The key to secuity in any moderm Microsoft deployment is getting certificates right. You need a strategy and you need it now. As we move to a world where we have generic or ubiquitous access, certificates are critical. This is true for Exchange, Direct Access or Lync to name but a few.
Certificates are not that complicated but there are about a million ways to get them wrong. The most common problem that people have when they self-provision Lync is they get the certificate implementation wrong. This can mean problems authenticating or worse of all it can stop the system from working at all.
Getting your Lync Edge certificates right is also critical. There are multiple certificates required and a key “gotcha” is that they all must come from the same certificate authority. Basically get the cert right, architect it right, deploy it right and you’ll be right! If you aren’t sure, don’t take the risk – engage a Microsoft Certified Master!