cisco it avvid operations best practices...presentation_id cisco public voice quality • trust ip...
TRANSCRIPT
1© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco IT AVVID Operations Best Practices
Kevin O’HealyCisco IPT Operations
2© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Agenda
Cisco CallManager
Voice Quality
Support
Monitoring
Security
IP Telephony Best Practices:
Dial Plan
IPT in Small Offices, Home Offices, and Labs
Additional Considerations
3© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
Strategically Place Cisco CallManager Servers to Maximize Redundancy and Load Balancing Within the Cluster; Consider…• Cisco CallManager Cluster Redundancy
Place Cisco CallManager Servers in Multiple LocationsProvide Spatial RedundancyCluster Over the LAN/WAN
• Placing Cisco CallManager Clusters in Class A Data Centers
Multi-Circuit UPS and Generator Power SystemsPhysical Access SecurityHVAC, Fire Suppression, Diverse Circuit Entrances
4© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
Replicate Key Services to Provide the Highest Level of Resiliency• TFTP• DNS• DHCP• IP Phone Services• All media resources
(conference bridges and music on hold)Implement Diverse Routing for Voice Gateways (Carrier and Device)• Multiple Vendors
(use LEC and IXC interchangeably)• Physically Separate Gateways• Provide Multiple Paths out of Each Cluster
5© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
• OS and Cisco CallManager InstallationServer is Named According to a Consistent Naming StandardStandardized Passwords
• Anti-Virus SoftwareConfigured to Automatically Update Virus Definition Files
• Network ConfigurationHard Set Speed/Duplex on CM Server and Switch
• Time ConfigurationImplement NTP or Windows Time Service
A Checklist for Installing Cisco CallManager Should Include:
6© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
• Configure Cisco CallManager Trace FilesStore at least 5 Days Worth of Traces
Configure Trace File Names
Set the Appropriate Trace Level
Configure Traces to be Written to Dedicated Drive Array
• Configure Performance Monitor AlertsMonitor Drive Space, Registered Devices, and CCM Heartbeat
Minor Alerts: (Email every 15 minutes)
Major Alerts: (Page every 5 minutes)
A Checklist for Installing Cisco CallManager Should Include:
7© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
Don’t Install or Activate Unnecessary CallManager Services:• Not all services are required
on every node
• Preserves system resources
• Avoid unnecessary complexity
• Increase security
8© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Cisco CallManager Best Practices
Simplify the Administration of CallManager:• Utilize CallManager Bulk Administration Tool (BAT)
Import users and devicesModify existing phones and linesMigrate data from one cluster to another
• Standardize the deployment of CallManagerUtilize a consistent naming convention for dial plan components (Calling Search Spaces, Partitions, etc.)Consistent phone descriptions make it easy to locate devices with a common function (conference phones, public area phones, etc.)
Use the Cisco CallManager Solutions Reference Network Design guide (SRND) as a reference when planning a CallManager deployment
9© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Voice Quality
IP Telephony Requires a Well Designed, Highly Available Network With Proper QOS to Provide Desired Voice Quality• Perform a VoIP Audit to Identify:
Network Readiness for Voice
Quality of Service
Call Admission Control
WAN Capacity and Planning
• Use a CODEC that meets your voice quality and BW requirements
Test in the lab and with pilot group/steering committee
10© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Voice Quality
• Trust IP Phone Traffic, Re-Write all Other Traffic to 0
Consistently Apply QOSClassify and Mark Voice, Signaling, and Video trafficDon’t forget about Voice Applications (IP/IVR, CCC, etc.)
• Priority queuing at the WAN edge for voice and signaling traffic
LLQ to Dedicate Bandwidth to Voice TrafficDevelop Consistent QOS Policies for Links of Varying Bandwidth
• Ensure consistent CAC configuration across the entire IP telephony environment
Match Cisco CallManager Locations bandwidth to WAN Queuing (LLQ) ConfigurationRemember to Account for the Variations in Codec Bandwidth (i.e. G711 vs. G729)
11© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Voice Quality
• Core, Distribution, Access Switches with HARedundant Power Supplies, Different Power CircuitsRedundant Line Cards and Redundant Supervisor Modules
• Redundant Core and Distribution Routers Throughout the Network
Test and Minimize Route Convergence
• Redundant WAN RoutesUse HSRP to Create Primary and Secondary Data and Voice Paths
• UPS 2-hour run time in all wiring closetsUPS Audit against a UPS PolicyNetworks Grow—Verify UPS is Keeping Up
• Disaster Recovery PlanIdentify the Telephony DR PolicyTest Disaster Recovery Procedures
12© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Security
• Anti-virus software running on all Cisco CallManager servers
Automatically Updated with Latest DAT FileRegular, Automated Reporting on Compliance
• CSA (IDS client) running on Cisco CallManager servers
Host-based Intrusion ProtectionEffective against existing and previously unseen attacks
• Tight control on network access from the outside
Standard Internet Access Controls i.e. Firewall, DMZ, IDSStrong Authentication for RAS/VPN Users
• Implement AUX VLANS for Voice TrafficSeparate voice and dataUtilize RFC 1918 Address Space
13© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Security
• Establish Physical SecurityLimit and monitor physical access to all servers, switches, and routers
• Protect the Network ElementsFollow sound password and authentication practicesSecurely configure any network management functionsUse logging services to track access and configuration changes
• Design a Secure IP NetworkPlace all Call Processing Servers, IP telephony servers, and IP phones on logically separate IP networksUse IP filters to limit access from the data network to the IP telephony networkPlace firewalls in front of all Call Processing clusters
14© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Monitoring
• Measure Device AvailabilityDevice Uptime (ICMP)
• SNMP monitoring for device componentsMemory and CPU UtilizationInterface Utilization and ErrorsPower Supplies and Disk Drives
• Establish thresholds and Automatic NotificationProvide email and pager NotificationBaseline the EnvironmentStandardized Monitoring Policies for All Hosts
15© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Monitoring
• Voice Gateways and TrunksGateway Availability (Registration)
Gateway Utilization
VM Port Utilization
• Dial tone and TFTP availabilityDevelop automated testing tools
Configure Testing to Replicate the User Experience
• Configuration backupsCallManager, Voice Gateways, and LAN/WAN devices
Automated Daily Reporting for Configuration Compliance
16© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Support
• Patches and UpgradesEstablish an Upgrade Policy
Utilize Remote Administration Tools (VNC or ILO)
Pull Redundant Hard Drive on Major Upgrades
Utilize Change Management Process for all Updates
• Minimize Impact During the UpgradeStagger Cisco CallManager Reboots
Monitor TFTP
Disable Alerting during the upgrade
Perform Post-Upgrade Dial Plan and Voicemail testing
17© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Support
• Case ManagementProvide an Escalation Path for Support TeamsIdentify Subject Matter Experts in Voice, LAN and WANEnforce Escalations through Proper Channels
• DocumentationDevelop Implementation and Support Documentation and Store in a Central LocationDevelop FAQ’s for Frequent Problems and Solutions and Provide to the Tier 1 Support Team
• Assign the Correct User PrivilegesAccess Rights Based on Job RequirementsUse MLA to Provide Granular Access to CallManagerUser vs. Privilege Access on IOS-Based Devices
18© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Dial Plan Considerations
Fully Understand the Existing Dial Plan Requirements (and Caveats) When Migrating to IP Telephony• Examine existing telephony usage including:
Current call volumeProfile of calls (frequency, duration, and call flow)Call activity to the PSTN and Voicemail systemGrade of service being offered
Engineer the Solution to Aggregate Traffic and Trunking Together to Take Advantage More Efficient and Cost Effective Call Routing
19© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Dial Plan Considerations
• Implement a uniform dial-planAbbreviated dialing for calling within and between sitesMethod for dealing with overlapping extensionsSource of record for all extensions
• Utilize CallManager Auto-RegistrationDisable the feature to prevent rogue phone registrationAuto-Registration with restricted (PLAR) CSS that automatically calls the help desk
• Be Aware of Toll-FraudAddress “Call Forward All” and Voicemail ExploitsExamine Call Detail Records for abuse of the systemIdentify and restrict “toll” area codes
20© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
IPT in Small Offices, Home Offices, and Labs
• Implement SRST for Remote SitesVerify SRST Fallback
Test Dial Plan while in Fallback Mode
Verify 911 Dialing
• Deploy Redundant Voice GatewaysDistribute Across Multiple Devices
Provide “Shared” Resources for Redundancy
• Careful consideration when developing dial plan
Be Aware of Site-Specific Dialing Requirements (e.g. 7 Digit vs. 10 Digit Local Dialing)
Implement AAR to Protect Against Out of Bandwidth Conditions
21© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
IPT in Small Offices, Home Offices, and Labs
• QoS on the Home RouterProtect voice traffic
• Broadband internet access for home users
Minimum 256k Uplink/768k Download
• Hardware VPN device with encryption • Distributed VPN infrastructure
< 200ms round trip time to the corporate backbone
• Standardize Codec Selection for Remote Users
22© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
IPT in Small Offices, Home Offices, and Labs
• Utilize RFC1918 space for all labsPrevent External Access to Labs
• Labs must use a proxy server to get to the internet• ACL’s limiting traffic that can be sourced from a lab
Only Registered Address Space is Permitted
• All static routing to labsProtect the Production Environment
• Anti-Virus Software on all lab PC’s
23© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Additional Considerations
24© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
Additional Considerations
QoS:• Create and document a QOS policy; Test, then implement the policy
consistently, end-to-end within the network
Standardized Configurations:• Develop a standard for all configurations and deploy it consistently
Management Metrics:• Identify and prioritize what will be measured to define success;
Develop automated systems to collect and report the metrics
Documentation:• Create an IT Operations Intranet web site to store and serve
documents; Identify an owner of the site and of each document
25© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public
More IP Communications Resources
http://www.cisco.com/en/US/about/ciscoitatwork/case_studies/ipcommunications.html
Case Studies
Operational Practices and Design GuidesIP Telephony -http://www.cisco.com/en/US/about/ciscoitatwork/case_studies/ipcommunications_dl0.htmlVideo - http://www.cisco.com/en/US/about/ciscoitatwork/video_op.htmlDesign Guides -http://www.cisco.com/en/US/netsol/ns340/ns394/ns165/ns391/networking_solutions_design_guidances_list.html
Call to get Product, Solution and Financing Information1-800-745-8308 ext 4699
Order Resourceshttp://cisco.com/en/US/ordering/index.shtml
26© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID Cisco Public