Versions Compared

Old Version 12

changes.mady.by.user Ribbon Communications

Saved on

compared with

New Version Current

changes.mady.by.user Ribbon Communications

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_docset_workflow
AUTH1UserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'}
DEV1UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cc5207f0, userName='null'}
LDEV1UserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'}
SVT1UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cef30cd0, userName='null'}
LSVT1UserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'}
AUTHJIDSYM-20206

Include Page
Not_for_SWe
Not_for_SWe

...

  • Enables data execution protection
  • Enables firewall
  • Disables domain users from logging into the ASM
  • Enables only local administrator login

Pagebreak

Apply Security Template

  1. In the WebUI, access Tasks> Lync Survivable Branch Appliance (or Skype for Business Survivable Branch) > Setup SBA.

  2. Click Security.

    Pagebreak

    Caption
    0Figure
    1Apply Security Template

  3. From the Apply Version drop down list, select the applicable TLS option (TLS 1.2 Only or TLS 1.0-1.2).

    Note

    The following are limitations for using TLS 1.2 Only or TLS 1.0-1.2

    • Valid for Skype for Business On Premises SBA only.
    • Valid for WS2012R2 ASM.
    • Valid with the following clients:
      • Lync 2013 (Skype for Business) Desktop Client, MSI and C2R, including Basic 15.0.5023.1000 and higher.
      • Skype for Business 2016 Desktop Client, MSI 16.0.4678.1000 and higher, including Basic.
      • Skype for Business 2016 Click to Run Require the April 2018 Updates:
        • Monthly and Semi-Annual Targeted – 16.0.9126.2152 and higher
        • Semi-Annual and Deferred Channel – 16.0.8431.2242 and higher
    • Requires Skype for Business - March 2018 or Higher Cumulative Updates. Refer to Installing Cumulative Updates for Lync SBA.
    • Requires ASM RollUp June 2018. Apply the Security Template after applying the the ASM Roll-Up. Refer to ASM Roll-up Update.
    • Before enabling TLS 1.2 Only on SBA, prepare your Skype for Business environment: https://blogs.technet.microsoft.com/nexthop/2018/04/18/disabling-tls-1-01-1-in-skype-for-business-server-2015-part-1

  4. Click Apply TLS Version.

  5. For Microsoft SBA Security Hardening, click Apply Default Template. If SBA Security Hardening has been run on the SBA at deployment, this field will be greyed out.

  6. For Custom Security Template, click Browse and select the applicable Security XML file. You need a Windows Server security template XML file created using the Microsoft Security Configuration Wizard (SCW). Refer to the following for how to create the file:

    Caption
    0Figure
    1Windows Security Templates
    Windows VersionMicrosoft Security Configuration Wizard Reference
    Windows 2008Microsoft Security Configuration Wizard (SCW)
    Windows 2008R2
    Windows 2012R2

    Microsoft Security Configuration Wizard (SCW)

  7. Click Submit Security Template file. The operation will take up to to five minutes to complete.

...

  1. In the WebUI, access Settings > Application Solution Module > Operational Status (or via Tasks > Application Solution Module > Operational Status).

  2. Under Windows Status > TLS Version, view the current, enabled TLS version.

    Caption
    0Figure
    1View Enabled TLS Version

     Image RemovedImage Added

    pagebreak