Академический Документы
Профессиональный Документы
Культура Документы
Communications Manager
Версий 11.5 SU и 12.0
Константин Грибах
Консультант по технологиям
23 ноября 2017 года.
Хронология выхода версий Unified
1
Communications Manager (UCM)
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Unified Communications Manager
Хронология версий
Сервисный пакет 3
• APNS phase 2
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Доступные сегодня версии CUCM (IM&P)
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Unified Communications Manager
версий 11.5 SU и 12.0
Обзор новых возможностей
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Стратегия Cisco
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Резюме: Unified Communications Manager 11.X
Ключевые возможности Collaboration System Release 11.0/11.5
Гибридные сервисы и Безопасность и
Простота IM&P
другие возможности соблюдение политик
• Hitless device • Enterprise groups • Hybrid services: Spark • Next Gen encryption
pack installation • Persistent chat device type and common • NTLMv2 support for IM&P
high availability session ID
• Conference now • IX encryption
Multi device messaging • Auto registration in
• Basic emergency services • • Read only account for
mixed mode
• UCM/Unity pin • MS SQL server support AXL/CLI
• Generic LDAP v3
synchronization • External database robustness • SHA-2 support (File
• Location based services and LSC signature)
• Single SAML
agreement per cluster • Phone load and • Form based Authn
certificate clean up
• User editable • Simple LSC management
search/display Name • APIC EM integration
• Consistent directory search
(UDS proxy)
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Уже Уже Уже
есть 11.5(1)SU1 есть 11.5(1)SU2 есть 11.5(1)SU3
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Unified Communications Manager 12.0 Уже
есть
Ключевые возможности и новые сценарии
Для мобильных Безопасность и
Эксплуатационная эффективность
пользователей идентификация
• APNS Support for voice, • Minimum TLS version control Управление вызовами IM&P
video and messaging • Separate cluster-wide • IPv6 endpoint support • Centralized IM&P deployment
• Jabber authentication certificate for SAML SSO • External DB cleanup
• Phone deprecation
framework with IdP
• Device last seen report • Cleanup Stale Roster Entry
• Extension Mobility Login • SAML SSO support for
platform apps • UCM support for CMS • SQLServer support for
persistent chat HA
• Disable browser back button • CentOS (6 and 7)
(after logoff) • Enterprise group for
Поддержка гибридных • PCD L2/RU sequencing Open LDAP
• Common Criteria Compliance optimizations
сценариев • Calendar integration with Office
• Library updates: Cisco • Upgrade speed optimizations
Upgrade, OpenSwan 365
• Home Cluster Routing
to Libreswan • Hidden ad-hoc rooms
• Verified Identity and Call
Anchoring Paging Server • Compliance enhancements
• Cisco Spark Remote • Provisioning simplification
Device Licensing • Panic button Smart Licensing
• Emergency call alerting
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Совершенствование
работы мобильных
пользователей
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Поддержка сервиса Apple push notification
В будущих версиях iOS: UC Manager Node IM&P/Messenger
• Jabber не будет работать в фоновом режиме продолжительное время Platform
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• В качестве идентификатора пользователя
EM/EMCC можно использовать просто
Primary DN или Self-Service User ID/Pin
• Нет нужды вводить длинные буквенные
идентификаторы через клавиатуру телефона
Простое • Новый метод так же доступен при
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Безопасность - контроль минимальной версии TLS
Контроль за использованием Secure TLS
Older UCM
• New CLI command to set the Minimum TLS Version
(TLS 1.0, 1.1 or 1.2) for the CUCM secure TLS
interfaces TLS 1.0 Client
• Allows organization to deploy stronger security and
comply to policies by preventing negotiation of a lower CUCM 11.0
TLS version TLS 1.2 Client and before
Important ** TLS 1.0 is approaching deprecation
Запланируйте обновление:
• Требование Payment Card Industry Data Security Standards (PCI DSS) :
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Secure TLS (не SSL или ранние версии TLS) должен использоваться не позднее 30 июня, 2018
Безопасность – расширенная поддержка SSO
Long lived, Self Signed Internal certificate for
SAML IdP Trust configuration
• Lower barrier to deploy SSO while leveraging cluster
wide single SAML agreement NEW * long
lived certificate
• Avoid agreement re-configuration on Tomcat
certificate renewal CUCM and IM&P cluster
SSO for CUCM Platform/DRS and RTMT
• Richer single sign on experience Cisco Platform
Corporate
collaboration DRS network
• Enables capability to do multi factor authentication for New
application
Platform Admins servers RTMT
(leveraging IdP)
• Prevents information Long lived phone trust • Feature parity with the • Secure communication
exposure by disabling With ITL recovery USB Token approach channel between NTP
the back button to certificate for putting Cluster in Server and the CUCM
view admin pages • Prevent device lock-out Mixed Mode Node, avoid rogue
after logoff because of trust break for • Simplify ASA TLS proxy attacks, service
scenarios like host name
change, certificate re-
deployment with better disruption (NTPv3,
generation, or phone security (TLS 1.2 and and NTPv4)
movement between clusters 2048 bit ASA • Library Updates
• No need of TFTP service certificate) (Cisco J and Libreswan)
restart during CTL file
regeneration
• Avoid service disruption and
reduce maintenance window
overhead
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Call control operational
efficiency
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Поддержка IPv6
CUCM и IM&P 12.0 Терминалы, работающие в режиме IPv6 ONLY с CUCM 12.0
• Внедрение терминалов только с адресом IPv6 Серия Модель
78xx 7811, 7821, 7841, 7861
• Решение для филиалов, использующих только IPv6
88xx 8811, 8841, 8845, 8851, 8861, 8865
и централизованной инфраструктуры
использующей dual stack
Поддержка одинакового с IPv4-терминалом Reduction in IPv4 address utilization
набора функций Scale of Deployment Servers and # of IPv4 # of IPv4 Percent
(Endpoints) Gateways Addresses Addresses reduction in
• Не заметно для пользователей (Dual Stack used before used after IPv4
or IPv4) deploying deploying addresses
• Jabber 11.6+ в режиме IPv6 only способен IPv6 only IPv6 only
Endpoints Endpoints
подключаться к CUCM и IM&P при локальном
развертывании (on-prem) 500 6 506 6 98.8%
5000 13 5013 13 99.7%
10,000 25 10,025 25 99.8%
**Continued IPv4 address support
подключений
SP, 12 SP+,30 SP+,30 VIP, 7902G, 7905G, 7910,
7910G, 7910+SW, 7910G+SW, 7912G, 7920, 7935
терминалов к
m_b_deprecated-phone-models-for-1201.html
• Регистрация всех этих моделей терминалов будет
Брендирование:
Дополнительные
• Возможность установить корпоративные
цвета/символику на порталах администрирования и
самообслуживания.
улучшения в • Включение/выключение возможностей
брендирования через интерфейс OS Admin или
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IM&P operational efficiency
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Новый сценарий развертывания:
Centralized IM&P
• Модернизированная схемы взаимодействия Cisco IMP с Cisco CUCM.
• Отдельный кластер IMP теперь может выступать в роли “Private Cloud Service” для нескольких кластеров CUCM.
• Этот сценарий убирает 1-1 зависимость между IM&P и CUCM.
• Терминалы и пользователи продолжают обслуживаться своими локальными кластерами CUCM, на которых
хранятся их service profiles, необходимые для настройки клиентов Jabber (термин Telephony Cluster).
• NOTE: ничего не изменилось в масштабируемости IM&P
RTP/Signaling
XMPP
IM&P Cluster
• Функционал так же доступен для CUCM версий Leaf 1-1xxx
Unified
Internet
CUBE
• Не требуется никаких изменений в адресах. Leaf 2 2xxx
Unified
Communications
SME
Manager
Leaf 4-4xxx
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Улучшения в обслуживании сервисов IM&P
External DB cleanup utility
• Упрощает управление внешними базами данных, позволяя проводить
периодическую чистку таблиц - снижение вероятности утери нужных
данных
• Чистка возможна для Persistent chat(TC), Managed File Transfer (MFT) и
Message Archiver (MA)
• Чистку можно запускать вручную или в автоматическом режиме
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Улучшения в области совместимости для IM&P
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
IM&P расширенная поддержка корпоративных
политик
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Лицензирование: переход
на Smart Licensing
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Smart Licensing experience
Ситуация на сегодня
Customer receives or Cisco product Customer stores records
Customer or partner Customer enters
1 2 3 downloads and installs 4 of devices, software,
places order (9Tools) PAK for each license
software licenses (No tool)
Customer manages
6 Customer System Customer
software (10 Tools) 5
• Routers uses software
• Switches
• Video
• Unified Communications
Customer system
• Routers
• Switches
Customer • Video
3 • Unified communications
manages licenses Automated
usage report
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Smart Account
• Заказчик сам, или через Партнера, должен завести себе Smart
Account. https://www.cisco.com/c/en/us/buy/smart-accounts.html
• Smart Account нужен для каждого заказчика (master account: не только Licenses
для лицензий, но и для учета соглашений, устройств) Users
Your
• Virtual Account – иерархия учетных записей внутри Smart Account Company
Devices
(определяется Заказчиком: может быть основана на географических,
организационных или иных корпоративных политиках)
Roles
• Партнеры Cisco могут заводить Holding Smart Account для персоны или Agreements
компании
https://software.cisco.com/smartaccounts/setup#accountcreation-
account/holdingRequest
• При создании заказа Cisco Commerce Workspace помечает продукты и
SKU с поддержкой Smart Licensing. При выполнении заказа все такие
Cisco Smart Account are a Cisco cloud-based data
лицензии будут переведены в Virtual Account по умолчанию выбранного repository solution that provides full visibility and
Smart Account access control to Cisco software licenses and
product instances across a company.
• В дальнейшем Заказчик может перевести эти лицензии в требуемый
Virtual Account
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
UCM 12.0 Smart Licensing – Регистрация и
управление лицензиями
• UCM 12.0 работает с лицензиями только через Smart Licensing
• PLM будет недоступен. Лицензии не привязываются к какому-либо узлу (PLM uuid)
• После начальной установки UCM работает в демонстрационном режиме 90 дней. Демонстрационный режим
начинается только при появлении необходимости использования лицензий Smart Account
Device/product In-Compliance
registration
SL state=
Authorized
Customer gets a Enter “SL register” Product uses
SL is enabled Cisco Smart
registration taken command/GUI feature and reports
by default Software Manager
from CSSM with token usage to CSSM
SL State=OOC
SL State= Customer Smart SL State=
Un-identified Account Identified Registered In-Compliance
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Smart Software Licensing - Варианты
развертывания и подключения к Cisco
Options
1 2 3 4
Direct cloud access Direct cloud access Mediated access Mediated access through
Cisco product sends usage through an HTTPs proxy through an on-premises an on-premises collector
information directly over the Cisco Products send usage collector – connected – disconnected
information over the internet via a Cisco Products send usage Cisco Products send usage
internet. No additional
information to a local connected information to a local
components are needed. Proxy Server – Smart Call Home
collector, which acts as a local disconnected collector, which
Transport Gateway (Free VM acts as a local license authority.
Download) or off-the-shelf Proxy license authority. Periodically, an
Once a month, an exchange of
exchange of information will be
(such as Apache). human readable information will
performed to keep the
be performed to keep the
databases in sync.
databases in sync.
Cisco Cisco Transport Gateway Cisco Smart Software Cisco Smart Software
Product Product or HTTPs Proxy Product Manager satellite Product Manager satellite
HTTPs
HTTPs HTTPs
FileTransfer
Your Your Your Your
Cisco Cisco Cisco Cisco
Software Software Software Software
Usage Usage Usage Usage
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Управление лицензиями: CSSM или satellite
• Product when registered with Cisco Smart Software
Manager or through Satellite consume Licenses from the
Virtual Account
• CSSM Portal provides:
- Alerts – Major/Minor alerts like license shortage/expiry
for the Smart Account
- Inventory – For a selected Virtual Account show licenses,
registered product instances. Actions to help transfer or
move products
- Reports – summary of License counts, usage,
subscription status
- Email Notification – several alert or information events
can be emailed
- Satellites – registered satellites or add new satellite, generate
authorization file
- Activity – Details for all transaction(s)
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Переход на CUCM 12 с прошлых версий
(начиная с 9.х)
• Миграция лицензий с PLM в Smart Licensing
можно сделать через License Registration
Portal(LRP) на https://software.cisco.com
Сценарии
•
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
В итоге - преимущества UCM 12.0 Smart
Licensing
• Упрощение логистики
• Нет PAK-ов. Нет лицензионных файлов
• Простота отслеживания лицензий
• Сервер PLM не нужен
• Достоверный источник информации о лицензиях
• Статистика использования лицензий
• Возможность хранения лицензий в Smart Account
и распределение их между virtual accounts
• Помогает планировать расширение лицензий
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Spark Hybrid Service
Enhancements
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Интеграция с облачными сервисами Spark
Гибридная схема работы с Cisco Spark
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Home cluster routing
• Calls from Spark Call users are routed via
Expressway to the caller’s home UCM cluster,
where they anchor on the caller’s Spark
Remote Device
• Previously, a direct SIP trunk from the ingress EXP EXP EXP
Expressway-C to the home UCM cluster
was required
• With this feature, a Session Management
SME
Edition (SME) (or other intermediary UCM)
can forward these calls to the home
UCM cluster
UCM UCM UCM
• In large deployments, fewer direct SIP trunks and less call routing configuration are required
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Verified identity and call anchoring
• Calls from Spark Call users arriving at the
caller’s home UCM cluster anchor on the
caller’s Spark Remote Device
• These calls acquire the UC identity of the Cisco
Unified CM Expressway-C Expressway-E
Malicious
caller and access to the caller’s UC dial plan Internet B2B call
and privilege 2
Пример
• Настольный телефон и Spark Remote Device для одного пользователя потребляют одну (не
две) лицензии Enhanced UCL.
• В сравнении с CTI Remote Device, на базе которого и был реализован Spark Remote Device
количество необходимых лицензий будет меньше.
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Unified Attendant
Console (CUAC) 12.0 overview
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Unified Attendant Console
Cisco Unified Attendant Console Standard 12.0 Cisco Unified Attendant Console Advanced 11.0.2
• Call Control Window: view extension or line text • Accessibility: JAWS screen reading scripts
label on lines available in Spanish
• Busy Lamp Field: improved for contacts with • Presence: support for new automated and custom
multiple devices (e.g. hard phone, Jabber/CSF presence statuses
device, extension mobility)
• Platforms: UCM 10.0 – 12.0 (incl. native UCM
• BLF Rules: improved usability 11.5 support); Windows Server 2016 support
• Platforms: UCM 10.0 – 12.0 support
C97-739406-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential