cisco webex meetings server - amazon web services · we will also cover the sizing and design...
TRANSCRIPT
Cisco WebEx Meetings Server: Extending WebEx to the private
CloudDan Jordan
Technical Marketing Engineer
BRKCOL-2052
AbstractCWMS (Cisco WebEx Meetings Server) was released in October 2012.
CWMS is a solution bringing the Cisco WebEx conferencing solution; SaaS market leader for many years; into the company private cloud.
CWMS has been generating tremendous interest and many deals around the globe from various types of industries and geographical areas.
This session will first consist in a brief overview of CWMS from a user experience perspective.
We will then explain in deep details the CWMS building blocks and various integrations.
We will also cover the sizing and design considerations to deploy this solution.
The objective of this session is for attendees to have a sound understanding of the solution benefits in order to properly position CWMS as well as to deploy and administer it with confidence.
• Cisco WebEx Meetings Server Overview
• 2.5 New Features Configuration
• Architecture and Deployment models
• Dual Datacenter HA
• Building the Dual Datacenter
• Audio and CUCM integration
Agenda
We are transitioning to a next generation architecture for on-prem and cloud
• We think only Cisco can combine the reach of the cloud with the control of on-premise in the future.
• We call this Media Fusion: a new way to enable customers to store and manage their data locally.
Until then, we are extending MP support and continuing our CWMS roadmap
• Cisco will extend the last day of MeetingPlace’s Software Maintenance support from July 9, 2015 to January 31, 2017 (EOL date stays the same)*
The extension is only applicable to MeetingPlace 8.6 customers with Type 2 deployments. (Integrated with SaaS WebEx and uses WebEx
scheduling)
• CWMS development continues, tightly focused on security and serviceability No TP or Squared integration, Centers or 3rd party H/W support, or new deployment topologies.
• CWMS will continue to be sold for at least 2 more years while we work on new architectures to deliver new on-premise experiences. Once we have these new architectures, we will ensure there is a transition plan for current CWMS customers.
Cisco Collaboration Cloud will extend to on-premise via Media Fusion
• Media Fusion initially focused on TP, then we’ll add audio-only; intens to scale beyond today’s MP or CWMS audio.
• Team is working on commercial migration path to Media fusion for both MP & CWMS customers
•
18%Presentation Progress
• Dual Data Center HA
• JITC Certification & IPv6
• Blast dial-out
• Access-controlled meetings and recordings
• Increased System Scalability: 500 users/meeting
• SSO enhancements
• Expanded security certificate management
• IVR language selection
• CWMS API’s
• Serviceability enhancements
• Jabber for Mac, unified client
• Limited Support for Citrix VDI:
• Desktop sharing
• Application sharing
• Annotation
• Extended Branding:
• Customized audio prompts
• Page branding (e.g. logos etc.)
• Next Generation Suite B encryption:
• 128/256 bits AES
• Elliptic Curve Diffie–Hellman
• Secure Hash Algorithm 2
• Split SSL Certificate
• Compliance with PSB 5.2 – 80%
Version 2.5October 2014
Version 2.6*Summer 2015
“Compliance Market” “Serviceability & Security”
• User Management Enhancements
• Delete user
• Change username
• Compliance with PSB 5.2 – 90%
• Other features will be added as we near the Commit day
Version 2.7*December 2015
“Serviceability and Security”Phase 2
* Currently Uncommitted
Cisco WebEx Meetings Server Product Roadmap
• Cisco Collaboration Cloud will extend to on-premise via Media Fusion
• Media Fusion will focus on TP use cases initially, then add audio only use cases over time
• Fusion will support features such as TP Integration, Scalability beyond 2,000 audio ports, 3rd party H/W, High Availability etc.
• FedRAMP certified Cisco Collab Cloud + Media Fusion on-prem will address the needs of the “Compliance” market (e.g. DoD)
• This hybrid architecture will also address the needs of cost-conscious customers (filling the gap MP will leave once it reaches EOL)
• A future Commercial migration path will be available for both MP & CWMS customers
On Premise Vision Cisco Collab Cloud
FedRAMP Compliant
Media Fusion
CWMS & MP Contacts
Product Manager - Refael Zikavashvili [email protected]
Technical Marketing Engineer – Dan Jordan [email protected]
Roadmap Presentation
https://cisco.box.com/s/qcarqzbjppinu4t1ocvucrdsh8awyai6
CWMS Selling Resources
http://wwwin.cisco.com/voice/products/conferencing/webex-ms/#sr1=0
MeetingPlace S/W Maintenance Support Exention
http://www.cisco.com/c/en/us/products/collateral/conferencing/unified-meetingplace/bulletin-c25-734542.html
MeetingPlace End-of-Life Announcement
http://www.cisco.com/c/en/us/products/collateral/conferencing/unified-meetingplace/eos-eol-notice-c51-730721.html
Overview
Cisco WebEx Meetings ServerAn Entirely New WebEx Deployment Model
• WebEx meetings in a private cloud
• Installed in your datacenter
• All-in-one conferencing solution
• Incorporates audio, web and video in asingle solution
• Same great WebEx user experience
• WebEx clients for PC, Mac, iPhone, iPad, and Android; high quality video; sharing, annotation, and collaboration tools; recording and playback etc.
• Software based
• Designed for Cisco UCS Servers + VMware
• BE6K and BE7K supported for certain configurations
• Integrates with Cisco UC suite
• Extends Cisco Unified Communications Manager to conferencing, and meeting escalation from Jabber.
CWMS Target MarketsReg. RestrictedCompliance Privacy Centric CapEx vs. OpEx
• Behind the firewall installation
• 100% 128 and 256 Bit SSL encrypted online meetings
• Industry-standard 2048 Bit encryption keys
• Wild-card and SAN SSL certificate support
• Optional TLS/SRTP SIP teleconferencing encryption
• Hardened ‘Virtual Appliance’ with SE/Linux extensions
• NIST FIPS 140-2 approved cryptographic algorithms supported
Target Customers - Caveats
ScalabilityCustomers with large systems (>40,000 users) will need 2+ separate systems
Audio-only Features not a direct replacement for MeetingPlace1
Focus on integrated Web conferencing
CapacityNo more than 500 participants in a single meeting
Meetings OnlyNo planned support for on-premises Events Center, Training Center, Support Center
1 CWMS supports audio-only conferencing via Personal Conferencing
Innovation is led from the Cloud, CWMS follows….Lagging on WebEx-enabled TelePresence, Productivity Tools for Mac & Lotus Notes, Client for Windows Mobile
Total Cost of Ownership is comparable between Cloud and On-Premises SolutionsParticularly when customer has more than 5,000 hosts and CCA is an option
Designed for customers worldwide
• 100% Localized
• End User and Admin User Interfaces
• Online Help and Technical Documentation posted on Cisco.com
• Support for 13 Languages• English (with Audio Prompts in US English & UK English)• Simplified and Traditional Chinese• Japanese• Korean• German• French (France)• Italian• Dutch 1
• Spanish (Spain) 1
• Spanish (Latin America)• Portuguese (Brazil)• Russian 1
WebEx & WebEx Meetings Server Comparison
WebEx SaaS
Enterprise Edition – Meetings, Trainings, Events, Support
Broad range of 3rd party Plug-Ins
Extensive Customizability
Unlimited Scalability
Flexible Subscriptions – Minutes, Ports, Hosts
Add on audio separately
CWMS
Meeting Center
Outlook Calendaring Plug-In
Limited Customizability
(Logo, PS, TOS, Legal Disclaimer)
2,000 Peak Attendees (Ports)
Perpetual User Licenses
Audio is built in (requires CUCM)
What’s new in v2.5 at a glance
• Dual Data Center – High Availability
• Blast Out-Dial
• JITC Certification & IPv6 Compliance
• Refreshed Meeting Client
• Up to 500 attendees per meeting
• New & Improved Admin Dashboard
• Scheduling APIs
• Language Selection
• Access controlled recordings
• Admin SSO
• Schedule on Behalf
WebEx Meetings Server 2.5
New Licensing in 2.5• Multi-data Center Licensing
Multi-data Center (MDC) licensing is required to join data centers to a system. Each data center requires an MDC system license; an MDC system requires a minimum of two licenses, one for each data center. A Single-data Center (SDC) does not require a system license. (See "About MDC Licensing" in the Cisco WebEx Meetings Server Administration Guide version 2.5 at http://www.cisco.com/c/en/us/support/conferencing/webex-meetings-server/products-installation-guides-list.html.)
• Host Licensing for Version 2.5A user can host a maximum of two simultaneous meetings, consuming only one license. (Previously, a user that hosted multiple meetings consumed multiple licenses.) A Host licenses is not required to schedule or attend a meeting. (See "License Status of Users" in the Cisco WebEx Meetings Server Administration Guide version 2.5 at http://www.cisco.com/c/en/us/support/conferencing/webex-meetings-server/products-installation-guides-list.html.)
Configuring new features in 2.5
1.X or 2.0 upgrade to 2.5• The following are supported upgrade/update paths to 2.5
> 2.0
MR3
2.01.X
< 2.0
MR3
2.5Update
Update
Upgrade
LDAP Integration (1.5+)LDAP directory service for User Management and User Authentication
• Set up LDAP Integration in 4 easy steps
1. Set up CUCM
2. Perform Directory Sync
3. Turn on LDAP Authentication
• Notify Users (Optional)
Cisco Call Manager (CUCM) acts as the gateway to LDAP
• No new software deployment required
• Aligns with existing UC integration model
• Secure (SOAP over HTTPS)
IPv6 Overview
In current Orion architecture the telephony servers already support IPv6. The CWMS can be enabled to use IPv6 addressing schemes to connect to telephony users. However the end users and meeting clients (like desktop/laptop clients etc.,) cannot connect to CWMS server using an IPv6 addressing scheme.
CWMS 2.5 release is providing IPv6 support for these users with a reverse-proxy based solution.
The reverse proxy (IRP Node) accepts incoming IPv6 connections and proxy them via IPv4 to internal CWMS web or media servers. The reverse proxy is providing a dual stacked solution for this. All internal and external clients (remote users) will communicate with the CWMS using reverse-proxy.
The user experience is consistent for both IPv4 and IPv6 use cases. The end users or meeting clients does not need to be aware if they’re using IPv4 or IPv6. This is a common and converged infrastructure for supporting both IPv4 and IPv6 use cases.
IPv6 Requirements/Configuration• CWMS deployed as System with Public Access and Non-Split-Horizon DNS
• All users are connected to CWMS via IRP nodes
• Administrator is connecting directly to Admin VMs from internal network in dual stacked network environment (IPv4 or IPv6)
IPv6 Configuration
IPv6 configuration via Admin web
Both Private and Public interface must be configured with IPv6 addresses
Admin and IRP virtual machines in deployment need to be configured with IPv6 addresses for VM interface.
DNS configuration
WebEx Site URL and WebEx Administration URL are extended with IPv6 addresses on DNS, along with existing IPv4 addresses.
Same applies for VM FQDN.
IVR Language Selection Configuration• Configure a route pattern on CUCM for each language for direct access
• Add the language in CWMS Settings > Audio > Global Settings
• Add the CUCM configured route pattern to CWMS to match the language
Blast Dial Group Configuration – step1 • Add CUCM route pattern specific for Blast Dial Group
• Ensure “Call In and Call Me service is enabled” on CWMS
Blast Dial Configuration - step 2• Add a Blast Dial Group
Display on phone
screen
Same with above
CUCM Blast Dial
route pattern
Display on phone
screen
Blast Dial Configuration – step 3• Add Participants
This “Host” is
web host instead of
audio host
Show the phone number
which is set on user web
“My Account”
Type one
phone number
Architecture & Deployment Layouts
High-Level System Architecture
INTERNETENTERPRISE PERIMETER ENTERPRISE NETWORK
Cisco WebEx Meetings Server
Virtual Appliance
Mobile and Internet
UsersSAML or LDAP Single Sign On
based on Corporate Directory
Credentials
SIP Trunk
Teleconferencing to
CUCMInternal Users
General RequirementsCategory System Requirements
VMware • VMware 5.0, 5.0 Update 1 & 2, 5.1, 5.1 U1, 5.5
• vSphere Standard - for 50 250 user deployments
• vSphere 5.1 Enterprise or 5.0 Enterprise Plus - for 800 2000 user deployments,
• vCenter mandatory
• One License per socket
Networking • LAN
• DNS must be configured prior to deployment
• NTP required on ESXi Host
• Redundant configurations must have all NIC interfaces duplicated and connected to
independent switching fabric to support LAN Fault tolerance
• WAN
• Similar to SaaS WebEx for HQ Video, Web Share etc.
• Plan assuming 70-30 distribution in-company users (LAN) and internet users (WAN)
Storage (Network Attached Storage) • Needed only if customer wants to record meetings and keep system snapshots (for DR)
(NFS only for recording, NAS/SAN for VMware)
Teleconferencing • CUCM 7.1, 8.6, 9.0, 9.1, 10, 10.5 for SIP Trunk based Teleconferencing
SSO (Single Sign On) • If using ADFS 2.0 as iDP then customer needs AD (Active Directory) 2010
• Other SAML 2.0 SSO Compliant iDP also supported – same as SaaS WebEx
• PingFederation V6.5.2, ADFS V2, OpenAM V9.5.4
• LDAP integration provided through CUCM (1.5+)
CUCMExternal Firewall
Internal
Users
SIP
Internal Firewall
Guest and
Mobile Users
IPv4 Web/Video
Traffic from Internal Users
PC Audio OFF
Reverse Proxy VM
DMZ
IPv4 Web/Video
Traffic from external Users
PC Audio OFF
AD LDS
AD/ (Lightweight Directory
Service)
LDAP
Authentication
Cisco WebEx Meetings Server
Virtual Appliance
PSTN
LDAP
Directory Integration Architecture using CUCM
• Synchronization via CUCM
• Authentication
LDAP
Synch
AXL
Synch
Split DNS Traffic flow
• Increased traffic through the DMZ
• Public VIP will be served to
internal & external clients
• URL does not change
Flat DNS Traffic flow
Network Port Requirements
Internet Reverse Proxy (IRP) Recommended in
the DMZ
Ports 443 and 80 will need to be open inbound to
the IRP.
Other ports (listed) will need to be open inbound
from the IRP to CWMS and outbound from CWMS
to the IRP.
System CapacitiesMedia Type 50 Port 250 Port 800 Port 2000 Port
100% SIP/PC Audio 50 250 800 2000
Encrypted Audio (sRTP) * 50 250 800 2000
Secured MC Web (SSL) 50 250 800 2000
50% HQ Video (SSL) 25 125 400 1000
Single Meeting Max Size 50 100 500 500
Recorded Meetings Max at Peak 5% of Maximum meetings
*Includes high fidelity Codecs E.g. G722
CWMS Deployment Models – Single DC options
Non-redundant Centralized (Recommended for initial deployment)
• No redundant components
• Single Data center only
• With Internet Reverse Proxy (IRP) for External Access or without IRP
• 1 hr to restore on same UCS Hardware in VMware
High Availability Single DC (HA) (Optional)
• Centralized Single Data Center – multiple servers/blades (N+1)
• Active/Active resiliency – load sharing between all like VM’s
• No Latency between VMs
• With Internet Reverse Proxy (IRP) or without IRP (no external web access, no mobile)
CWMS Deployment Models – Dual DC OptionsDisaster Recovery (DR) – (Optional)
• Centralized, Dual Data Center model – “cold standby” mode
• Multiple ways to “enable” this site
• Requires IT Manual intervention to use DR Site system
• Restore DB, Change DNS routing, Change UC Manager SIP Routing (checklist)
High Availability Dual DC (HA) (Optional)
• 2 Data Center deployment – multiple servers/blades (N+1)
• Active/Active resiliency – load sharing between all like VM’s
• Latency < 200ms
• With Internet Reverse Proxy (IRP) or without IRP (no external web access, no mobile)
• Dual DC additional license is required for this deployment
Deployment layouts50 Ports
Primary+vCenter IRP or Primary+vCenter IRP or
Primary & vCenter CoResident – IRP
separate UCSPrimary, vCenter, IRP CoResident – Dual
homed
Data
CenterESXi Host
Internal DMZ Internal DMZ
Primary+vCent
erIRP
HA Primary HA IRP
Internal DMZ
Primary+vCenter IRP
HA Primary HA IRP
Internal DMZ
or
High Availability
Options
Deployment layouts
Data
CenterESXi Host
250 Ports
or
Primary & vCenter CoResident – IRP
separate UCS High availability – single DC
• Primary can reside with vCenter
Primary+vCent
erIRP
Internal DMZPrimary+vCent
erIRP
HA Primary HA IRP
Internal DMZ
800 Ports
or
Primary – IRP separate UCS
vCenter still required cannot be CoResident
High availability – single DC
vCenter still required cannot be CoResident
Primary IRP
Internal DMZ Primary IRP
HA Primary HA IRP
Internal DMZ
Disaster Recovery or
DDC - mirror layout in
second DC
Disaster Recovery or
DDC - mirror layout in
second DC
2000 ports Deployment layouts
Data
Center
ESXi Host
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
HA Admin/Media
HA Web
IRP
High Availability Option Non Redundant Option
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
Dual Data Center Option
DC #2DC #1
CWMS Supported Deployments
Self Maintained model - The solution is sold to the customer who manages and maintains system (Customer Premise Equipment)
• Cisco UC Partner provide implementation services
• Cisco Advanced Services provide implementation services
Managed Services model – Customer owned equipment in customer DC, managed by SP
• CWMS has not been architected around Managed Service Provider’s billing or other operational needs
Hosted model (HCS) – Not supported
• No Multitenant support, HCS is supported with WebEx SaaS
Dual Data Center HA
What is Dual Data Center (DDC) HA• 2 Standalone systems are joined to create a single distributed system
• DDC ensures capacity and minimal interruptions to meetings in the event that one of the data centers (DC) goes down
• Transparent to the end users
• Available for new or existing 2.5 deployments.
• Available for 250, 800, and 2000 user deployments
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
Admin/Media
IRP
Internal DMZ
Web/Media
Web/Media
DC #1 DC #2
Dual Data Center HA• Active/Active Deployment
• Meetings can cascade between DC’s
• Looks like one system to end users
• UL handled by primary system, no change in user licenses
• Max capacity still 2000
• Available in all deployments but 50
• Feature license is required (no trial license available)
• Identical hardware in both DC
• NTP required
• NFS required for each DC (recording storage)
Less than 200ms latency required
4.5 Mbps guaranteed bandwidth
Additional bandwidth required during the failover state
User Experience during failover Because of the active-active architecture and the distribution of meetings, the impacted users and meetings will depend on where the failure occurred.
Impacted meetings have the following user experience:
The meeting clients will reconnect within 2-3 minutes.
The computer audio connections will be re-established.
The recording will be restarted.
The computer video has to be restarted by the users.
Host or presenter will have to restart the desktop share.
Host or presenter will have to restart the video share.
Telephony audio (dial-in and dial-outs) will be reestablished in most cases (depending on the CUCM configuration and the type of failure).
Building a Dual DC system
Terminology• Common site URL: The URL used by people to access the DDC. It is mapped to both DC’s and provides
continuous access to the system even if one DC is down.
• Common admin URL: The URL used by the Administrator to access the administrative interface of the DDC. It is mapped to both DC’s and provides continuous administrative access to the system even when one DC is down.
• Local site URL: These URL’s are used by the system. They are mapped to their respective DC only.
• Local admin URL: These URL’s are used by the System and by the Administrator to access the specific DC only.
• Public vIP: This is the IP Address that the Common site URL is mapped to in the DMZ (IRP).
• Private vIP: This is the IP Address that the Common site URL is mapped to inside the Company.
• Flat DNS: In flat DNS, the Common site URL is mapped to the Public vIP. All access to the system comes through the IRP. (exception for administrative access)
• Split DNS: In split DNS, the Common site URL is mapped to the Public vIP for Internet access, but mapped to the Private vIP inside the Company.
Worksheet Example Common siteURL https://meetings.cisco.comCommon adminURL https://meetings-admin.cisco.com
Local siteURL's Dc1-CWMS.cisco.com dc2-CWMS.cisco.com
Local adminURL's dc1-CWMS-admin.cisco.com dc2-CWMS-admin.cisco.com
Public vIP's
Private vIP's 10.194.105.46 10.194.105.51
DNS Server 172.27.200.199 172.27.200.199
Heart VM's dc1-Primary 10.194.105.47 dc2-Primary 10.194.105.52
Media VM's dc1-cwms-media 10.194.105.48 dc2-cwms-media 10.194.105.53
DMZ VM's
Orion Administrator [email protected] [email protected]
Password cisco123 cisco123
Remote Access root root
Password cisco123 cisco123
Call Manager's 172.27.224.190 172.27.200.180
Converting single DC system to DDC• The current site URL and admin URL = Global URLs in a DDC configuration.
• These URLs continue to provide access to the system for meetings, users, and administrators. Administrative access to the system is granted from the private VIP only. No change.
• A new local site URL needs to be created and mapped:
• Flat DNS: Map to the public VIP
• Split DNS: Map to the public VIP in external DNS, map to private VIP in internal DNS
• A new local admin URL needs to be created and mapped:
• Map to the private VIP in internal DNS for both Flat DNS and Split DNS.
• The admin URL is not available for external connections
• DMZ: An IRP can be deployed for non-administrative access to the system for external users
Audio, Call Control & CUCM Integration
Audio Parameters• There is no loss in capacity when using complex/low bitrate codecs – For the
best user experience we recommend g.722 for the best quality audio
• No echo cancellation built into WebEx Meetings Server
• ISR Voice Gateway use DSP Echo Cancellation modules
• CUBE can also be used for Echo cancellation
• Can set QoS for SIP Audio – outbound “Call-back”
• The most commonly purchased edition of CWMS has TLS/sRTP audio encryption available
• Turkish and Russian customers may only purchase the "-AU" edition which lacks TLS/SRTP and is compliant with Russian / Turkish import laws
Call Control – Inbound/Outbound • Call-back Teleconferencing
• Best End User experience to Join Web session first, then use Callback
• Controlled via SIP trunk outbound to UC Manager/Session Manager Edition
• Most efficient call processing methodology
• Can be disabled
• Dial In Operations
• UC Manager /Session Manager Edition - SIP Trunks• Tested with MGCP Trunks end to end
• Tested with SIP Telco Trunks end to end
• Inbound Calling can be from unlimited number of UC Manager clusters OR via inter-cluster trunks (ICT) between all clusters to a centralized UC Manager
• Typical customers deploy with 3 phone numbers: toll free, toll and internal dial numbers pointed to SIP trunks inbound to Cisco WebEx Meetings Server system.
• Uses SIP Refer to provide load balancing across redundant systems
CUBE CUBE
PSTN
H323MGCPSIP
Unified CM Session Management Edition Cluster or UCM Cluster
Leaf Unified CM Clusters/ Leaf UC Systems
CUCM Clusters with H323 QSIG Trunks to
SME
PBXs/ CUCM Clusters with SIP Trunks
to SME
CUCM Clusters with
H323 Trunks to SME
PBXs with MGCP Q931
Gateway Trunks
PBXs with MGCP QSIG
Trunks to SME
CUCM/PBX with SIP QSIG Trunks to SME
SME cluster can interconnect 1000’s of UC/PBX systems using SIP, H323, or
MGCP Trunks SME allows you to reduce UC system complexity by centralizing
your dial plan and call routing rules.
CiscoWebex Meetings Server
CUCM Integration – SME recommended for large systemsDial-In Examples:
800-XXX-XXXX Toll Free
919-XXX-XXXX Direct
x5000 Internal
Or Call-Back
CUCM Configuration for Dual Data Center• Typically, each Site will have a dedicated CUCM cluster associated with it. CUCM clusters
will be connected via inter-cluster trunks (ICT).
• Each CUCM cluster will have call-in/call-out trunks to the local CWMS site.
• Each CUCM will have SIP REFER trunks to all the media VMs in the DDC.
• The ‘call-in’ route pattern can be setup to have priority to the INVITE trunk to the local DC and only use the INVITE trunk to the remote DC upon failure
SJ
CUCM
Cluster
INVITEREFER
Admin-VM Media-VM
SJ DC
RTP
CUCM
Cluster
INVITEREFER
Media-VM Admin-VM
RTP DC
REFERREFER
ICT
CUCM Configuration for Dual Data Center• CWMS can be configured behind the local CUCM clusters with SME for ICT
• The refer trunks can hang off from local CUCM
SJ
CUCM
Cluster
INVITEREFER
Admin-VM Media-VM
SJ DC
RTP
CUCM
Cluster
INVITEREFER
Media-VM Admin-VM
RTP DC
REFERREFER
ICTSME ICT
CUCM Configuration for Dual Data Center• CWMS nodes can be configured behind the SME also
• The refer trunks can hang off from SME
INVITE
SJ
CUCM
Cluster
Admin-VM Media-VM
SJ DC
INVITE
RTP
CUCM
Cluster
Media-VM Admin-VM
RTP DC
REFER
REFER
ICT
SME
ICT
Key Takeaway
INTERNETENTERPRISE PERIMETER ENTERPRISE NETWORK
Optimized for 100% Secure, behind-the-firewall VPN-less Access that integrates
with your Corporate User Management and UC Infrastructure
Cisco WebEx Meetings Server
Virtual Appliance
Mobile and Internet
UsersSAML or LDAP Single Sign On
based on Corporate Directory
Credentials
SIP Trunk
Teleconferencing to
CUCMInternal Users
Online ResourcesFor Questions please use the discussion forum at
https://communities.cisco.com/community/partner/collaboration/webex
CCO Documentationhttp://www.cisco.com/go/cwms
Supported Platforms wikihttp://docwiki.cisco.com/wikiVirtualization_for_Cisco_WebEx_Meetings_Server
WebEx Network Bandwidth White Paperhttp://www.cisco.com/en/US/prod/collateral/ps10352/ps10362/ps10409/webex_video_bandwidth_gui
de.pdf
Participate in the “My Favorite Speaker” Contest
• Promote your favorite speaker through Twitter and you could win $200 of Cisco Press products (@CiscoPress)
• Send a tweet and include
• Your favorite speaker’s Twitter handle @danjorda
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
Promote Your Favorite Speaker and You Could Be a Winner
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card.
• Complete your session surveys though the Cisco Live mobile app or your computer on Cisco Live Connect.
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you
Collaboration Cisco Education OfferingsCourse Description Cisco Certification
CCIE Collaboration Advanced Workshop (CIEC) Gain expert-level skills to integrate, configure, and troubleshoot complex
collaboration networks
CCIE® Collaboration
Implementing Cisco Collaboration Applications
(CAPPS)
Understand how to implement the full suite of Cisco collaboration
applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
CCNP® Collaboration
Implementing Cisco IP Telephony and Video
Part 1 (CIPTV1)
Implementing Cisco IP Telephony and Video
Part 2 (CIPTV2)
Troubleshooting Cisco IP Telephony and Video
(CTCOLLAB)
Learn how to implement Cisco Unified Communications Manager, CUBE,
and audio and videoconferences in a single-site voice and video network.
Obtain the skills to implement Cisco Unified Communications Manager in a
modern, multisite collaboration environment.
Troubleshoot complex integrated voice and video infrastructures
CCNP® Collaboration
Implementing Cisco Collaboration Devices
(CICD)
Implementing Cisco Video Network Devices
(CIVND)
Acquire a basic understanding of collaboration technologies like Cisco Call
Manager and Cisco Unified Communications Manager.
Learn how to evaluate requirements for video deployments, and implement
Cisco Collaboration endpoints in converged Cisco infrastructures.
CCNA® Collaboration
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact [email protected]
End User RequirementsCategory System Requirements
Web User Interface Browsers
• Internet Explorer 8 - 11 (32-bit/64-bit)*
• Firefox 9+ (Mac/Windows)
• Safari for Snow Leopard and Lion, Mountain Lion (Mac)
• Chrome Latest Releases (Mac/Windows)
Desktop Operating Systems • Windows XP SP3 and later
• Windows Vista (32-bit/64-bit)
• Windows 7 (32-bit/64-bit)
• Windows Server 2008 (64-bit)
• Windows 8, 8.1(32-bit/64-bit)
• Mac OS 10.6 Snow Leopard, 10.7 Lion, and 10.8 Mountain Lion
Calendaring Interfaces • PC: Microsoft Outlook 2007 SP2+, 2010 SP1+ (32-bit/64-bit), 2013
• PC & Mac: Web Calendaring
• Mobile: iOS WebEx App, Android WebEx App
Mobile Platform • iOS v5.0(1.5) v6.0(>2.0) or later (iPhone and iPad) – same Mobile Meeting Center Client
download as SaaS WebEx
• Android 2.1 or later
* IE 11 only tested on win7 SP1
WebEx Meetings Server Sizing Guidelines
Model Size
Simultaneous Users
Company Knowledge
Workers based on usage
Average Minutes Per Month
Ranges
50 Ports ~ 500 heavy (10 to 1)
~ 1,000 avg. (20 to 1)
~ 1,500 light (30 to 1)
50-125 K
(2500 min/port)
250 Ports ~ 2,500 heavy (10 to 1)
~ 5,000 avg. (20 to 1)
~ 7,500 light (30 to 1)
130-750 K
(3000 min/port)
800 Ports ~ 8,000 heavy (10 to 1)
~ 16,000 avg. (20 to 1)
~ 24,000 light (30 to 1)
1000 K - 2.8 M
(3500 min/port)
2000 Ports ~ 20,000 heavy (10 to 1)
~ 40,000 avg. (20 to 1)
~ 60,000 light (30 to 1)
3-8 M
(4000 min/port)
Actual Usage may vary based on conferencing and growth
Common Requirements
• UCS M2 Gen or above (Westmere-EX Processor or above) w/AES-NI
• 2.4GHz Processor or above
• vSphere ESXi version 5, 5U1, 5.1 U1, 5.5
• Additional NIC recommended for VMware Management Network
• vCenter version 5 -
• DAS minimum 4 Drives - RAID 10, RAID 5
• SAN Supported
50 Port
Recommended host C220-M3, vSphere Standard, 7200RPM HDD, 100Mbps NIC, 1.5TB HDD, Built in RAID
Primary
• 6 cores
• 24 GB RAM
• 1 NIC
IRP
• 6 cores
• 12 GB RAM
• 1 NIC
Co-Resident Configurations
Primary + vCenter
• 10 cores
• 36 GB RAM
• 1 NIC
Primary + IRP
• 8 cores
• 36 GB RAM
• 2 NIC
Primary + IRP + vCenter
• 12 cores
• 40 GB RAM
• 2 NIC
250 Port
Recommended host C220-M3, vSphere Standard, 7200RPM HDD, 1GB NIC, 1.5TB HDD, Built in RAID
Primary
• 12 Cores
• 52 GB RAM
• 2 NIC
IRP
• 12 Cores
• 36 GB RAM
• 2 NIC
Co-Resident Configuration
Primary + vCenter
• 16 Cores
• 56 GB RAM
• 4 NIC
800 or 2000 Port
Recommended host C460-M2, vSphere Enterprise Plus, 10,000RPM SAS, 10Gbps NIC, 1.5TB HDD, LSI 9260-8i w/(Battery Backup)
Primary
• 40 Cores
• 80 GB RAM
• 4 NIC
IRP
• 40 Cores
• 36 GB RAM
• 4 NIC
UCS Requirements Check planning guide for latest requirements
Licensing – screenshot
1.X to 2.0 Upgrade Procedure
Overview• Customers who wish to upgrade their CWMS 1.x systems to the latest version,
CWMS 2.0, must do so using the replacement upgrade procedure. Two upgrade methods are available
• Automatic upgrade• The preferred upgrade method
• Only available if vCenter credentials (with required privileges to create/modify VMs) can be provided
• Automatically creates VMs (including IRP and HA VMs) needed for the new system
• Automatically transfers data from the old to the new system
• Manual upgrade• Must be used if vCenter credentials cannot be provided
• Very similar to CWMS 1.0/1.1/1.5 system expand procedure
Note: 2.0 to 2.5 requires an update, this process is not required for 2.0 to 2.5 update. See the administration guide for update
procedure.
Automatic Upgrade Flow• The Automatic Upgrade process can be divided into different stages. They are
• Create the CWMS 2.0 auto-upgrade admin VM *
• Start the upgrade *
• New system setup **
• Finish the upgrade **
• Licensing in the CWMS 2.0 system
• Long pauses can exist be between 1 & 2 and 2 & 3
• * Existing CWMS 1.x system remains in service
• ** Existing CWMS 1.x system not in service
New VM Type for Auto-Upgrade• Four new VM types defined
• Select the Auto-upgrade VM type that matches your existing system’s size
Create the CWMS 2.0 auto-upgrade admin VM • Overview and Steps
• No meeting service disruption during this operation
• Manually create the CWMS 2.0 auto upgrade admin VM first in vCenter using the 2.0 OVA
• Select from four new CWMS 2.0 auto-upgrade admin VM types
• VM is pre-configured to have zero CPU and memory reservations. Therefore, on some systems (e.g. a micro running on a 4-core blade) the upgrade may run slowly
• Must create it on the same ESXi host containing the primary admin VM of CWMS 1.x
• Requires a temporary IP/hostname for the VM on the same subnet as the primary admin VM of CWMS 1.x
• Power up the new 2.0 admin VM created earlier and open its console in vSphere Client
Start the upgrade - screenshot
Start the upgrade• Overview: Browser Enhancements
• No meeting service disruption during this operation
• Upgrade process status not lost if browser session is closed
• Multiple system admins can simultaneously view the upgrade status
• Continuous progress update and remaining time estimate provided (browser and VM console)
• Estimated remaining time for backend operations
• Uses the CWMS 1.x admin credentials and vCenter privileged credentials to read 1.x system information, auto create VMs
Start the upgrade
• Steps
• Type the Deployment URL displayed in the VM console into a web browser
• In the first page
• Provide access information to the CWMS 1.x system
• Provide access information to vCenter
• These are automatically reused at a later stage during the upgrade (refer screenshot)
• Click continue and the system auto-creates all the 2.0 VMs (including HA VMs, IRP VMs)
• Auto-created VMs remain powered down for now
New system setup - screenshot
New system setup• Overview
• Once the 2.0 VMs have all been auto-created successfully, user is asked to confirm proceeding to the next stage
• Upon confirmation, existing CWMS 1.x system will go down
• Continuous progress update and remaining time estimate provided (browser and VM console)
New system setup• Steps (automatically performed)
• Put old system into Maintenance Mode
• Prepare old system for upgrade
• Power down old system
• Copy archive data from source system to the target system via VMDK copy and attach.
• Reset the 2.0 Admin VM’s CPU and memory reservations
• DB Operations
• Restore the data transferred from the source system to the target system
• Update the DB schema and data
• In case the target system has HA, DB replication will be set up between the its primary and secondary admin VMs
Finish the upgrade • Congratulations on the upgrade!
• Click the “Sign-In” button to go to CWMS 2.0 administration URL
• Sign in with the same admin credentials as the 1.x system
• The 2.0 system will be in maintenance mode
• Take it out of maintenance mode when ready to use the system
• When you exit maintenance mode (causes a reboot)
• The temporary IP bound to eth0 is released
• The auto-upgrade admin VM is changed to use the original system’s primary admin hostname / IP
2.0 Manual Upgrade• Due to limited time I will not cover the manual upgrade. Video Available on
Partner Central