I am the systems administrator and our website designer is planning to host a web-conferencing server. It would mainly be used for web-conferencing.
We are fully Microsoft and I have some security concerns. The server technology they are looking to deploy is called Ubuntu BigBlueButton (http://code.google.com/p/bigbluebutton/
). The alternative would be MS Lync 2010, which we could get for a very low price. Our firewall is TMG 2010
There are two deployment scenarios being proposed:
• Inside our LAN with all the relevant ports (80, 1935, 9123) open on our firewall
• Outside our LAN; effectively it would be a standalone server on the internet with one of our public IP WAN addresses assigned to it and only protected by its internal firewall
1. Are there any known security concerns with Ubuntu BigBlueButton?
2. Which of the deployment scenarios above would be more secure? Could it be “published” on our TMG firewall?
3. What would be the risks for our external and internal users to connect to this new web-conferencing server if it was on the internet and got compromised?
4. Which of the two products (Ubuntu BigBlueButton and Lync 2010) are easier to maintain?
5. Any other thoughts?