locked
Secure Communication and Mobility Clients (iPhone) RRS feed

  • Question

  • Hi everyone,

    Are the messages sent to and from the Lync Mobility clients (primarily interested in the iPhone client) secure and encrypted using two-factor authentication? Also, are push notifications sent securely via the federation service?

    The reverse proxy is set up for SSL communications with a certificate, so the client can authenticate the reverse proxy. However, if the client has internal certificates installed, will the server authenticate the client? Or does the client get assigned a lync signed certificate like the traditional client explained here.

    Thanks,

    Mark

    Monday, February 13, 2012 1:06 AM

Answers

  • Hi Mark,

    All messages sent from the mobile client to the Lync Server are encrypted using TLS. A mobile client signs in in the same way a normal Windows client does in terms of the SIP registration. Two-factor authentication is not used as only the user's password is required to authenticate.

    Authentication is done by the Lync Front End or Director pool, not by the reverse proxy. The server authenticates the client in every scenario. The server does not assign the mobile client a certificate like it does to the desktop client however.

    I presented a session on this at our last UC user group in London that explains a bit of this. You can check it out here: http://www.slideshare.net/mucugl/lync-mobility-deployment


    Justin Morris | Consultant | Modality Systems
    Lync Blog - www.justin-morris.net
    Twitter: @jm_deluxe
    If this post has been useful please click the green arrow to the left or click "Propose as answer"

    • Marked as answer by _MarkH_ Monday, February 13, 2012 11:31 PM
    Monday, February 13, 2012 1:11 PM

All replies

  • Hi Mark,

    All messages sent from the mobile client to the Lync Server are encrypted using TLS. A mobile client signs in in the same way a normal Windows client does in terms of the SIP registration. Two-factor authentication is not used as only the user's password is required to authenticate.

    Authentication is done by the Lync Front End or Director pool, not by the reverse proxy. The server authenticates the client in every scenario. The server does not assign the mobile client a certificate like it does to the desktop client however.

    I presented a session on this at our last UC user group in London that explains a bit of this. You can check it out here: http://www.slideshare.net/mucugl/lync-mobility-deployment


    Justin Morris | Consultant | Modality Systems
    Lync Blog - www.justin-morris.net
    Twitter: @jm_deluxe
    If this post has been useful please click the green arrow to the left or click "Propose as answer"

    • Marked as answer by _MarkH_ Monday, February 13, 2012 11:31 PM
    Monday, February 13, 2012 1:11 PM
  • Thanks Justin, that's a fantastic response!

    Monday, February 13, 2012 11:31 PM