Академический Документы
Профессиональный Документы
Культура Документы
Collaboration
Matt Jordy, Technical Marketing Engineer
(mjordy@cisco.com)
BRKUCC-2060
Cisco Spark
Ask Question, Get Answers www.ciscospark.com
Use Cisco Spark to communicate with the speaker after the event!
What if I have a question after visiting Cisco Live? ... Cisco Spark
How
1. Go to the Cisco Live Mobile app
2. Find this session
3. Click the join link in the session description
4. Navigate to the room, room name = Session ID
5. Enter messages in the room
Spark rooms will be available until July 29, 2016
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
BRKUCC-2060: Cisco Enterprise Mobile Collaboration
Session Overview
This session explores in detail how Cisco mobile collaboration improves productivity
of mobile users by extending enterprise features and applications to mobile devices
anytime anywhere.
This session covers:
Fixed mobile convergence (FMC) with Cisco Unified Communications
Manager Unified Mobility feature set
Fixed mobile substitution (FMS) with Cisco mobile clients and solutions
for smartphones and tablets including Cisco Jabber
These collaboration applications and services provide a comprehensive set of mobility
features and functions for enterprise workers in motion delivering enterprise connectivity
and persistent reachability to mobile users regardless of their location.
Capabilities include: single number reach, automated enterprise dialing, mobile voicemail
avoidance, voice and video over IP calling, voicemail and directory integration, instant
messaging & presence, file share, and secure enterprise access.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
BRKUCC-2060: Cisco Enterprise Mobile Collaboration
Session Logistics
Attendees should have some familiarity with Cisco enterprise mobility solutions. Attendees
should also have a good understanding of IP telephony and familiarity with Cisco Unified
Communications Manager's features and functions.
Appendix slides (additional solutions information).
Session time: 120 minutes
Please consult the latest applicable
Please ask questions as we go product documentation for specific
Questions I'll answer feature, software version, and
hardware version support requirements
Questions I'll defer to later in the session
Questions I don't know the answer to, outside the scope of our session, or those that
consume too much time
BRKUCC-2060
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Agenda
BRKUCC-2060
Cisco Enterprise Mobile Collaboration Solutions Overview
Fixed Mobile Convergence with Cisco Unified Mobility
Fixed Mobile Substitution with Cisco Mobile Client Solutions
Unified Mobility Integration
Mobile Client and Collaboration Service Deployment
Enterprise Secure Remote Attachment
Design and Deployment Considerations
Overview PSTN
PSTN Gateway
Integrating or linking a
Mobile Device Enterprise Line user's enterprise line
with their mobile device
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Cisco Enterprise Mobile Collaboration
Fixed Mobile Substitution (FMS): Enabling User's Enterprise Line on Mobile Device
WLAN
(802.11) Moving or enabling the
Mobile Device Enterprise Line enterprise line on the
Enterprise Line
user's mobile device
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Cisco Enterprise Mobile Collaboration
Anytime, Anywhere Collaboration!
11 AM
8:30 AM 1:15 PM
3 PM
7 AM
9 PM
4 PM
7 PM 5:30 PM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Fixed Mobile Convergence
with Cisco Unified Mobility
FMC with Cisco Unified Mobility
Overview
WAN/
Cisco Unified
Cisco Unified Mobility PSTN Internet Mobility User
Gateway
Cisco Unified
Mobility User
PSTN
Cisco Unified Mobility includes the following
Cisco Unified benefits:
Communications
Manager Single enterprise number for all calls whether handled by
enterprise desk phone or mobile phone
Cisco Unified Mobility links a Enterprise dialing from mobile devices for toll reduction, mobile
users enterprise phone phone number masking, access to non-DID enterprise
extensions.
(or enterprise directory number) Cisco Unified
Features delivered on any Mobility
mobileUser
phone regardless of mobile
to their mobile device platform or provider with no requirement for software on the
device or a mobile data plan.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
FMC with Cisco Unified Mobility
Feature Overview Cisco Unity
Receiving Calls: Connection
Mobile Voicemail
Mobile Voice
Avoidance Network
(Carrier) PSTN
Making Calls:
2-Stage Dialing PSTN
Gateway
Mobile Voice Access (MVA) IVR
Enterprise Feature
Access (EFA) non-IVR
Single Number
Other Features: Reach
Mobile Voicemail
Move Active Call Unified Mobility
Avoidance
11 AM
8:30 AM 1:15 PM
3 PM
7 AM
9 PM
4 PM
7 PM 5:30 PM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Please consult the latest
applicable product documentation
FMS with Cisco Mobile Client Solutions for specific feature, software
version, and hardware version
support requirements
Cisco Jabber, Cisco Spark, and Other Mobile Clients
Cisco Jabber for Android
and iOS provides SIP-based
voice & video over IP calling,
XMPP-based IM & presence,
visual voicemail, file and screen Cisco
sharing, secure remote enterprise WebEx Mobile Cisco AnyConnect
Cisco Jabber attachment. Other Cisco Mobile Clients
Cisco WebEx Meeting Meetings
Cisco Spark for Android and iOS client for Android, Apple iOS,
provides 1-to-1 & 1-to-many BlackBerry 10, Windows Phone 8
cloud-based collaboration rooms mobile devices
enabling voice/video over IP
Cisco AnyConnect VPN client for
calling, secure persistent Android & Apple iOS mobile devices
messaging, file & screen sharing.
Cisco Spark BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
FMS with Cisco Mobile Client Solutions
Mobile Clients: 1:1 to Team Collaboration
Cisco
WORKSTYLES & COLLABORATION TOOLS Collaboration Cloud
Cloud Services
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
FMS with Cisco Mobile Client Solutions
Voice and Video over IP Calling with Unified CM or Collaboration Cloud Cisco
Mobile Client Unified CM
Cisco Jabber mobile clients Device Mobile
Audio: G.711, G722.1, G.729, Opus
Voice Network
register to Unified CM: Video: H.264
(Carrier) PSTN
VVoIP (RTP)
Signaling
IP signaling/media over 802.11 Mobile Client
Audio: Opus (REST/HTTPS)
WLAN (enterprise/public/private) Device Video: H.264
OR mobile data network BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
FMS with Cisco Mobile Client Solutions
Instant Messaging (IM) and Presence: On-Premise or Collaboration Cloud
Unified CM
Mobile Client IM & Presence
Cisco Jabber mobile clients enable Device Mobile
(ON-PREMISE)
Voice Network
instant messaging, presence, (Carrier) PSTN
and file sharing services:
XMPP
XMPP-based flows with on- Enterprise
Mobile WLAN
premise IM & P or cloud-based Data Network
WebEx Messenger (Carrier)
REST XMPP
Internet
Cisco Spark mobile clients enable Public/Private
Cisco Expressway
WiFi
instant messaging and file Cisco
sharing services: Collaboration WebEx Messenger
Cloud (CLOUD)
REST (HTTPS)-based
XMPP
Collaboration Cloud services
REST/HTTPS
Mobile Client
XMPP and REST over 802.11 WLAN Device
(enterprise/public/private) OR mobile data network BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Agenda
BRKUCC-2060
Cisco Enterprise Mobile Collaboration Solutions Overview
Fixed Mobile Convergence with Cisco Unified Mobility
Fixed Mobile Substitution with Cisco Mobile Client Solutions
Unified Mobility Integration
Mobile Client and Collaboration Service Deployment
Cisco Jabber
Cisco Spark
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Cisco Unified Mobility and Cisco Jabber
Cisco Unified Mobility Integration: Dual Mode Dual-Ring Avoidance
Call: Call: 51234
Incoming calls are NOT 408 555-1234
routed to Mobility Cisco Unified CM
1st: VoIP Identity via SNR when PSTN
Gateway
client device is PSTN
registered to Unified CM Mobile Enterprise
Voice Network WLAN
(Carrier) Cisco Unified
Mobility User
NOTE: Incoming calls directly to the mobile phone number will ring the mobile voice/
cellular interface even when the dual mode phone isBRKUCC-2060
registered to Unified
2016 CM
Cisco and/or its affiliates. All rights reserved. Cisco Public 30
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Call Service Connect
The Cisco Spark Hybrid Services Call Service Connect integration leverages the
Unified CM Unified Mobility framework.
New device type: Spark Remote Device (RD)
Early deployments leverage device type: CTI Remote Device (RD)
Functionality relies on Unified Mobility
capabilities including:
Inbound caller ID matching
Automatic inbound call anchoring
Single number reach call routing
Spark (CTI) RDs are not counted against
overall cluster RD / MI count.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Agenda
BRKUCC-2060
Cisco Enterprise Mobile Collaboration Solutions Overview
Fixed Mobile Convergence with Cisco Unified Mobility
Fixed Mobile Substitution with Cisco Mobile Client Solutions
Unified Mobility Integration
Mobile Client and Collaboration Service Deployment
Cisco Jabber
Cisco Spark
Mobile
Cisco call control,
Data Network applications, and
(Carrier) edge
Cloud Internet WebEx IM &
Collaboration Services WebEx Messenger /
presence, and
Meeting / Cloud CMR
802.11 conferencing
WLAN
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
FMS with Cisco Mobile Client Solutions
Cisco Spark Enterprise Architecture Overview
Call Control Applications Edge
Unified CM Active Directory
Mobile Hybrid Services
(LDAP) PSTN Voice Network On-Premise Enterprise
(Carrier)
PSTN GW
Collaboration Services /
Cloud-based
Exchange
(Calendar) 802.11 Collaboration Services
On-Premise WLAN
Expressway-C
Enterprise Collaboration
Applications & Services Mobile
Internet Data Network
(Carrier)
Expressway-E
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
FMS with Cisco Mobile Client Solutions
Cisco Jabber Deployment: Administrator Tasks Provision Devices
Administrators must enable, configure, and associate Jabber device types.
Three Jabber device types:
Cisco Jabber for Tablet
Cisco Dual Mode for Android Cisco Dual Mode for iPhone (iPad or Android)
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
FMS with Cisco Mobile Client Solutions
Cisco Jabber Deployment: Administrator Tasks Provision UC Services
Administrators should prepare for service discovery configure UC services, assign to
service profile(s), and associate profile(s) to user(s).
END USER
Administrator should
Query results are received HTTPS/ LDAP
determine Jabber contact source
by UDS and relayed back REST LDAP
and configure appropriately
to the client (UDS) Basic
Directory
Basic Directory Integration
Enables client (BDI)**
searches against corporate LDAP
(Active Directory, Integration
directories with more than 160,000 users AD/LDS,
Unified CM User Data Services (UDS)
!! OpenLDAP) LDAP Corporate
!! CAUTION Directory
UDS reduces Unified CM endpoint capacity. Each Jabber * 8.x and earlier server versions
client leveraging UDS counts as 2 endpoint registrations! ** Default on-premise directory source
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
FMS with Cisco Mobile Client Solutions
Cisco Jabber Deployment: Administrator Tasks DNS SRV and Directory Integration
Administrators should configure corporate DNS SRV records to ensure service
discovery works properly. Unified CM / UDS User Data Services
_cisco-uds._tcp.example.com = LDAP
_cisco-uds._tcp ucm.example.com Directory
WebEx Messenger/WebEx Sync
Cisco Unified CM
cloud is the Jabber contact
_cuplogin._tcp
source with hybrid deployments WebEx
Unified CM IM & P*
_cuplogin._tcp.example.com =
HTTPS/ UDS
imp.example.com
REST LDAP
(UDS)
Administrator should
determine Jabber contact source
and configure appropriately Basic
Directory
Basic Directory Integration (BDI)** LDAP
(Active Directory, Integration
Unified CM User Data Services (UDS) AD/LDS,
!! OpenLDAP) LDAP Corporate
!! CAUTION Directory
UDS reduces Unified CM endpoint capacity. Each Jabber * 8.x and earlier server versions
client leveraging UDS counts as 2 endpoint registrations! ** Default on-premise directory source
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
FMS with Cisco Mobile Client Solutions
Cisco Jabber Deployment: User Tasks - Download and Install
Download and install the Jabber client from appropriate public application store.
Jabber for Android Jabber for iPhone and iPad At first time launch:
Available on Google Play Available on Apple App Store Jabber prompts user for username@domain.
Jabber uses service discovery to connect
and configure
Jabber prompts user for credentials
user@company.com
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
FMS with Cisco Mobile Client Solutions
Cisco Spark Deployment: End User
1. User acquires the Cisco Spark application:
https://download.ciscospark.com
Desktop: Download and installer for
Window and Mac
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Enterprise Directory Integration (cont.) Cisco Directory
Connector is a
service that is installed
Enterprisewith domain
DMZ administrator rights on
HTTPS a Windows Domain
server and uses a
Internet read-only account to
import user contact
Expressway
information from the
E/C enterprise Microsoft
User information (once Active Directory
synchronized from the
Cisco
enterprise directory via
Directory
LDAP) is pushed from
Connector
the Directory Connector
via HTTPS to the cloud
Cisco
HybridSpark Hybrid
Services Services
Directory enables
Connector allows: identity store of the
synchronization of the corporate
Spark users to search
enterprises cloud
for contacts in their corporate directory. LDAP
services organization.
directory with the Cisco Collaboration
Administrator to assign user roles, manage user capabilities, and entitle Microsoft
or
Cloud identity services. Active
activate imported enterprise users for specific cloud services.
Directory
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Enterprise Calendar Integration Calendar Connector
pushes user meeting
information via HTTPS to
Enterprise
the cloud calendar
DMZ service for the
HTTPS enterprises cloud
organization.
Internet
Internet
Expressway-C
Calendar Connector is a
Expressway
service that runs on the
E/C Connector Host
Expressway-C
Connector Host and Calendar Call
imports user meeting and Connector Connector
calendar information from
enterprise Microsoft Common Connector Framework
Exchange Web Services
using EWS (HTTPS)
Cisco Spark Hybrid Services enable
HTTPS
integration and synchronization of the (Exchange
enterprise calendar with the Cisco Web Services)
Microsoft
Collaboration Cloud calendar service. Exchange
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Enterprise Calendar Integration (cont.) Calendar Connector
pushes user meeting
information via HTTPS to
Enterprise
the cloud calendar
DMZ service for the
HTTPS enterprises cloud
organization.
Internet
Internet
Expressway-C
Calendar Connector is a
Expressway
service that runs on the
E/C Connector Host
Expressway-C
Connector Host and Calendar Call
imports user meeting and Connector Connector
calendar information from
enterprise Microsoft Common
Hybrid Services Calendar Connector enables collaboration
Exchange Web Servicesbefore, during, and Connector Framework
after a meeting:
using EWS (HTTPS)
Cisco
@spark Added
Spark HybridtoServices enable
the meeting location field allows Spark users to automatically create
HTTPS
integration and synchronization
Spark collaboration rooms based of
on the
the titles and attendees for a scheduled meeting.
(Exchange
enterprise calendar with the Cisco
@webex Added to the meeting location field allows Spark Microsoft
Web Services)
users to automatically add
Collaboration Cloud
WebEx personal calendar
meeting room service.
to the meeting invite and the Spark room
Exchange
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Enterprise Calling Call Connector (on the
Expressway-C Connector
Media and signaling traverse
Host) and communicates with
the enterprise firewall using
Unified CM using AXL to
Expressway-E / C pairs DMZ
validate and provision user and
HTTPS CTI to provide enterprise device
monitoring/control to the cloud.
Internet
Internet
Expressway-C
Expressway
E/C Connector Host
Calendar Call
Connector Connector
RTP
Common Connector Framework
Cisco Spark Hybrid Services RTP media and SIP
enables integration of Unified CM- signaling are
exchanged between AXL / CTI
based enterprise calling with the Unified CM, the SIP
Cisco Collaboration Cloud calling endpoints, and the
Collaboration Cloud Unified
and media services. calling and media CM
services.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Enterprise Calling (cont.) Call Connector (on the
Expressway-C Connector
Media and signaling traverse
Host) and communicates with
the enterprise firewall using
Unified CM using AXL to
Expressway-E / C pairs DMZ
validate and provision user and
HTTPS CTI to provide enterprise device
monitoring/control to the cloud.
Internet
Internet
Expressway-C
Expressway
E/C Connector Host
Calendar Call
Connector Connector
RTP
Hybrid Services Call Connector enables call integration between enterprise
Commonand Spark clients
Connector Framework
Cisco Spark Hybrid Services RTP media and SIP
Call Service Aware Cisco Spark enables unified call history as well as one button to
enables integration of Unified CM- signaling exchanged
are
between AXL / CTI
share between Spark clients
based enterprise calling with the when Spark users make calls with their enterprise phone.
Unified CM, the SIP
Cisco
Call Collaboration
Service Connect Enables
Cloud callingCiscoendpoints, and theto make and receive calls from
Spark users
Collaboration Cloud Unified
andenterprise call control (Unified CM)
media services. calling and media CM
services.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services: Call Service Connect Single Number Reach
The call rings both Bobs desk User Jane selects
phone and Spark client. He can contact or dials
answer at either device, however in number for Bob (1001
this case he is out of the office and / bob@example.org). jane@example.org
answers using Spark on his mobile.
Expressway-C
DN: 2001
Expressway Connector Host
Bob Cisco Collaboration Cloud E/C
4
1
Internet
bob@example.org Spark Hybrid Services Unified CM receives
call setup and
Unified CM extends call to Bobs
Unified CM extends call to Bobs
Spark RD (shared line) which 3 enterprise phone
engages SNR and forks call to 2
Call Service Connect Bobs Spark Hybrid Services URI
enables calling between
cloud-based Spark clients Spark Remote Shared DN: 1001
DN: 1001
Device Line
and enterprise devices bob@example.org
RD: bob@example.call.ciscospark.org
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services Deployment: Provisioning Cloud
The organization administrator uses the Cisco
Collaboration Cloud Management portal
(https://admin.ciscospark.com) to provision and
manage Cisco Spark Hybrid Services and activate
users for these services
expr-c-spark.example.com
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services Deployment: Provisioning Expressway-C
Calendar Connector
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
FMS with Cisco Mobile Client Solutions
Cisco Spark Hybrid Services Deployment: Provisioning Expressway-C
Call Connector
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Agenda
BRKUCC-2060
Cisco Enterprise Mobile Collaboration Solutions Overview
Fixed Mobile Convergence with Cisco Unified Mobility
Fixed Mobile Substitution with Cisco Mobile Client Solutions
Unified Mobility Integration
Mobile Client and Collaboration Service Deployment
Cisco Jabber
Cisco Spark
Public/Private
Cisco AnyConnect VPN software WLAN Cisco IM
client for mobile devices. (802.11) and Presence
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
FMS with Cisco Mobile Client Solutions
Enterprise Secure Remote Attachment Architecture: VPN-less Collaboration Edge
Enterprise secure remote attachment Cisco Unified CM
PSTN
enables secure remote connectivity to PSTN Gateway
Unified
CM Internet
Expressway-C Firewall Expressway-E Firewall Signaling
Media
1. Expressway-E is the traversal server installed in DMZ. Expressway-C is the traversal client installed inside the
enterprise network.
2. Expressway-C initiates traversal connections outbound through the firewall to specific ports on Expressway-E with
secure login credentials.
3. Once the connection has been established, Expressway-C sends keep-alive packets to Expressway-E to maintain the
connection
4. When Expressway-E receives an incoming call, it issues an incoming call request to Expressway-C.
5. Expressway-C then routes the call to Unified CM to reach the called user or endpoint
6. The call is established and media traverses the firewall securely over an existing traversal connection
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
FMS with Cisco Mobile Client Solutions
Cisco Jabber Deployment: Service Discovery Flow - On-Premise, Full UC Mode
Download UC Unified CM
IM & P
REVIEW Services Profile and
jabbber-config.xml
5 6 **
IP addresses for Unified CM
UDS, IM &P* TFTP User log-in
Address for
2 home Unified
CM TFTP 7
4 7
1 Unified CM
3 Subscriber Connect and
DNS SRV lookup: register to
_cisco-uds._tcp DNS Find home cluster additional services
_cuplogin._tcp* and TFTP server (call control,
Corporate DNS address Unified CM Unity voicemail, etc.)
UDS Connection
* IM Only or Full UC product modes with 8.x server deployments
** Authentication source is Unified CM for Phone-only product mode
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
FMS with Cisco Mobile Client Solutions
Cisco Jabber and Expressway Mobile and Remote Access: DNS SRV Queries
Enterprise Network DMZ Public Network
Unified CM
Unified CM (ucm.example.com)
IM & P
(imp.example.com) Internet
Expressway-C Firewall Expressway-E Firewall
(expressway.example.com)
DNS
DNS Jabber
Jabber
outside Public DNS
inside Corporate Split
DNS the
the DNS
V enterprise
enterprise
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
FMS with Cisco Mobile Client Solutions
Cisco Jabber and Cisco AnyConnect VPN: DNS SRV Queries
Enterprise Network DMZ Public Network
Unified CM
Unified CM (ucm.example.com)
IM & P
(imp.example.com) Internet
Expressway-C Firewall Expressway-E Firewall
(expressway.example.com)
DNS
Public DNS
DNS Adaptive Security Jabber outside
Appliance the enterprise with
Corporate (ASA) AnyConnect VPN
DNS
_cisco-uds._tcp.example.com ? = ucm.example.com
Same as
on-premise DNS _cuplogin._tcp.example.com ? = imp.example.com
resolution
_collab-edge._tls.example.com ? = No resolution
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
FMS with Cisco Mobile Client Solutions
Cisco Expressway Mobile and Remote Access: Design Considerations (1 of 2)
DNS
DNS configuration is critical for successful deployments of Jabber over Expressway:
Inside the enterprise Ensure Jabber clients only receive corporate DNS SRV
records (_cisco-uds._tcp., _cuplogin._tcp.) Split
DNS DNS
Outside the enterprise Ensure Jabber clients only receive public DNS SRV
records (_collab-edge._tls.)
Certificates
Public CA signed certificate and public key infrastructure (PKI) required for
Expressway deployments:
Public CA signed certificates required for Expressway-E nodes.
All other nodes (Expressway-C, Unified CM, IM & P) may use
public CA or self-signed/enterprise-signed CA certificates.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
FMS with Cisco Mobile Client Solutions
Cisco Expressway Mobile and Remote Access: Design Considerations (2 of 2)
Capacity
Large Expressway OVA or CE1100* supports the following maximum capacities:
Maximum of 10,000 proxy device registrations per Expressway cluster / 2,500 per node
Maximum of 2,000 concurrent video calls per Expressway cluster / 500 per node
Maximum of 4,000 concurrent voice calls per Expressway cluster / 1,000 per node
Unified CM endpoint capacity must also be considered
High Availability
Like Unified CM, Expressway nodes are clustered for redundancy and scale.
Expressway-C and E nodes and clusters must deployed in equal numbers and sizes
Expressway nodes cluster in up to 4:2 redundancy scheme (4 primary nodes and 2 backup nodes)
Jabber Expressway connections including clients registrations are re-established
via alternate node(s) given failure of an Expressway node
* Expressway appliance
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
FMS with Cisco Mobile Client Solutions
Cisco Expressway Mobile and Remote Access: Design Considerations (2 of 2)
Capacity
Large Expressway OVA or CE1100* supports the following maximum capacities:
Maximum of 10,000 proxy device registrations per Expressway cluster / 2,500 per node
Maximum of 2,000 concurrent video calls per Expressway cluster / 500 per node
Maximum of 4,000 concurrent voice calls per Expressway cluster / 1,000 per node
Unified CM endpoint capacity must also be considered
High Availability
Like Unified CM, Expressway nodes are clustered for redundancy and scale.
Expressway-C
CAUTION: and E nodes
All enterprise and clusters
collaboration must deployed
services are NOTin equal numbers
highly andover
available sizesMRA.
IMExpressway nodes cluster
& P node failures: Jabberin up towill
client 4:2failover
redundancy scheme
to active node (4
forprimary nodes
messaging andand 2 backup
presence nodes)
services
Unified
JabberCM and Unity Connection
Expressway connectionsnode failures:
including Jabber
clients client will
registrations areNOT failover to active node for
re-established
voice/video and
via alternate voice messaging
node(s) services.
given failure of an Expressway node
* Expressway appliance
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
FMS with Cisco Mobile Client Solutions For
Your
Reference
Enterprise Secure Remote Attachment Architecture: Expressway or VPN?
Cisco AnyConnect VPN Cisco Expressway Mobile and Remote Access
Supported All workflows, full enterprise access Collaboration work flows only: voice/video, IM and
workflows not just collaboration presence, visual voicemail, directory access
Per session/connection VPN license + No additional licensing beyond collaboration
Licensing
collaboration user/endpoint licensing user/endpoint licensing
All traffic traverses/hairpins at the All collaboration traffic traverse/hairpins at the
Media/data path Adaptive Security Appliance (ASA) / Expressway-C node(s). No point-to-point media.
VPN head-end All other traffic remains on the local network/Internet
All collaboration features supported Active call hand-out, CAPF enrollment, LDAP directory
Collaboration including active WLAN to cellular hand- access NOT supported.
feature support off, CAPF enrollment, LDAP directory Note: UDS is forced for directory/contact source over
services Expressway
No secure remote access per user /device
restrictions.
Other Per user enablement for enterprise
No session persistency calls/connections cleared
considerations secure remote access.
when network path lost or changed.
Reduced endpoint capacity due to UDS
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
FMS with Cisco Mobile Client Solutions For
Your
Reference
Enterprise Secure Remote Attachment Architecture: Expressway or VPN?
Cisco AnyConnect VPN Cisco Expressway Mobile and Remote Access
Supported All workflows, full enterprise access Collaboration work flows only: voice/video, IM and
workflows not just collaboration presence, visual voicemail, directory access
Each deployment is different
Per session/connection VPN license + No additional licensing beyond collaboration
Licensing
in order to determine the best enterprise secure remote attachment method consider:
collaboration user/endpoint licensing user/endpoint licensing
Remote/mobile users
All traffic traverses/hairpins at the All collaboration traffic traverse/hairpins at the
Media/data path Adaptive Security Appliance (ASA) / Expressway-C node(s). No point-to-point media.
Required
VPN head-end
work flows Just collaboration or other applications/traffic?
All other traffic remains on the local network/Internet
Location and devices
All collaboration On the move
features supported Activeor
callfixed location?
hand-out, CAPF enrollment, LDAP directory
Collaboration including
Existing active WLAN to cellular hand- access NOT supported.
deployments
feature support off, CAPF enrollment, LDAP directory Note: UDS is forced for directory/contact source over
Isservices
VPN already in place? Expressway
Are both solutions needed? No secure remote access per user /device
See the Appendix
restrictions.
Consider Expressway and VPN split-tunnel for split-tunnel
No session design
Other Per user enablement for enterprise
persistency calls/connections cleared
considerations secure remote access.
when network path lost or changed.
design information
Reduced endpoint capacity due to UDS
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Agenda
BRKUCC-2060
Cisco Enterprise Mobile Collaboration Solutions Overview
Fixed Mobile Convergence with Cisco Unified Mobility
Fixed Mobile Substitution with Cisco Mobile Client Solutions
Unified Mobility Integration
Mobile Client and Collaboration Service Deployment
Cisco Jabber
Cisco Spark
PROBLEM #1: IP path DOES NOT provide PROBLEM #2: IP path DOES NOT provide
ample bandwidth/throughput to ensure reliable connection to prevent call disconnects
good voice quality SOLUTION: DVO audio traverses the
SOLUTION: DVO moves audio to the mobile voice network/PSTN ensuring
mobile voice network/PSTN ensuring audio is maintained even when IP
high quality voice connection is lost
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
FMS with Cisco Mobile Client Solutions
Dial via Office: Cisco Jabber for Android and iPhone
The Dial via Office (DVO) feature enables Cisco mobile client running on
dual-mode devices to automatically dial an outgoing call through the enterprise
All voice media traverses the mobile voice network and PSTN
All voice signaling (SIP) traverses the IP connection (802.11 WLAN or mobile data)
between the client and Unified CM.
The Cisco Jabber DVO feature provides the following benefits:
Improved User Experience: Automated enterprise dialing eliminates manual 2-stage dialing
with ability to dial internal-only (non-DID) enterprise extensions.
Mobile phone number masking: System sends users enterprise number as caller ID
Cost savings: International and in some cases long distance calls made at reduced cost.
Enterprise call anchoring: Enables desk phone pickup and DTMF-based enterprise mid-call
features
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
FMS with Cisco Mobile Client Solutions After the user answers at
the mobile device, Unified
CM extends a call to the
Dial via Office Reverse (DVO-R) number the user dialed.
The user begins to hear
+1 (408) 555-7890 ring-back.
Cisco Jabber for Android/
Once the call is
iPhone supports Dial via answered at the
target number,
3
Unified CM extends a
call to the mobile
PSTN
Office Reverse (DVO-R) Unified CM anchors PSTN Gateway number (Mobility
the call in the Identity) of the Cisco
enterprise gateway Mobile Jabber client device.
DVO-R calls are set up by Voice Network
(Carrier)
4
Unified Mobility
User
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
FMS with Cisco Mobile Client Solutions
Dial Plan: Call Routing - Originate and Terminate
Jabber Device and Remote Destination Profile Calling
Search Space (CSS) configuration settings
Call Origination: CSS (device-level) Dual-mode
2-stage
(MVA/EFA) Determines call routing to target Cisco Unified CM
PSTN
DVO when Unified Mobility / Jabber user Gateway
makes a call (in concatenation PSTN
Voice/video
over IP w./ line-level CSS) Mobile Voice
Network
(Carrier)
Unified Mobility
User
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
FMS with Cisco Mobile Client Solutions
Dial Plan: Cisco Spark Call Routing - Originate and Terminate
Spark Remote Device / CTI Remote Device Calling Search
Space (CSS) configuration settings
2-stage
Call Origination: CSS (device-level)
(MVA/EFA) Determines call routing to target Cisco Unified CM
PSTN
DVO when Spark user makes a call Gateway
(in concatenation w./ line-level CSS) PSTN
Voice/video
over IP Mobile Voice
Network
(Carrier) Spark RD / CTI RD
Call Termination: Rerouting CSS
Determines Single Number
Reach call routing to Spark
SNR
DVO-R Call Origination
Unified Mobility
User
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
FMS with Cisco Mobile Client Solutions
Design Considerations: Cisco Jabber Emergency Calling
Calls for emergency services from mobile client devices should be routed via the
mobile provider network whenever possible.
Mobile provider networks typically provide more accurate location information
than enterprise or public WLAN networks.
Unified CM provides a mechanism for escaping or forcing of emergency calls
from Jabber clients directly over the cellular voice network of the device.
Dual Mode Client Device Configuration
Avoids enterprise call routing (VoIP or DVO)
Applies to Cisco Jabber for iPhone and Android
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
FMS with Cisco Mobile Client Solutions
Design Considerations: Cisco Spark Emergency Calling
Calls for emergency services from mobile client devices should be routed via the
mobile provider network whenever possible.
Mobile provider networks typically provide more accurate location information
than enterprise or public WLAN networks.
With Cisco Spark Hybrid Services Call Service Connect deployments,
emergency calls from Cisco Spark client are routed using enterprise call
control and PSTN gateway.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
FMS with Cisco Mobile Client Solutions
Design and Deployment Considerations: Cisco Jabber
Scalability/Capacity Planning
Maximum of 40,000* Mobility Identities + Remote Destinations per Unified CM cluster
Maximum of 40,000 registered/configured devices per Cisco Unified CM cluster
Maximum of 10,000 Cisco Expressway mobile and remote access proxy
registrations, 2,000 simultaneous video or 4,000 simultaneous audio-only
calls per Expressway-C/E cluster
High Availability
Client registration/feature sets are highly available based on Unified CM clustering
and device pool/CM group configuration
Dual mode devices fall-back to SRST** or the mobile voice/cellular network when
Unified CM is unavailable
* Unified CM 9.1(2)SU1 and later.
** Jabber 10.6 and later
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
FMS with Cisco Mobile Client Solutions
Design and Deployment Considerations: Cisco Spark
Initial Provisioning
After provisioning user must set account password via web browser or desktop client.
Scalability/Capacity Planning
Unlimited users. Unlimited rooms
Maximum of 25 participants on voice/video call (paid) /
3 participants on voice/video call (free)
High Availability
Cisco Collaboration Cloud services are generally redundant and highly available
Cisco Spark Hybrid Services: Clustered Expressway-C Connector Hosts ensure high
availability
Dual mode devices fall-back to mobile voice/cellular network if IP connection is
unavailable
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
FMS with Cisco Mobile Client Solutions
Design and Deployment Considerations: 802.11 WLAN
Conduct 802.11 WLAN site survey to verify radio frequency design and
identify / mitigate interference so that WLAN is optimized for real-time traffic
802.11 WLAN RF (radio frequency) Design
Channel cell radius of -67 dBM
(minimize packet loss)
Same channel cell separation of 19 dBm
(minimize co-channel interference)
Non-adjacent channel cell overlap of at least 20%
(ensure seamless roaming between access points)
Call Capacity (per 802.11 channel cell)
Maximum of 27 simultaneous voice calls* per 802.11a/g/n/ac
channel cell
Maximum of 8 simultaneous voice/video calls* per 802.11a/g/n/ac channel cell
5GHz or no Bluetooth
* Bi-directional streams
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Cisco Enterprise Mobile
Collaboration Solutions Summary
Review
BRKUCC-2060
Fixed Mobile Convergence with Cisco Unified Mobility
11 AM
8:30 AM 1:15 PM
3 PM
7 AM
9 PM
4 PM
7 PM 5:30 PM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Cisco Enterprise Mobile Collaboration For
Your
Reference
Application Feature Matrix (1 of 2)
File share
Presence *
Visual Voicemail X
WebEx Meetings
Supported X Not Supported Support Not Applicable * Read receipts, responding indication
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
Cisco Enterprise Mobile Collaboration For
Your
Reference
Additional Resources (1 of 3)
For additional information on Cisco Mobile Collaboration solutions consult the
following resources:
Cisco Unified Mobility: Features & Services Guide for Cisco Unified CM
http://www.cisco.com/c/en/us/support/unified-communications/unified-communications-manager-callmanager/products-
maintenance-guides-list.html (Cisco Mobility chapter)
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
Cisco Enterprise Mobile Collaboration For
Your
Reference
Additional Resources (3 of 3)
For additional information on Cisco Mobile Collaboration solutions consult the
following resources (cont.):
Solution Design Guides:
Cisco Collaboration Systems SRND: Mobile Collaboration chapter
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab11/collab11/mobilapp.html
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
Cisco Enterprise Mobile Collaboration
Want More Mobility?
BRKCOL-2607 Understanding Cloud and Hybrid Cloud Collaboration Deployment
Date/time: Monday, July 11th / 4 PM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Complete Your Online Session Evaluation
Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner will
receive a $750 Amazon gift card.
Complete your session surveys
through the Cisco Live mobile
app or from the Session Catalog
on CiscoLive.com/us.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Continue Your Education
Demos in the Cisco campus
Walk-in Self-Paced Labs
Lunch & Learn
Meet the Engineer 1:1 meetings
Related sessions
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
19,000+
Members
Join the Customer Connection Program Strong
Implementing Cisco Collaboration Applications Understand how to implement the full suite of Cisco collaboration CCNP Collaboration
(CAPPS) applications including Jabber, Cisco Unified IM and Presence, and Cisco
Unity Connection.
Implementing Cisco IP Telephony and Video Learn how to implement Cisco Unified Communications Manager, CUBE, CCNP Collaboration
Part 1 (CIPTV1) and audio and videoconferences in a single-site voice and video network.
Implementing Cisco IP Telephony and Video Obtain the skills to implement Cisco Unified Communications Manager in a
Part 2 (CIPTV2) modern, multisite collaboration environment.
Troubleshooting Cisco IP Telephony and Video Troubleshoot complex integrated voice and video infrastructures
(CTCOLLAB)
Implementing Cisco Collaboration Devices Acquire a basic understanding of collaboration technologies like Cisco Call CCNA Collaboration
(CICD) Manager and Cisco Unified Communications Manager.
Implementing Cisco Video Network Devices Learn how to evaluate requirements for video deployments, and implement
(CIVND) Cisco Collaboration endpoints in converged Cisco infrastructures.
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Cloud Cisco Education Offerings
Course Description Cisco Certification
Understanding Cloud Fundamentals Learn how to perform foundational tasks related to Cloud computing, and the essentials
(CLDFND) of Cloud infrastructure
CCNA Cloud
Introducing Cloud Administration Learn the essentials of Cloud administration and operations, including how to provision,
(CLDADM) manage, monitor, report and remediate.
Implementing and Troubleshooting the Learn how to implement and troubleshoot Cisco Cloud infrastructure: compute,
Cisco Cloud Infrastructure (CLDINF) network, storage.
Learn how to design private and hybrid Clouds including infrastructure, automation,
Designing the Cisco Cloud (CLDDES)*
security and virtual network services
CCNP Cloud
Automating the Cisco Enterprise Cloud Learn how to automate Cloud deployments provisioning IaaS (private, private with
(CLDAUT)* network automation and hybrid) and applications, life cycle management
Building the Cisco Cloud with Application Learn how to build Cloud infrastructures based on Cisco Application Centric
Centric Infrastructure (CLDACI)* Infrastructure, including design, implementation and automation
Learn how to manage physical and virtual infrastructure using orchestration and
UCS Director Foundation (UCSDF)
automation functions of UCS Director.
* Available Q2CY2016
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Wireless Cisco Education Offerings
Course Description Cisco Certification
Designing Cisco Wireless Enterprise Networks Professional level instructor led trainings to prepare candidates to conduct CCNP Wireless Version 3.0
Deploying Cisco Wireless Enterprise Networks site surveys, implement, configure and support APs and controllers in
Troubleshooting Cisco Wireless Enterprise converged Enterprise networks. Focused on 802.11 and related (Available March 22nd, 2016)
Networks technologies to design, deploy, troubleshoot as well as secure Wireless
Securing Cisco Wireless Enterprise Networks infrastructure. Course also provide details around Cisco mobility services
Engine, Prime Infrastructure and wireless security.
Implementing Cisco Unified Wireless Network Prepares candidates to design, install, configure, monitor and conduct CCNA Wireless
Essential basic troubleshooting tasks of a Cisco WLAN in Enterprise installations. (Available Now)
Understanding of the Cisco Unified Wireless Networking for enterprise
deployment scenarios. In this course, you will learn the basics of how to
Deploying Basic Cisco Wireless LANs (WDBWL) install, configure, operate, and maintain a wireless network, both as an 1.2
add-on to an existing wireless LAN (WLAN) and as a new Cisco Unified
Wireless Networking solution.
The WDAWL advanced course is designed with the goal of providing
learners with the knowledge and skills to successfully plan, install,
Deploying Advanced Cisco Wireless LANs configure, troubleshoot, monitor, and maintain advanced Cisco wireless
1.2
(WDAWL) LAN solutions such as QoS, salt and pepper mobility, high density
deployments, and outdoor mesh deployments in an enterprise customer
environment.
Deploying Cisco Connected Mobile Experiences WCMX will prepare professionals to use the Cisco Unified Wireless
Network to configure, administer, manage, troubleshoot, and optimize 2.0
(WCMX) utilization of mobile content while gaining meaningful client analytics.
For more details, please visit: http://learningnetwork.cisco.com
Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 102
Appendix
Thank you
FMC with Cisco Unified Mobility
Automatic Caller ID Matching
For all inbound calls to Cisco Unified CM the caller ID is automatically compared against all
configured remote destinations
Cisco Unified
CM Cluster Configured Remote
Destinations:
PSTN 408 555 1234
Gateway
408 555 5678
408 555 0987
PSTN .
.
.
919 444 6789
919 555 2345
Inbound caller ID:
MATCH 919 555 8765
919 444 6789
voicemail
Unified boxpath
CM and voice instead of
is cut-through. Enterprise
3. If mobile
DTMF tonevoicemail box CM
not received, Unified PSTN PSTN voicemail
Gateway
disconnects outbound call leg and routes STOP
Two call
inbound methods to ensure that Mobile Voice
X
to enterprise voicemail
Network
mobile voicemail is avoided: (Carrier)
Cisco Unified
1) Timer Control: Answer Communications
Too Soon/Late timers Manager
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
FMS with Cisco Mobile Client Solutions
Web and Video Conferencing with WebEx Meetings
Cisco WebEx Mobile clients enable video
and web conferencing capabilities from Mobile
Voice Network
the WebEx cloud: (Carrier) PSTN
Host, join, start, and schedule
meetings
Mobile
Share, view meeting roster and Data Network
VVoIP
(Carrier)
shared content Mobile Client HTTPS WebEx
Device Internet
PSTN voice or voice and video Enterprise/
Meeting Center
over IP via RTP Public/PrivateVVoIP
WiFi PSTN Voice
Signaling and web conferencing via HTTPS Signaling, Web
(HTTPS)
Flows over 802.11 WLAN (enterprise/public/ private) VVoIP (RTP)
or mobile data network
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 109
FMS with Cisco Mobile Client Solutions
Collaboration Service Deployments: On-Premise, Cloud, Hybrid
On-Premise Cloud Hybrid
On-Premise Collaboration
Enterprise Collaboration Collaboration Services
Services Services + Cloud-based
PSTN
Collaboration Services
Gateway Unified CM PSTN
Gateway Unified CM
Conferencing /
MCU
Unity
Connection
Expressway-C
+ Conferencing /
MCU
Unity
Expressway-C
Connection
iPhone
Android
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
FMS with Cisco Mobile Client Solutions
Jabber DVO: Client Calling Options
!
Caution
Cisco Jabber
Call Direction Outbound Inbound Outbound Inbound Outbound Inbound
Device
IP Connection
802.11 WLAN
(Corporate/
enterprise)
Voice over IP Voice over IP
802.11 WLAN
Dial Via Office SNR Voice over IP Voice over IP
(Non-corporate)
Cisco Jabber
Call Direction Outbound Inbound Outbound Inbound Outbound Inbound
Device
IP Connection
802.11 WLAN
(Corporate/
enterprise)
Voice over IP Voice over IP
802.11 WLAN
Dial Via Office SNR* Voice over IP Voice over IP
(Non-corporate)
*NOTE: Dual-ring avoidance (VoIP, then SNR) does Outbound: Native Cellular
No IP
not apply when DVO calling is enabled as all inbound Inbound: Single Number Reach (SNR)
calls are routed by SNR BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
FMS with Cisco Mobile Client Solutions
Dial via Office Client Calling Options: Usage Models for End-Users
Which Cisco Jabber calling option? Depends on the end-user profile
Always Use DVO
Typical Profile: User is highly mobile, almost never has WLAN coverage
Mobile data does not provide acceptable voice quality and reliability
Always Use Internet
Typical Profile: User is mobile within the office (home or enterprise) but enterprise calling
not typically needed outside the enterprise.
Cost is an important consideration (e.g. employee-owned device/BYOD)
Automatically Select (default)
Typical Profile: User is mobile both within and outside the office.
Provides potential least cost routing by taking advantage of VoIP when Wi-Fi is available
and falls back to mobile voice/data network (DVO/SNR) when Wi-Fi is not available
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
FMS with Cisco Mobile Client Solutions
Dial via Office Reverse: Voicemail Avoidance On answer the called party may
end up in the mobile voicemail
+1 (408) 555-7890 box of the calling user leading to
poor experience
Voicemail avoidance is POOR
EXPERIENCE
important for optimum PSTN PSTN
3
Gateway
DVO-R experience. 4
Mobile
Mobile
User Control (DTMF-
based) method is
voicemail
Voice Network
(Carrier) X 2 Cisco
Unified CM
recommended with
Unified CM 9.x and later.
Public/
With User Control voicemail Mobile Private
Cisco ASA
https://software.cisco.com/download/release.html?mdfid=283812787&flowid=45928&softwareid=284006014&
release=10.6%280%29&relind=AVAILABLE&rellifecycle=&reltype=latest (Android)
https://software.cisco.com/download/release.html?mdfid=284288351&flowid=45930&softwareid=284006014&
release=10.6%280%29&relind=AVAILABLE&rellifecycle=&reltype=latest (Tablet iOS, Android)
https://software.cisco.com/download/release.html?mdfid=283760466&flowid=45927&softwareid=284006014&
release=10.6%280%29&relind=AVAILABLE&rellifecycle=&reltype=latest (iPhone)
ALL TRAFFIC
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
FMS with Cisco Mobile Client Solutions
Design and Deployment Considerations: Cisco Jabber
Remote Secure Enterprise Connectivity
Connection reliability and voice/video quality over Internet connections including
public or private Wi-Fi hotspots and mobile data networks varies depending on the
quality of the network connection
**** Cisco does not provide support to troubleshoot voice/video quality or
connectivity issues for secure remote enterprise client connections. ****
Cisco ASA Cisco
(AnyConnect VPN) Unified CM
Internet
Cisco Expressway
(Mobile and remote access)
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
FMS with Cisco Mobile Client Solutions
Cisco Jabber and Expressway with Cisco AnyConnect VPN Split-Tunnel Design
Enterprise Network DMZ Public Network
Unified CM
Unified CM (ucm.example.com)
IM & P
(imp.example.com) Internet
Expressway-C Firewall Expressway-E Firewall
(expressway.example.com)
DNS
DNS
the enterprise with
When mobile DNS filter list: AnyConnect VPN
device is connected to _cisco-uds._tcp.example.com
_cisco-uds._tcp.example.com ? = No resolution [FILTERED]
enterprise via AnyConnect
_cuplogin._tcp.example.com
VPN: _cuplogin._tcp.example.com ? = No resolution [FILTERED]
X (expressway.example.com)
DNS
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 125
FMS with Cisco Mobile Client Solutions
Cisco Identity Services Engine (ISE) and Mobile Device Management (MDM)
ISE has limited awareness of device posture.
For example, ISE cannot detect if PIN-lock is enabled, if the device has been
jailbroken or rooted, etc.
MDM platforms/applications provide posture information, however, MDM
capacity to enforce enterprise network policies is limited
ISE receives device compliance information from the MDM in order to
make network access policy decisions
ISE is also able to push administrative device actions (such as remote-
wiping) via the MDM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 126
FMS with Cisco Mobile Client Solutions
Service Providers
Cisco Jabber: Single Sign-On with SAML (v2) Redirect with
SAML auth. (SP)
request
Cisco Jabber supports Security Assertion Unified
Markup Language 2.0 (SAML v2) OAuth access token +
access granted
CM
Single Sign-On (SSO) Access request
Unified
2
Service providers (SPs) including 1 7 CM IM & P
LDAP
Unified CM and Unity Connection sync
LDAP
redirect authentication requests to 6 Unity
Directory
identity provider (IdP) Connection
HTTP POST
IdP authenticates user/client and 3 of response
Trust
provides signed SAML assertion IdP signed
response relationship
response. Client posts response. SAML auth. 4
4 User
request
authentication
IdP and SP have pre-established
Authentication/
trust agreement and SP sends OAuth credential exchange 5 Identity
access token and grants access. Provider (IdP)
Single Sign-On: Subsequent access requests to other resources or SPs are automatically authorized
using the OAuth access token because user has already authenticated
BRKUCC-2060 with theCiscoIdP
2016 and/or previously
its affiliates. All rights reserved. Cisco Public 127
FMS with Cisco Mobile Client Solutions
Service Providers
Expressway: Single Sign-On with SAML (v2) (SP)
Cisco Jabber also supports SSO over Expressway-E / Expressway-C
Unified
Expressway mobile and remote access CM
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 129
FMS with Cisco Mobile Client Solutions
Business Collaboration Is Increasingly Taking Place on Smartphones and Tablets
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 130
FMS with Cisco Mobile Client Solutions
Mobile Device Management (MDM) Models
Increasing Security & Compliance Requirements
Basic Enhanced Advanced
Lock, Locate, and Wipe Full wipe Full or selective wipe Full or selective wipe
Device and app level security, Device and app level security,
Policy & Compliance N/A
location and compliance policies location and compliance policies
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 132
FMS with Cisco Mobile Client Solutions
Mobile Device Management (MDM) Application wrapping
required in order to
distribute and secure
via private enterprise
Jabber accessible from application store
private enterprise
application store, but
downloaded from public
application store.
More IT visibility
and control
Mobile Collaboration
App Packages are
Wrapped,
Business Mobile Collaboration
Distributed, and
Collaboration Apps are Distributed
Secured via Private
Users Download Mobile Devices are to Users via Private
App Stores
Mobile Collaboration Controlled by Mobile App Stores
Apps from Public Device Management
App Stores (MDM) Platform
MDM
Step 2: MDM compliance check Step 3: If device is compliant,
device is granted access to
Jailbroken? the network (full, partial, or
No access, internet-only) based on
Rooted?
quarantine device network access policy
PIN lock? Step 2A: ISE uses
REST API to query
MDM for device
posture and MDM
Step
Step 3:
3: Secure
Secure access
accessgranted
granted 802.11 Cisco ISE compliance status
WLAN
Step 2B: If device is not
compliant device is quarantined
and user is notified that
additional steps are required to
become compliant
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 137
FMS with Cisco Mobile Client Solutions
Cisco ISE and MDM Integration: Post-Onboarding
Cisco ISE regularly queries MDM via REST API to check
device compliance.
Compliance failure results in quarantine MDM
ISE periodically
queries MDM to
If device falls out
of compliance,
device is
quarantined
X 802.11 Cisco ISE
WLAN
ensure device
compliancy
BRKUCC-2060 2016 Cisco and/or its affiliates. All rights reserved. Cisco Public 138