Note that there may be many dependencies and connectivity considerations in your environment so extensive planning and testing is advised.We are planning to discontinue support for Transport Layer Security (TLS) versions 1.0 and 1.1 in Microsoft Office 365 on October 31, 2018. The purpose of this blog post is to provide the necessary guidance for our Skype for Business Server, Lync Server, and Skype for Business Online customers to prepare for the deprecation of TLS 1.0 and 1.1 in Office 365.Please carefully review all the information in this blog post as you prepare for the mandatory use of TLS 1.2 in Office 365. Microsoft usually releases perpetual updates to Office every few years, though some were concerned that Office 2019 would be the last perpetual update. Luckily for those who prefer a perpetual license, a new version is on the way.Office 2019 comes with quite a few apps, including Word, Excel, PowerPoint, Outlook, and Skype for Business, as well as servers such as Exchange, SharePoint, and Skype for Business.3rd party integration with Skype for Business OnlineWe will cover each of these scenarios independently in the following sections.Lync/Skype client connectivity to Office 365Lync and Skype for Business clients may connect to Skype for Business Online, Exchange Online or both depending on where the account for these services are homed (online or on-premises). On-premises server integration w/Office 365 Lync/Skype client connectivity to Office 365 For more details on TLS, please consult the following whitepaper: hereFor additional background understanding of TLS (and a great resource for Exchange customers), see the following blog post.If you would like to prepare your environments for the upcoming TLS 1.2 change, there are three general scenarios you should review and, if applicable to your organization, adequately plan and prepare for. This change will provide our customers with the best-in-class encryption for our customers.Monthly and Semi-Annual Targeted –. Skype for Business 2016 Click to Run Require the April 2018 Updates: Skype for Business 2016 Desktop Client, MSI 0.4678.1000 and higher, including Basic Lync 2013 (Skype for Business) Desktop Client, MSI and C2R, including Basic 0.5023.1000 and higher This scenario will be covered further in the next section.To prepare your organization for the client connectivity scenarios, you should ensure that your clients meet the following minimum versions.
![]() ![]() SRS v1) – LRS has reached end of support on Octoand will not be updated to support TLS 1.2. Lync Room System (a.k.a. There is further guidance provided for these devices is located here. Lync 2013 for Mobile - iOS, iPad, Android or Windows Phone Skype for Business for iOS and Android 6.19 and higherThe following clients and devices do not fully support TLS 1.2, and therefore, you must transition to a fully TLS 1.2 capable version in the list. Skype for Business on Mac 16.15 and higher How does coc count war dmg percentageRoom device should have Microsoft Teams Room app version 4.0.64.0. 'SRSv2' or Rigel) and Surface Hub guidance -Microsoft Teams Rooms (previously Skype Room System V2 SRS V2) support TLS 1.2 since December 2018. See details here.The following devices are actively working on supporting TLS 1.2 and are committed to providing support for TLS 1.2 before TLS 1.0/1.1 deprecation.Skype Room System (a.k.a. Skype for Business Server 2015 – This is CU9 that is already released in May 2019. Skype for Business Server customers need a cumulative update install for them to use TLS 1.2 with Teams Rooms Systems and Surface Hub. Skype for Business Online server changes were made live in April 2019 and now support connecting Microsoft Teams Rooms & Surface Hub devices using TLS 1.2. Surface Hub released TLS 1.2 support in May 2019.TLS 1.2 support for Microsoft Teams Rooms and Surface Hub products also requires server side code changes: Use Skype For Office365 On A Windows 7 By DefaultThis includes any integration or Hybrid with Skype for Business Online or Exchange Online. On-premises server integration w/Office 365There are several hybrid topologies that are covered under this scenario. The following link will provide you with guidance on TLS 1.2 capability for browsers. The aforementioned whitepaper includes guidance on how to enable TLS 1.2 in Windows 7. Note: Windows 7 by default does not have TLS 1.2 enabled by default. For Microsoft OS support, you can consult our TLS whitepaper. Powerpoint for mac 1068Any supported OS for Lync Server 2013 – 2008 R2 – 2012 R2 (v=ocs.15).aspxIf you are a customer that is running Lync Server 2010, we recommend that you upgrade to Skype for Business Server 2015 HF2. Lync Server 2013 CU10 or higher. In-place Upgraded Skype for Business Server 2015, with CU6 HF2 and higher on Windows Server 2008 R2, 2012 (with KB 3140245 or superseding update), or 2012 R2 516 (March 2018 update) and higher on Windows Server 2012 (with KB 3140245 or superseding update), 2012 R2 or 2016 Skype for Business Server 2015 CU6 HF2. (ensure you do not federate with customers in Office 365 as described in the first scenario)If your organization falls under the first four scenarios, you are required to upgrade your on-premises server environment to one of the following versions. ![]() The Oct 31 date has always been about enforcing and requiring a minimum of TLS 1.2 for secured communications with Office365, which requires that TLS 1.0 and TLS 1.1 be disabled and restricted from TLS cipher negotiations.The NextHop blog article from April 2018 explicitly states that Lync Server 2010 is out of scope and will not function in a TLS 1.2 enforced configuration, so the information has been publicly available since April 2018. Be sure to validate TLS 1.2 supportability, test carefully, and contact the vendor if Kennedy - The Oct 31 date was never about enabling TLS 1.2, as TLS 1.2 is already enabled within Office365 and secured communications can succeed over that protocol version today if the client endpoint supports TLS 1.2 (otherwise it would succeed over TLS 1.1 or TLS 1.0). The white paper provides guidance to ensure your application is fully TLS 1.2 capable and provide guidance on how to validate through testing.Your organization’s environment may be comprised of various networking or security devices that may include proxy servers and load balancers, or other networking components.
0 Comments
Leave a Reply. |
AuthorCarmen ArchivesCategories |