Transcription
Federating Unified CommunicationsBRKUCC-2666BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public2
FundamentalsScenario 1: Inter-Domain Federation to JabberScenario 2: Inter-Domain Federation to LyncScenario 3: Inter-Domain Federation to Public IMScenario 4: Intra-Domain Federation between Jabber & LyncScenario 5: Cloud WebEx Messenger Inter-Domain Federation
FundamentalsScenario 1: Inter-Domain Federation to JabberScenario 2: Inter-Domain Federation to LyncScenario 3: Inter-Domain Federation to Public IMScenario 4: Intra-Domain Federation between Jabber & LyncScenario 5: Cloud WebEx Messenger Inter-Domain Federation
Cisco Unified CommunicationsThe FundamentalsIM / PresenceService (CUP)BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco UCManagerCisco Public5
Cisco Unified CommunicationsThe FundamentalsIM / PresenceService (CUP)Cisco UCManagerCisco JabberBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public6
Cisco Unified CommunicationsThe FundamentalsIM / PresenceService (CUP)Cisco JabberBRKUCC-2666Cisco UCManagerCisco IP Phones 2013 Cisco and/or its affiliates. All rights reserved.Cisco TelePresenceCisco Public7
Cisco Unified CommunicationsXMPP for PresenceIM / PresenceService (CUP)Cisco UCManagerXMPP (Instant Message & Presence)Cisco JabberBRKUCC-2666Cisco IP Phones 2013 Cisco and/or its affiliates. All rights reserved.Cisco TelePresenceCisco Public8
Cisco Unified CommunicationsCall Control for Video / Voice CapabilityIM / PresenceService (CUP)XMPP (Instant Message & Presence)Cisco JabberBRKUCC-2666Cisco UCManagerSIP (Call Control for Video / Voice)Cisco IP Phones 2013 Cisco and/or its affiliates. All rights reserved.Cisco TelePresenceCisco Public9
Cisco Unified CommunicationsCUCM-Registered Device PresenceIM / PresenceService (CUP)XMPP (Instant Message & Presence)Cisco JabberBRKUCC-2666Cisco UCManagerSIPSIP (Call Control for Video / Voice)Cisco IP Phones 2013 Cisco and/or its affiliates. All rights reserved.Cisco TelePresenceCisco Public10
Hybrid Cisco Unified CommunicationsWebEx Messenger: Cloud-Based IM/Presence ServiceWebExMessengerCisco UCManagerInternetXMPP (Instant Message & Presence)Cisco JabberBRKUCC-2666SIP (Call Control for Video / Voice)Cisco IP Phones 2013 Cisco and/or its affiliates. All rights reserved.Cisco TelePresenceCisco Public11
Federation TypesOverview1: Inter-Domain Federationaomain-a.comdomain-b.com2: Intra-Domain 2666user@domain-b.com 2013 Cisco and/or its affiliates. All rights reserved.jabber-user@domainc.comCisco Publiclync-user@domainc.com12
Federation and Unified CommunicationsOrganisation with On-Premises Cisco UCOn-Prem IM/PresenceJabber UsersInternetVideo / VoiceBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public13
Federation and Unified CommunicationsScenario 1: Inter-Domain B2B Federation to Cisco JabberOn-Prem IM/PresenceB2B Federation to JabberJabber UsersVideo / VoiceJabber UsersInternetVideo / VoiceBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public14
Federation and Unified CommunicationsScenario 2: Inter-Domain B2B Federation to LyncOn-Prem IM/PresenceJabber UsersB2B Federation to LyncInternetVideo / VoiceLync UsersBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public15
Federation and Unified CommunicationsScenario 3: Inter-Domain B2C FederationOn-Prem IM/PresenceJabber UsersInternetVideo / VoiceB2C Federation to ConsumersBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public16
Federation and Unified CommunicationsScenario 4: Intra-Domain FederationOn-Prem IM/PresenceJabber UsersInternetVideo / VoiceLync UsersIntra-Domain Federation to LyncBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public
Federation and Unified CommunicationsThe 4 Common On-Premises Federation ScenariosB2B Federation to Jabber1On-Prem IM/PresenceJabber UsersVideo / VoiceJabber Users2B2B Federation to LyncInternetVideo / VoiceLync Users3B2C Federation to Consumers4Lync UsersIntra-Domain Federation to LyncBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public18
Federation and Unified CommunicationsScenario 5: WebEx Messenger (Cloud IM/P) FederationsB2B Federation to JabberJabber UsersCloud IM/PresenceVideo / VoiceWebExMessengerJabber UsersB2B Federation to LyncInternetVideo / VoiceLync UsersB2C Federation to ConsumersBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public19
FundamentalsScenario 1: Inter-Domain Federation to JabberScenario 2: Inter-Domain Federation to LyncScenario 3: Inter-Domain Federation to Public IMScenario 4: Intra-Domain Federation between Jabber & LyncScenario 5: Cloud WebEx Messenger Inter-Domain Federation
Scenario 1Inter-Domain B2B Federation to Cisco JabberB2B Federation to JabberOn-Prem IM/PresenceJabber UsersVideo / VoiceJabber UsersInternetVideo / VoiceBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public21
Scenario 1IM and Presence Federation: Key Componentsdomain-a.comIM/P server(CUP)domain-a.comdomain-b.comDNSCisco ASA(or any FW)Cisco ASA(or any FW)IM/P mjabber@domain-a.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public22
Scenario 1Major Implementation Steps for IM/Presence1. Configure IM and Presence for XMPP federation Cisco Unified CM IM and Presence Administration Presence Inter DomainFederation XMPP Federation Settings On2. Configure security for XMPP federation (TLS/SASL)BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public23
Scenario 1Major Implementation Steps for IM/Presence - Continued3. DNS configurationSRV servicetypeXMPP protocolport number(5269)FQDN of hostoffering XMPPserviceBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public24
Scenario 1Major Implementation Steps for IM/Presence - Continued4. Configure Cisco ASA (or other generic firewall) ACL: Permit TCP 5269 inbound and outbound to pass through XMPP traffic NAT: Public IP corresponds to host IP defined in DNS SRV Note that you can set up an IM/P server proxy in FW DMZ for inbound XMPP5. Turn On the XMPP Federation Service Cisco Unified IM and Presence Serviceability Tools Service Activation Cisco XCP XMPP Federation Connection ManagerBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public25
Scenario 1Inter-Domain B2B Federation to Cisco Jabber (XMPP IM/Presence)domain-a.comDNS returns IP ofdomain-b.com XMPPservice (ASA FW IP)DNS SRV lookup fordomain-b.com; TLSinitiated to federatedsideXMPP connectionis secured overTLSXMPP nodestatus enabledIM/P Service(CUP)domain-a.comdomain-b.comXMPP messagereaches thefederated sideDNSCisco ASA(or any FW)Cisco ASA(or any FW)IM/P mBRKUCC-2666TLS connection ispassed throughFW port 5269(inside to outside) 2013 Cisco and/or its affiliates. All rights reserved.TLS connection isallowed throughFW port 5269(outside-to-inside)Cisco Publicjabber@domain-b.com26
Scenario 1How about Video / Voice Calls?BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public27
Scenario 1Adding Video / Voice Capabilitydomain-a.comIM/P Service(CUP)domain-a.comdomain-b.comDNSIM/P mjabber@domain-a.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public28
Scenario 1CUCM to Provide SIP Video / Voice Call -2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public29
Scenario 1VCS to Provide SIP Video / Voice Call Firewall CSControl 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public30
Scenario 1Major Implementation Steps for Video/Voice Federation1. SIP trunk between CUCM and VCS Control CUCM: Route foreign domain calls from CUCM to VCS Control VCS: Route local domain but not locally registered calls to CUCM2. Traversal Trunk between VCS Control and VCS Expressway structure/vcs/config guide/Cisco VCS Basic Configuration Control with Expressway Deployment Guide @B.comFWInternet(or IPVPN)TraversalTrunkBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public31
Scenario 1Major Implementation Steps for Video/Voice Federation - continued3. Firewall configuration structure/vcs/config guide/Cisco VCS IP Port Usage for Firewall Traversal Deployment Guide X72.pdf Some firewalls’ ALG function for SIP / H.323 interfere with video FW traversal Try turning off ALG for SIP/H.323 protocols on FWPrivate address spaceAudioVideoPresentationBRKUCC-2666Public address spaceFW with ALG(Not optimised for video) 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public32
Scenario 1Major Implementation Steps for Video/Voice Federation - continued4. DNS SRV record for VCS ExpresswayBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public33
Scenario 1How Video / Voice Calls CM9.x*At the time of writing (Dec 2012), Jabber for Windowsdoes not yet have URI dialling capability. This is expectedto be available by the time of Cisco Live Melbourne 2013(1) User dials*jabber@domainb.com, SIP invitegoes to 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public34
Scenario 1How Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via UCM9.xVCSControlDMZDMZInternetVCSControlCUCM9.x(1) User dialsjabber@domainb.com, SIP invitegoes to 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public35
Scenario 1How Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS 1) User dialsjabber@domainb.com, SIP invitegoes to 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public36
Scenario 1How Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(4) VCS-E looksup DNS SRV ControlDMZDMZInternetVCSControlCUCM9.x(1) User dialsjabber@domainb.com, SIP invitegoes to 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public37
Scenario 1(5) DNS looks up SIPSRV record fordomain-b, returninghost IP that goes todomain-b’s VCS-EHow Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(4) VCS-E looksup DNS SRV ControlDMZDMZInternetVCSControlCUCM9.x(1) User dialsjabber@domainb.com, SIP invitegoes to 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public38
Scenario 1(5) DNS looks up SIPSRV record fordomain-b, returninghost IP that goes todomain-b’s VCS-EHow Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(4) VCS-E looksup DNS SRV ControlDMZDMZInternet(1) User dialsjabber@domainb.com, SIP invitegoes to CUCMVCSControlCUCM9.x(6) FW allows theinbound SIP inviteon port 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public39
Scenario 1(5) DNS looks up SIPSRV record fordomain-b, returninghost IP that goes todomain-b’s VCS-EHow Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(7) VCS-Eforwards thesignalling to VCSCVCS(4) VCS-E looksup DNS SRV trolDMZDMZInternet(1) User dialsjabber@domainb.com, SIP invitegoes to CUCMVCSControlCUCM9.x(6) FW allows theinbound SIP inviteon port 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public40
Scenario 1(5) DNS looks up SIPSRV record fordomain-b, returninghost IP that goes todomain-b’s VCS-EHow Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(7) VCS-Eforwards thesignalling to VCSCVCS(4) VCS-E looksup DNS SRV fordomain-bVCSExpressway(8) VCS-Cforwards the SIPinvite to ) User dialsjabber@domainb.com, SIP invitegoes to CUCMVCSControlCUCM9.x(6) FW allows theinbound SIP inviteon port 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public41
Scenario 1(5) DNS looks up SIPSRV record fordomain-b, returninghost IP that goes todomain-b’s VCS-EHow Video / Voice Calls Workdomain-a.com(2) CUCM looks updialled string’s domain,forwards signalling toVCS Control via SIPtrunk(3) VCS Control looksup domain part ofdialled string, sends itvia traversal trunk toVCS Expresswaydomain-b.com(7) VCS-Eforwards thesignalling to VCSCVCS(4) VCS-E looksup DNS SRV trolDMZDMZInternet(1) User dialsjabber@domainb.com, SIP invitegoes to CUCMVCSControl(8) VCS-Cforwards the SIPinvite to CUCM(9) CUCM findsthe locallyregistered userand rings theJabber clientCUCM9.x(6) FW allows theinbound SIP inviteon port 666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public42
Scenario 1Jabber to Federated Group Video n-a.comBRKUCC-2666VCSControl 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public43
Scenario 1Jabber to Federated Group Video Systems – Signalling ZInternetVCSControlCUCM9.xSignallingUser r@domain-a.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public44
Scenario 1Jabber to Federated Group Video Systems – Media ZInternetVCSControlCUCM9.xMedia Path(Video/Voice/Content CC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public45
FundamentalsScenario 1: Inter-Domain Federation to JabberScenario 2: Inter-Domain Federation to LyncScenario 3: Inter-Domain Federation to Public IMScenario 4: Intra-Domain Federation between Jabber & LyncScenario 5: Cloud WebEx Messenger Inter-Domain Federation
Scenario 2Inter-Domain B2B Federation to LyncOn-Prem IM/PresenceJabber UsersB2B Federation to LyncInternetVideo / VoiceLync UsersBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public47
Scenario 2: Two OptionsInter-Domain B2B Federation to Lync1. IM and Presence server to use SIP/SIMPLE on the Jabber side Most likely scenario Explained in subsequent slidesSIP/SIMPLEIM/P serverLync Edge2. Deploy Lync XMPP gateway on the Lync side Not many Lync deployments use the XMPP gateway Federation configuration almost identical to Scenario 1 (not covered)XMPPIM/P serverBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.SIP/SIMPLELync XMPPGatewayCisco PublicLync Edge48
Scenario 2Key Components for Federation to Lyncdomain-a.comdomain-b.comLync 2010Edge ServerDNSCUCM IM/PserverDMZLync 2010 FrontEnd ServerInternetCisco KUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public49
Scenario 2Major Implementation Steps for IM/Presence Federation to Lync1. Configure IM and Presence for SIP Federation (Lync) Cisco Unified CM IM and Presence Administration Presence Inter DomainFederation SIP Federation Add New Enter the federated domain name: e.g. domain-b.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public50
Scenario 2Major Implementation Steps for IM/Presence Federation to Lync (Continued)2. Configure Cisco ASA TLS Proxy for SIP federation ASA acts as TLS proxy between IM and Presence server and Lync Edge server UC wizard on ASA for single IM/P server:http://docwiki.cisco.com/wiki/Cisco Unified Presence%2C Release 8.xBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public51
Scenario 2Major Implementation Steps for IM/Presence Federation to Lync (Continued)3. DNS configuration for SIP federation Create a DNS SRV record to advertise the SIP/SIMPLE domain sipfederationtls. tcp. IM Presence domain over port 5061 SRV points to the host whose FQDN resolves to the ASA’s public IP addressSRV service type:sipfederationtlsSIP protocolport number(5061)FQDN of host offering SIPsipfederationtls. tcp serviceBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public52
Scenario 2Major Implementation Steps for IM/Presence Federation to Lync (Continued)4. Configure SIP federation routing parameter Cisco Unified CM IM and Presence Administration System Service Param. Enter the public FQDN value that corresponds to the DNS SRV entryBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public53
Scenario 2Major Implementation Steps for IM/Presence Federation to Lync (Continued)5. Security Certificate exchange between IM/P and Lync Edge 9.aspx Mutual TLS authentication between IM/P and Lync Edge server Skip section 2 and go to section 3 in above guide Configure Lync Edge server to support public IM connectivityBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public54
Scenario 2Protocol Flow for Jabber IM/P Federation to Lyncdomain-a.comdomain-b.com1. SIP profileconfigured onIM/P serverLync 2010Edge ServerDNSCUCM IM/PserverDMZLync 2010 FrontEnd ServerInternetCisco KUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public55
Scenario 2Protocol Flow for Jabber IM/P Federation to Lyncdomain-a.com1. SIP profileconfigured onIM/P serverdomain-b.com2. SIP TLS initiated byIM/P server towardsfederated domainLync 2010Edge ServerDNSCUCM IM/PserverDMZLync 2010 FrontEnd ServerInternetCisco KUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public56
Scenario 2Protocol Flow for Jabber IM/P Federation to Lyncdomain-a.com1. SIP profileconfigured onIM/P serverdomain-b.com4. SIP TLSproxied by ASAto Lync Edge2. SIP TLS initiated byIM/P server towardsfederated domainLync 2010Edge ServerDNSCUCM IM/PserverDMZLync 2010 FrontEnd ServerInternetCisco ASAjabber@domain-a.comBRKUCC-2666GenericFW3. SIP TLS isproxied by ASA 2013 Cisco and/or its affiliates. All rights reserved.lync@domain-b.comCisco Public57
Scenario 2Protocol Flow for Jabber IM/P Federation to Lyncdomain-a.com1. SIP profileconfigured onIM/P serverdomain-b.com4. SIP TLSproxied by ASAto Lync Edge2. SIP TLS initiated byIM/P server towardsfederated domain5. IM/P server for domain-a.com isan authorised public IM host onLync Edge serverLync 2010Edge ServerDNSCUCM IM/PserverDMZLync 2010 FrontEnd ServerInternetCisco ASAGenericFW6. TLS success,message reachesfederated sidejabber@domain-a.comBRKUCC-26663. SIP TLS isproxied by ASA 2013 Cisco and/or its affiliates. All rights reserved.lync@domain-b.comCisco Public58
Presence MappingsJabber and LyncJabber StateLync ViewLync StateJabber ayAwayOn the PhoneBusyBe Right BackAwayMeetingBusyBusyBusyAwayAwayDo Not DisturbBusyDo Not DisturbBusyOfflineOfflineOfflineOfflineOffline - On thePhoneOfflineOffline - MeetingOfflineOffline - Out Of Office OfflineBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public59
Scenario 2How about Video / Voice Calls?Cisco IM/PresenceServerXMPP?Lync 2010Edge ServerLync 2010Front EndSIP FederationTwo challenges1.Lync 2010 public IM federation (e.g. to non-Lync) only supports IM2.Incompatible video codecs Jabber supports H.264/AVC Lync 2010 supports Microsoft RTV, and H.263BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public60
Scenario 2Adding Video / Voice and Web Conferencing Capabilitydomain-a.comdomain-b.comWebEx SaaS to bridgeJabber and Lync federatedusers togetherLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetCisco KUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public61
Scenario 2Major Implementation Steps for Federated UC Workloads to Lync1. Configure new UC Profile for WebEx on CUCM Cisco Unified CM Administration User Management User Settings UCService Add New Select “Conferencing” type Add the WebEx site to the Conferencing UC ServiceSelect “WebEx(Conferencing)” as theProduct TypePopulate the WebEx sitenames and FQDN detailsBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public62
Scenario 2Major Implementation Steps for Federated UC Workloads to Lync2. Modify the UC Service Profile assigned to users Cisco Unified CM Administration User Management User Settings Service Profile Select the appropriate service profile for users Associate the previously created conferencing service to the profileSelect the conferencingservice previously created inthe “Conferencing Profile”sectionBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public63
Scenario 2Major Implementation Steps for Federated UC Workloads to Lync3. Jabber users Once a Jabber user logs in, they should see a new “Meetings” optionThe new “Meetings” tab inthe Jabber options signal thesuccessful WebExconferencing servicecreation on CUCMJabber user now can initiatean instant WebEx meeting inan IM chat to bring in anyoneon WebEx using video, audioand web conferencingBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public64
Scenario 2Full UC Workload Federation between Jabber and Lync using WebExdomain-a.comdomain-b.comLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetCisco ASAGenericFWJabber and Lync users in afederated IM 6 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public65
Scenario 2Full UC Workload Federation between Jabber and Lync using WebExdomain-a.comdomain-b.comLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetCisco ASAjabber@domain-a.comBRKUCC-2666GenericFWJabber user clicks on the“Start meeting” button in thechat window, request is sentto WebEx 2013 Cisco and/or its affiliates. All rights reserved.lync@domain-b.comCisco Public66
Scenario 2Full UC Workload Federation between Jabber and Lync using WebExdomain-a.comWebEx service creates aninstant meeting, and theJabber user is immediatebrought into the WebExmeetingdomain-b.comLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetGenericFWCisco ASAjabber@domain-a.comBRKUCC-2666Jabber user is theinitial WebExparticipant 2013 Cisco and/or its affiliates. All rights reserved.lync@domain-b.comCisco Public67
Scenario 2Full UC Workload Federation between Jabber and Lync using WebExdomain-a.comdomain-b.comLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetCisco ASAGenericFWLync user is sentan invitation URLwithin the chat -2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public68
Scenario 2Full UC Workload Federation between Jabber and Lync using WebExdomain-a.comdomain-b.comLync 2010Edge ServerCUCM IM/PCUCMserverDMZLync 2010 FrontEnd ServerInternetGenericFWCisco ASABoth Jabber and Lync users now ina full UC conference (video, voice,web) bridged on the 66 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public69
Scenario 2How about Video Phones and TelePresence Endpoints?BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public70
Scenario 2WebEx OneTouch 2.0* (Sneak Peek)Required componentsinclude VCS-C, VCS-E,MCU, and TMSVCSExpresswayWebEx OneTouch 2.0 is an upcoming capabilitythat allows non-general computing devices such asvideo phones and TelePreesence endpoints to joinWebEx via MCULync 2010Edge ServerCisco MCUor TP server TMSDMZCUCMLync 2010 FrontEnd 2666GenericFWCisco ASAlync@domain-b.com*Future capability: Subject to change 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public71
Scenario 2WebEx OneTouch 2.0* (Sneak Peek)TelePresence, VC andvideo phones also joinWebEx via MCU / VCSVCSExpresswayLync 2010Edge ServerCisco MCUor TP server TMSDMZCUCMLync user in a UC sessionwith a federatedTelePresence, or VC or videophone endpointLync 2010 FrontEnd 2666GenericFWCisco ASAlync@domain-b.com*Future capability: Subject to change 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public72
WebEx OneTouch 2.0Notes WebEx OneTouch 2.0 must be scheduled by TMS No ad hoc escalation into WebEx OneTouch Federated Lync users brought into WebEx via invitation by thescheduling user (IM or email)BRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public73
FundamentalsScenario 1: Inter-Domain Federation to JabberScenario 2: Inter-Domain Federation to LyncScenario 3: Inter-Domain Federation to Public IMScenario 4: Intra-Domain Federation between Jabber & LyncScenario 5: Cloud WebEx Messenger Inter-Domain Federation
Scenario 3Inter-Domain B2C FederationOn-Prem IM/PresenceJabber UsersInternetVideo / VoiceB2C Federation to ConsumersBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public75
Public IM ServicesOverview of B2C IM / Presence Federation1. Google Talk / Gmail XMPP Same configuration steps as Scenario 1 (except no TLS)2. Third Party XMPP Same configuration steps as Scenario 13. AOL SIP/SIMPLE Configuration steps as followBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public76
Scenario 3Configuration Steps for AOL IM/P Federation1. Pre-configuration Order AOL license SKU Provide AOL with routing information (FQDN & domain of IM/P server)2. Add a SIP federated domain on IM/P server Cisco Unified CM IM and Presence Administration Presence Inter DomainFederation SIP Federation Add New Select Inter-domain to AOLBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public77
Scenario 3Configuration Steps for AOL IM/P Federation (Continued)3. SIP TLS static route towards AOL Cisco Unified CM and Presence Administration Presence Routing StaticRoutesSIP Routepatterns need tobe written inreverseNext hop is AOL’sSIP AccessGatewayBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public78
Scenario 3Configuration Steps for AOL IM/P Federation (Continued)4. Certificate exchange: Cisco ASA and AOL SIP Access GW Download AOL certificates Create new trust points on Cisco ASA for the AOL certificates Generate and submit Certificate Signing Request on ASA to VeriSign CA Import VeriSign certificates to Cisco ASA Provide VeriSign root and intermediate certificates to AOLBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public79
Scenario 3Overview of Jabber to Public IM B2C Federationdomain-a.comAOL SIP AccessGatewayCUCM IM/PserverInternetCisco ASAjabber@domain-a.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public80
Scenario 3Overview of Jabber to Public IM B2C Federationdomain-a.comAOL SIP AccessGatewaySIP TLS IM to AOLCUCM IM/PserverInternetCisco ASA(SIP TLSproxy)IM to AOL:XMPP to IM/P serverjabber@domain-a.comBRKUCC-2666 2013 Cisco and/or its affiliates. All rights reserved.Cisco Public81
Scenario 3Overview of Jabber to Public IM B2C Federationdomain-a.comAOL SIP AccessGatewayCUCM IM/PserverInternet
Federation and Unified Communications The 4 Common On-Premises Federation Scenarios 18 On-Prem IM/Presence Jabber Users Lync Users B2B Federation to Jabber Jabber Users Video / Voice B2B Federation to Lync Lync Users B2C Federation to Consumers Internet Video / Voice 2 1 3 4
