Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
damiri
New Contributor

lync 2013 and fweb

Hi, customer is looking at Lync2013 for vpnless connectivity towards remote workers but being ms platform, they are afraid of being targeted. Anybody using fweb for lync traffic ? Damir
13 REPLIES 13
abelio
Valued Contributor

Hello Damir, as another answer for your post: fortiweb is a WEB application firewall, strictly; it' s not a general firewall. regards

regards


__ Abel

damiri
New Contributor

and WEB being HTTP/HTTPS, right? I don' t have expeirence with Lync 201x but I do have with Avaya mobile communications. And guess what It is WEB application and it is supported on Fweb. Unless you have something valuable to add, then add it and don' t play smart ;) here. Damir
abelio
Valued Contributor

Damir, i am not playing anything here, maybe wasting my time; you' re asking for things far from the usual logic behind a waf. What exactly do you want to mean with " Lync 2010, or avaya stuff" ? Do you have web servers hosting web applications using video conference stuff like Lync? Did you host a Lync web server hosted there? Do you asking for pre-created signatures for protect it with a waf? If so, what exactly do you want to accomplish? If not,, what exactly do you want to do? Reading your posts in fortiweb forum and your almost sarcastic comments, I think you' ve not read enough fortiweb specs and usage. But nevermind, maybe i just " playing smart" as you said and not trying to understand your posts

regards


__ Abel

damiri
New Contributor

being dumb, that' s the reason I asked community is there somebody with such a deployment. I know what Fweb is for and dealing with them few years now. They are not perfect but get 98% of stuff done. You reverted to me like I don' t have a clue what is waf or firewall device but me is dealing with Fortinet as os 1.9 or 1.8 FortiOS, Can' t remember year. So if you haven' t done anything with Lync and Fweb, then you don' t have experience required to asnwer the question (of course you probably have wealth of other experience which is really useful here; not being sarcastic). So for expert members here before you engage with help don' t underestimate other people. Sometimes other people maybe dealing with Fortinet just like aside responsibility and not being able to go thru manual for every particular thing. Best Damir
abelio
Valued Contributor

I' m sorry Damir, it was never my intention underestimate another people; you could see all my old posts to confirm that. I was here since fortios 2.5 too; but fortiweb , fortidb, fortiauthenticator and all the ' new' products are also relativately new for me, i' ,m gaining expertise with those over the months; I try to not to advise anything that I have not tested before. Regarding the point, indeed, i did nothing yet with hosted Lync server behind a Fortiweb; however that it was not you first question in your first post. regards

regards


__ Abel

damiri
New Contributor

Abelio, all Ok on this side of the world. Best regards, Damir
damiri
New Contributor

Yes, if SIP is in questions ( I don' t have expeirence with Lync at all nor I know architecture behind) so I guess session border controller is best approach for this ... Any particular recommendation for Lync ? we are an avaya partner and gettint sipera thru contract but avaya is going to some lock ins on their platform so I rather avoid them in this project ...
Courtney_Schwartz

Lync uses HTTP, but also SIP. SIP is not handled by FortiWeb. FortiWeb inspects HTTP/HTTPS only.
Dave_Hall
Honored Contributor

After looking at the system requirements for Lync 2013 and glancing through some of the Lync server set-up guides (involving AD, IIS, PSTN analog gateways, dual/NIC teaming, QoS. etc), I would be more incline to deploy a more full-featured firewall appliance -- just because whatever Micrsoft may want you to install along/on top of Lync, that may need " protecting" . Mind you, the Microsoft deployment guides assume/expect their edge server components are being installed. The port list for Lync server is provided here. I do not know enough about FortiWeb to know if it can block/allow/port redirect/forwarding to/from all these ports.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C