ENTERPRISE

Microsoft Lync Server 2010 : Planning for Internal Non-Voice Deployment - Determining Your Infrastructure Needs

12/13/2013 2:21:41 AM
To build a successful Lync Server 2010 infrastructure to support basic functions such as instant messaging, web conferencing, and group chat, these services need to be built on a stable infrastructure. That is to say, the services outside of Lync Server 2010 need to be healthy, available, and of sufficient performance to take on the added load of Lync Server 2010. It is also important to plan the hardware that will be used to support Lync Server 2010 and ensure that it is capable of supporting the new environment.

1. Planning for Hardware and Software

Although many implementations of Lync Server 2010 for non-voice deployments will be virtualized, both physical and virtual servers used for Lync Server 2010 must meet a few standards. Keep these in mind when planning a Lync Server 2010 deployment:

• Lync Server 2010 only runs as a 64-bit application and must have 64-bit hardware.

• Lync Server 2010 does not support Intel Itanium processors.

From an operating perspective, plan to use one of the following operating systems to support Lync Server 2010:

• Windows Server 2008 R2 Standard operating system

• Windows Server 2008 R2 Enterprise operating system

• Windows Server 2008 R2 Datacenter operating system

• Windows Server 2008 x64 Standard operating system with Service Pack 2 (SP2)

• Windows Server 2008 x64 Enterprise operating system with SP2

• Windows Server 2008 x64 Datacenter operating system with SP2


Warning

Installation of any Lync Server 2010 role on a computer running Windows Server 2008 x64 Datacenter or Windows Server 2008 R2 Datacenter that has multiple processor groups configured is not supported. This is due to an incompatibility with SQL Server 2008 Express and multiple processor groups.


Although the Lync Server 2010 roles are limited to the previous operating systems, the Planning Tool can be run on any of the following operating systems:

• The 32-bit version of Windows 7 operating system

• The 64-bit version of Windows 7 operating system using the WOW64 x86 emulator

• The 32-bit edition of Windows Vista with SP2 operating system

• The 64-bit edition of Windows Vista with SP2 operating system using the WOW64 x86 emulator

• The 32-bit edition of Windows XP with SP3 operating system

• The 64-bit edition of Windows XP with SP3 operating system using WOW64 x86

• The 32-bit edition of Windows Server 2008 operating system

• The 64-bit edition of Windows Server 2008 operating system using WOW64 x86

• The 32-bit edition of Windows Server 2008 R2 operating system

• The 64-bit edition of Windows Server 2008 R2 operating system using WOW64 x86

Also, plan for a somewhat standardized build for the operating system for Lync Server 2010 systems. By planning what software and features will and won’t be present on the system, it is easier to understand the security implication of the systems and they become easier to support as their configuration is well known to the group supporting them.

2. Planning for Network Infrastructure Requirements

When planning a non-voice Lync Server 2010 deployment, don’t forget to take into account the needs you will have of the network. Each Lync Server 2010 server should have at least one network interface rated for 1Gb per second of throughput. It should be connected to a low-latency, high-speed local area network (LAN).

Take into consideration plans for how servers will be logically deployed when planning for their physical deployment. For example, if multiple Front End Servers are load balanced for redundancy, consider placing them into different physical racks and connecting them to independent power circuits.


Caution

Placing all the load-balanced systems into a single rack only increases the possibility of a single event taking out all the systems, thus negating the benefits of load balancing for redundancy.


When planning the requirements for the LAN or WAN (wide area network), there might be some deviation between predicted loads and actual observed loads. Take this under consideration when evaluating whether existing network connections will handle the added load of Lync Server 2010.

Use the following rules of thumb for Lync Server 2010 when planning network usage:

• Plan for 65 Kbps per audio stream and 500 Kbps per video stream as peak values.

• Bidirectional audio and video sessions count as two streams.

• Lync Server media endpoints can adapt to varying network conditions and can usually handle oversubscriptions of up to 3 times. Although an audio stream peaks its usage at 65 Kbps, you can typically run three audio streams in the same 65 Kbps without users noticing a drop in quality.

• If a site lacks the capacity to comfortably run video streams, consider disabling video for that site.

• Expect degraded audio and video performance between endpoints separated by more than 150 ms of latency.

3. Planning for Active Directory Dependencies

Like most Microsoft applications, Lync Server 2010 depends heavily on Active Directory to authenticate users, find server pools, and generally keep data flowing. As such, it is critical to account for this when planning a Lync Server 2010 deployment of any kind. Plan to upgrade legacy domain controllers and be aware that Windows Server 2003 mixed mode is not supported by Lync Server 2010.

One of the best things you can do prior to a large deployment into Active Directory is to perform an Active Directory health check. This involves reviewing event logs, running tools such as DCDiag and NetDiag, and checking replication health to ensure that the directory itself is healthy and operating correctly.


Caution

Failure to realize that the directory itself is unstable or unhealthy greatly increases the chances of running into problems during a deployment of an application such as Lync Server 2010.


4. Planning for Certificates

One of the more difficult decisions when using Public Key Infrastructure (PKI)-enabled applications, such as Lync Server 2010, is the decision to use internal or public certificates. In this context, internal is defined as coming from a Certificate Authority that is not automatically trusted by the operating system, whereas public means one coming from a Certificate Authority that is already present in the trusted root store of operating systems.

Lync Server 2010 uses certificates for the following purposes:

• External or remote user access to audio/video sessions as well as conferencing and application sharing

• Remote user access for instant messaging

• Federation using automatic DNS discovery of partners

• Mutual Transport Layer Security (MTLS) connections between servers

• Transport Layer Security (TLS) connections between client and server

Regardless of whether internal or public certificates are used, the following requirements must be met:

• All server certificates must support server authentication (Server EKU [1.3.6.1.5.5.7.3.1])

• All server certificates must contain a valid and reachable Certificate Revocation List (CRL) Distribution Point (CDP)

• Key lengths must be either 1024, 2048, or 4096

• All server certificates must use one of the following hashes:

• ECDH_P256

• ECDH_P384

• ECDH_P512

• RSA

Various Lync Server 2010 roles have specific needs around the names contained in the certificates. Luckily for administrators, the Certificate Wizard builds the certificate request automatically and accounts for pool names, fully qualified domain names of hosts, as well as simple URLs such as meet or dialin that are created as a result of roles and features. The Lync Server 2010 administrator should ensure that the Certificate Authority to be used, whether internal or public, supports subject alternate names.


Note

In general, subject alternate name or SAN certificates are more expensive than traditional single-name certificates. Many public certificate providers charge the same price per name as they do a normal single-name certificate. Other providers offer a flat rate for a SAN certificate and allow the purchaser to insert as many names as will fit into the SAN certificate because there is a fixed amount of space available to fit names. The shorter the names, the more will fit. Some providers place arbitrary limits on the number of SAN entries that go into the certificate.

Other  
  •  Microsoft Lync Server 2010 : Determining the Scope of the Deployment
  •  System Center Configuration Manager 2007 : Creating a Package (part 5) - Forefront Client - Configuring the Package, Adding Programs
  •  System Center Configuration Manager 2007 : Creating a Package (part 4) - Forefront Client - Using the New Package Wizard
  •  System Center Configuration Manager 2007 : Creating a Package (part 3) - OpsMgr Client - Configuring the Package Used by the Package Definition File
  •  System Center Configuration Manager 2007 : Creating a Package (part 2) - OpsMgr Client - Configuring the Installation Program
  •  System Center Configuration Manager 2007 : Creating a Package (part 1) - OpsMgr Client - Using the Create Package from Definition Wizard
  •  Exchange Server 2007 Management and Maintenance Practices : Maintenance Tools for Exchange Server 2007 (part 2) - Active Directory Database Maintenance Using ntdsutil
  •  Exchange Server 2007 Management and Maintenance Practices : Maintenance Tools for Exchange Server 2007 (part 1)
  •  Exchange Server 2007 Management and Maintenance Practices : Proper Care and Feeding of Exchange Server 2007
  •  Windows 7 : Programming Plug and Play and Power Management - Callbacks for Power-Up and Power-Down , Callback for Wake Signal Support
  •  
    Top 10
    Review : Sigma 24mm f/1.4 DG HSM Art
    Review : Canon EF11-24mm f/4L USM
    Review : Creative Sound Blaster Roar 2
    Review : Philips Fidelio M2L
    Review : Alienware 17 - Dell's Alienware laptops
    Review Smartwatch : Wellograph
    Review : Xiaomi Redmi 2
    Extending LINQ to Objects : Writing a Single Element Operator (part 2) - Building the RandomElement Operator
    Extending LINQ to Objects : Writing a Single Element Operator (part 1) - Building Our Own Last Operator
    3 Tips for Maintaining Your Cell Phone Battery (part 2) - Discharge Smart, Use Smart
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    VIDEO TUTORIAL
    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

    - How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
    Popular Tags
    Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8