Details
Use this setting to start the UM Server in secure mode. This forces all dial plans to use TLS.
Rationale:
Communications between other VOIP systems and Exchange that are not protected by TLS are vulnerable to being captured by a malicious third party.
Solution
To implement the recommended state, execute the following PowerShell cmdlet:
Set-UMService -Identity Exchange1 -UMStartUpMode TLS
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.