BRKCOL-2614 Technical Overview of the Preferred Architecture for Enterprise Collaboration PDF Free Download

BRKCOL-2614 Technical Overview of the Preferred Architecture for Enterprise Collaboration 12.0 Glen Lavers, Technical Marketing Engineer

BRKCOL-2614: Technical Overview of the Preferred Architecture for Enterprise Collaboration 12.0 Session Logistics Attendees should have some familiarity with Cisco collaboration solutions. More slides in Appendix + = homework Session time: 120 minutes Please ask questions as we go Questions I'll answer For Your Reference Questions I'll defer to later in the session Please consult the latest applicable product documentation for specific feature, software version, and hardware version support requirements Questions I don't know the answer to, outside the scope of our session, or those that consume too much time Come see me after the session, send me an email, or Spark message (glen@cisco.com) with your question and I will get back to you. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 3

Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkcol-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Agenda What is the Preferred Architecture? Call Control Conferencing Collaboration Edge Unified Messaging Collaboration Management Services Simplified Sizing Bandwidth Management PA for Cisco Spark Hybrid Services

PSOCOL-4503 - What's new in Cisco Collaboration: Overview of New and Changed Across the Collaboration Systems Release Tuesday, Jan 30, 01:00 p.m. - 02:00 p.m. Hall 8.0, Session Room 111 Content Catalog: https://www.ciscolive.com/emea/learn/sessions/content-catalog/ 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

What is the Preferred Architecture?

Collaboration Preferred Architecture (CPA) What products to use to enable users for Collaboration and Unified Communications for simple deployments. Prescriptive recommendations Concise Documents Tested best practices Preferred Architecture provides prescriptive design guidance that simplifies and drives design consistency for Cisco Collaboration deployments Preferred Architecture can be used as a design base for any customer using a modular and scalable approach Preferred Architecture assumes greenfield deployment, but is still relevant to existing deployments for migration towards the target architecture Preferred Architecture team provides feedback on solution level gaps to product teams BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8

Preferred Architecture Process Figure it out: Define Collaboration Preferred Architecture Feedback: Feed gaps found during the build and validate phase back into product teams Write it down: Document Preferred Architectures for the field and partners Define: Define additional Preferred Architectures (Voice, Video, Hybrid) BRKCOL-2614 Build and validate: Build it in the lab and validate concepts Extend: Move it into system test beds, Cisco on Cisco, Alpha and EFT process 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9

Collaboration Preferred Architectures & CVDs Available at www.cisco.com/go/cvd/collaboration! PA CVD PA Applications CVD PA Overview (Cisco Validated Design) (Cisco Validated Design) Pre-Sales Process Design Overview Document Targeted to Pre-Sales Summarizes Solution and Components Post-Sales process Detailed Design and Deployment Guidance Post Sales Design and Deployment Process Driven Guide BRKCOL-2614 Post-Sales Process Detailed Design and Deployment Guidance Post Sales Design and Deployment Process Driven Guide Plugs into the PA CVD 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 10

Collaboration Preferred Architecture for the Enterprise Headquarters Current PA version is 12.0 aligned with the CSR 12.0 Includes: Unified CM / IM&P 12.0.1 Unity Connection 12.0.1 Expressway X8.10(1) Cisco Meeting Server 2.2 For more information about components and versions, refer to the product list at: Endpoints IM and Presence Call Control Unity Connection Voice Messaging Cisco Prime Deployment Unified Communications Manager Cisco Meeting Server Conferencing Cisco Smart Software Manager Collaboration Management Services Expressway-C Integrated/Aggregated Services Router Collaboration Edge Cisco Prime Provisioning https://www.cisco.com/c/en/us/td/docs/solutions/cvd/collaboration/ enterprise/12x/120/collbcvd/appendix.html DMZ Expressway-E TelePresence Management Suite Internet MPLS WAN PSTN Mobile/Teleworker Third-Party Solution Integrated Services Router Remote Site ENDPOINTS & FW VERSIONS Cisco Jabber 11.9 7811/88xx 12.0 DX70/80 CE 9.1 MX / SX series 9.1 IX Series IX 8.2 BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11

Preferred Architecture for Collaboration Enterprise Cisco Validated Design (CVD) For Your Reference CALL CONTROL Unified CM, IM&P, ISR / CUBE (PSTN) CONERENCING Unified CM, TP Management Suite, Cisco Meeting Server EDGE Unified CM, Expressway, CUBE / ISR PRIME SERVICES MANAGEMENT Prime Collab Deployment, License Manager, & Provisioning UNIFIED MESSAGING Unity Connection BANDWIDTH MANAGEMENT Unified CM, Endpoint Firmware, IOS / IOS-XE / AireOS SECURITY All Components SIZING Endpoints, Users, Calls, and Virtual Machines Functions: Dial Plan (Dialing Habits, Endpoints/ ILS/GDPR), Trunking, SRST, CTI, Provisioning Functions: Instant, Permanent, Scheduled Functions: Mobile Remote Access (MRA), B2B, IM&P Federation, PSTN Access, ISDN Video Functions: Deployment, Licensing, Monitoring and Troubleshooting Functions: Unified Messaging Functions: QoS and Admission Control Functions: Infrastructure/Network Security, DoS, Toll-Fraud, Encryption, Certificate Management Functions: Sizing numbers for products built on a set of calculated assumptions Architecture: Component Role, HA, Scalability Deployment: Process and Configuration High Level S i z i n g BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12

Usage of the Collaboration Preferred Architecture Collaboration Preferred Architecture assumes greenfield enterprise collaboration deployments However, this isn t the only usage of the architecture Guideline for updating brownfield collaboration deployments - architecture target Training for new collaboration engineers Answers the question: What s the best way to design your collaboration deployment? BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13

Call Control

Headquarters Expressway-E DMZ Mobile/Teleworker Endpoints Expressway-C IM and Presence Unified Communications Manager Integrated/Aggregated Services Router Internet Third-Party Solution MPLS WAN Integrated Services Router Call Control Collaboration Edge Unity Connection Cisco Meeting Server PSTN Remote Site Voice Messaging Conferencing TelePresence Management Suite Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 15

Call Control Functions User / endpoint identities and status Single cluster for call routing and IM&P with 1:1 redundancy Central Dial Plan authority E.164 dial plan Centralized SIP endpoint registration and management SIP application integration Expressway for firewall traversal and mobile and remote access (MRA) Management and third-party interoperability with APIs LDAP provisioning and authentication APIs Prime Deployment IM and Presence Unified Communications Manager Call Control Prime License Manager Prime Provisioning Collaboration Management Services SIP Endpoints Cisco Meeting Server Conferencing Unity Connection Voice Messaging Expressway-C DMZ Collaboration Edge TelePresence Management Suite Expressway-E MRA Endpoints Unified Communications Manager is the Heart of the Architecture. The Glue that binds it all together. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17

Call Control Core Components / Roles Unified CM provides call control, endpoint registration and configuration, call admission control, codec negotiation, trunk protocol translation, and CTI Unified CM IM and Presence Service provides on-premises instant messaging and presence Cisco Integrated Services Router (ISR) provides PSTN connectivity and remote site survivability (SRST) Key Benefits IM and Presence Call Control Call control is centralized at a single location that serves multiple remote sites. Management and administration are centralized. Common telephony features are available across voice and video endpoints. Unified Communications Manager Single call control and a unified dial plan are provided for voice and video endpoints. Critical business applications are highly available and redundant. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18

Unified CM with IM & Presence Cluster Unified CM Cluster DB Sync IM & Presence Cluster Two databases DB Publisher Call Processing SOAP / XML SIP Publisher Subscriber Each DB has: One publisher Multiple subscribers TFTP 1 TFTP 2 Primary Secondary Call Processing Primary... Secondary CTI/QBE Subscriber Subscriber... Up to 6 nodes CM subscriber: Call processing pairs TFTP pairs IM&P publisher part of pair Up to 21 nodes BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19

Preferred Architecture Clustering Guidelines Call Processing Subscribers always added in pairs 1:1 redundancy only Single TFTP Subscriber pair Call Processing Subscriber and IM&P pairs added to match scale requirements Music on Hold function co-located with Call Processing Subscribers BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20

DNS A Fundamental Solution Requirement Domain Name Service (DNS) is Critical for Collaboration Solutions» Forward and Reverse Lookup» SRV for Redundancy and Load Balancing» DNS for User Data Service (UDS) and Certificate Validity Recommendation:» Enable DNS forward (A record) and reverse (PTR record) lookup for all UC servers and applications» Dedicated zone for cluster simplifies configuration of cluster fully qualified domain name (CFQDN Enterprise Parameter): *.us-uc.ent-pa.com» SRV record for each Unified CM node Best load balancing of initial UDS requests during registration BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21

Deployment Considerations: Numeric Dial Plan For Your Reference Use +E.164 as DN addressing Benefit: Ensure uniform phone number formatting across all enterprise contacts Use XXXX abbreviated intra-site dialing Benefit: Allow abbreviated dialing for intra-site calls Use site-code based abbreviated inter-site dialing e.g.: 8+<site code>+<extension> Benefit: Use a normalized approach for inter-site calls Non-DID addresses in line with site-code based abbreviated inter-site dialing Unique addresses Additional site-codes per site or non-overlapping extensions BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22

Enterprise Specific Numbering (ESN) ESN Ranges for DIDs and Non-DIDs Site +E.164 Site Code ESN Range for DID s SJC +1 408 555 9XXX 140 8-140-4XXX 8-140-5XXX RCD +1 972 555 5XXX 197 8-197-5XXX 8-197-6XXX RTP +1 919 555 1XXX 191 8-191-1XXX 8-191-2XXX ESN Range for Non-DID s 8 as the access-code is used for abbreviated inter-site dialing, and thus all ESNs start with 8 and use a three-digit site code and a four-digit extension The concept is to use the same site code for DIDs and non-dids, but the first digit of the extension for non-dids is different from the first digit of the DID extensions. This also allows for abbreviated four-digit intra-site dialing to non-dids and DIDs BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23

SIP Trunking Recommendations Use Best Effort Early Offer on ALL Trunks Minimize number of SIP profiles» Consider default profiles first» Avoid per-trunk SIP profiles» Provision SIP profile per group of equivalent trunks Recommended SIP profile settings:» Use Fully Qualified Domain Name in SIP Requests set on all trunks and for video enabled endpoints; prevents IP address of Unified CM to show up in host portion of URIs in calling identity headers» Enable SIP OPTION ping for real-time status monitoring SIP trunk redundancy achieved by provisioning multiple peer user agents per trunk (Cisco Meeting Server, Unity Connection, Expressway-C, etc.)» Avoids multiple trunk configurations BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Multi-cluster Support CLUSTER 1 CLUSTER 2 CLUSTER 3 SIP XMPP IM&P UCM IM&P UCM IM&P UCM Branch1 Branch2 Branch1 Branch2 Branch1 Branch2 Recommendation: Centralized Call Processing Model (Single Call Processing Cluster) Full-Mesh Distributed Call Processing Deployment Model when required. This model is based on multiple iterations of the Centralized Call Processing Deployment Model. Session Management Edition is out of scope for the PA. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25

Conferencing

Cisco Meeting Server Conferencing Core Components Cisco Meeting Server for audio and video conference resources and resource management Cisco TelePresence Management Suite (TMS) for conference provisioning, monitoring, and scheduling» TMSXE for interfacing with Microsoft Exchange room and resource calendars Key Benefits Conferencing Simplified, optimal user experience Flexible, extendable architecture that supports deployment of one or more permanent, scheduled, and/or instant conference resources Dynamic optimization of conference resources High availability of conference resources TelePresence Management Suite Media resilience and rate adaptation in the video network A single tool for hosts to schedule participants and conference rooms for a meeting Multiparty licensing that enables full access to all conference resources on the bridge BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28

Conferencing Architecture Conferencing with Cisco Meeting Server Unified Communications Manager Expressway-C Expressway-E DMZ Internet TMS How to deploy the components (Call Bridge, Web Bridge, XMPP, Database) Support for multiple Conference types (Instant, Permanent, Scheduled) Instant, Permanent and Scheduled BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29

Cisco Meeting Server Spaces Spaces are virtual meeting rooms that have audio, video and content sharing capability and are accessible using Space URI, directory number or URL. Immersive Endpoints Dial URI user.space@cms.ent-pa.com or DN 8801000 Go to URL: https://join.ent-pa.com And enter Conference ID or User Credentials CMS Spaces WebRTC WebRTC CMA Non-Immersive Endpoints Permanent and Scheduled Meetings phone Dial: +1(408)555-5555 Enter IVR plus Space Call ID BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30

Conferences Instant vs Schedule/Permanent High-Level Configuration Steps Instant Conference (Ad hoc: +(Add) or Conference Sofktey) SIP Trunk to CMS Conferencing Bridge Media Resource Group Media Resource Group List Endpoint POINTS TO Permanent and Scheduled Conferences (URI or DN) SIP Trunk to CMS Route Group Route List Route Pattern CONTAINS BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31

TMS Scheduled Meeting Components / Roles Active Nodes CMS TMS TMSXE HTTPS/REST Single virtual IP address tms.ent-pa.com Network Load Balancer SQL Active Directory Managed Devices 1. FQDN of TMS is configured in TMS Network Settings 2. The FQDN should resolve to the NLB virtual IP for TMS 3. TMS will send managed devices FQDN that resolves to NLB for communications with TMS SSH keep-alive between Active/Passive nodes TMS Passive Nodes TMSXE BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32

TMS Scheduling Request Components / Roles 5 Managed Devices CMS HTTPS/REST TMS TMSXE Outlook Scheduling Request 1. Outlook scheduling request 2. Exchange uses Exchange Web Services (EWS) to sync request with TMSXE via the Network Load Balancer (NLB) 4 2 3 1 3. TMSXE sync directly with Exchange 4. TMSXE routes request to Active TMS via NLB 5. TMS sends confirmation email to user Network Load Balancer Single virtual IP address 4 BRKCOL-2614 2 MS Exchange 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33

Cisco Meeting Server Architecture Scalable and Resilient Deployment Web Bridge XMPP Server Call Bridge Database Resiliency Scale Web Bridge XMPP Server Call Bridge Database San Francisco RTP Richardson Call Bridge XMPP Server Database Cluster of 3 Servers BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34

LTRCOL-2250 - Business-to-Business Communications Multiparty Conferencing for Audio, Video and Web Collaboration using Cisco Meeting Server Tuesday, Jan 30, 02:15 p.m. - 06:15 p.m. Hall 8.0, Session Room 115 Content Catalog: https://www.ciscolive.com/emea/learn/sessions/content-catalog/ 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Collaboration Edge

Headquarters Expressway-E DMZ Mobile/Teleworker Endpoints Expressway-C IM and Presence Unified Communications Manager Integrated/Aggregated Services Router Internet Third-Party Solution MPLS WAN Integrated Services Router Call Control Collab Edge Unity Connection Cisco Meeting Server PSTN Remote Site Voice Messaging Conferencing TelePresence Management Suite Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37

Collaboration Edge Core Components Cisco Expressway-C and Expressway-E, for Internet connectivity and firewall traversal for voice and video Cisco Unified Border Element, for audio PSTN connectivity via IP trunks PSTN Voice Gateway (IOS), for direct audio PSTN connectivity Key Benefits Integrated/Aggregated Services Router Collab Edge Expressway-C Expressway-E Connect to customers and partners, independent of the technology they are implementing and the public network they are using. Provide for a resilient, flexible and extendable architecture. Provide any hardware and software client with the ability to access any public network (Internet and PSTN). DMZ Provide secure VPN-less access to collaboration services for Cisco mobile and remote clients and endpoints. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 38

Mobile and Remote Access (MRA)

Expressway for Internet Connectivity (MRA / B2B) Enterprise Network DMZ Outside Network Unified CM Expressway-C Firewall Expressway-E Firewall 1. Expressway-E is the traversal server installed in DMZ. Expressway-C is the traversal client installed inside the enterprise network. 2. Expressway-C initiates traversal connections outbound through the firewall to specific ports on Expressway-E with secure login credentials. 3. Once the connection has been established, Expressway-C sends keep-alive packets to Expressway-E to maintain the connection 4. When Expressway-E receives an incoming call, it issues an incoming call request to Expressway-C. 5. Expressway-C then routes the call to Unified CM to reach the called user or endpoint Internet Signaling Media 6. The call is established and media traverses the firewall securely over an existing traversal connection BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 40

Expressway Mobile and Remote Access Capabilities Three key capabilities when enabling Expressway Mobile and Remote Access: XCP Router for XMPP traffic (IM&P) HTTPS Reverse proxy (provisioning and other services) Proxy SIP registration to Unified CM Unity Connection Unified CM XMPP (IM&P) HTTPs (provisioning, visual voicemail, directory) SIP (audio, video) IM and Presence Expressway C Firewall Expressway E BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 41

Mobile & Remote Access Protocol Workload Summary Inside firewall (Intranet) DMZ Outside firewall (Public Internet) Protocol Security Service Collaboration Services Internet SIP TLS Session Establishment Register, Invite, etc. Unified CM Expressway C Unified CM IM&P Expressway E Media HTTPS SRTP TLS Audio, Video, Content Share Logon, Provisioning / Configuration, Contact Search, Visual Voicemail Unity Connection XMPP TLS Instant Messaging, Presence Conferencing Resources BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 42

Split DNS SRV Record Requirements _collab-edge record needs to be available only in public DNS Multiple SRV records (and Expressway-E hosts) should be deployed for HA _collab-edge._tls.example.com. SRV 10 10 8443 expwy1.ent-pa.com. _collab-edge._tls.example.com. SRV 10 10 8443 expwy2.ent-pa.com. A GEO DNS service can be used to provide unique DNS responses by geographic region _cisco-uds record needs to be available only in internal DNS _cisco-uds._tcp.example.com. SRV 10 10 8443 ucm1.ent-pa.com. _cisco-uds._tcp.example.com. SRV 10 10 8443 ucm2.ent-pa.com. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43

Expressway MRA and Jabber Service Discovery Collaboration Services Inside firewall (Intranet) DMZ Outside firewall (Public Internet) Public DNS DNS SRV lookup _cisco-uds._tcp.example.com Not Found DNS SRV lookup _collab-edge._tls.example.com Unified CM Expressway C Expressway E expwynyc.example.com TLS Handshake, trusted certificate verification HTTPS: get_edge_config?service_name=_ciscouds&service_name=_cuplogin BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 44

Device Mobility for Expressway MRA Expressway-E Expressway-E RTP RCD Expressway-C Expressway-C 1. Register me with 10.10.20.50 2. Device in RTP 3. Register me with 10.10.30.50 Device Mobility Location SRST Reference Local Route Group Media Resources. IP Subnet Device Mobility Info Device Pool Location 4. Device in RCD 10.10.20.50 RTP_EXP1_DMI RTP_EXP_DP RTP 10.10.30.50 RCD_EXP1_DMI RCD_EXP_DP RCD 10.10.40.50 SJC_EXP1_DMI SJC_EXP_DP SJC BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45

Device Mobility for Expressway MRA Redundancy Device Mobility Info Device Pool Location Redundant Expressway-C Pairs @ RTP RTP_EXP1_DMI 10.10.20.50/32 RTP_EXP2_DMI 10.10.20.51/32 RTP_EXP_DP RTP Redundant Expressway-C Pairs @ RCD RCD_EXP1_DMI 10.10.30.50/32 RCD_EXP2_DMI 10.10.30.51/32 RDC_EXP_DP RCD Redundant Expressway-C Pairs @ SJC SJC_EXP1_DMI 10.10.40.50/32 SJC_EXP2_DMI 10.10.40.51/32 SJC_EXP_DP SJC BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46

BRKUCC-2060 Cisco Enterprise Mobile Collaboration BRKUCC-2801 Enabling External Collaboration and Federation with Expressway BRKCOL-2018 Best Practices for Business to Business Video Collaboration Content Catalog: https://www.ciscolive.com/emea/learn/sessions/content-catalog/ Wednesday, Jan 31, 09:00 a.m. - 11:00 a.m. Hall 8.0, Session Room 122 Wednesday, Jan 31, 11:30 a.m. - 01:30 p.m. Hall 8.0, Session Room 120 Thursday, Feb 01, 09:00 a.m. - 11:00 a.m. Hall 8.0, Session Room 131 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Unified Messaging

Headquarters Expressway-E DMZ Mobile/Teleworker Endpoints Expressway-C IM and Presence Unified Communications Manager Integrated/Aggregated Services Router Internet Third-Party Solution MPLS WAN Integrated Services Router Call Control Collaboration Edge Unity Connection Cisco Meeting Server PSTN Remote Site Unified Messaging Conferencing TelePresence Management Suite Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 50

Unified Messaging Core Components Cisco Unity Connection, for voice and unified messaging service to Unified CM registered endpoints Microsoft Exchange and Active Directory, for email and directory integrations Key Benefits Users can access the voicemail system and retrieve their messages using their IP phones, mobile devices, or email client applications with either a dialed number or a SIP URI. Users are able to customize personal settings from a web browser. Offers a natural and robust speechactivated user interface that allows users to browse and manage voice messages using simple and natural speech command. Unity Connection Unified Messaging BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 51

Unified Messaging Cisco Unity Connection: Architecture Voicemail Unified CM PIN Sync SIP Unity Connection Publisher Subscriber Directory synchronization Directory Microsoft Active Directory Mailbox synchronization Microsoft Exchange Voicemail access via VoIP to TUI or via REST/HTTPS (Visual Voicemail) Email access to voicemail (Single Inbox) Messaging (On-Premise or Cloud-Based) Redundant Unity Connection nodes SIP Trunk integration to Unified CM Integrations to directory and mail:» Microsoft Active Directory» Microsoft Exchange Call forwarding to Unity Connection Direct call to voicemail or visual mailbox navigation (Visual Voicemail) Email access to voicemail (Single Inbox) SIP VoIP or REST/HTTPS Email (SMTP/HTTPS) BRKCOL-2614 11.6 Update PIN synchronization between Unified CM and Unity Connection 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 52

Collaboration Management Services

Core Applications Core Components Cisco Smart Software Manager management of user-based licensing, including license fulfillment. Cisco Prime Collaboration Deployment (PCD) deploys new clusters of Unified CM and IM and Presence servers and Unity Connection Cisco Prime Collaboration Provisioning (PCP) provisions and configures users and endpoints Key Benefits Deployment Smart Software Manager Provisioning Collaboration Management Services Single tool to enable license workflows and manage licensing for collaboration infrastructure components. Eases deployment of new infrastructure components, enabling faster initial setup Rapid and automated user/endpoint enablement along with moves, adds, changes and deletions (MACD) BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 55

Cisco Prime Collaboration Deployment Cisco Prime Collaboration Deployment: Architecture UCM_Pub VM IM&P_Pub VM UCxn_Pub VM VMWare ESXi Host UCM_Sub VM UCM_Sub VM IM&P_Sub VM IM&P_Sub VM UCxn_Sub VM Cisco collaboration application.iso install files located on Prime Collaboration Deployment (PCD). PCD network file system (NFS) mount on ESXi host(s) to facilitate.iso file access. SFTP Prime Collaboration Deployment.iso.iso.iso Collaboration application node virtual machines (VMs) manually created on the ESXi host. PCD installs collaboration application clusters on the target VMs. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 56

Cisco Smart Software Manager Architecture 1. Licenses are applied to the Cisco Smart Software Manager portal 2. The admin generates a product registration token 3. Using the token the admin registers the collaboration application publisher (Unified CM and Unity Connection) 4. Once registered, the publishers will synchronize and receive user and feature licensing entitlement information Unified CM Publisher 3 Publisher Unity Connection Alternatives: HTTPS Proxy Cisco Smart Software Manager satellite system HTTPS 4 Cisco Smart Software Manager 2 Cisco.com BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57 1

Cisco Prime Collaboration Provisioning Application Program Interface (API) Unified CM Unified IM&P AXL SOAP over HTTP(S) Prime Provisioning Unity Connection Directory REST/SQL over HTTP(S) LDAP over HTTP(S) Microsoft Active Directory BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58

Cisco Prime Collaboration Provisioning (MACD) On-boarding / Off-boarding of Users US Cluster EMEA Cluster 3 Importing users from Active Directory into Prime Collaboration Provisioning triggers Automatic Service Provisioning Service Provisioning: Device Pool, Location, VM Template, and Directory Number (DN) block 3 Cisco Prime Collaboration Provisioning IM&P 4 UCM 2 CUC IM&P BRKCOL-2614 UCM CUC Users imported from Active Directory to Prime Collaboration Provisioning 2 1 Microsoft Active Directory Users imported from Active Directory to Unified CM Help desk administrators log into Cisco Prime Collaboration Provisioning for configuration updates (MACDs) 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 1

Simplified Sizing

PA Simplified Sizing vs. Collaboration Sizing Tool Deployment within the Preferred Architecture Sizing Assumptions? Use PA Simplified Sizing Use Collaboration Sizing Tool BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61

Sizing Cisco Unified CM for the Preferred Architecture < 5,000 devices and users Publisher TFTP 1 TFTP 2 Between 5,000 and 10,000 devices and users Publisher TFTP 1 TFTP 2 Call Processing subscriber pair Call Processing subscriber pair 7,500 OVA (2 vcpus) is used for both deployments Call Processing subscriber pair 7,500 OVA supported on BE7000M or larger BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 62

Sizing Unified CM PA Assumptions 1:1 Server Redundancy Simplified User Sizing Sizing Assumptions for Unified CM:» Average up to 4 BHCA per user» Average up to 2 DNs per device» Extension Mobility for ALL Users» Up to 500 Shared Lines per Call Processing Pair» Up to 500 CTI ports and 100 CTI Route Points per Call Processing pair» Up to 3,000 Partitions, 6,000 Calling Search Spaces, 12,000 Translation Patterns» Up to 40,000 users synched with AD (5,000 or 10,000 active) Refer to the Preferred Architecture CVD for the complete list of assumptions https://www.cisco.com/c/en/us/td/docs/solutions/cvd/collaboration/enterprise/11x/116/collbcvd.html BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63

Bandwidth Management

Managed vs. Unmanaged Networks Where do your media packets go? On-premise UC Services Central Site Call Control How do you preserve user experience when media traverses the Internet? QoScapable Managed WAN MPLS VPN DMVPN Cloud Services Internet B2B B2C Remote Sites Home/Mobile Users BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65

Our Strategy Smart Media Techniques Encoder Encoder... LTRF1 P1... P2 P3 P4 P2 P4.........? LTRF Repair-P... P5 R1 R2 OOS (P4) 0111010001 1000011001 0001100 1110010101 1011010010 1010010 ACK LTRF1 LTRF1 Use media resilience to reduce impact of packet loss Apply rate adaptation to reduce network congestion P1 1001000100 0011001011 1011110 P5 FEC R1 Decoder Decoder R2 FEC QoS Tools EF EF AF42 AF42 AF41 AF41 Audio Queue Video Queue WAN Link Consolidate mechanisms to identify Collaboration media Evolve classification and scheduling recommendations Design & Deployment Leverage media resilience and rate adaptation to enable pervasive video deployments through: Simplified provisioning Optimized bandwidth utilization BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 66

Classification: DSCP Classes EF: Expedited Forwarding (PQ) Used for voice media AF: Assured Forwarding (CWBFQ) Used for video media CS: Class Selector Used for signaling SIP Signaling Priority video media (TelePresence, desktop) Opportunistic video media (Jabber) Voice media DSCP Class DSCP ToS Prec. none 0 0 CS1 8 1 AF11 10 1 AF12 12 1 AF13 14 1 CS2 16 2 AF21 18 2 AF22 20 2 AF23 22 2 CS3 24 3 AF31 26 3 AF32 28 3 AF33 30 3 CS4 32 4 AF41 34 4 AF42 36 4 AF43 38 4 CS5 40 5 EF 46 5 CS6 48 6 CS7 56 7 BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 67

WAN Queuing Considerations Single Video Queue, Dual QoS Markings Opportunistic Video and Prioritized Audio Audio of IP Phone Audio of Video Audio of Jabber Video of Video Video of Jabber Opportunistic video EF EF EF EF AF41 AF42 AF42 WRED thresholds (i.e., drop AF42 first) PQ Video CBWFQ AF41 WRED thresholds (i.e., drop AF41 last) other queues BW Assigned to LLQ Classes Map audio streams of voice and video calls (EF) to a priority queue Map video streams of video calls (AF41 and AF42) to a single classbased queue with WRED: AF41: higher drop thresholds (e.g., 50-100% of queue depth) AF42: lower drop thresholds (e.g., 15-35% of queue depth) During congestion, AF42 traffic (opportunistic video) is dropped first: Packet loss triggers rate adaptation Media resilience limits the impact BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 68

WAN Queuing Considerations Single Video Queue, Single QoS Marking Audio of IP Phone Audio of Video Audio of Jabber Video of Video All video Single QoS Marking for Video with Prioritized Audio Video of Jabber EF EF EF EF AF41 AF41 PQ Video CBWFQ other queues BW Assigned to LLQ Classes Map audio streams of voice and video calls (EF) to a priority queue In deployments where dual QoS marking is not practical, map video streams of all video calls (desktop/telepresence and Jabber) to a single class-based queue AF41: Marking for all video During congestion, if traffic is dropped: Packet loss triggers rate adaptation Media resilience limits the impact BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69

Summary Combine QoS tools, media resilience and dynamic adaptation to build a selfregulating system that makes optimal use of available network resources Leverage rate adaptation and media resilience mechanisms in managed network to deploy pervasive video. Prioritized video for room system and hard endpoints, opportunistic video for Jabber endpoints. Use CAC when and where needed When managing bandwidth with Media Resilience and Rate Adaptation techniques is not an option (i.e. extreme contention on WAN bandwidth) BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70

BRKCOL-2616 - QoS Strategies and Smart Media Techniques for Collaboration Deployments On Demand Library: https://www.ciscolive.com/global/on-demand-library/?#/ 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Security See Appendix

BRKUCC-2501 Cisco UC Manager Security & Certificate Deep Dive Thursday, Feb 01, 09:00 a.m. - 11:00 a.m. Hall 8.0, Session Room 108 Content Catalog: https://www.ciscolive.com/emea/learn/sessions/content-catalog/ 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark Hybrid Services for the Collaboration Preferred Architecture NEW

Preferred Architecture: Cisco Spark Hybrid Services Cisco Preferred Architecture for Cisco Spark Hybrid Services» Both PA Overview and PA CVD Content: Directory, Calendar, Call Connector integrations Hybrid media services with Hybrid Media Node Endpoints Unified Communications Manager Call Control Cisco Directory Connector Directory Headquarters Hybrid Media Node Hybrid Media Microsoft Active Directory Microsoft Exchange DMZ Expressway-E Expressway-C Expressway-C Connector Host Integrated/Aggregated Services Router Collaboration Edge Internet MPLS WAN PSTN Mobile/Teleworker Third-Party Solution Integrated Services Router Enterprise Branch Calendar BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 75

Headquarters Expressway-E Mobile/Teleworker DMZ Endpoints Expressway-C Unified Communications Manager IM and Presence Integrated/Aggregated Services Router Internet Third-Party Solution Call Control Collaboration Edge MPLS WAN Integrated Services Router Unity Connection Cisco Meeting Server PSTN Remote Site Voice Messaging Conferencing TelePresence Management Suite Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76

Headquarters Expressway-E Mobile/Teleworker DMZ Endpoints Expressway-C Unified Communications Manager Integrated/Aggregated Services Router Internet Third-Party Solution Call Control Collaboration Edge MPLS WAN Integrated Services Router Unity Connection PSTN Remote Site Voice Messaging Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77

Headquarters Expressway-E Mobile/Teleworker DMZ Endpoints Expressway-C Unified Communications Manager Expressway-C Connector Host Integrated/Aggregated Services Router Internet Third-Party Solution Call Control Calendar Microsoft Exchange Collaboration Edge MPLS WAN Integrated Services Router Unity Connection Hybrid Media Node Cisco Directory Connector Microsoft Active Directory PSTN Remote Site Voice Messaging Hybrid Media Directory Cisco Prime Deployment Cisco Smart Software Manager Cisco Prime Provisioning Collaboration Management Services BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78

Cisco Spark Hybrid Services PA Architecture Microsoft Exchange Expressway-C with Connectors Management Connector Calendar Connector Call Connector Active Directory Directory Connector Management Connector Expressway-C Expressway-E Calendar Connector Call Connector Directory Connector SIP signaling and media Unified CM Internal FW DMZ FW Internet BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 79

Hybrid Directory Integration HYBRID DIRECTORY INTEGRATION Microsoft Active Directory Cisco Directory Connector Microsoft APIs Expressway-C Expressway-E HTTPS (REST) Internet Endpoints Unified Communications Manager Microsoft Exchange Expressway-C Connector Host BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 80

DATA CENTER 2 SOFTWARE 1 Virtual Machines (VMs) 3 admin.ciscospark.com HTTPS (REST) Internet 6 Microsoft Active Directory 4A Microsoft APIs 4 Cisco Directory Connector 5 4B 1. Deploy VM Windows Servers 2. Enable Dir Sync and download the Cisco Directory Connector software 3. Install Directory Connector on the Windows servers 4. Admin configures the connector a) Sync occurs between AD and the Directory Connector b) Then between Directory Connector and the Cisco Collaboration Cloud 5. Admin schedules Sync (Periodic and Full) 6. Admin manages and provisions users in the Cloud BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 81

Directory High Availability Directory Connectors are deployed as a pair (Primary and Secondary) Deploy on separate hosts in separate buildings or data centers The Primary Directory Connector handles directory synchronization The Secondary Directory Connector maintains connectivity to the Cisco Collaboration Cloud but does not perform any synchronization. Failure of the primary Directory Connector causes the backup Directory Connector to handle synchronization operations DATA CENTER 1 HOST 1 VMs HOST N VMs......... Cisco Directory Connector #1 DATA CENTER 2 HOST 1 VMs HOST N VMs... Cisco Directory Connector #2...... Active Directory and Domain Controllers Microsoft APIs HTTPS Internet BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 83

Hybrid Calendar Integration Microsoft Active Directory Cisco Directory Connector Expressway-C Expressway-E Unified Communications Manager Exchange Web Services Internet HTTPS (REST) Cisco WebEx Endpoints @webex @spark Microsoft Exchange (EWS) Cisco Calendar Connector (Expressway-C Connector Host) HYBRID CALENDAR INTEGRATION BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 84

DATA CENTER 2 SOFTWARE 5 1 Expressway-C (VMs) Host Connector admin.ciscospark.com HTTPS (REST) Internet Cisco WebEx Microsoft Exchange 3 4A EWS Cisco Calendar Connector 2 4 4B 1. Deploy Expressway-C Connector Host pair 2. Register connector host to the cloud and download the Cisco Cloud Connector software 3. Setup Calendar Connector service user account and throttling policy on Exchange 4. Admin enables the calendar connector and configures connection to Exchange and WebEx a) Calendar invitations including the @spark or @webex notation are pushed from Exchange using EWS b) in turn propagated by HTTPS to the Cisco Collaboration Cloud calendar service 5. Admin provisions users for Calendar Service using the Cisco Spark Control Hub BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85

Calendar High Availability Calendar Connector is a micro-service installed on Expressway-C Connector Host synchronizing calendar meeting invitations and updates between the user's enterprise calendar and the Cisco Collaboration Cloud. Expressway-C Connector Hosts are deployed as an Active/Active pair Deploy on separate hosts in separate buildings or data centers Provide redundancy for Microsoft Exchange services (EWS), connectivity to the Cisco Collaboration Cloud (HTTPS) DATA CENTER 1 HOST 1 VMs HOST N VMs......... Expressway-C Connector Host #1 Microsoft Exchange Cisco Calendar Connector DATA CENTER 2 HOST 1 VMs HOST N VMs Internet... Expressway-C Connector Host #2...... EWS HTTPS BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86

DATA CENTER 1 SOFTWARE 1 Virtual Machines (VMs) Or Hardware admin.ciscospark.com Discovery / Registration Internet 3 Cisco Hybrid Media Node 2 Media 1. Download and Deploy Hybrid Media Node 2. Configure network details IP/DNS 3. Register Hybrid Media Node to the Cloud a) HMN does a connectivity test and discover process BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 87

Hybrid Media Node Discovery Scenario

Scenario 2 Registration Corporate network- Spain Internet Cloud1 Cloud2 Madrid1 Madrid2 Cisco Spark app and room devices register to their organization Cisco Collaboration Cloud responds with the clusters available for the users Mobile Home Office Cluster - Madrid 1. Node Madrid1 2. Node Madrid2 Cluster - Cloud 1. Node Cloud1 2. Node Cloud2 BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 89

Scenario 2 Reachability Test Corporate network- Spain Internet Cloud1 Cloud2 Madrid1 Madrid2 Cisco Spark app and room devices do reachability tests to nodes. Cisco Spark app and room devices sends results to the cloud at call start. Mobile Home Office Cluster - Madrid 1. Node Madrid1 (RTD = 10) 2. Node Madrid2 (RTD = 11) Cluster - Cloud 1. Node Cloud1 (RTD = 250) 2. Node Cloud2 (RTD = 200) BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 90

Scenario 2 Meeting Corporate network- Spain Internet Cloud1 Cloud2 Madrid1 Madrid2 Cisco Spark app and room devices connect to a media node Media node Madrid1 hosts a meeting for the corporate users Media node Cloud 2 hosts a meeting for remote users Mobile Home Office Media node Madrid1 cascades automatically to media node Cloud2 to create the meeting for all participants BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 91

Points to remember 1. App or device ask Cisco Collaboration Cloud for media clusters to use 2. Response gives media clusters and nodes within the cluster to test 3. App and devices test reachability and RTD to the nodes 4. Reports information to the cloud at meeting start. 5. Cisco Collaboration Cloud tells the device or app where the meeting is hosted. Clusters to use? Your clusters: Cloud + in your Org? Reach and RTD test Corporate LAN Cluster HQ Reach + RTD info Meeting location? BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 92

Meeting with the Hybrid Media Node WebEx Meetings - Signaling SIP Unified CM Expressway-C Expressway-E Cisco Collaboration Cloud Internet Signaling goes to the Cisco Collaboration Cloud Hybrid Media Node BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 93

Meeting with the Hybrid Media Node WebEx Meetings- Media SIP/SRTP Unified CM Expressway-C Expressway-E Cisco Collaboration Cloud Internet Meeting Meeting Hybrid Media Node Signaling goes to the Cisco Collaboration Cloud Meeting is created on the Hybrid Media Node and cloud Media goes to the Hybrid Media Node BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94

Key points to remember Hybrid Media Node and WebEx meetings Cisco Spark app or device Signaling goes to the Cisco Collaboration Cloud directly Does not use existing C/E traversal mechanism for signaling Media goes directly to HMN or overflow to the cloud Does not use existing C/E traversal mechanism for media Standards based SIP device registered to CUCM Supports video dial in meetings to WebEx Signaling goes to CUCM then to HMN Media goes from endpoint to HMN Hybrid Media Node Internet Cisco Collaboration Cloud WebEx mobile and desktop app communicated directly to the WebEx meeting No change in behavior Audio participants communicate directly to the WebEx meeting No change in behavior HMN signaling goes directly to the Cisco Collaboration Cloud BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 95

Design Considerations

Corporate network- Spain Madrid Internet Cluster Spain Corporate network- UK London Paris Corporate network- France Cluster UK Cluster France Create HMN clusters to each location Keeps local only meetings media on premises Aggregates media streams to a single cascade link to the cloud HMN when participants from outside the LAN are involved in the meeting. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 97

Corporate network- Spain Madrid Internet Everyone s individual media streams Corporate network- Spain Barcelona Seville Corporate network- Spain WAN All media streams traverse the corporate WAN to the cloud nodes Internet link has 6 different participants media streams (2 per site) Media streams terminate on the cloud media node BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 98

Corporate network- Spain Madrid Internet 3 MB 1.5 MB 13.5 Mbps Everyone s individual media streams Corporate network- Spain Barcelona Seville Corporate network- Spain 4.5 Mbps WAN 9 Mbps 3 MB 3 MB 1.5 MB 1.5 MB Cisco Spark Video Bandwidth (Typical) Video Bandwidth (Maximum) Cisco Spark app 1 2 Mbps 3 Mbps DX series, SX10 1 2 Mbps 3 Mbps SX 20, SX80, MX series, Room Kits 2 4 Mbps 6 Mbps BRKCOL-2614

Corporate network- Spain Madrid Internet Corporate network- Spain Barcelona Seville Corporate network- Spain 4.5 Mbps WAN 9 Mbps Add Hybrid Media Node cluster to Seville Internal Meeting, utilizes WAN bandwidth for media only BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100

Corporate network- Spain Madrid Internet 1.5 MB 12 Mbps Corporate network- Spain Barcelona Seville Corporate network- Spain 4.5 Mbps WAN 9 Mbps Internet user connects to the meeting via the cloud Seville Hybrid Media Nodes creates a cascade to the cloud BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 101

Corporate network- Spain Madrid Internet 1.5 MB 12 Mbps Corporate network- Spain Barcelona Seville Corporate network- Spain 4.5 Mbps WAN 9 Mbps n = # of participants Max((Madrid(n) + Barcelona(n) + Seville(n)), remote(n)) = s s >= 6 then transmit 6 streams @ 2 Mbps each s < 6 then transmit s streams @ 2 Mbps each Max((2) + (2) + (2)), remote(1)) = s Max number of the set (6,1) = 6 s >= 6 then transmit 6 streams @ 2 Mbps each 6 * 2 = 12 Mbps for the cascade BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 102

Corporate network- Spain Madrid Internet Cluster Madrid Corporate network- Spain Barcelona Seville Corporate network- Spain WAN Cluster Seville Two different clusters defined Reachability test result determine clusters to use. Barcelona uses which cluster? BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 103

Corporate network- Spain Madrid Internet 8 Mbps 10 Mbps Cluster Madrid Corporate network- Spain Barcelona Seville Corporate network- Spain 3 MB 4.5 Mbps WAN 1.5 MB Cluster Seville Two different clusters defined Reachability test result determine clusters to use. Barcelona uses Madrid cluster Each cluster has a cascade link to the cloud for the conference Cluster Madrid Cluster Seville BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 104

Key points to remember in architecting a HMN solution One recommendation does not fit all deployments Deploy Hybrid Media Nodes in the large campus sites Start small and grows as needed 6 or more participants in the meeting, HMN saves bandwidth Large number of internal meetings without WebEx app or desktop participants, saves Internet bandwidth Deploying HMN in branch offices can help or hinder the architecture Depends on the amount and type of video systems in the branch Depends on the participants in the meeting (local, remote branch or Internet think cascade impact) Continuously monitor analytics, add more nodes and/or clusters based the observed traffic and meeting locations (Hybrid Media, Overflow, or Cloud) BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 105

Cisco Spark Control Hub https:// admin.ciscospark.com Hybrid Media Service Reports enables administrator to understand the trend of their on premises resource capacity and utilization, as well as availability that impacts capacity. New call activity graph gives an overall perspective of the number of calls hosted on the cloud vs the number of calls that were hosted on on-premises clusters in an organization. New Adoption tab added to the reports to help administrators find the most popular categories of client types and utilization in the organization. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106

Call Service Aware and Connect

Call Service Aware & Call Service Connect Call Service Aware Enables Cisco Spark users to share their screen using Spark Complements, and is aware, of Cisco UC calls and allows for Desktop Sharing Call Service Connect Allows Cisco Spark users to call Cisco UC registered devices, as well as be called by Cisco UC users. Together with Call Service Aware, enables users to manage a unified Spark and UC call history from the Cisco Spark calls tab BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 108

DATA CENTER SOFTWARE 1 Expressway-C (VMs) Host Connector 1 admin.ciscospark.com HTTPS (REST) Expy-C Expy-E Internet Cisco WebEx Cisco Unified CM Cisco Call Connector 4 3 CTI/QBE and AXL 2 MEDIA 1. Register connector host to the cloud and download the Cisco Cloud Connector software 2. Setup Call Connector service 3. Unified CM: Setup user for Mobility, Create Spark RDs, SIP Trunk, Etc 4. Expressway: Setup DNS Zone, Spark Traversal Zone, MTLS, Search rules, CPL, etc BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 109

Call Service Aware/Connect Addressing Expressway-C Connector Host Cisco Unified CM Expressway-E agoodman@ent-pa.com Aaron Goodman Expressway-C agoodman@example.call.ciscospark.com Aaron Goodman BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 110

Call Service Connect Global Reachability BRKCOL-2614

UCM to UCM call +14085551234 bob@example.com Spark RD RD Expressway-C with Connectors bob@example.call.ciscospark.com Spark Remote Device similar to Remote Destination Profile used for mobility features 2 2 3 Expressway-C Expressway-E Cisco Unified CM 3 bob@example.call.ciscospark.com 3 Internet 1 Dial bob@example.com or +14085551234 Alice Bob BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 112

Spark to Spark Call +14085551234 bob@example.com Calling alice@example.call.ciscospark.com Called bob@example.com Cisco Unified CM 3 Spark RD Alice RD 3 4 bob@example.call.ciscospark.com Expressway-C Expressway-E bob@example.com 2 bob@example.com 2 Internet 4 4 bob@example.call.ciscospark.com cancelled 1 Alice calls Bob alice@example.com +14085551235 Bob 2 BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 113

Hybrid Bandwidth Management

Assigning Cisco Spark Media Traffic to Queues Cisco Spark Audio-only Endpoints Cisco Spark Room Cisco Spark Board Cisco Spark Applications EF EF EF AF41 or AF42 AF41 or AF42 AF41 or AF42 AF41 or AF42 PQ WRED Video CBWFQ other queues BW Assigned to LLQ Classes Audio traffic (DSCP EF) mapped to priority queue Video traffic (DSCP AF42 or AF41) mapped to a class-based weighted fair queue with DSCP-based WRED BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 115

Spark Endpoint and Application Native Marking Traffic Type DSCP1 (PHB; decimal value) Audio EF; 46 6 Prioritized video AF41; 34 5 Opportunistic video AF42; 36 5 Other traffic Best Effort; 0 0 802.11 User Priority (UP) Notes Includes audio streams of voice-only calls, audio streams of video calls, and related RTCP packets Includes video streams (main video and presentations or content) and related RTCP packets Includes video streams (main video and presentations or content) and related RTCP packets Includes messaging, file transfer, configuration, call and meeting setup Microsoft Windows does not allow applications to mark DSCP natively. Group Policy Objects (GPO) can be used to instruct the operating system to classify traffic from the application based on specific port ranges; however, we recommend following a network-based classification scheme. BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 116

Traffic Signatures for Cisco Spark Media Source IP Address Destination IP Address Source UDP Ports Destination UDP Ports Recommended DSCP Media Type Cisco Spark application or endpoint Cisco Spark application or endpoint Cisco Collaboration Cloud Cisco Collaboration Cloud 52000 to 52099 5004 EF Audio 52100 to 52299 5004 AF41, AF42 Video Cisco Spark application or endpoint Cisco Spark application or endpoint Hybrid Media Node Hybrid Media Node Hybrid Media Node 52000 to 52099 52500 to 62999* EF Audio Hybrid Media Node 52100 to 52299 63000 to 65500* AF41, AF42 Video Cisco Collaboration Cloud 52500 to 62999* 5004 EF Audio Cisco Collaboration Cloud 63000 to 65500* 5004 AF41, AF42 Video Hybrid Media Node Hybrid Media Node 52500 to 62999* 52500 to 62999 EF Audio * The Hybrid Media Node port ranges for audio and video are currently in development and are expected to release in beginning of February 2018! HMN also marks Natively!!!! BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 117

Updating the QoS Config Update QoS Config ip access-list extended QOS_SPARK_AUDIO permit udp any range 52000 52099 any any permit udp any eq 5004 any range 52000 52099 ip access-list extended QOS_SPARK_VIDEO permit udp any range 52100 52299 any any permit udp any eq 5004 any range 52100 52299 ip access-list extended QOS_VOICE permit udp any range 17000 17999 any dscp ef ip access-list extended QOS_PRIORITIZED_VIDEO permit udp any range 17000 17999 any dscp af41 ip access-list extended QOS_SPARK_AUDIO permit udp any range 52000 52099 any any permit udp any eq 5004 any range 52000 52099 ip access-list extended QOS_SPARK_VIDEO permit udp any range 52100 52299 any any permit udp any eq 5004 any range 52100 52299 class-map match-any VOICE match access-group name QOS_VOICE match access-group name QOS_SPARK_AUDIO class-map match-any PRIORITIZED_VIDEO match access-group name QOS_PRIORITIZED_VIDEO match access-group name QOS_SPARK_VIDEO BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 118

! This section configures the ACL s ip access-list extended QOS_VOICE permit udp any range 17000 17999 any dscp ef ip access-list extended QOS_SPARK_AUDIO permit udp any range 52000 52099 any any permit udp any eq 5004 any range 52000 52099 ip access-list extended QOS_PRIORITIZED_VIDEO permit udp any range 17000 17999 any dscp af41 ip access-list extended QOS_SPARK_VIDEO permit udp any range 52100 52299 any any permit udp any eq 5004 any range 52100 52299 ip access-list extended QOS_SIGNALING permit tcp any any range 5060 5061 dscp cs3 permit tcp any range 5060 5061 any dscp cs3! This section configures the classes class-map match-any VOICE match access-group QOS_VOICE match access-group QOS_SPARK_AUDIO class-map match-any PRIORITIZED-VIDEO match access-group QOS_PRIORITIZED_VIDEO match access-group QOS_SPARK_VIDEO class-map match-any SIGNALING-SIP match access-group QOS_SIGNALING Ingress Policy 1! This section configures the policy-map to set DSCP for Trusted and Untrusted Voice, Video and SIP Signaling on ingress policy-map INGRESS-MARKING class VOICE set dscp ef class PRIORITIZED-VIDEO set dscp af41 class SIGNALING-SIP set dscp cs3 class class-default

WAN Ingress QoS Marking Policy Ingress Policy 1 Ingress Policy 1! This section applies the policy-map to the Interface Router(config-if)# service-policy input INGRESS-MARKING! Attaches service policy to interface 2! This section configures the policy-map to set DSCP for Trusted and Untrusted Voice, Video and SIP Signaling on ingress! This section configures the classes class-map match-any VOICE match access-group QOS_VOICE match access-group QOS_SPARK_AUDIO class-map match-any PRIORITIZED-VIDEO match access-group QOS_PRIORITIZED_VIDEO match access-group QOS_SPARK_VIDEO class-map match-any SIGNALING-SIP match access-group QOS_SIGNALING 3 policy-map INGRESS-MARKING class VOICE set dscp ef class PRIORITIZED-VIDEO set dscp af41 class SIGNALING-SIP set dscp cs3 class class-default BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 120

! This section configures the ACL s ip access-list extended QOS_VOICE permit udp any range 17000 17999 any dscp ef ip access-list extended QOS_SPARK_AUDIO permit udp any range 52000 52099 any any permit udp any eq 5004 any range 52000 52099 ip access-list extended QOS_PRIORITIZED_VIDEO permit udp any range 17000 17999 any dscp af41 ip access-list extended QOS_SPARK_VIDEO permit udp any range 52100 52299 any any permit udp any eq 5004 any range 52100 52299 ip access-list extended QOS_SIGNALING permit tcp any any range 5060 5061 dscp cs3 permit tcp any range 5060 5061 any dscp cs3! This section configures the classes class-map match-any VOICE match access-group QOS_VOICE match access-group QOS_SPARK_AUDIO class-map match-any PRIORITIZED-VIDEO match access-group QOS_PRIORITIZED_VIDEO match access-group QOS_SPARK_VIDEO class-map match-any SIGNALING-SIP match access-group QOS_SIGNALING 4 3 5 Ingress Policy 1 Egress Policy! This section configures the policy-map to set DSCP for Trusted and Untrusted Voice, Video and SIP Signaling on ingress policy-map INGRESS-MARKING class VOICE set dscp ef class PRIORITIZED-VIDEO set dscp af41 class SIGNALING-SIP set dscp cs3 class class-default BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 121 6 WAN

Egress Classification and Queuing Egress Policy 6 WAN 6.1! This section applies the policy-map to the Interface Router (config-if)# service-policy output EGRESS-QUEUING! Attaches service policy to interface! This section configures the bandwidth for all collab traffic policy-map EGRESS-QUEUING class VOICE priority percent 10! Provisions 10% LLQ to VOICE class class VIDEO bandwidth percent 30! Provisions 30% CBWFQ to VIDEO class class SIGNALING bandwidth percent 2! Provisions 2% CBWFQ to SIGNALING class 6.2 6.3! This section applies the policy-map class-map match-all VOICE match dscp ef class-map match-any VIDEO match dscp af41 class-map match-all SIGNALING match dscp cs3 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Learn More

Design and Deployment Best Practices for Cisco Collaboration What you would tell your best friend, if they asked you how to design their Cisco collaboration deployment? Preferred Architectures (PA) Prescriptive design and deployment best practices within a well-defined architecture containing common Cisco collaboration portfolio components https://www.cisco.com/go/pa Three preferred architectures (PAs) covering a wide range of customer deployment types and sizes:» On-Premises (Enterprise, Midmarket)» Cloud (Midmarket)» Hybrid (Enterprise) Collaboration Solution Reference Network Design (SRND) Design guidance across the Cisco collaboration portfolio with a focus on enterprise, on-premises deployments https://www.cisco.com/go/srnd Versions aligning with major Collaboration System Releases (CSRs): 9.x, 10.x, 11.x, and 12.x* * Coming soon. Target Q1 CY2018 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

Preferred Architectures Links Contact us via email: pa-feedback@cisco.com PA Landing Page: http://cisco.com/go/pa Preferred Architecture for Cisco Collaboration 12.0 On-Premises Deployments, Design Overview Preferred Architecture for Cisco Collaboration 12.0 Enterprise On-Premises Deployments, CVD Preferred Architecture for Cisco Spark Hybrid Services, Design Overview Preferred Architecture for Cisco Spark Hybrid Services, CVD dcloud: Cisco Preferred Architecture for Enterprise Collaboration 11.6 v1 Collaboration Security for the Enterprise Preferred Architecture Lab v1 BRKCOL-2614 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 125

Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/. 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public