technical overview architecture for enterprise · technical overview of the preferred architecture...

Technical Overview of the Preferred Architecture for Enterprise Collaboration 12.0

Glen Lavers, Technical Marketing Engineer

BRKCOL-2614

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

BRKCOL-2614: Technical Overview of the Preferred Architecture for Enterprise Collaboration 12.0

• Attendees should have some familiarity with Cisco collaboration solutions.

• More slides in Appendix + = homework

• Session time: 120 minutes

• Please ask questions as we go…

Questions I'll answer

Questions I'll defer to later in the session

Questions I don't know the answer to, outside the scope of our session, or those that

consume too much time

Session Logistics

Come see me after the session, send me an email, or Spark message

([email protected]) with your question and I will get back to you.

Please consult the latest applicable

product documentation for specific

feature, software version, and

hardware version support requirements

BRKCOL-2614 3

For Your Reference


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKCOL-2614

• What is the “Preferred Architecture”?

• Call Control

• Conferencing

• Collaboration Edge

• Unified Messaging

• Collaboration Management Services

• Simplified Sizing

• Bandwidth Management

• PA for Cisco Spark Hybrid Services

Agenda


PSOCOL-4503 - What's new in Cisco Collaboration: Overview of New and Changed Across the Collaboration Systems Release

• Content Catalog:

• https://www.ciscolive.com/emea/learn/sessions/content-catalog/

Tuesday, Jan 30, 01:00 p.m. - 02:00

p.m. | Hall 8.0, Session Room 111

https://www.ciscolive.com/emea/learn/sessions/content-catalog/

What is the “Preferred Architecture”?


Collaboration Preferred Architecture (CPA)

• Preferred Architecture provides prescriptive design guidance that simplifies and drives design consistency for Cisco Collaboration deployments

• Preferred Architecture can be used as a design base for any customer using a modular and scalable approach

• Preferred Architecture assumes greenfield deployment, but is still relevant to existing deployments for migration towards the target architecture

• Preferred Architecture team provides feedback on solution level gaps to product teams

What products to use to enable users for Collaboration and

Unified Communications for simple deployments.

Prescriptive

recommendations

Concise

Documents

Tested best

practices

BRKCOL-2614 8

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKCOL-2614

Preferred Architecture ProcessFigure it out:

Define Collaboration Preferred Architecture

Build and validate:

Build it in the lab and validate concepts

Extend:

Move it into system test beds, Cisco on Cisco, Alpha and

EFT process

Define:

Define additional Preferred Architectures (Voice, Video, Hybrid)

Write it down:

Document Preferred Architectures for the

field and partners

Feedback:

Feed gaps found during the “build and validate” phase back into product teams

9


Post-Sales

process

Pre-Sales

Process

Collaboration Preferred Architectures & CVDs

BRKCOL-2614

PA OverviewPA CVD

(Cisco Validated Design)

• Design Overview Document

• Targeted to Pre-Sales

• Summarizes Solution and

Components

• Detailed Design and Deployment

Guidance

• Post Sales Design and

Deployment

• Process Driven Guide

Available at www.cisco.com/go/cvd/collaboration !

PA Applications CVD

(Cisco Validated Design)

• Detailed Design and Deployment

Guidance

• Post Sales Design and

Deployment

• Process Driven Guide

• Plugs into the PA CVD

Post-Sales

Process

10

http://www.cisco.com/go/cvd/collaboration


Collaboration Preferred Architecture for the Enterprise

Current PA version

is 12.0 – aligned with

the CSR 12.0

Includes: Unified CM / IM&P 12.0.1

Unity Connection 12.0.1

Expressway X8.10(1)

Cisco Meeting Server 2.2

For more information about

components and versions,

refer to the product list at:

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Collaboration/

enterprise/12x/120/collbcvd/appendix.html

Cisco Jabber – 11.9

7811/88xx – 12.0

DX70/80 – CE 9.1

MX / SX series – 9.1

IX Series – IX 8.2

ENDPOINTS & FW VERSIONS

BRKCOL-2614 11

Cisco Prime Deployment

Cisco Prime Provisioning

Cisco Smart Software Manager

Collaboration Edge

Headquarters

Conferencing

Collaboration Management Services

Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C

PSTN

Integrated/Aggregated Services Router

Integrated Services Router

DMZ

Expressway-E

Third-Party Solution

Voice Messaging

Unity Connection

Endpoints

TelePresence Management Suite

Cisco Meeting Server

Call Control

IM and Presence

Unified Communications

Manager

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Collaboration/enterprise/12x/120/collbcvd/appendix.html


Preferred Architecture for Collaboration Enterprise Cisco Validated Design (CVD)

12

Architecture:

Component

Role, HA,

Scalability

Deployment:

Process and

Configuration

– High Level

CALL CONTROLUnified CM, IM&P, ISR / CUBE (PSTN)

CONERENCINGUnified CM, TP Management Suite, Cisco Meeting Server

EDGEUnified CM, Expressway, CUBE / ISR

PRIME SERVICES MANAGEMENTPrime Collab Deployment, License Manager, & Provisioning

UNIFIED MESSAGINGUnity Connection

BANDWIDTH MANAGEMENTUnified CM, Endpoint Firmware, IOS / IOS-XE / AireOS

SECURITYAll Components

SIZINGEndpoints, Users, Calls, and Virtual Machines

Functions: Dial Plan (Dialing Habits, Endpoints/ILS/GDPR), Trunking, SRST, CTI, Provisioning

Functions: Instant, Permanent, Scheduled

Functions: Mobile Remote Access (MRA), B2B, IM&P Federation, PSTN Access, ISDN Video

Functions: Deployment, Licensing, Monitoring and Troubleshooting

Functions: Unified Messaging

Functions: QoS and Admission Control

Functions: Infrastructure/Network Security, DoS, Toll-Fraud, Encryption, Certificate Management

Functions: Sizing numbers for products built on a set of calculated assumptions

Sizing

For Your Reference

BRKCOL-2614


Usage of the Collaboration Preferred Architecture

• Collaboration Preferred Architecture assumes greenfield enterprise collaboration deployments

However, this isn’t the only usage of the architecture…

• Guideline for updating brownfield collaboration deployments - architecture target

• Training for new collaboration engineers

13BRKCOL-2614

Answers the question:

What’s the best way to design your collaboration deployment?

Call Control





BRKCOL-2614 15

Collaboration Edge

Headquarters

Conferencing


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C

PSTN



DMZ

Expressway-E


Voice Messaging

Unity Connection

Endpoints



Call Control

IM and Presence


Manager

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKCOL-2614 16




Collaboration Edge

Headquarters

Conferencing


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C

PSTN



DMZ

Expressway-E


Voice Messaging

Unity Connection

Endpoints



Call Control

IM and Presence


Manager


Call Control Functions• User / endpoint identities and status

• Single cluster for call routing and IM&P

with 1:1 redundancy

• Central “Dial Plan” authority – E.164

dial plan

• Centralized SIP endpoint registration

and management

• SIP application integration

• Expressway for firewall traversal and

mobile and remote access (MRA)

• Management and third-party

interoperability with APIs

• LDAP provisioning and authentication

Unified Communications Manager is the Heart of the Architecture.

The “Glue” that binds it all together.BRKCOL-2614 17

Prime Deployment

Prime Provisioning

Prime License Manager


Call Control

IM and Presence


Manager

Endpoints

Voice Messaging

Unity Connection

ConferencingTelePresence

Management Suite


MRA

Endpoints

Expressway-C

DMZ

Expressway-E

Collaboration Edge

APIs

SIP

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18BRKCOL-2614

Call ControlCore Components / Roles

• Unified CM provides call control, endpoint registration and configuration, call admission control, codec negotiation, trunk protocol translation, and CTI

• Unified CM IM and Presence Service provides on-premises instant messaging and presence

• Cisco Integrated Services Router (ISR) provides PSTNconnectivity and remote site survivability (SRST)

Key Benefits

• Call control is centralized at a single location that serves multiple remote sites.

• Management and administration are centralized.

• Common telephony features are available across voice and video endpoints.

• Single call control and a unified dial plan are provided for voice and video endpoints.

• Critical business applications are highly available and redundant.

Call Control

IM and Presence


Manager


Unified CM with IM & Presence Cluster

• Two databases

• Each DB has:

• One publisher

• Multiple subscribers

• CM subscriber:

• Call processing pairs

• TFTP pairs

• IM&P publisher part of pair

DB Sync

Unified CM Cluster IM & Presence Cluster

Call Processing

...

...

SOAP / XML

SIP

CTI/QBE

Up to 21 nodes

Up to 6 nodes

19

DB Publisher

TFTP 1

TFTP 2

Primary Secondary

Call Processing

Primary Secondary

Publisher Subscriber

Subscriber Subscriber

BRKCOL-2614


Preferred Architecture Clustering Guidelines

• Call Processing Subscribers always added in pairs

• 1:1 redundancy only

• Single TFTP Subscriber pair

• Call Processing Subscriber and IM&P pairs added to match scale requirements

• Music on Hold function co-located with Call Processing Subscribers

BRKCOL-2614 20


DNS “A Fundamental Solution Requirement”

• Domain Name Service (DNS) is Critical for Collaboration Solutions

» Forward and Reverse Lookup

» SRV for Redundancy and Load Balancing

» DNS for User Data Service (UDS) and Certificate Validity

• Recommendation:

» Enable DNS forward (A record) and reverse (PTR record) lookup for all UC

servers and applications

» Dedicated zone for cluster simplifies configuration of cluster fully qualified

domain name (CFQDN – Enterprise Parameter): *.us-uc.ent-pa.com

» SRV record for each Unified CM node

Best load balancing of initial UDS requests during registration

BRKCOL-2614 21


Deployment Considerations: Numeric Dial Plan

• Use +E.164 as DN addressing

• Benefit: Ensure uniform phone number formatting across all enterprise contacts

• Use XXXX abbreviated intra-site dialing

• Benefit: Allow abbreviated dialing for intra-site calls

• Use site-code based abbreviated inter-site dialing

• e.g.: 8+<site code>+<extension>

• Benefit: Use a normalized approach for inter-site calls

• Non-DID addresses in line with site-code based abbreviated inter-site dialing

• Unique addresses

• Additional site-codes per site or non-overlapping extensions

BRKCOL-2614 22

For Your Reference


Enterprise Specific Numbering (ESN)

Site +E.164 Site Code ESN Range for

DID’s

ESN Range for Non-DID’s

SJC +1 408 555 9XXX 140 8-140-4XXX 8-140-5XXX

RCD +1 972 555 5XXX 197 8-197-5XXX 8-197-6XXX

RTP +1 919 555 1XXX 191 8-191-1XXX 8-191-2XXX

ESN Ranges for DIDs and Non-DIDs

8 as the access-code is used for abbreviated inter-site dialing, and thus all ESNs start with 8 and use a three-digit site code and a four-digit extension

The concept is to use the same site code for DIDs and non-DIDs, but the first digit of the extension for non-DIDs is different from the first digit of the DID extensions. This also allows for abbreviated four-digit intra-site dialing to non-DIDs and DIDs

BRKCOL-2614 23


SIP Trunking Recommendations• Use Best Effort Early Offer on ALL Trunks

• Minimize number of SIP profiles

» Consider default profiles first

» Avoid per-trunk SIP profiles

» Provision SIP profile per group of equivalent trunks

• Recommended SIP profile settings:

» “Use Fully Qualified Domain Name in SIP Requests” set on all trunks and

for video enabled endpoints; prevents IP address of Unified CM to show up

in host portion of URIs in calling identity headers

» Enable SIP OPTION ping for real-time status monitoring

• SIP trunk redundancy achieved by provisioning

multiple peer user agents per trunk(Cisco Meeting Server, Unity Connection, Expressway-C, etc.)

» Avoids multiple trunk configurations

BRKCOL-2614 24


IM&P

Branch1 Branch2

UCM

Multi-cluster Support

• Recommendation: Centralized Call Processing Model (Single Call Processing Cluster)

• Full-Mesh Distributed Call Processing Deployment Model when required. This

model is based on multiple iterations of the Centralized Call Processing

Deployment Model. Session Management Edition is out of scope for the PA.

CLUSTER 1

IM&P

Branch1 Branch2

UCM

SIP

XMPP

BRKCOL-2614 25

IM&P

Branch1 Branch2

UCM

CLUSTER 3CLUSTER 2

Conferencing

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27

Voice Messaging

Unity Connection

Collaboration Edge

Headquarters


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C



DMZ

Call Control

IM and Presence


Manager

Expressway-E


Endpoints

BRKCOL-2614

PSTN

Conferencing







ConferencingKey Benefits

• Simplified, optimal user experience

• Flexible, extendable architecture that supports deployment of one or more permanent, scheduled, and/or instant conference resources

• Dynamic optimization of conference resources

• High availability of conference resources

• Media resilience and rate adaptation in the video network

• A single tool for hosts to schedule participants and conference rooms for a meeting

• Multiparty licensing that enables full access to all conference resources on the bridge

Core Components

• Cisco Meeting Server for audio and video conference resources and resource management

• Cisco TelePresence Management Suite (TMS) for conference provisioning, monitoring, and scheduling

» TMSXE for interfacing with Microsoft Exchange room and resource calendars

Conferencing




Expressway-C Expressway-E

Internet

Instant, Permanent

and Scheduled


Manager

TMS• How to deploy the components (Call

Bridge, Web Bridge, XMPP, Database)

• Support for multiple Conference types (Instant, Permanent, Scheduled)

Conferencing ArchitectureConferencing with Cisco Meeting Server

29

DMZ

BRKCOL-2614


Cisco Meeting Server – Spaces

Non-Immersive

Endpoints

phone

Spaces

Immersive

Endpoints

Dial: +1(408)555-5555

Enter IVR plus Space Call ID

Dial URI [email protected] or DN 8801000

CMS

Spaces are virtual meeting rooms that have audio, video and content sharing capability and are accessible using Space URI, directory number or URL.

Go to URL: https://join.ent-pa.com

And enter Conference ID or User Credentials

WebRTC

WebRTC

CMA

Permanent and Scheduled Meetings

mailto:[email protected]

https://join.ent-pa.com/


Conferences Instant vs Schedule/PermanentHigh-Level Configuration Steps

Route PatternRoute ListRoute GroupSIP Trunk to CMS

Instant Conference (Ad hoc: +(Add) or Conference Sofktey)

Permanent and Scheduled Conferences (URI or DN)

BRKCOL-2614

CONTAINS

Media Resource Group List

Media Resource Group

Conferencing Bridge

SIP Trunk to CMS Endpoint

POINTS TO


TMS Scheduled Meeting Components / RolesActive Nodes

Passive Nodes

TMS

TMS TMSXE

TMSXE

SQL

Active

Directory

SSH keep-alive between

Active/Passive nodes

Network Load

Balancer

Single virtual

IP address

CMS

HTTPS/REST

Managed

Devices

tms.ent-pa.com

1. FQDN of TMS is configured in TMS Network Settings

2. The FQDN should resolve to the NLB virtual IP for TMS

3. TMS will send managed devices FQDN that resolves to NLB for communications with TMS


TMS Scheduling Request – Components / Roles

TMS TMSXE

Network Load

Balancer

Single virtual

IP address

CMS

HTTPS/REST

MS Exchange

Outlook Scheduling

Request

1

2

2

4

4

5

31. Outlook scheduling request

2. Exchange uses Exchange Web Services (EWS) to sync request with TMSXE via the Network Load Balancer (NLB)

3. TMSXE sync directly with Exchange

4. TMSXE routes request to Active TMS via NLB

5. TMS sends confirmation email to user

Managed

Devices


Cisco Meeting Server ArchitectureScalable and Resilient Deployment

Cluster of 3 Servers

San Francisco

RTP

DatabaseXMPP Server

Web Bridge Call Bridge

DatabaseXMPP Server

Web Bridge Call Bridge

Resiliency

Scale

Richardson

DatabaseXMPP Server

Call Bridge


LTRCOL-2250 - Business-to-Business Communications Multiparty Conferencing for Audio, Video and Web Collaboration using Cisco Meeting Server



Tuesday, Jan 30, 02:15 p.m. - 06:15

p.m. | Hall 8.0, Session Room 115


Collaboration Edge





BRKCOL-2614 37


Management Suite

Cisco Meeting ServerUnity Connection

Voice Messaging

Headquarters


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

PSTN


Call Control

IM and Presence


ManagerThird-Party Solution

Endpoints

Collab Edge

Expressway-C


DMZ

Expressway-E


Collaboration EdgeCore Components

• Cisco Expressway-C and Expressway-E, for Internet connectivity and firewall traversal for voice and video

• Cisco Unified Border Element, for audio PSTN connectivity via IP trunks

• PSTN Voice Gateway (IOS), for direct audio PSTN connectivity

Key Benefits

• Connect to customers and partners, independent of the technology they are implementing and the public network they are using.

• Provide for a resilient, flexible and extendable architecture.

• Provide any hardware and software client with the ability to access any public network (Internet and PSTN).

• Provide secure VPN-less access to collaboration services for Cisco mobile and remote clients and endpoints.

Expressway-CIntegrated/Aggregated Services Router

DMZ

Expressway-E

Collab Edge

Mobile and Remote Access (MRA)


DMZEnterprise Network

1. Expressway-E is the traversal server installed in DMZ. Expressway-C is the traversal client installed inside the enterprise network.

2. Expressway-C initiates traversal connections outbound through the firewall to specific ports on Expressway-E with secure login credentials.

3. Once the connection has been established, Expressway-C sends keep-alive packets to Expressway-E to maintain the connection

4. When Expressway-E receives an incoming call, it issues an incoming call request to Expressway-C.

5. Expressway-C then routes the call to Unified CM to reach the called user or endpoint

6. The call is established and media traverses the firewall securely over an existing traversal connection

Firewall Firewall

Internet

Outside Network

Media

Signaling

Expressway for Internet Connectivity (MRA / B2B)

Expressway-C Expressway-E

Unified

CM

BRKCOL-2614 40


Expressway Mobile and Remote Access CapabilitiesThree key capabilities when enabling Expressway Mobile and Remote Access:

• XCP Router for XMPP traffic (IM&P)

• HTTPS Reverse proxy (provisioning and other services)

• Proxy SIP registration to Unified CM

41BRKCOL-2614

Firewall Expressway EExpressway C

HTTPs (provisioning, visual voicemail, directory)

SIP (audio, video)

XMPP (IM&P)Unified CM

Unity Connection

IM and Presence


Mobile & Remote Access Protocol Workload Summary

42BRKCOL-2614

Inside firewall (Intranet)

Outside firewall(Public Internet)

Expressway

E

Expressway

C

Collaboration

Services

Unified CM

Internet

DMZ

Protocol Security Service

SIP TLSSession Establishment –

Register, Invite, etc.

Media SRTPAudio, Video, Content

Share

HTTPS TLS

Logon, Provisioning /

Configuration, Contact

Search, Visual Voicemail

XMPP TLS Instant Messaging,

Presence

Unified CM IM&P

Unity Connection

Conferencing Resources


Split DNS SRV Record Requirements

_collab-edge record needs to be available only in public DNS

• Multiple SRV records (and Expressway-E hosts) should be deployed for HA

• A GEO DNS service can be used to provide unique DNS responses by geographic region

_cisco-uds record needs to be available only in internal DNS

_collab-edge._tls.example.com. SRV 10 10 8443 expwy1.ent-pa.com.

_collab-edge._tls.example.com. SRV 10 10 8443 expwy2.ent-pa.com.

_cisco-uds._tcp.example.com. SRV 10 10 8443 ucm1.ent-pa.com.

_cisco-uds._tcp.example.com. SRV 10 10 8443 ucm2.ent-pa.com.

BRKCOL-2614 43


Expressway MRA and Jabber Service Discovery

Inside firewall (Intranet)

Collaboration

Services

Unified

CM

Public DNS

DNS SRV lookup _cisco-uds._tcp.example.com

Not Found ✗

expwyNYC.example.com✓TLS Handshake, trusted certificate verification

DNS SRV lookup _collab-edge._tls.example.com

Outside firewall(Public Internet)

DMZ

HTTPS:

get_edge_config?service_name=_cisco-

uds&service_name=_cuplogin

Expressway

E

Expressway

C

BRKCOL-2614 44


Device Mobility for Expressway MRADevice Mobility

• Location

• SRST Reference

• Local Route Group

• Media Resources

• ….

1. Register me with

10.10.20.50

IP SubnetDevice Mobility

InfoDevice Pool Location

10.10.20.50 RTP_EXP1_DMI RTP_EXP_DP RTP

10.10.30.50 RCD_EXP1_DMI RCD_EXP_DP RCD

10.10.40.50 SJC_EXP1_DMI SJC_EXP_DP SJC

2. Device in RTP

RTP

3. Register me with

10.10.30.50 RCD

BRKCOL-2614 45

4. Device in RCD

Expressway-E Expressway-C

Expressway-E Expressway-C


Device Mobility for Expressway MRA Redundancy

Device

Mobility InfoDevice Pool Location

BRKCOL-2614 46

RTP_EXP1_DMI

10.10.20.50/32

RTP_EXP2_DMI

10.10.20.51/32

RTP_EXP_DP RTP

Redundant Expressway-C Pairs @ RTP

RCD_EXP1_DMI

10.10.30.50/32

RCD_EXP2_DMI

10.10.30.51/32

RDC_EXP_DP RCD

Redundant Expressway-C Pairs @ RCD

SJC_EXP1_DMI

10.10.40.50/32

SJC_EXP2_DMI

10.10.40.51/32

SJC_EXP_DP SJC

Redundant Expressway-C Pairs @ SJC


BRKUCC-2060 Cisco Enterprise Mobile Collaboration

BRKUCC-2801 Enabling External Collaboration and Federation with Expressway

BRKCOL-2018 Best Practices for Business to Business Video Collaboration



Wednesday, Jan 31, 11:30 a.m. - 01:30 p.m.

| Hall 8.0, Session Room 120

Thursday, Feb 01, 09:00 a.m. - 11:00 a.m.


Wednesday, Jan 31, 09:00 a.m. - 11:00 a.m.



Unified Messaging





BRKCOL-2614 50

Collaboration Edge

Headquarters

Conferencing


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C

PSTN



DMZ

Call Control

IM and Presence


Manager

Expressway-E


Endpoints



Unified

Messaging

Unity Connection


Unified MessagingCore Components

• Cisco Unity Connection, for voice and unified messaging service to Unified CM registered endpoints

• Microsoft Exchange and Active Directory, for email and directory integrations

Key Benefits

• Users can access the voicemail system and retrieve their messages using their IP phones, mobile devices, or email client applications with either a dialed number or a SIP URI.

• Users are able to customize personal settings from a web browser.

• Offers a natural and robust speech-activated user interface that allows users to browse and manage voice messages using simple and natural speech command.

Unified

Messaging

Unity Connection

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco PublicBRKCOL-2614

• Redundant Unity Connection nodes

• SIP Trunk integration to Unified CM

• Integrations to directory and mail:

» Microsoft Active Directory

» Microsoft Exchange

• Call forwarding to Unity Connection

• Direct call to voicemail or visual

mailbox navigation (Visual Voicemail)

• Email access to voicemail (Single Inbox)

Unified MessagingCisco Unity Connection: Architecture

Unified CM

Unity Connection

Publisher

Subscriber

Microsoft

Active

Directory

Directory

Mailbox

synchronization

Directory synchronization

Voicemail

Email access to

voicemail

(Single Inbox)

SIP

VoIP or REST/HTTPS

Email (SMTP/HTTPS)

SIP

Messaging(On-Premise or

Cloud-Based)

Microsoft

Exchange

52

PIN Sync

Voicemail access

via VoIP to TUI or

via REST/HTTPS

(Visual Voicemail)

11.6 Update – PIN

synchronization between Unified

CM and Unity Connection


Collaboration Edge

Headquarters

Conferencing

Internet

MPLS WAN

Remote Site

Mobile/Teleworker

Expressway-C

PSTN



DMZ

Call Control

IM and Presence


Manager

Expressway-E


Voice Messaging

Unity Connection

Endpoints








Core Applications

Core Components

• Cisco Smart Software Managermanagement of user-based licensing, including license fulfillment.

• Cisco Prime Collaboration Deployment (PCD) deploys new clusters of Unified CM and IM and Presence servers and Unity Connection

• Cisco Prime Collaboration Provisioning (PCP) provisions and configures users and endpoints

Key Benefits

• Single tool to enable license workflows and manage licensing for collaboration infrastructure components.

• Eases deployment of new infrastructure components, enabling faster initial setup

• Rapid and automated user/endpoint enablement along with moves, adds, changes and deletions (MACD)


Deployment ProvisioningSmart Software

Manager


UCM_Sub VM IM&P_Sub VM

IM&P_Sub VMUCM_Sub VM

UCM_Pub VM IM&P_Pub VM UCxn_Pub VM

UCxn_Sub VM

Cisco Prime Collaboration DeploymentCisco Prime Collaboration Deployment: Architecture

• Cisco collaboration application .iso install

files located on Prime Collaboration

Deployment (PCD).

• PCD network file system (NFS) mount on

ESXi host(s) to facilitate .iso file access.

• Collaboration application node virtual

machines (VMs) manually created on the

ESXi host.

• PCD installs collaboration application

clusters on the target VMs.

BRKCOL-2614 56

VMWare

ESXi

Host

.iso.iso

.iso

SFTP

Prime Collaboration Deployment


Cisco Smart Software ManagerArchitecture

1. Licenses are applied to the Cisco

Smart Software Manager portal

2. The admin generates a product

registration token

3. Using the token the admin registers

the collaboration application

publisher (Unified CM and Unity

Connection)

4. Once registered, the publishers will

synchronize and receive user and

feature licensing entitlement

information

BRKCOL-2614 57

2

4

Cisco Smart

Software Manager

Cisco.com

1

Unity Connection

Publisher

Unified CM

Publisher

3HTTPS

Alternatives:

• HTTPS Proxy

• Cisco Smart Software Manager satellite system


Cisco Prime Collaboration Provisioning

Prime

Provisioning

REST/SQL

over HTTP(S)

Application Program

Interface (API)

Microsoft

Active

Directory

Directory

LDAP over

HTTP(S)

AXL SOAP

over HTTP(S)

Unity

Connection

Unified CM

Unified IM&P


Cisco Prime Collaboration Provisioning (MACD)On-boarding / Off-boarding of Users

US Cluster EMEA Cluster

UCM

CUCIM&P

Cisco Prime

Collaboration

Provisioning

Microsoft Active

Directory

UCM

CUCIM&PImporting users from Active

Directory into Prime Collaboration

Provisioning triggers Automatic

Service Provisioning

3

Users imported from

Active Directory to

Unified CM

1

Users imported from Active

Directory to Prime

Collaboration Provisioning

2

1

2

3

Help desk administrators log into Cisco Prime

Collaboration Provisioning for configuration updates

(MACDs)

4

Service Provisioning: Device Pool, Location, VM Template, and Directory Number (DN) block

Simplified Sizing


PA Simplified Sizing vs. Collaboration Sizing Tool

61BRKCOL-2614

Deployment within the Preferred

Architecture Sizing Assumptions?

Use PA

Simplified Sizing

Use Collaboration

Sizing Tool


Sizing Cisco Unified CM for the Preferred Architecture

• 7,500 OVA (2 vCPUs) is used for both deployments

• 7,500 OVA supported on BE7000M or larger

62BRKCOL-2614

Publisher

TFTP 1 TFTP 2

< 5,000 devices and users

Publisher

TFTP 1 TFTP 2

Between 5,000 and 10,000

devices and users

Call Processing subscriber pair




Sizing Unified CM – PA Assumptions

• 1:1 Server Redundancy

• Simplified User Sizing

• Sizing Assumptions for Unified CM:

» Average up to 4 BHCA per user

» Average up to 2 DNs per device

» Extension Mobility for ALL Users

» Up to 500 Shared Lines per Call Processing Pair

» Up to 500 CTI ports and 100 CTI Route Points per Call Processing pair

» Up to 3,000 Partitions, 6,000 Calling Search Spaces, 12,000 Translation Patterns

» Up to 40,000 users synched with AD (5,000 or 10,000 active)

• Refer to the Preferred Architecture CVD for the complete list of assumptionshttps://www.cisco.com/c/en/us/td/docs/solutions/CVD/Collaboration/enterprise/11x/116/collbcvd.html

63BRKCOL-2614

http://www.cisco.com/c/en/us/td/docs/solutions/CVD/Collaboration/enterprise/11x/116/collbcvd.html

Bandwidth Management


Managed vs. Unmanaged NetworksWhere do your media packets go?

Call Control

Remote Sites

Central

Site

On-premiseUC Services

MPLSVPN

Cloud Services

ManagedWAN Internet

DMVPN

B2B

B2C

Home/Mobile Users

QoS-capable

How do you preserve user

experience when media

traverses the Internet?

BRKCOL-2614 65


Our Strategy

“Smart” Media Techniques QoS Tools

• Use media resilience to reduce impact of packet loss

• Apply rate adaptation to reduce network congestion

• Consolidate mechanisms to identify Collaboration media

• Evolve classification and scheduling recommendations

Video

Queue

EF

EF

AF42

AF41

AF41

AF42

AudioQueue

WA

N L

ink

...

?

P1

LTRF1

P2P3

P4

P5

... ...

P1

LTRF1

P2 P4

...Encoder Decoder

P5

ACK LTRF1OOS (P4)

R2...

LTRF

Repair-P

...

Encoder Decoder

0111010001

1000011001

0001100

1110010101

1011010010

1010010

1001000100

0011001011

1011110

R1 FEC

FECR1

R2

Leverage media resilience and rate adaptation to enable pervasive video deployments through:

• Simplified provisioning

• Optimized bandwidth utilization

Design & Deployment

BRKCOL-2614 66


Classification: DSCP Classes

• EF: Expedited Forwarding (PQ)Used for voice media

• AF: Assured Forwarding (CWBFQ)Used for video media

• CS: Class Selector Used for signaling

67BRKCOL-2614

DSCP Class DSCP ToS Prec.

none 0 0

CS1 8 1

AF11 10 1

AF12 12 1

AF13 14 1

CS2 16 2

AF21 18 2

AF22 20 2

AF23 22 2

CS3 24 3

AF31 26 3

AF32 28 3

AF33 30 3

CS4 32 4

AF41 34 4

AF42 36 4

AF43 38 4

CS5 40 5

EF 46 5

CS6 48 6

CS7 56 7

Opportunistic video

media (Jabber)

Priority video media

(TelePresence, desktop)

SIP

Signaling

Voice

media


WAN Queuing ConsiderationsSingle Video Queue, Dual QoS Markings

• Map audio streams of voice and video calls (EF) to a priority queue

• Map video streams of video calls (AF41 and AF42) to a single class-based queue with WRED:

• AF41: higher drop thresholds (e.g., 50-100% of queue depth)

• AF42: lower drop thresholds (e.g., 15-35% of queue depth)

• During congestion, AF42 traffic (opportunistic video) is dropped first:

• Packet loss triggers rate adaptation

• Media resilience limits the impact

PQ

Audio of IP Phone

oth

er q

ue

ue

s

EF

AF41

Audio of Video

Video of Video Video

CBWFQ

BW

As

sig

ne

d to

LL

Q C

las

se

s

EF

AF42

Audio of Jabber

Video of Jabber

AF41 WRED thresholds(i.e., drop AF41 last)

AF42 WRED thresholds(i.e., drop AF42 first)

EF

EF

BRKCOL-2614 68

Opportunistic Video and Prioritized Audio

Opportunistic video


WAN Queuing ConsiderationsSingle Video Queue, Single QoS Marking

• Map audio streams of voice and video calls (EF) to a priority queue

• In deployments where dual QoSmarking is not practical, map video streams of all video calls (desktop/TelePresence and Jabber) to a single class-based queue

• AF41: Marking for all video

• During congestion, if traffic is dropped:

• Packet loss triggers rate adaptation

• Media resilience limits the impact

PQ

Audio of IP Phone

oth

er q

ue

ue

s

EF

AF41

Audio of Video

Video of VideoVideo

CBWFQ

BW

As

sig

ne

d to

LL

Q C

las

se

s

EF

AF41

Audio of Jabber

Video of Jabber

EF

EF

BRKCOL-2614 69

All video

Single QoS Marking for Video

with Prioritized Audio


Summary

• Combine QoS tools, media resilience and dynamic adaptation to build a self-regulating system that makes optimal use of available network resources

• Leverage rate adaptation and media resilience mechanisms in managed network to deploy pervasive video. Prioritized video for room system and hard endpoints, opportunistic video for Jabber endpoints.

• Use CAC when and where needed

• When managing bandwidth with Media Resilience and Rate Adaptation techniques is not an option (i.e. extreme contention on WAN bandwidth)

BRKCOL-2614 70


BRKCOL-2616 - QoS Strategies and Smart Media Techniques for Collaboration Deployments

• On Demand Library:

• https://www.ciscolive.com/global/on-demand-library/?#/

https://www.ciscolive.com/global/on-demand-library/?#/

Security

See Appendix


BRKUCC-2501 Cisco UC Manager Security & Certificate Deep Dive



Thursday, Feb 01, 09:00 a.m. - 11:00 a.m.



Cisco Spark Hybrid Services for the Collaboration Preferred Architecture

NEW


Preferred Architecture: Cisco Spark Hybrid ServicesCisco Preferred Architecture for Cisco Spark Hybrid Services

» Both PA Overview

and PA CVD

Content:

• Directory, Calendar, Call

Connector integrations

• Hybrid media services with

Hybrid Media Node

BRKCOL-2614

Collaboration Edge

Headquarters

Internet

MPLS WAN

Enterprise Branch

Mobile/Teleworker

Expressway-C

PSTN



DMZ

Call Control


Manager

Expressway-E


Expressway-C Connector Host

Directory

Cisco Directory

Connector

Microsoft

Active Directory

Calendar

Microsoft

Exchange

Hybrid Media

Hybrid MediaNode

Endpoints

75


Headquarters


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

PSTN



Voice Messaging

Unity Connection

Endpoints


Management Suite


IM and Presence


DMZ

Expressway-E

Expressway-C


Manager

Collaboration EdgeCall Control





Collaboration Edge

Headquarters


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

PSTN



DMZ

Expressway-E


Voice Messaging

Unity Connection

Endpoints

Call Control


Manager

Expressway-C





Collaboration Edge

Headquarters


Internet

MPLS WAN

Remote Site

Mobile/Teleworker

PSTN



DMZ

Expressway-E


Voice Messaging

Unity Connection

Endpoints

Call Control Calendar

MicrosoftExchange

Hybrid

Media

Hybrid MediaNode

Directory

Cisco Directory Connector

MicrosoftActive Directory


Manager

Expressway-C

Expressway-CConnector Host





Internet

Expressway-EExpressway-C

Unified

CM

Calendar Connector

Active Directory

SIP signaling and media

Internal FW DMZ FW

Management Connector

Call Connector

Calendar Connector

Directory Connector

79BRKCOL-2614

Cisco Spark Hybrid Services PA Architecture

Directory Connector

Management Connector

Call Connector

MicrosoftExchange

Expressway-C

with Connectors



Expressway-CConnector Host

Internet


Manager

MicrosoftExchange

Endpoints

HTTPS (REST)



HYBRID DIRECTORY INTEGRATION

Microsoft

APIs

Hybrid Directory Integration

BRKCOL-2614 80


Internet

MicrosoftActive

Directory Microsoft

APIs

HTTPS

(REST)


DATA CENTER

Virtual

Machines

(VMs)

1

2

3

6

4

…

…

4A

4B

SOFTWARE

5

admin.ciscospark.com

1. Deploy VM Windows Servers

2. Enable Dir Sync and download the Cisco Directory

Connector software

3. Install Directory Connector on the Windows servers

4. Admin configures the connector

a) Sync occurs between AD and the Directory

Connector

b) Then between Directory Connector and the

Cisco Collaboration Cloud

5. Admin schedules Sync (Periodic and Full)

6. Admin manages and provisions users in the Cloud

BRKCOL-2614 81


Internet

DATA CENTER 1

. . .VMs

HOST 1

. . .VMs

HOST N

...

DATA CENTER 2

. . .VMs

HOST 1

. . .VMs

HOST N

...

Cisco Directory

Connector #1

Cisco Directory

Connector #2

Active Directory and

Domain Controllers

Microsoft

APIsHTTPS

Directory High Availability

• Directory Connectors are deployed as a pair (Primary and Secondary)

• Deploy on separate hosts in separate buildings or data centers

• The Primary Directory Connector handles directory synchronization

• The Secondary Directory Connector maintains connectivity to the Cisco Collaboration Cloud but does not perform any synchronization.

• Failure of the primary Directory Connector causes the backup Directory Connector to handle synchronization operations

BRKCOL-2614 83



Internet

Endpoints




Manager

WebEx

Cisco

HTTPS (REST)

@webex

@spark

Cisco Calendar Connector

(Expressway-C

Connector Host)

MicrosoftExchange

HYBRID CALENDAR INTEGRATION

Exchange Web

Services

(EWS)

Hybrid Calendar Integration

BRKCOL-2614 84


…

…

Internet

EWS

HTTPS

(REST)

DATA CENTER

Expressway-C

(VMs)

Host Connector

1

2

2

4A

4B

SOFTWARE

4


1. Deploy Expressway-C Connector Host pair

2. Register connector host to the cloud and download

the Cisco Cloud Connector software

3. Setup Calendar Connector service user account and

throttling policy on Exchange

4. Admin enables the calendar connector and

configures connection to Exchange and WebEx

a) Calendar invitations including the @spark or

@webex notation are pushed from Exchange

using EWS

b) in turn propagated by HTTPS to the Cisco

Collaboration Cloud calendar service

5. Admin provisions users for Calendar Service using

the Cisco Spark Control Hub

Cisco CalendarConnector

MicrosoftExchange

5

WebEx

Cisco

3

BRKCOL-2614 85


Internet

DATA CENTER 1

. . .VMs

HOST 1

. . .VMs

HOST N

...

DATA CENTER 2

. . .VMs

HOST 1

. . .VMs

HOST N

...

MicrosoftExchange

EWS

HTTPS

Expressway-C

Connector Host #1

Expressway-C

Connector Host #2

Cisco Calendar

Connector

Calendar High Availability

• Calendar Connector is a micro-service installed on Expressway-C Connector Host synchronizing calendar meeting invitations and updates between the user's enterprise calendar and the Cisco Collaboration Cloud.

• Expressway-C Connector Hosts are deployed as an Active/Active pair

• Deploy on separate hosts in separate buildings or data centers

• Provide redundancy for Microsoft Exchange services (EWS), connectivity to the Cisco Collaboration Cloud (HTTPS)

BRKCOL-2614 86


Internet

Discovery /

Registration

Cisco Hybrid Media Node

DATA CENTER

Virtual

Machines

(VMs) Or Hardware

1

1

3

SOFTWARE

2


1. Download and Deploy Hybrid Media Node

2. Configure network details IP/DNS

3. Register Hybrid Media Node to the Cloud

a) HMN does a connectivity test and

discover process

Media

BRKCOL-2614 87

Hybrid Media Node DiscoveryScenario


Scenario 2Registration

MobileHome Office

Internet

Cisco Spark app and room devices register to their organization

Cisco Collaboration Cloud responds with the clusters available for the users

Madrid1 Madrid2

Cloud1 Cloud2

BRKCOL-2614 89

Corporate network- Spain

Cluster - Madrid Cluster - Cloud

1. Node – Madrid1

2. Node – Madrid2

1. Node – Cloud1

2. Node – Cloud2


Scenario 2Reachability Test

MobileHome Office

Internet

Cisco Spark app and room devices do reachability tests to nodes.

Cisco Spark app and room devices sends results to the cloud at call start.

Madrid1 Madrid2

Cloud1 Cloud2

BRKCOL-2614 90


Cluster - Madrid Cluster - Cloud

1. Node – Madrid1 (RTD = 10)

2. Node – Madrid2 (RTD = 11)

1. Node – Cloud1 (RTD = 250)

2. Node – Cloud2 (RTD = 200)


Scenario 2Meeting

MobileHome Office

Internet

Cisco Spark app and room devices connect to a media node

Media node Madrid1 hosts a meeting for the corporate users

Madrid1 Madrid2

Cloud1 Cloud2

Media node Cloud 2 hosts a meeting for remote users

Media node Madrid1 cascades automatically to media node Cloud2 to create the meeting for all participants

BRKCOL-2614 91



Points to remember

1. App or device ask Cisco Collaboration Cloud for media clusters to use

2. Response gives media clusters and nodes within the cluster to test

3. App and devices test reachability and RTD to the nodes

4. Reports information to the cloud at meeting start.

5. Cisco Collaboration Cloud tells the device or app where the meeting is hosted.

Clusters to use?

Your clusters:

Cloud + in your Org?

Reach and RTD test

Reach + RTD info

Meeting location?

Corporate LAN

Cluster HQ


Meeting with the Hybrid Media Node WebEx Meetings - Signaling

Unified CM Expressway-C Expressway-E

Internet

Hybrid Media Node


Signaling goes to the Cisco Collaboration Cloud

BRKCOL-2614 93

SIP


Meeting with the Hybrid Media Node WebEx Meetings- Media

Unified CM Expressway-C Expressway-E

Internet

Hybrid Media Node


MeetingSignaling goes to the Cisco Collaboration Cloud

Media goes to the Hybrid Media Node

Meeting is created on the Hybrid Media Node and cloud

Meeting

BRKCOL-2614 94

SIP/SRTP


Key points to rememberHybrid Media Node and WebEx meetings

• Cisco Spark app or device

• Signaling goes to the Cisco Collaboration Cloud directly• Does not use existing C/E traversal mechanism for signaling

• Media goes directly to HMN or overflow to the cloud• Does not use existing C/E traversal mechanism for media

• Standards based SIP device registered to CUCM

• Supports video dial in meetings to WebEx

• Signaling goes to CUCM then to HMN

• Media goes from endpoint to HMN

• WebEx mobile and desktop app communicated directly to the WebEx meeting

• No change in behavior

• Audio participants communicate directly to the WebEx meeting

• No change in behavior

• HMN signaling goes directly to the Cisco Collaboration Cloud

Hybrid Media Node


Internet

BRKCOL-2614 95

Design Considerations


Madrid


Corporate network- UKLondon

Corporate network- France

Paris

Create HMN clusters to each location

Keeps local only meetings media on premises

Aggregates media streams to a single cascade link to the cloud HMN when participants from outside the LAN are involved in the meeting.

Internet

Cluster Spain

Cluster UK Cluster France


Madrid


Corporate network- SpainBarcelona


Seville

All media streams traverse the corporate WAN to the cloud nodes

Internet link has 6 different participants media streams (2 per site)

Media streams terminate on the cloud media node

Internet

WAN

Everyone’s individual media streams

BRKCOL-2614

Madrid




Seville

Internet

WAN

Everyone’s individual media streams

Cisco Spark Video Bandwidth (Typical) Video Bandwidth (Maximum)

Cisco Spark app 1 – 2 Mbps 3 Mbps

DX series, SX10 1 – 2 Mbps 3 Mbps

SX 20, SX80, MX series, Room

Kits

2 – 4 Mbps 6 Mbps

1.5 MB

1.5 MB 1.5 MB

3 MB

3 MB 3 MB4.5 Mbps

9 Mbps

13.5 Mbps


Madrid




Seville

Add Hybrid Media Node cluster to Seville

Internal Meeting, utilizes WAN bandwidth for media only

Internet

WAN 9 Mbps4.5 Mbps


Madrid




Seville

Internet user connects to the meeting via the cloud

Seville Hybrid Media Nodes creates a cascade to the cloud

Internet

WAN 9 Mbps4.5 Mbps

1.5 MB

12 Mbps


Madrid




Seville

Internet

WAN 9 Mbps4.5 Mbps

1.5 MB

12 Mbps

n = # of participants

Max((Madrid(n) + Barcelona(n) + Seville(n)), remote(n)) = s s >= 6 then transmit 6 streams @ 2 Mbps each

s < 6 then transmit s streams @ 2 Mbps each

Max((2) + (2) + (2)), remote(1)) = s

Max number of the set (6,1) = 6• s >= 6 then transmit 6 streams @ 2 Mbps

each

• 6 * 2 = 12 Mbps for the cascade


Madrid




Seville

Two different clusters defined

Reachability test result determine clusters to use.

Barcelona uses which cluster?

Internet

WAN

Cluster Madrid

Cluster Seville


Madrid




Seville

Two different clusters defined

Reachability test result determine clusters to use.

Barcelona uses Madrid cluster

Each cluster has a cascade link to the cloud for the conference

Internet

WAN

Cluster Madrid

Cluster Seville

10 Mbps

8 Mbps

1.5 MB

3 MB4.5 Mbps

Cluster Madrid Cluster Seville


Key points to remember in architecting a HMN solution

• Deploy Hybrid Media Nodes in the large campus sites

• Start small and grows as needed• 6 or more participants in the meeting, HMN saves bandwidth

• Large number of internal meetings without WebEx app or desktop participants, saves Internet bandwidth

• Deploying HMN in branch offices can help or hinder the architecture

• Depends on the amount and type of video systems in the branch

• Depends on the participants in the meeting (local, remote branch or Internet…think cascade impact)

• Continuously monitor analytics, add more nodes and/or clusters based the observed traffic and meeting locations (Hybrid Media, Overflow, or Cloud)

One recommendation does not fit all deployments


Cisco Spark Control Hubhttps:// admin.ciscospark.com

• Hybrid Media Service Reports enables administrator to understand the

trend of their on premises resource capacity and utilization, as well as

availability that impacts capacity.

• New call activity graph gives an overall perspective of the number of

calls hosted on the cloud vs the number of calls that were hosted on

on-premises clusters in an organization.

• New Adoption tab added to the reports to help administrators find the

most popular categories of client types and utilization in the

organization.

http://admin.ciscospark.com/

Call Service Aware and Connect


Call Service Aware

Enables Cisco Spark users

to share their screen using Spark

Complements, and is aware, of Cisco UC

calls and allows for Desktop Sharing

Call Service Connect

Allows Cisco Spark users to call Cisco UC

registered devices, as well as be called by

Cisco UC users.

Together with Call Service Aware, enables

users to manage a unified Spark and UC

call history from the Cisco Spark calls tab

Call Service Aware & Call Service Connect

108BRKCOL-2614


Internet

CTI/QBE

and AXL

HTTPS

(REST)

DATA CENTER

Expressway-C

(VMs)

Host Connector

1

SOFTWARE


1. Register connector host to the cloud and

download the Cisco Cloud Connector software

2. Setup Call Connector service

3. Unified CM: Setup user for Mobility, Create

Spark RDs, SIP Trunk, Etc…

4. Expressway: Setup DNS Zone, Spark

Traversal Zone, MTLS, Search rules, CPL,

etc…

Cisco CallConnector

3

WebEx

Cisco

Cisco Unified CM

MEDIA

Expy-EExpy-C

4

2

1

BRKCOL-2614 109


Call Service Aware/Connect Addressing

Expressway-E

Expressway-C

Cisco Unified CM

[email protected]

Aaron Goodman

[email protected]

Aaron Goodman

Expressway-C

Connector Host

BRKCOL-2614 110



Call Service Connect Global Reachability

BRKCOL-2614


Internet

Spark RD

RD


Cisco Unified CM

Expressway-C

with Connectors

1

2

3

Dial [email protected] or

+14085551234

[email protected]

Bob

[email protected]

[email protected]

2 3

3

UCM to UCM call

Spark Remote Device similar to

Remote Destination Profile used for

mobility features

Alice

BRKCOL-2614 112



Spark RD

RD

Internet


1

[email protected]

+14085551235

Alice

2

[email protected]

[email protected]

2

[email protected]

4 4

3 3 4

Cisco Unified CM

[email protected]

[email protected]

Alice calls Bob

Spark to Spark Call

cancelled

Calling Called

[email protected] [email protected]

Bob

BRKCOL-2614 113


Hybrid Bandwidth Management


Assigning Cisco Spark Media Traffic to Queues

PQ

oth

er q

ue

ue

s

AF41 or AF42

Video

CBWFQ

BW

As

sig

ne

d to

LL

Q C

las

se

sAF41 or AF42

Cisco Spark Applications

EF

WR

ED

AF41 or AF42

Cisco Spark RoomCisco Spark Board

AF41 or AF42

Cisco Spark Audio-only Endpoints

EF

EF

Audio traffic (DSCP EF)

mapped to priority queue

Video traffic (DSCP AF42

or AF41) mapped to a

class-based weighted fair

queue with DSCP-based

WRED


Spark Endpoint and Application Native Marking

Traffic Type DSCP1 (PHB;

decimal value)

802.11 User

Priority (UP) Notes

Audio EF; 46 6

Includes audio streams of voice-only calls, audio

streams of video calls, and related RTCP

packets

Prioritized video AF41; 34 5

Includes video streams (main video and

presentations or content) and related RTCP

packets

Opportunistic video AF42; 36 5

Includes video streams (main video and

presentations or content) and related RTCP

packets

Other traffic Best Effort; 0 0 Includes messaging, file transfer, configuration,

call and meeting setup

Microsoft Windows does not allow applications to mark DSCP natively. Group Policy Objects (GPO) can be used to instruct the operating system to classify traffic from the application based on specific port ranges; however, we recommend following a network-based classification scheme.


Traffic Signatures for Cisco Spark Media Source IP Address Destination IP Address

Source UDP

Ports

Destination UDP

Ports

Recommended

DSCP

Media

Type

Cisco Spark application

or endpoint

Cisco Collaboration

Cloud 52000 to 52099 5004 EF Audio


or endpoint

Cisco Collaboration

Cloud 52100 to 52299 5004 AF41, AF42 Video


or endpoint Hybrid Media Node 52000 to 52099 52500 to 62999* EF Audio


or endpoint Hybrid Media Node 52100 to 52299 63000 to 65500* AF41, AF42 Video

Hybrid Media Node Cisco Collaboration

Cloud 52500 to 62999* 5004 EF Audio

Hybrid Media Node Cisco Collaboration

Cloud 63000 to 65500* 5004 AF41, AF42 Video

Hybrid Media Node Hybrid Media Node 52500 to 62999* 52500 to 62999 EF Audio

* The Hybrid Media Node port ranges for audio and video are currently in development and are

expected to release in beginning of February 2018! HMN also marks Natively!!!!


Updating the QoS Config

Update

QoS Config

ip access-list extended QOS_SPARK_AUDIO

permit udp any range 52000 52099 any any

permit udp any eq 5004 any range 52000 52099

ip access-list extended QOS_SPARK_VIDEO



……

ip access-list extended QOS_VOICE

permit udp any range 17000 17999 any dscp ef

ip access-list extended QOS_PRIORITIZED_VIDEO

permit udp any range 17000 17999 any dscp af41







class-map match-any VOICE

match access-group name QOS_VOICE

match access-group name QOS_SPARK_AUDIO

class-map match-any PRIORITIZED_VIDEO

match access-group name QOS_PRIORITIZED_VIDEO

match access-group name QOS_SPARK_VIDEO

Ingress Policy 1

! This section configures the classes


match access-group QOS_VOICE

match access-group QOS_SPARK_AUDIO

class-map match-any PRIORITIZED-VIDEO

match access-group QOS_PRIORITIZED_VIDEO

match access-group QOS_SPARK_VIDEO

class-map match-any SIGNALING-SIP

match access-group QOS_SIGNALING

! This section configures the policy-map to set DSCP

for Trusted and Untrusted Voice, Video and SIP Signaling on ingress

policy-map INGRESS-MARKING

class VOICE

set dscp ef

class PRIORITIZED-VIDEO

set dscp af41

class SIGNALING-SIP

set dscp cs3

class class-default

! This section configures the ACL’s











ip access-list extended QOS_SIGNALING

permit tcp any any range 5060 5061 dscp cs3

permit tcp any range 5060 5061 any dscp cs3














class VOICE

set dscp ef


set dscp af41

class SIGNALING-SIP

set dscp cs3

class class-default

2

! This section applies the policy-map to the Interface

Router(config-if)# service-policy input INGRESS-MARKING

! Attaches service policy to interface

Ingress

Policy1

Ingress Policy 1WAN Ingress QoS Marking Policy

3BRKCOL-2614 120


6Egress

Policy













class VOICE

set dscp ef


set dscp af41

class SIGNALING-SIP

set dscp cs3

class class-default

! This section configures the ACL’s











ip access-list extended QOS_SIGNALING

permit tcp any any range 5060 5061 dscp cs3

permit tcp any range 5060 5061 any dscp cs3

Ingress Policy 1

4

3

5

WA

N

BRKCOL-2614 121


Egress Classification and Queuing

! This section applies the policy-map

class-map match-all VOICE

match dscp ef

class-map match-any VIDEO

match dscp af41

class-map match-all SIGNALING

match dscp cs3

! This section configures the bandwidth for all collab traffic

policy-map EGRESS-QUEUING

class VOICE

priority percent 10

! Provisions 10% LLQ to VOICE class

class VIDEO

bandwidth percent 30

! Provisions 30% CBWFQ to VIDEO class

class SIGNALING

bandwidth percent 2

! Provisions 2% CBWFQ to SIGNALING class

…

6.1

6.2

6.3

! This section applies the policy-map to the Interface

Router (config-if)# service-policy output EGRESS-QUEUING

! Attaches service policy to interface

WA

NEgress Policy 6

Learn More


Design and Deployment Best Practices for Cisco Collaboration

https://www.cisco.com/go/pa

Three preferred architectures (PAs) covering a wide range of customer deployment types and sizes:

» On-Premises (Enterprise, Midmarket)

» Cloud (Midmarket)

» Hybrid (Enterprise)

Versions aligning with major Collaboration System Releases

(CSRs): 9.x, 10.x, 11.x, and 12.x*

https://www.cisco.com/go/srnd

* Coming soon. Target Q1 CY2018

What you would tell your best friend,

if they asked you how to design their

Cisco collaboration deployment?

Preferred Architectures (PA)

Prescriptive design and deployment best practices

within a well-defined architecture containing

common Cisco collaboration portfolio components

Collaboration Solution Reference Network Design (SRND)

Design guidance across the Cisco collaboration

portfolio with a focus on enterprise, on-premises

deployments

https://www.cisco.com/go/pa

https://www.cisco.com/go/srnd


Preferred Architectures Links• Contact us via email: [email protected]

• PA Landing Page: http://cisco.com/go/pa

• Preferred Architecture for Cisco Collaboration 12.0 On-Premises Deployments, Design Overview

• Preferred Architecture for Cisco Collaboration 12.0 Enterprise On-Premises Deployments, CVD

• Preferred Architecture for Cisco Spark Hybrid Services, Design Overview

• Preferred Architecture for Cisco Spark Hybrid Services, CVD

• dCloud:

• Cisco Preferred Architecture for Enterprise Collaboration 11.6 v1

• Collaboration Security for the Enterprise Preferred Architecture Lab v1

BRKCOL-2614 125


http://cisco.com/go/pa


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKCOL-2614


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

128BRKCOL-2614

Thank you


Collaboration Cisco Education OfferingsCourse Description Cisco Certification

CCIE Collaboration Advanced Workshop (CIEC) Gain expert-level skills to integrate, configure, and troubleshoot complex

collaboration networks

CCIE® Collaboration

Implementing Cisco Collaboration Applications

(CAPPS)

Understand how to implement the full suite of Cisco collaboration

applications including Jabber, Cisco Unified IM and Presence, and Cisco

Unity Connection.

CCNP® Collaboration

Implementing Cisco IP Telephony and Video

Part 1 (CIPTV1)

Implementing Cisco IP Telephony and Video

Part 2 (CIPTV2)

Troubleshooting Cisco IP Telephony and Video

(CTCOLLAB)

Learn how to implement Cisco Unified Communications Manager, CUBE,

and audio and videoconferences in a single-site voice and video network.

Obtain the skills to implement Cisco Unified Communications Manager in a

modern, multisite collaboration environment.

Troubleshoot complex integrated voice and video infrastructures

CCNP® Collaboration

Implementing Cisco Collaboration Devices

(CICD)

Implementing Cisco Video Network Devices

(CIVND)

Acquire a basic understanding of collaboration technologies like Cisco Call

Manager and Cisco Unified Communications Manager.

Learn how to evaluate requirements for video deployments, and implement

Cisco Collaboration endpoints in converged Cisco infrastructures.

CCNA® Collaboration

For more details, please visit: http://learningnetwork.cisco.com

Questions? Visit the Learning@Cisco Booth

BRKCOL-2614

http://learningnetwork.cisco.com/