If you do not perform this step at this point, you must do it during Edge Server installation. The Edge Server service cannot be started until certificates are obtained.
Provision support for public IM connectivity, if your deployment is to support communications with Windows Live, AOL, or Yahoo! users.
Set up the reverse proxy (for example, for Microsoft Forefront Threat Management Gateway 2010 or Microsoft Internet Security and Acceleration (ISA) Server with Service Pack 1) in the perimeter network, obtain the necessary public certificates, and configure the web publishing rules on the reverse proxy server.