Security Filter Manager

The Security Filters suite of products addresses all your security requirements to protect your Skype for Business (formely known as Lync) and Exchange infrastructure against external threats. They target the Skype for Business (SIP, UDP, UCWA) and Exchange (EWS, ActiveSync, RPC over HTTPS) specific protocols as opposed to the lower-level protocols.

The Security Filters can defend user accounts against denial of service (DoS) attacks, brute-force attacks, XSS attacks, SOAP attacks, and many other possible attacks. The Security Filters can restrict access to specific Skype for Business and Exchange web services to reduce the surface area of attack. They can restrict federated users from accessing the presence information of internal users, and restrict specific communication modalities from being used with external participants. They can sanitize the SIP traffic from transmitting internal IP address information to external participants. The Security Filters can restrict access only to authorized Lync Mobile devices.

We continually enhance the Security Filters suite of products to meet our customers' increasing security requirements. The Security Filter Manager allows you as the administrator to manage all these components from a single web-based management console. It consolidates logging information from your Edge pools and reverse proxies into a centralized database view. The Security Filters maximizes your investment by bringing synergy across components as a suite, yet allows you the flexibility to deploy each product separately. The Security Filter Manager ties them all together.

Key Benefits

  • Centralized web-based administrative console
  • Manages all Security Filter components
  • Centralized logging of information
  • Provides high-availability through SQL mirroring of database
  • Provides role-base access control (RBAC)

Architecture

The Security Filter Manager is the administrative control point of all the other Security Filter components. It hosts the SQL database used by all the Security Filter components.

The Security Filter Manager is designed to be deployed in the DMZ so that there are no tie-ins with the internal infrastructure (that is, Active Directory).

The following screenshot of the Security Filter Manager is an actual attack to our Lync Server environment that was successfully averted by the Security Filters. This view shows sign-in attempts to Lync Server going through the reverse proxy that were blocked by the Security Web Filter. The centralized logging from the Security Filter Manager indicates rapid succession attacks in bursts of eight minutes.

The following screenshot of the Security Filter Manager illustrates the Lync Mobile devices that are registered and authorized or unauthorized to connect to the Lync infrastructure.

Request a demo

Update