We have a hybrid IP telephony system - integrated Nortel CS1k/OCS 2007 R2 environment which provides enterprise voice (VoIP) for our users. Mix of softphones/hardphones.
In our setup, we have an OCS Standard Edition server (which also has the Monitoring Server Role), a Mediation Server, an Application Proxy Server, a Unified Messaging Server and a CWA Server. They are all this side of the network, with a single TMG server facing the internet (holds CWA cert etc). We do not have an Edge Server or DMZ setup.
We are looking to enable the configuration for external web conferencing. So external users can join conferences (using Live Meeting).
The recommended MS configuration advises to have an Edge Server, in a DMZ. Is it possible to set this up in our existing configuration without negating security? (without having to setup a separate Edge Server, another Firewall and a DMZ). Or even a compromise somewhere in the middle?
I know we can setup our existing OCS Server as the Edge Server but would expose it to the internet. Is it possible to do this but not have the OCS server directly internet facing and behind the TMG? And still be secure??