Publishing Skype for Business (Lync) to the Internet exposes your network to DoS (Denial-of-Service), DDoS (Distributed-Denial-of-Service) and brute force attacks. These attacks can make your network unavailable and cause significant business damage.
SkypeShield blocks these attacks on the gateway level by configuring a block-failed login policy that blocks the attack attempts from reaching the Active Directory.
Using SkypeShield, all failed attempts are blocked on the gateway level (Forefront/Bastion) before reaching the Active Directory, which prevents account lockout, DoS, DDoS and brute force attacks.
SkypeShield helps organizations protect corporate passwords by defining custom login credentials exclusively for Skype for Business. By using this approach, the Active Directory credentials are not stored on a mobile device. This innovative solution also protects the Active Directory from DoS, DDoS and brute force attacks.
LyncShield’s unique approach eliminates the usage of network credentials on mobile devices, and resolves the threat of unauthorized connection to corporate applications and sensitive information. By using SkypeShield, the user creates a dedicated user name and password (on the Skype for Business Access Portal) which are solely for connecting LyncSkype for Business, and which are different from the AD credentials.