Threats

To provide your employees the flexibility to work from anywhere while allowing them the ability to communicate with coworkers and partners and customers as if they were at the office, you need to enable users for remote access.


This means deploying an Edge Server or Edge pool and publishing your Skype for Business on-premise through a reverse proxy. This creates multiple network pathways into your corporate network that Skype for Business clients use.


  • SIP and UCWA for signaling and messaging
  • PSOM for desktop and application sharing
  • SRTP for audio and video traffic
  • EWS for calendar information from Exchange Server

These protocols are susceptible to attack even if they're encrypted and users are authenticated. These protocols are most susceptible to attack in the initial communication handshake before users are authenticated. In some cases, the user isn't authenticated at all as in the case of external anonymous users joining an internal Skype for Business meeting.


Users must first authenticate via SIP and HTTPS. After authentication, they can access Skype for Business and Exchange resources as the other protocols piggy-back on the authentication performed over SIP and HTTPS.


Solution

This is where Account Protection is needed. The Security Edge Filter protects the SIP protocol going through the Edge Server, and the Security Web Filter protects the UCWA and EWS protocols going through the reverse proxy.

Combined, these server products protect Active Directory accounts at the perimeter of your network and defend internal servers against denial of service (DoS) attacks, invalid requests in an attempt to tie up internal resources, scripting attacks on meeting URLs and many other types of attacks.


Key Benefits


  • Protect corporate user accounts from being locked out
  • Shield internal servers from external attacks
  • Filters out invalid external requests
  • Enforce stronger authentication (TLS-DSK)
  • Deep scanning of Skype for Business and Exchange traffic

Centralized Management

The Security Edge Filter and Security Web Filter are integrated with the Security Filter Manager. The Security Filter Manager provides centralized logging and administration, making it simpler for administrators to manage all your Security Filter instances.