Cisco Collaborative Conferencing
Cisco offers a wide range of collaboration technologies that have the ultimate goal of allowing users to work in virtual collaborative environments that result in faster, more efficient decision-making processes and increased productivity. There are many technologies that fall under the large collaboration umbrella, but this chapter focuses on design guidance surrounding the Cisco offerings that allow for simultaneous communications through audio, video, and rich content sharing capabilities. This chapter also explores the differences in the various solutions and provides suggestions on when one solution may be a better fit than another.
Certain aspects are common to all the Cisco collaborative conferencing solutions. For instance, the capability to integrate with scheduling or calendaring systems so that the creation of a meeting is familiar and intuitive to users. Ties into LDAP directories for inviting attendees in the organization and a consistent authentication method are also critical. Users have the ability to host and attend virtual meetings, whether in the office or outside of the enterprise, to ensure continued productivity for users even when they are traveling outside the organization.
The Cisco collaborative conferencing solutions discussed in this chapter are available as on-premises, off-premises, or mixed deployments. This allows an organization to integrate with a Unified Communications solution in which they have already invested or, alternatively, to implement a service that is hosted "in the cloud." This is one of the more important distinctions between the various solutions, and it is the first decision point when determining which solution is the best fit for an organization. This chapter contains sections on the following topics:
•Cisco WebEx Software as a Service (SaaS)
•Cisco Unified MeetingPlace
•Cisco Unified Videoconferencing
Each section defines the high-level architecture of the solution, followed by design guidance for high availability, capacity planning and other design considerations pertinent to the solution.
For more detail on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see the chapter on Cisco Collaboration Clients and Applications.
What's New in This Chapter
This chapter combines information from several chapters in previous versions of this document, and it incorporates new material to bring together design discussions surrounding Cisco's collaborative conferencing offerings. If you are reading this chapter for the first time, Cisco recommends reading the entire chapter.
Table 22-1 lists the topics that are new in this chapter or that have changed significantly from the previous release of this document.
|
|
|
---|---|---|
Capacity planning information for Cisco Unified MeetingPlace has been moved to the chapter on Unified Communications Design and Deployment Sizing Considerations. |
Unified Communications Design and Deployment Sizing Considerations |
July 31, 2012 |
Other miscellaneous corrections and changes |
Various sections throughout this chapter |
July 31, 2012 |
WebEx Dual Audio Vendor support |
April 30,2012 |
|
Video High Definition bandwidth estimates for WebEx meeting traffic |
September 30, 2011 |
|
Cisco Unified MeetingPlace 8.5 |
June 2, 2011 |
|
Other miscellaneous corrections and changes |
Various sections throughout this chapter |
June 2, 2011 |
High Quality Video |
November 15, 2010 |
Collaborative Conferencing Architecture
At a high level, collaborative conferencing involves receiving audio, video, and content from some or all of the attendees in a meeting, mixing those streams, and then sending the mixed audio, video, and content back to the attendees. Figure 22-1 illustrates a logical conference involving both internal and external participants, mobile and remote workers, or even attendees from other organizations.
Figure 22-1 Logical View of Collaborative Conferencing
These three aspects of a collaborative conference - audio, video and content sharing - are not exclusive. Cisco collaborative conferencing solutions integrate the three to create an enhanced user experience. Features such as the ability to determine active speakers, muting users from the content share interface, or choosing the video layout displayed in the content share, all imply that these three elements are integrated by the solution. All the collaborative conferencing solutions discussed in this chapter use the Cisco WebEx interface for content sharing. This provides a very consistent user experience across all the solutions.
When considering which solution is best for a given organization, many factors should be evaluated. Characteristics of an organization's users (number of remote workers, access capabilities, and video usage) as well as the range of available endpoints and their capabilities are important to consider. Video requirements such as high definition or interworking with an existing video infrastructure can also dictate a solution. The nature of the meetings themselves (for example, training scenarios, collaborative meetings, or how many meeting participants are external to the organization) is a critical characteristic to identify. Of course, initial cost, maintenance costs, and return on investment (ROI) all play a role as well.
One of the first delineations between the solutions is whether the resources performing each type of conferencing (or mixing) are located on-premises or off-premises. Access to cloud services, the size of the mobile workforce, and support staff levels are all considerations. Cisco WebEx software as a service (SaaS) offers a completely off-premises solution with an option to extend the cloud on-premises, while Cisco Unified MeetingPlace and Cisco Unified Videoconferencing are a hybrids (mix of on-premises and off-premises) with the option to pull the majority of resources on-premises. Organizations that have deployed Cisco Unified Communications will benefit most from leveraging an on-premises solution. The later sections in this chapter provide more detailed deployment options for each solution.
This document describes two approaches to providing a high-performance collaboration solution. The two solutions can be broadly categorized as either:
•Cloud-based (SaaS) service with on-premises acceleration
•On-premises solution with cloud-based augmentation
Table 22-2 summarizes available solutions from an on-premises cloud perspective.
|
|
|
|
|||
---|---|---|---|---|---|---|
On-premises |
Cloud |
On-premises |
Cloud |
On-premises |
Cloud |
|
Cisco WebEx SaaS |
No |
Yes |
No |
Yes1 |
No |
Yes |
Cisco WebEx SaaS with Cisco WebEx Node for Aggregation Services Router (ASR) |
Yes (VoIP) |
Yes |
Yes |
Yes1 |
Yes2 |
Yes |
Cisco Unified MeetingPlace with WebEx SaaS3 |
Yes |
No |
Yes |
No |
No |
Yes |
Cisco Unified MeetingPlace with Cisco WebEx Node for Cisco MCS3 |
Yes |
No |
Yes |
Yes |
Yes2 |
Yes |
Cisco Unified MeetingPlace with Cisco WebEx Node for Cisco ASR3 |
Yes |
Yes |
Yes |
Yes1 |
Yes2 |
Yes |
Cisco Unified MeetingPlace (audio/video only deployment) |
Yes |
No |
Yes |
No |
No |
No |
Cisco Unified Videoconferencing (audio/video only deployment) |
Yes |
No |
Yes |
No |
No |
No |
1 Cisco WebEx webcam video. 2 Cisco WebEx Node for ASR and MCS requires a connection to the Cisco WebEx network. 3 Cisco Unified MeetingPlace and Unified Videoconferencing solutions may alternatively use the WebEx webcam video streaming capabilities of the cloud. However, Cisco does not recommend using both because there is no interoperability. |
Cisco WebEx Software as a Service
Cisco WebEx is a collaboration solution that does not require any hardware to be deployed on-site. All services (audio, video, and content sharing) are hosted in the Internet or the cloud. This is often referred to as software-as-a-service (SaaS). Meetings can be initiated and attended from anywhere, anytime, and do not require connectivity back into the enterprise. This section describes solution characteristics and provides design guidance for deploying WebEx SaaS.
With respect to scheduling and initiating meetings, WebEx provides cloud-based web scheduling capability, but most organizations prefer to schedule from their corporate email system (Exchange, Lotus Notes, and so forth) or other enterprise applications. The WebEx Productivity Tools is a bundle of integrations with well known desktop tools incorporated into a single application. A WebEx administrator can control the specific integrations that are provided through the tool to their organization's user population. It can be installed automatically when accessing the WebEx sitename, or it can be pushed out locally using standard desktop management tools. For more information on WebEx Productivity Tool, refer to the WebEx Productivity Tools FAQs, available at
https://vnc.WebEx.com/docs/T26L/pt/mc0800l/en_US/support/productivitytools_faq.htm
There are three methods of creating WebEx user profiles for an organization in the cloud. Security considerations for the actual usernames and passwords, as well as for handling a large number of user accounts, should be considered. A WebEx administrator can create user profiles manually by bulk import of a CSV template or by a programmatic approach. A programmatic approach uses one or a combination of the WebEx APIs, URL, and XML, or a Federated SSO solution. The programmatic approach can be used by a customer portal, which is an application such as a CRM tool or a Learning Management System that integrates directly into WebEx. For more information regarding WebEx directory integration and authentication, refer to the WebEx Approaches to Single Sign-On Developer Technical Note, available at
http://developer.WebEx.com/c/document_library/get_file?folderId=11421&name=DLFE-213.pdf
For integrating directly with an organization's LDAP directory, Federated SSO with Security Assertion Markup Language (SAML) is the preferred approach. For more information regarding Federated SSO, refer to the WebEx Federated SSO Authentication Service Technical Overview, available at
http://developer.WebEx.com/c/document_library/get_file?folderId=11421&name=DLFE-201.pdf
Architecture
An organization's IT department needs to understand the architecture of the Cisco Collaboration cloud-based solution. In the traditional WebEx deployment model shown in Figure 22-2, all the content, voice, and video traffic from every client traverses the internet and is mixed and managed in the cloud at the WebEx data center. The WebEx data center is logically divided into the Meeting Zone and the Web Zone. The Web Zone is responsible for things that happen before and after a web meeting. It incorporates tasks such as scheduling, user management, billing, reporting, and streaming recordings. The Meeting Zone is responsible for switching the actual meeting once it is in progress between the endpoints.
Figure 22-2 Traditional WebEx Deployment
The Meeting Zone consists of two subsystems. Within the Meeting Zone there are collaboration bridges that switch meeting content. The multimedia platform is responsible for mixing all of the VoIP and video streams within a meeting. To join a WebEx session, an attendee first connects to the Web Zone. The Web Zone traffic flows only before or after the meeting, is relatively low bandwidth, and is mainly non-real time. The real-time meeting content share flows to and from the Meeting Zone and can be bandwidth intensive. Its real-time nature can place a heavy burden on enterprise access infrastructure. For further details regarding network traffic planning, see Capacity Planning.
By default, all WebEx meeting data is encrypted using 128-bit SSL encryption between the client and Cisco's Collaboration Cloud. SSL accelerators within the cloud decrypt the content sharing information and send it to a WebEx conference bridge that processes the content and sends it back through an SSL accelerator, where it is re-encrypted and sent back to the attendees. All Web Zone and Meeting Zone traffic is encrypted using 128-bit SSL where SSL accelerators are used to off-load the SSL function from the Web and Meeting Zone servers.
After the meeting ends, no session data is retained in the WebEx cloud or an attendee's computer. Only two types of data are retained on a long-term basis: billing and reporting information and optionally network based recordings, both of which are accessible only to authorized enterprise users.
Some limited caching of meeting data is carried out within the Meeting Zone, and this is done to ensure that users with connectivity issues or who may be joining the meeting after the start time receive a current fully synchronized version of the meeting content.
Independent third parties are used to conduct external audits covering both commercial and governmental security requirements, to ensure the WebEx cloud maintains its adherence to documented security best practices. WebEx performs an annual SAS-70 Type II audit in accordance with standards established by the AICPA, conducted by Pricewaterhouse Cooper. The controls audited against WebEx are based on ISO-17799 standards. This highly respected and recognized audit validates that WebEx services have been audited in-depth against control objectives and control activities (that often include controls over information technology and security related processes) with respect to handling and processing customer data.
For customers that require enhanced security, there is also an option to perform end-to-end 256 bit AES encryption for collaboration bridge and multimedia content so that traffic is never decrypted in the cloud. In addition, PKI identity validation support is optionally available to further enhance the end-to-end AES encryption. End-to-end encryption results in some lost features such as NBRs. For more information on enhanced WebEx security options, refer to the Security Overview of Cisco WebEx Solutions available at
http://static.WebEx.com/fileadmin/WebEx09/files_en_us/pdf/whitepapers/cwe_securityoverview.pdf
Note Enhanced WebEx security options are available only for Meeting Center meetings. The WebEx security options come at no additional cost.
Starting with Cisco WebEx release WBS27, an organization can optionally accelerate WebEx meeting traffic using the WebEx Node for Aggregation Services Router (ASR) 1000 Series. Using a WebEx Node for ASR (a blade installed in the router), key components from the cloud can be extended onto a platform that resides on-premises within the enterprise, as shown in Figure 22-3. This moves an instance of the collaboration bridge and the multimedia platform onto the ASR, which provides performance and bandwidth improvements over a pure cloud-based solution. This is a fully cascaded solution that allows attendees within the enterprise to connect to the Node and external attendees to connect to the cloud. Failover and overflow from the Node(s) to the cloud are fully supported and transparent in operation. The WebEx Node's operation is unapparent to both the user and the WebEx site administrator. The WebEx Node for ASR works with standalone WebEx SaaS accounts and with MeetingPlace 8.5 Audio on-premises.
Figure 22-3 WebEx Deployment with WebEx Node for ASR
When an attendee joins a WebEx meeting, the Web Zone in the WebEx cloud serves the client entry page and tells the WebEx client where to connect. The clients always get passed the list of cloud-based Meeting Zones available for the meeting, represented as URLs. If WebEx Nodes for ASR have been provisioned for the organization's WebEx site, the node hostnames are also included in the list of Meeting Zones. The clients then ping all of the cloud and on-premises resources to determine which Meeting Zone instance is closest in terms of latency. Because the on-premises nodes are available through the corporate network, they should respond first, and the on-premises client connect to these resources. Clients also connect to the node using 128 bit SSL encryption. The nodes provide support for Meeting Center, Event Center, Training Center, and Support Center.
Note When deployed in multimedia mode, the WebEx Node for ASR is capable of mixing VoIP (from the WebEx client itself) and webcam video. Mixed Mode Audio involves PSTN callers and is always mixed in the cloud.
Comparing Figure 22-3 with the traditional WebEx deployment model depicted in Figure 22-2 indicates that session initiation still takes place in the Web Zone within the cloud, but the enterprise WebEx clients are using a conference bridge or multimedia platform in the WebEx Node in an ASR on the enterprise network, which saves internet bandwidth and improves performance. The WebEx Node for ASR cascades control traffic and meeting content or VoIP and video content back to the cloud over an SSL tunnel. This allows external participants to access the meeting and to support network based recording (NBR). The SSL tunnel is built when the WebEx node is started and all the connections are made outbound from the enterprise to the WebEx cloud.
Note A WebEx Node for ASR can be configured to act as either a content bridge or a multimedia node, but it does not support both functions simultaneously. To support both data and multimedia acceleration, a minimum of two WebEx Node blades are required. These can be deployed in the same ASR chassis or different chassis. There is no limit on the number of Nodes that may be deployed within an enterprise network.
For further details regarding network traffic optimization using WebEx Node for ASR, see Capacity Planning.
There is also the potential to deploy the WebEx Node for ASR in a multi-tenant capacity, in which two businesses working closely together with staff working on each other's premises could have the other's WebEx site defined on their ASR Nodes. This means that, when staff for Enterprise B access their company's WebEx site through Enterprise A, they can use the local ASR Node to accelerate their meeting while saving bandwidth for Enterprise A. This feature can also benefit organizations that have multiple WebEx sites.
Starting with Cisco WebEx release WBS27-FR20, Meeting Center uses the H.264 AVC/SVC codec to provide High Quality Video for the conference. Higher network bandwidth is needed for those deployments. For further details regarding network traffic optimization for High Quality Video, see Capacity Planning.
Note Cisco TelePresence integrates with WebEx using OneTouch. For details on Cisco TelePresence WebEx OneTouch, refer to the documentation at http://www.cisco.com/en/US/solutions/ns669/webex_engage.html.
High Availability
The WebEx cloud itself has a very high level of redundancy and is managed by Cisco. With respect to a WebEx Node for ASR, if a Node fails or becomes congested, then user meetings re-connect to the cloud. When clients ping the Meeting Zone URLs, they do not get a response back from the ASR node, therefore they connect to another Meeting Zone. If there are active meetings on a node and the node goes offline, there is a copy of the content cached in the cloud even if all attendees are internal. The WebEx clients reconnect to an alternate Meeting Zone, and the meeting continues with no intervention by the users.
Capacity Planning
For a given customer, the actual number of concurrent meetings is essentially unlimited. Different WebEx conferencing types have different capacities with respect to number of attendees. For a detailed product comparison table, refer to the Cisco WebEx Web Conferencing Product Comparison, available at
http://www.cisco.com/en/US/prod/ps10352/product_comparison.html
The capacity of the WebEx Node for ASR depends on the function for which it is implemented. When deployed as a collaboration bridge (web conferencing), the Node supports up to 500 attendees. If a node reaches its maximum attendee limit, a WebEx client either uses an alternative on-premises node or overflows directly to the cloud. There is no limit to the number of ASR nodes deployed, and web conferencing can be cascaded across multiple nodes for redundancy and capacity.
The sizing for the WebEx Node for ASR when used to switch VoIP and video locally is slightly more complex because there are different video and VoIP traffic types that impact the performance of the node to a lesser or greater extent. To help with sizing the node for multimedia conferencing, there is a points system that starts with 11,600 points, and points are decremented from this total according to the type and number of streams that flow through the node. Table 22-3 lists the different types of VoIP and video, and the points they consume. As is the case with the web conferencing version of the node, if a multimedia node runs out of capacity, a WebEx client simply connects to another available ASR node or to the cloud. This alleviates capacity concerns during unexpected random busy periods that over-utilize a given node's capacity.
Active Video means that the active speaker will appear in the main video window, and other attendees will be shown as thumbnail images, with the following resolutions:
•360p: 640x360 resolution
•180p: 320x180 resolution
•90p: 160x90 resolution
Note Multi-point video points are deducted per attendee watching the video panel during a meeting. A maximum of 6 webcam video sessions can be displayed per WebEx client, but each attendee has control over which are shown.
Table 22-3 provides conservative estimates; however, it is difficult to predict usage precisely and to control user behavior. Cisco recommends provisioning enough resources to deal with the average load on the system, allowing for periods of peak usage to overflow to the cloud.
Network Traffic Planning
With the increased traffic out to the internet, it is important to consider network traffic planning. By evolving the WebEx architecture to include on-premises ASR nodes, performance can be optimized and significant savings in Internet access bandwidth can be achieved. Table 22-4 itemizes different traffic types that could load the enterprise network during a WebEx meeting. The only traffic type that is not native to WebEx is IP telephony, which might be used with either an on-premises or off-premises conferencing service integrated with WebEx.
How users actually use WebEx will make quite a bit of difference in the amount of traffic generated by the meeting. For example, if attendees use native presentation sharing (where the document is loaded to the WebEx site prior to sharing), it generates far less data than if they share their desktops. For a large enterprise, this can be important to understand to ensure correct traffic engineering, especially at the choke points in the network, such as the Internet access points. A preliminary estimate should be made around the average number of meetings to be hosted during the busy hour, along with the average number of attendees. Then, depending on the type and characteristics of these meetings, some projections on bandwidth requirements can be made. For more information regarding network traffic planning, please see the WebEx Network Bandwidth White Paper, available at
http://www.WebEx.com/pdf/wp_bandwidth.pdf
As discussed, the WebEx Node for ASR can be implemented to pull the collaboration bridge and the multimedia platform engine on-premises. To help quantify the impact of an ASR Node, Table 22-5 and Table 22-6 show some examples of theoretical bandwidth savings. In the examples, fairly large customer deployments have been assumed, each having 1,000 concurrent peak meeting attendees distributed across a number of separate meetings with two different average numbers of attendees for each example. Example 1 uses desktop sharing, while example 2 uses presentation sharing. Both examples result in large reductions in the WebEx traffic bandwidth across the organization's internet access pipes.
Note The example in Table 22-5 and Table 22-6 assumes that two WebEx Nodes for ASRs are deployed, one in collaboration bridge mode and one in multimedia mode.
Design Considerations
Observe the following design considerations when implementing a Cisco WebEx SaaS solution:
•Collaborative meeting systems typically result in increased top-of-the-hour call processing loads. Cisco partners and employees have access to capacity planning tools with parameters specific to collaborative meetings to help calculate the capacity of the Cisco Unified Communications System for large configurations. Contact your Cisco partner or Cisco Systems Engineer (SE) for assistance with sizing of your system. For Cisco partners and employees, the Cisco Unified Communications Sizing Tool is available at http://tools.cisco.com/cucst.
•The WebEx Node for ASR is typically located in a DMZ because it is serves as an extension of the WebEx cloud and is therefore managed from the cloud. However, there is no requirement for a DMZ, and the Node could be placed anywhere in the network. The WebEx cloud never makes any inbound connections to the Node; rather, secure connections are always initiated from the Node to the cloud on port 443.
•All connections from WebEx clients and WebEx Nodes are initiated out to the cloud. Typically, opening pinholes in network firewalls is not required as long as the firewalls allow intranet devices to initiate TCP connections to the Internet.
•If WebEx High Quality Video is integrated with a third-party audio bridge, video of the presenter will be displayed in the active speaker window rather than video of the active speaker on voice.
•For more details on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see Cisco Collaboration Clients and Applications.
Cisco Unified MeetingPlace
Cisco Unified MeetingPlace combines the benefits and capabilities of Cisco WebEx content sharing with the ability to host the audio and standards-based video portions of the collaboration meetings on-premises. Customers that have invested in Unified Communications solutions are able to leverage and extend their existing deployments to include audio and video conferencing using an all-SIP architecture. Unified MeetingPlace deployments vary depending on several options such as scalability, scheduling interface options, media resource options, and degree of high availability required. These options are discussed in more detail in this section.
There are two different deployment models available with Unified MeetingPlace architecture:
•Multinode Unified MeetingPlace Audio with WebEx Scheduling model for large, global enterprises:
–Provides scalability to 14,400 G.711 audio ports using multiple Conferencing Nodes
–Provides active/active resiliency for audio conferences
–Provides virtualization support on the Cisco UCS platform
–Provides enhanced WebEx integration features
–Provides optional support for WebEx Node for MCS or ASR 1000 for on-premises mixing of Web conferences for internal network users
–Provides user-based licensing for Active Users and hardware-based server capacity for ports
Note Multinode deployment support is available with Cisco Unified MeetingPlace 8.5 and later releases.
•Unified MeetingPlace Scheduling model:
–Available to installed base of Unified MeetingPlace customers only
–Available as audio/video only with no Web conferencing (no WebEx) to new or installed-base customers
–Provides continuous meetings with blast outdial
–Provides Cisco Unified Communications Manager Video Telephony ad-hoc support
–Provides scalability to a maximum of 1,200 audio ports with Cisco Unified MeetingPlace Express Media Server (EMS) or 2,000 audio ports with Hardware Media Server (HMS) using G.711
–Provides active/warm-standby resilience with manual failover
Note This chapter focuses on audio, video, and Web sharing solutions. However, Unified MeetingPlace also supports deployments utilizing audio only, or audio and video only.
This section covers system-level design guidance of a Cisco Unified MeetingPlace system in the Cisco Unified Communications environment. This chapter does not cover any hardware requirements or software component configurations of Unified MeetingPlace that are not related to system design. For information on these topics, refer to the Unified MeetingPlace product documentation available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/tsd_products_support_series_home.html
Note The implementation of any Cisco Unified MeetingPlace 8.x web conferencing solution requires the purchase of a WebEx site. The WebEx services are independent of Cisco Unified MeetingPlace licensing.
Unified MeetingPlace Architecture
This section provides a high-level overview of each Unified MeetingPlace component and its function in the solution.
Unified MeetingPlace Meeting Director Server
The Meeting Director node supports several functions for multinode deployments with a WebEx scheduling front end. This is a required component used to support multinode configurations only. The Meeting Director module includes a WebEx Telephony Service Provider (TSP) connection to the WebEx collaboration cloud for integration using outbound TCP 443 only for a two-way communication path for the audio commands. The Meeting Broker Director is responsible for distributing audio meetings between different conferencing nodes in a equal load sharing methodology. The Events Aggregator monitors conferencing node capacity and events happening in real time. UserSync is used to synchronize all profiles from WebEx Site if it is enabled.
A multinode system has one Primary Meeting Director node and one Secondary Meeting Director node for redundancy, which can be located in any customer data center behind a corporate firewall. If the Primary Meeting Director fails, the Secondary Meeting Director becomes active. Cisco recommends that you configure your Meeting Directors as regional masters and that you locate your Meeting Directors in different data centers to provide greater system resiliency.
A "combined node" provides both Meeting Director and conferencing functionality, and it is supported when there are fewer than four Conferencing Nodes in a system. With more than four Conferencing Nodes, both Meeting Directors must reside on a dedicated hardware server (Cisco MCS or UCS).
Unified MeetingPlace Application Server (Conferencing Node)
The Unified MeetingPlace solution centers around the Unified MeetingPlace Application Server, also referred to as a Conferencing node in a multinode configuration, which provides audio and video mixing functionality through SIP trunking from a Unified CM or Session Management Edition call control system. At least one conferencing node is required in order to host conferences. Additional conferencing nodes provide greater capacity and resiliency.
The Unified MeetingPlace Application server is installed on a Cisco Media Convergence Server (MCS) or Unified Computing System (UCS) platform running the Linux operating system and the IBM Informix Dynamic Server (IDS) database, and it acts as the audio/video conference node component that mixes audio and standards-based video conferences in an enterprise network. The Unified MeetingPlace Application server controls the media servers of the solution, and it communicates with the Unified MeetingPlace Meeting Director component in a multinode configuration. The Unified MeetingPlace Application server supports SIP back-to-back user agent (B2BUA) and sends/receives calls through a SIP trunk connection with Cisco Unified CM or Session Management Edition (SME) for call delivery for inbound and outbound callbacks. The Cisco Unified MeetingPlace Express Media Server is also an optional software component that can be installed co-resident on the Unified MeetingPlace Application server and it is the preferred media mixer for most customer scenarios. Optionally, the Hardware Media Server scales higher per node (maximum of 2,000 G.711 audio port per audio node).
Media Server
The Cisco Unified MeetingPlace Media Servers provide the audio and video conferencing functionality for the solution, and they come in two distinct options:
•Cisco Unified MeetingPlace Express Media Server (EMS)
•Hardware Media Server (HMS)
The Express Media Server is the preferred cost-effective option with Cisco Unified MeetingPlace, and it performs audio mixing and standards-based video switching in software that is co-resident on the Unified MeetingPlace Application Server. The EMS allows for a single-box software-only solution for a Cisco Unified MeetingPlace audio/video-only deployment, or it can be deployed in a multinode configuration. Media cannot be cascaded across EMS instances; therefore, the capacity of a Unified MeetingPlace EMS solution depends on the MCS or UCS platform on which it is installed, or whether you install multiple Unified MeetingPlace Application and Express Media servers for scalability in a multinode deployment. Scalability in a multinode deployment can provide a maximum of 14,400 G.711 ports and requires the use of a WebEx Scheduling model. There is no cascading capability across EMSs. Higher capacities per node are available from the HMS option and with the EMS multinode deployment option.
For ultimate capacity on Express Media Servers, G.711 audio-only provides the highest number of simultaneous ports for audio conferencing. If G.729 or G.722 audio codecs are needed, then capacity is much less. Also, if standards-based video mixing is used, again this lowers capacity depending on the type mixing and maximum bandwidth settings. For instance, a Cisco UCS B-Series Blade Server using G.711 audio-only can support a maximum of 1,200 ports. To enable maximum capacity, Cisco highly recommends providing network layer audio codec transcoding to G.711 in Cisco Integrated Services Routers (ISRs) for calls that transverse a WAN in G.729 or G.722 and terminate in a Unified MeetingPlace conferencing node or single system. For more information, see Capacity Planning.
A Hardware Media Server is a Cisco Unified MeetingPlace 3515 or 3545 outfitted with blades that are specific to the Unified MeetingPlace solution. There are audio blades and optionally standards-based video blades, both of which have on-board DSP resources to provide voice and video conferencing, respectively. The HMS is controlled by the Unified MeetingPlace Application server through SIP API and Unified MeetingPlace Media Control protocols. The HMS supports cascading of audio and video streams, therefore multiple HMS 3545 chassis can be deployed in a single location to achieve the capacity and high availability required. HMSs cannot be distributed throughout a network and must be located in the same data center as the Unified MeetingPlace Application server. HMS standards-based video provides "continuous presence," which is composed video with support for standard format up to 2 MB per video stream. HMS video also fully supports transcoding and transrating, important features in standards-based video to provide advanced video MCU functions. High definition formats are not currently supported, but HD video devices can join standard format meetings.
The Unified MeetingPlace Application server can be configured to use either the EMS or HMS, but the two cannot be used together in the same conferencing node. It is relatively easy to switch from one to the other, however. Use of either is transparent to the user except for differences in supported video formats and features such as active speaker or continuous presence, transrating, transcoding, video recording, video mute, or HD video capabilities. There are some major differences in features and capabilities between an EMS and HMS; therefore it is critical to review these differences before choosing between them. For more information, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html
WebEx Node for MCS or ASR (Optional Component)
The design of a Unified MeetingPlace solution is affected by the nature of the meetings to be hosted on the system. For example, is there a requirement for meetings to include only internal participants, or are external attendees also allowed? All web conferencing for the Unified MeetingPlace solution is provided by WebEx; however, the WebEx Node for MCS or WebEx Node for ASR 1000 optionally allows an organization to pull content sharing resources on-premises if required. If all meetings involve external participants or if the customer would prefer to use the WebEx Collaboration cloud only, then the WebEx Node for MCS or ASR 1000 is not required. However, if there is a requirement to have internal meetings where all the audio, video, and content sharing remains on-premises, the WebEx node for MCS should be deployed. The WebEx Node for ASR provides on-premises mixing for both internal web conference attendees and/or WebEx webcam high quality video (HQ Video). The node essentially extends the WebEx cloud's collaboration bridge technology into a customer's organization by using dedicated MCS or ASR 1000 hardware and WebEx software. It does have direct communication with the Unified MeetingPlace Application server; however, it is still operated and managed through the WebEx site administration, thus it requires connectivity to the internet so that the node can initiate outbound TCP port 443 SSL connections to the organization's WebEx site.
The WebEx client finds the WebEx Node for MCS in the same way it does for the WebEx Node for ASR. The WebEx node names are provisioned in the cloud, and after initial connection to the WebEx site, a list of Meeting Zone URLs is passed to the client from the meeting entry page. For internal-only meetings, only WebEx Node for MCS hostnames are passed to the client. This ensures that all users will be connected to WebEx Node for MCSs internally and no meeting information is cascaded to the Collaboration Cloud for that meeting. For external meetings on WebEx Node for ASR or MCS, there are cloud-based URLs and WebEx Node for MCS hostnames for profiled users, and only cloud-based URLs for external users (guests). The client then pings all the Meeting Zones and connects to the URL with the least amount of latency. This means that all WebEx Nodes for MCS load-share, and you cannot specify certain users to use certain servers. Most likely, users will be connected to the closest node, but that might not be the case depending on network situation and congestion. External meeting guest users are always connected to the Collaboration Cloud, and internal users are on the closest WebEx Node for MCS or ASR 1000. The WebEx Nodes for MCS or ASR 1000 and cloud users can see content shared by anyone with Sharing assignment during a meeting.
Note The WebEx Node for MCS and WebEx Node for ASR are different products. WebEx Node for MCS provides only collaboration bridge functionality (no multi-media) and is specific to the Unified MeetingPlace 8.x solution. It cannot be used for a WebEx SaaS implementation. For more information on WebEx Node for ASR, which provides on-premises mixing for both web meetings and HQ Video, see Cisco WebEx Software as a Service.
Note Internal meetings hosted on the WebEx Node for MCS support only Meeting Center meetings. Event Center and Training Center meeting traffic can be aggregated on the WebEx Node for MCS, but it can be designated only as an external meeting. Internal meetings do not support WebEx HQ Video nor Network Based Recordings (NBR) since both of these services are provided in the cloud. Only meetings scheduled as "external" provide both WebEx HQ Video and NBR recordings. NBR with WebEx Node for MCS is not supported for WebEx scheduling deployments but it is supported for MeetingPlace scheduling deployments.
Also, remember that the WebEx Node for MCS does not support HQ Video (webcam only) and WebEx VoIP switching. So unless WebEx webcam video is disabled for the site, it will propagate to the cloud and be switched there. Meetings scheduled as "internal" do not have a data connection to the WebEx collaboration cloud to get the webcam video, so users must schedule meetings as "external" to use both the bandwidth aggregation of the web conference and the webcam video mixed in the cloud. Customers should choose between using either Unified MeetingPlace standards-based video or WebEx HQ Video in the cloud. Additionally, WebEx Node for ASR can be deployed to provide bandwidth aggregation of both webex web conferencing meetings and WebEx HQ Video with webcam mixing on the ASR.
Customers can also choose to disable HQ Video for the WebEx site and instead use no video or Unified MeetingPlace standards-based video (H.323, SIP, and SCCP devices only) on native webcams.
WebEx Site
All Unified MeetingPlace 8.x web conferencing solutions require a WebEx site. A WebEx site for a given organization will have the format companyXYZ.WebEx.com. Enterprise customers may use Meeting Center only or a combination of all the WebEx centers, which is called Enterprise Edition and which supports Meeting Center (MC), Event Center (EC), Training Center (TC), and Support Center (SC). WebEx packages for Active Host, Named Host, Ports, or minutes are all supported with Cisco Unified MeetingPlace 8.5 and later releases, with or without WebEx Node.
Event Center and Training Center offer additional integration features. Event Center Audio Broadcast allows for efficient use of Unified MeetingPlace Audio. Only presenters in an event meeting are connected to the Unified MeetingPlace Audio system, and all participants (up to 3,000) join by means of a browser URL and can listen to the audio broadcast in streaming mode (not multicast). Unified MeetingPlace audio can support a maximum of 500 audio ports in a single large meeting with auto-mute if desired, but Cisco highly recommends using the Event Center Audio broadcast feature for large meetings for one-to-many functions. Training Center offers the use of audio/web breakout rooms and mute participants upon entry.
A single WebEx Site is tied to only one Unified MeetingPlace system. A Unified MeetingPlace system in the multinode deployment model requires using the WebEx Scheduling model only. Multiple WebEx Sites cannot be supported on one Unified MeetingPlace system, and multiple Unified MeetingPlace systems cannot be supported on one WebEx Site.
Cisco Unified MeetingPlace 8.5 and later releases with WebEx WBS27 FR 26 and above allow Unified MeetingPlace to be integrated without any need for provisioning. Existing WebEx customers that have this release can easily add Unified MeetingPlace Audio to their existing site without any provisioning requests or changes. In addition, this WebEx release also supports Dual Audio vendor, which will allow for either WebEx Audio and Unified MeetingPlace Audio on the same site or Unified MeetingPlace Audio and TSP Audio on the same site. There is an administrative portal to the WebEx site that is used to configure key parameters that tie the site to the Unified MeetingPlace deployment. For more information regarding the WebEx site configuration, refer to the Administration Documentation for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html
Note For Unified MeetingPlace audio/video-only deployments, a WebEx site is not required.
WebEx Site Dual Audio Support
A WebEx site using Release 27 FR26 or above supports a new feature called Dual Audio Vendor support. This feature allows for the following configurations and integrations:
•WebEx Audio/VoIP + Unified MeetingPlace audio
•TSP audio + Unified MeetingPlace audio
The Dual Audio Vendor feature enables existing WebEx sites with TSP Audio or WebEx Audio to configure Unified MeetingPlace Audio as well, and do a phased migration from one type to the other, which allows future meetings already scheduled with the first audio provider to still be used while all new future meetings start using Unified MeetingPlace Audio. This also allows different regions of the world to use different audio systems based on profile default settings. For example, Singapore can use WebEx Audio while all North America users are set to use Unified MeetingPlace Audio only.
In addition, profiles can be configured to offer both audio providers, and users must know how to schedule using each provider per meeting. Specific WebEx session types can also be configured to use one type of audio provider based on the meeting type scheduled.
Dual Audio Vendor support does not provide automatic overflow from one to the other or combining of both audio systems together.
Unified MeetingPlace Audio currently does not support "mixed" audio conferencing with the WebEx VoIP feature. So if customers want to use WebEx Audio with VoIP, this dual vendor audio support would have to be configured, and users would have to know to choose the WebEx Audio/VoIP option to use this function.
User Based Licensing
Starting with Cisco Unified MeetingPlace 8.5, a user-based licensing model is used. In previous versions of Unified MeetingPlace, ports-based licensing was used. A user-based licensing model allows customers to purchase systems based on the "active" users on the Unified MeetingPlace system. Active users are defined as a profiled account that schedules meetings or hosts meetings on Unified MeetingPlace. System reports are available for monitoring active usage to see if the system has exceeded the purchased user count. Also, a minor SNMP alarm is sent if the active user count is above licensed user count. In no way will Unified MeetingPlace block a conference call or profiled host from having a meeting. Customers may provision as many users as they need without any issues by using the various provisioning options available through WebEx or native to Unified MeetingPlace. The Unified MeetingPlace database will support a maximum of 400,000 profiles.
Note A user license (audio, web, or video) is not granted to any particular user but, rather, is a system-wide resource shared by all users in the Unified MeetingPlace system.
System capacity for the total number of audio callers connected simultaneously is dependant entirely on the hardware server model and number deployed. Peak usage and future growth both must be factored in when designing a Unified MeetingPlace on-premises solution. If you deploy two Cisco UCS B-Series Blade Servers or C210 Series Rack-Mount Servers with Unified MeetingPlace Application and EMS software, you will have 1,200 G.711 ports per server or 2,400 total ports or 1,200 redundant ports that all profiled users and guests can utilize. Conferencing nodes have active/active load sharing of all meetings. If one server is down, the calls on that server are dropped and users can immediately dial back in or use Callback from the WebEx meeting room user interface, and that meeting will be reestablished automatically on the other server (or the least busy server in the region). Unified MeetingPlace supports up to 14 conferencing nodes with a total of 14,400 G.711 ports. If G.729, G.722, and/or standards-based video is used, it will reduce these capacity numbers.
Unified MeetingPlace supports both scheduled and reservationless meetings. Reservationless meetings are audio only (or audio/video only if video is enabled).
Scheduling Interface
The Cisco Unified MeetingPlace solution offers two scheduling interface options:
•WebEx Scheduling Model using Productivity Tools, One Click, and WebEx scheduling interfaces
•Unified MeetingPlace Scheduling Model using Outlook, Lotus Notes, Conference Manager, or Web scheduling interfaces
In many cases, user familiarity with a particular interface will influence the decision of which option to choose. If users are currently using a WebEx SaaS deployment and simply want to pull audio/video resources on-premises, or if this is a new Unified MeetingPlace installation, Cisco recommends the WebEx scheduling deployment model. The WebEx Scheduling model is required for multinode deployments of Unified MeetingPlace 8.5 or later releases. However, if Unified MeetingPlace is currently deployed, it might be beneficial to maintain the same scheduling interface. While there are certainly differences, both have a web-based user scheduling portal and both have their own integrations with common calendaring systems (Outlook or Lotus Notes). Also, WebEx scheduling supports Enterprise Edition meetings (Meeting Center, Event Center, and Training Center sessions), while Unified MeetingPlace scheduling supports Meeting Center sessions only. The Unified MeetingPlace scheduling model is not available for new customers deploying Unified MeetingPlace 8.5.
WebEx Scheduling Deployment
WebEx supports two deployment models:
•Single-Site WebEx Scheduling Deployments
•Multisite WebEx Scheduling Deployment
The WebEx Scheduling deployment model supports Meeting Center only or WebEx Enterprise Edition (EE), which includes Meeting Center, Event Center, and Training Center session types, all of which can integrate to Unified MeetingPlace Audio. Only Meeting Center meetings are mixed both on WebEx Node for MCS and in the cloud (for guest users). Event Center and Training Center are always considered external meeting types, and internal users join the WebEx node for MCS or ASR or cloud for those session types.
WebEx Scheduling utilizes all the current WebEx Productivity Tools (see Cisco WebEx Software as a Service), and all audio and WebEx recordings for external meetings are stored in the WebEx Collaboration cloud under the Network Based Recording site per host account.
Single-Site WebEx Scheduling Deployments
With WebEx scheduling, there are no Unified MeetingPlace Web servers required, and the click-to-attend URL in a meeting invitation takes users directly to the WebEx site. Figure 22-4 illustrates a high-level view of a sample Unified MeetingPlace solution with WebEx scheduling, dual Express Media Servers with active/active redundancy, and a WebEx Node for MCS. The WebEx Node for MCS is optional (required for internal-only meeting, or ASR can also provide both Web and HQ Video bandwidth aggregation), and alternatively an HMS could be used in place of an EMS.
Figure 22-4 Unified MeetingPlace Single-Site Solution with WebEx Scheduling, EMS, and WebEx Node for MCS
Note If WebEx Node for MCS is deployed, then only external meetings can support Network Based Recordings and HQ Video webcams with WebEx scheduling.
WebEx Node for MCS or WebEx Node for ASR 1000 are optional, based on whether customer requirements detail bandwidth aggregation and/or use of "internal" meetings only is available. Because the audio conferencing is occurring on-premises while the web conferencing is occurring both in the cloud and on the WebEx Node, all meeting-related service requests are exchanged and processed via telephony service provider (TSP) application programming interface (API) communications with Unified MeetingPlace or the WebEx Node API to the cloud. This effectively ties the systems together and allows for in-meeting controls such as the ability to mute attendees or to see active speakers. This TSP link is established by the Meeting Director outbound to the cloud via a TLS encrypted dedicated socket connection on TCP port 443 to the customer WebEx site.
Network Requirements
This hybrid architecture does not require any "inbound" ports to be opened through the firewall. The Meeting Director TSP supports only SOCKS proxy servers (not HTTP or HTTPS proxy). The WebEx Node for MCS or ASR does not support any type of web proxy systems and must be allow TCP 443 outbound to the cloud if deployed. Users joining WebEx meetings also use TCP 443 outbound only through firewalls to the WebEx Collaboration Cloud. WebEx publishes the IP ranges required if firewall settings to limit internet access are necessary.
Cisco recommends a maximum latency between all components of 300 ms round-trip time (RTT), wherever components may be deployed in the enterprise network. Standard VoIP network best practices also apply to deploying Unified MeetingPlace on-premises conferencing resources. SIP trunking latency between Unified MeetingPlace conferencing nodes from/to Unified CM must adhere to this same standard for optimal conferencing performance.
For all network requirements, refer to the latest version of the System Requirements for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_device_support_tables_list.html
Multisite WebEx Scheduling Deployment
Multisite deployments consist of sites and regions. Conferencing nodes, Meeting Director nodes, and optionally WebEx nodes are installed in data centers based on customer requirements for both capacity resiliency.
Sites are logical groups of nodes that have similar functions and capabilities. For example, a site might contain nodes with high-definition video capabilities. Sites are identified by a unique name in the system and can belong to only one region. A site contains one to all of the nodes in a region. You can configure a preferred site to host all meetings for specific user profiles.
Regions are groups of one or more sites. Regions are identified by a unique name in your system. You can have up to four regions in your system, and regions are also used to assign time zones.
A multinode Unified MeetingPlace Audio system has the following capacities:
•14,400 G.711 audio ports
•16 Cisco Unified MeetingPlace application server nodes consisting of two Meeting Director nodes and 14 conferencing nodes (12 with 1,200 G.711 ports = 14,400 ports, and 2 extra conferencing nodes for resiliency is supported)
•1,200 ports per conferencing node (G.711) until the 14,400 limit is reached
•Maximum of four nodes per site
•Maximum of two sites per region (two sites with up to two nodes each, or one site with up to four nodes)
•Maximum of four regions
Note Capacities will be lower depending on G.729 or G.722 codec use, video use type, and bandwidth allowed.
WebEx Web Conferencing (required for scheduling and web conferencing) has the following capacities:
•14,400 Web sessions (cloud and/or nodes)
•2,000 internal Web sessions (using Cisco WebEx Node for MCS), consisting of up to 4 Cisco WebEx nodes with up to 500 sessions each
•Cisco WebEx Node for ASR supports:
–Web conferencing per Shared Port Adapter (SPA), with up to 500 sessions each
–HQ Video and VoIP per SPA (capacity based on usage)
Meetings are distributed evenly by configuring inbound SIP trunks to all Conferencing Nodes in a circular method in Unified CM or Session Management Edition. Callbacks initiated from within a WebEx meeting room are distributed by the Meeting Director who is monitoring all conferencing node traffic. The Meeting Director will start a new meeting on the least busy node in the region and based on the timezone of the host who scheduled that meeting. For inbound calls, the first person who joins the meeting will dictate which conferencing node they land on based on the SIP circular hunt mode. If that meeting ID is started on a different node within the same region or in a different region, a SIP Refer command will be initiated automatically to redirect that caller to the conferencing node where the host is assigned. All callers into the same meeting ID will be routed to one node in the system based on either timezone or the node on which the meeting was started by the first attendee. Thus, all users in the system will always dial their local Unified MeetingPlace dial-in numbers (or use callback) to join any meeting anywhere in the world. The SIP Refer will automatically redirect them to the proper node for that particular meeting, depending on the timezone of the host who scheduled that meeting. If a reservationless meeting ID is used, callbacks are distributed based again on the timezone where that host resides, but load sharing among multiple node is used for maximum capacity and resiliency.
Centralized Deployment Model with Multinode WebEx Scheduling
The example in Figure 22-5 consists of one region with active/active resiliency in a single site. This system requires two Cisco MCS or UCS servers to provide for two Meeting Director and/or EMS servers deployed in one sites and one region, which is a centralized deployment model. Scalability is 1,200 G.711 ports with active/active redundancy, and both servers equally share the meeting load from all timezones. Unified CM SIP trunk sizing needs to take into account only simultaneous peak SIP traffic, not 2,400 ports of SIP traffic. The Meeting Director is co-located with two different conferencing nodes. The 1,200 ports generally can support a ratio of 20 users to 1 port with typical conferencing usage patterns, so this configuration should be able to support a total of 24,000 users.
Figure 22-5 Unified MeetingPlace Multinode Deployment with WebEx Scheduling for One Region
Two-Region Multinode Unified MeetingPlace Deployment Model with Webex Scheduling
The example in Figure 22-6 consists of two regions in a globally distributed design with active/active resilience in each region. Also, data center sites are configured based on customer data center design. All conferencing nodes in a region are load-balanced, and nodes in different sites or regions can fail-over to other regions by means of administration settings.
This system requires four Cisco MCS or UCS servers to provide for two Meeting Director and/or EMS servers and two Conferencing Nodes in two sites and two regions. Scalability is 1,200 G.711 ports per region with active/active redundancy. Unified CM SIP trunk sizing needs to take into account only simultaneous peak SIP traffic, not 2,400 ports of SIP traffic. The Meeting Director is co-located with two different conferencing nodes and can be located in either data center depending on customer requirements.
Figure 22-6 Unified MeetingPlace Multinode Deployment with WebEx Scheduling for Two Regions
Unified MeetingPlace Multisite Solution with WebEx Scheduling and Three Regions
The example in Figure 22-7 consists of three regions in a globally distributed design with active/active resilience in each region. Also, separate data center sites are configured for site redundancy. All conferencing nodes in a region are load-balanced, and nodes in different sites or regions can fail-over to other regions by means of administration settings.
This system requires eight servers to provide for two Meeting Directors and six Conferencing Nodes. Scalability is 1,200 G.711 ports per region with active/active redundancy per region.
Figure 22-7 Unified MeetingPlace Multisite Solution with WebEx Scheduling for Three Regions
Video
There are two difference types of video available to customers:
•Unified MeetingPlace standards-based third-party room/desktop or Unified Communications Video (H.323, SIP, or SCCP)
•WebEx HQ Video for Meeting Center and Training Center using webcams only
Customers must choose between these two options because there is no interoperability available today between them. Do not enable both because doing so will cause confusion for end users.
With respect to standards-based Unified MeetingPlace video, when video is mixed by the Unified MeetingPlace components on-premises, the video is displayed on the standard room and desktop endpoints themselves. It is not seen in the WebEx video pod inside the web meeting, and Cisco recommends disabling the webcam HQ Video feature on the WebEx site, otherwise there could be a mix of video conferencing with endpoints and webcam video shown in the WebEx application with no tie between them. User-based licensing supports both audio and video usage on any Unified MeetingPlace system. Enabling video on Conferencing Nodes will affect capacity based on the video type and bandwidth used.
For information about standards-based video devices supported with Unified MeetingPlace, refer to the latest version of the Compatibility Matrix for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_device_support_tables_list.html
Alternatively, if no Unified MeetingPlace video conferencing is deployed, users could take advantage of the WebEx HQ/HD Video capabilities using pure webcams-only mixed in the cloud, or if WebEx Node for ASR with video Shared Port Adapter (SPA) is deployed, then bandwidth aggregation can occur on-premises. WebEx HQ/HD Video cannot be used if WebEx Node for MCS is deployed and users have scheduled meeting as "internal," where there is no data sharing connection to the cloud. If meetings are scheduled as "external," then users can see the webcam video and still be connected to the WebEx Node for MCS for web meeting bandwidth aggregation.
Unified Communications Client Services Framework (CSF) devices and Cisco Unified Video Advantage are both webcam-only or SCCP/SIP video standards-based devices. How the client joins a meeting and which video option is enabled will determine the video experience for the end user. (See Table 22-7.)
WebEx Owned Profile Management
There are two ways to configure profile management: WebEx Owned Profiles or Unified MeetingPlace Owned Profiles.
WebEx owned profile management allows for profiles to be provisioned in the following ways:
•Account sign-up (automatically approved or with system administrator approval required)
•Manual account creation
•Import periodically from Excel spreadsheet file
•Federated single sign-on (SSO) option (accounts automatically created upon login)
•WebEx XML API (custom account management)
With WebEx Owned Profile enabled, Unified MeetingPlace automatically synchronizes all user profiles from the cloud through the X.509 encrypted link and creates users on Unified MeetingPlace Conferencing nodes. Users can then use the Profile Number and PIN code to access the reservationless audio-only meetings.
Note The Profile Number is eight digits in length and is assigned randomly when the user profile is created. The PIN code can be created by the user upon first logging in to the WebEx site. Optionally, the Profile Number can also be customized by retrieving it from the LDAP directory through the WebEx XML API by using a custom code for mapping LDAP fields to WebEx Profile fields.
Unified MeetingPlace then accesses profiled user information through an XML API User Synch module to automatically configure all users on Unified MeetingPlace Conferencing Nodes. When installing the Meeting Director primary server (the first one in the installation cycle), you choose the WebEx Owned Profile setting and the system then operates automatically to synchronize user profiles from the cloud through an X.509 encrypted link.
When WebEx Owned Profiles is enabled, the Unified MeetingPlace system uses a Profile Number and PIN code, which users enter only for reservationless audio-only meetings. When the user profile is newly created, WebEx Site with Unified MeetingPlace will atomically assign a random Profile Number to that user. Upon first logging in to the WebEx Site, that user is prompted to configure a PIN code. If customers want a specific number to be assigned to the users based on an LDAP field, then the WebEx XML API must be used for provisioning a custom code that uses LDAP fields to map to WebEx profile fields. The Profile Number and PIN length requirements are set in the Unified MeetingPlace System Administration parameters. Profile Numbers can be 4 to 8 digits in length, and PIN codes can be 5 to 24 digits in length.
Note WebEx Owned Profile is mandatory in order to enable the optional WebEx Federated Authentication Service (FAS) LDAP capability. For more information on FAS, refer to the WebEx Federated SSO Authentication Service Technical Overview, available at http://developer.webex.com/c/document_library/get_file?groupId=10465&folderId=11421&name=DLFE-201.pdf.
WebEx XML API
If you want to control the creation of the MeetingPlace Profile ID with a field that exists in the LDAP profile, then you must write a script to call the WebEx XML APIs for User Service and Create Users functions. One of the parameters for this XML API is the Unified MeetingPlace profile number (mpProfileNumber) assignment. Unified MeetingPlace profile numbers must be between 4 digits and 8 digits in length. Unified MeetingPlace profile numbers are used only with audio-only meetings or reservationless meetings that are audio-only, where the host must log into meetings with this profile number that is the meeting ID and PIN code to start the meeting. All other callers are in a waiting room on Unified MeetingPlace until the host logs in and starts the meeting. Normal scheduled WebEx and Unified MeetingPlace combined meetings do not require the use of this profile number and PIN code to start them.
For more information on the XML API, refer to the Cisco WebEx Collaboration Cloud documentation available at
http://developer.webex.com/web/meetingservices/xmlapi
Unified MeetingPlace Owned Profile Management
Unified MeetingPlace Owned profile management is available only for existing customers that wish to retain the use of current profiles for use with WebEx. New customers will not be able to provision the WebEx site using the Unified MeetingPlace-to-WebEx SSO integration, which is supported only on installed systems already provisioned in this manner.
If there is no SSO enabled between Unified MeetingPlace and WebEx, all WebEx host accounts must be provisioned by manual export from Unified MeetingPlace to the WebEx site by an administrator (to be updated periodically), and all end-user authentication is provided by the local WebEx host account passwords. WebEx host accounts may also be requested via the WebEx Site and then exported into the Unified MeetingPlace system for profile management. The SSO option must be chosen when ordering the WebEx Site for integration with Unified MeetingPlace on-premises, and it is available only for existing customers who already have Unified MeetingPlace and WebEx installed.
Unified MeetingPlace Scheduling Deployment
The Unified MeetingPlace scheduling deployment option requires the use of two Unified MeetingPlace Web Servers, solely for scheduling and attending meetings. They do not provide any web conferencing functionality. Figure 22-8 illustrates a high-level view of a sample Unified MeetingPlace solution with Unified MeetingPlace scheduling and HMS. Alternatively, an EMS could be used in place of the HMS, and a WebEx Node for MCS is not depicted but could optionally be added as well.
Figure 22-8 Unified MeetingPlace Solution with Unified MeetingPlace Scheduling and HMS
With Unified MeetingPlace scheduling, when users select the click-to-attend URL in an invitation, they first connect with a Unified MeetingPlace Web server customer-configured URL (HTTPS option recommended). The Unified MeetingPlace Web servers immediately initiate a connection to the organization's WebEx site and create a meeting, and the WebEx site returns a join URL which the MeetingPlace Web servers pass onto the clients in the form of a redirect to the WebEx Media Tone Network via secure HTTPS. This redirect behavior is completely transparent to the user, and user authentication is performed solely by the on-premises Unified MeetingPlace system, which is required to enable the SSO capability. The use of the on-premises WebEx Node for MCS is also available for internal users.
When a Unified MeetingPlace profiled user schedules a WebEx meeting or accesses the My WebEx link from the Unified MeetingPlace web user interface, WebEx automatically creates the user account based on the Unified MeetingPlace user profile with the SSO option enabled. The Unified MeetingPlace profile could be either from the local Unified MeetingPlace userID and password or from LDAP integration with Unified CM, which is the most commonly used. Several Unified MeetingPlace user profile attributes are inherited by WebEx, including username, password, first name, last name, telephone number, and email address. Because a WebEx Site is dedicated to a specific customer and the WebEx user profile is based on the Unified MeetingPlace user profile, there should not be any user profile conflicts. No WebEx host accounts are created manually because the Unified MeetingPlace SSO integration provides this function via the WebEx TSP link. Passwords are not sent over the TSP Link to WebEx. WebEx will trust all internal user traffic redirected by the Unified MeetingPlace Web servers. Guest users do not use any passwords or authentication to join WebEx meetings (except the WebEx Meeting Password if configured).
Note Internal WebEx meetings can be recorded with Unified MeetingPlace scheduling, but this requires a WebEx Node for MCS to be deployed on-premises.
Cisco Unified Communications Manager
Cisco Unified Communications Manager (Unified CM) is also a central piece of the architecture, and it provides inbound and callback by means of SIP trunks. A SIP trunk is configured in Unified CM with a destination address of the Unified MeetingPlace Application server(s), and then a route pattern(s) must be used to route calls via the SIP trunk to Unified MeetingPlace. Typically there are three phone numbers that are sent in email notifications for use for dial-in capabilities: Toll free (optional), toll number, and internal Unified CM DN for abbreviated dialing for internal callers. In Unified MeetingPlace there is a separate configuration for callback or outdial feature support by means of SIP trunks to a primary Unified CM subscriber, and subsequent subscribers are used if the primary is not accepting calls due to various conditions. The IP addresses or hostnames of multiple Unified CM call processing subscribers are listed for outbound call delivery in a hunt mode.
It is imperative that the Unified CM servers be able to resolve all dial strings received from a callback request within a WebEx Meeting room after joining. Callbacks may also be disabled system-wide on the WebEx Site by means of Site Administration settings. Unified CM is also in control of all toll restrictions to various countries or other numbers most enterprises will block, because Unified MeetingPlace does not have any toll restriction blocking itself.
In a multinode deployment the Unified CM or Session Management Edition systems are a critical component supporting Unified MeetingPlace in geographically disbursed enterprises. Unified CM clusters with intercluster trunks (ICTs) are required to accommodate Unified MeetingPlace conferencing servers with their unique assigned dial-in numbers and to resolve all calls based on dial plans between sites and to the PSTN for guest or outside mobile users. Guest users can either dial in or use the WebEx callback feature within a meeting room after joining. Multinode Unified MeetingPlace conferencing nodes in a region are configured in a route group in a circular method, where all inbound calls are distributed evenly between all nodes. Callbacks are initiated by the Meeting Director, which chooses the least busy conference node per region based on the timezone of the host of that meeting. The SIP Refer command is used to send dial-in callers to the conferencing node chosen to host that meeting ID.
Additional guidelines for redundancy are described in the section on High Availability. Third-party PBXs can be integrated with Unified MeetingPlace through Unified CM only. For further details on PBX interoperability with Unified CM, refer to the documentation available at
Unified MeetingPlace supports receiving both Early Offer (EO) and Delayed Offer (DO) SIP Invite messages. Unified MeetingPlace initiates EO SIP Invites for outbound calls, and Unified CM sends calls to Unified MeetingPlace by using DO SIP invites. Unified CM can be configured to use EO, but this might require the use of a media termination point (MTP) resource. For more information, see SIP Delayed Offer and Early Offer.
Note For Unified MeetingPlace audio/video deployments involving the Express Media Server (EMS), Unified MeetingPlace also supports call delivery by means of a Cisco IOS SIP gateway or Cisco Unified Border Element. LDAP synchronization capabilities are lost with this deployment. For more information, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html.
Recording
Another criterion for choosing a deployment model is where customers prefer meeting recordings to be stored and accessed. Meeting participants can start audio-only recording via a voice user interface such as a telephone, or they can start audio and web recording from a WebEx meeting room. Audio recording invokes a call event from the WebEx Collaboration cloud to the Unified MeetingPlace Media server via the PSTN voice gateways. For the Unified MeetingPlace scheduling deployment model, the recorded meetings are available from the Unified MeetingPlace Web user interface to download and play back with a WebEx recording playback program. The internal Unified MeetingPlace web server (with optional SAN/NAS) stores recordings that are scheduled as internal meetings. All internal meeting recordings (WebEx audio recordings, audio-only, or audio/video recordings) are stored on-premises. Video recordings are available only with the Hardware Media Server option and the Unified MeetingPlace Scheduling option.
Unified MeetingPlace Scheduling uses the WebEx Network Based Recording (NBR) storage for all meetings that are scheduled as external meetings. However, users access these external recordings via the same method as internal recordings, but the files are simply stored in a different location.
All Unified MeetingPlace and WebEx recordings are played back via the standard NBR recording playback program provided by download to the local users' PCs. All files are editable as well by WebEx editing tools for NBR recordings.
Other Architectural Considerations
Some integration options available with a Unified MeetingPlace Scheduling deployment model may require additional integration servers. Outlook and Exchange calendaring integration is inherently built into the Unified MeetingPlace Application server. However, Lotus Notes integration requires additional software that is co-resident on the Internal Unified MeetingPlace Web server, but other integrations do not require the deployment of the Internal Unified Meeting Web server.
For more information on available Unified MeetingPlace integrations, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html
Deployment Options
The majority of Unified MeetingPlace deployments follow a single-site model. This section provides high-level details of each deployment option.
Single-Site Unified MeetingPlace Scheduling Deployment
This deployment model is for current customers who already have the Unified MeetingPlace Web components deployed. The other requirement for deploying this model include using the following features:
•Audio-only or audio/video-only deployments with no WebEx integration
–Primary/warm standby redundancy is available with this deployment.
•Continuous meetings with blast outdial for audio-only meetings
–Primary/warm standby redundancy is available with this deployment.
•Unified CM Video Telephony ad-hoc audio/video mixing for conference bridge resources
–Multiple instances of Unified MeetingPlace in ad-hoc mode can be used per Unified CM cluster. Each Unified CM cluster requires its own Unified MeetingPlace audio-only server(s).
–Multiple Unified MeetingPlace servers can be configured in hunt fashion on the conference bridge resource group configuration per cluster.
–Standards-based video will affect overall capacity, depending on the type and bandwidth of video setting on Unified MeetingPlace.
Most deployments use the single-site deployment model, with all server components and users located at a single site interconnected by a single LAN. Solution components vary as discussed in the section on Architecture. Single-site deployments have the following common characteristics:
•The Express Media Server is automatically co-located with the Application server. The optional Unified MeetingPlace Hardware Media Server(s) must be located in the same data center with the active Unified MeetingPlace Application server.
•Network Time Protocol (NTP) must be implemented to allow Unified MeetingPlace components to synchronize their clocks to a network time server or network-capable clock. NTP is a critical network service for Unified MeetingPlace because it ensures accurate time for scheduling meetings. The external NTP source can be specified during Unified MeetingPlace Application server installation, and other Unified MeetingPlace components will synchronize with the application server automatically.
•For existing customer installations only, Unified MeetingPlace Scheduling audio, video, and web recordings and meeting attachments can optionally be stored on an external customer-provided SAN/NAS storage server.
•For deployments with Unified MeetingPlace Scheduling, you must deploy a single Unified MeetingPlace Web server for internal users and a single Unified MeetingPlace Web server located in the DMZ for external participants.
•For deployments with Unified MeetingPlace Scheduling, the round-trip delay between the active Unified MeetingPlace Application server and any Unified MeetingPlace Web server(s) in the solution must not be greater than 150 ms.
•For deployments of WebEx Node for MCS, Cisco recommended placing it on the internal network closest to participants involved in meetings. WebEx Node for MCS does not support HTTPS Proxy servers, therefore it must route directly outbound using TCP port 443 to have access to the WebEx Site.
For a detailed list of incoming and outgoing ports by component, refer to the latest version of the System Requirements for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_device_support_tables_list.html
High Availability
This section describes redundancy considerations for the following Unified MeetingPlace components:
•Unified MeetingPlace Application Server
•Unified MeetingPlace Media Server (optional)
•Unified MeetingPlace Web Server
•WebEx Node for MCS
•Call Control
Unified MeetingPlace Application Server
Unified MeetingPlace in a multinode deployment with WebEx Scheduling automatically provides active/active resiliency, and customers can choose the level of redundancy per region and site. Regions can be configured to overflow to other regions if desired.
Unified MeetingPlace with the MeetingPlace Scheduling model allows for an active (primary) and a single warm standby Unified MeetingPlace Application server for failover. Each Unified MeetingPlace Application server in a failover deployment is configured with the same IP address associated to its physical network interface controller (NIC) and a unique IP address associated to a virtual network interface. The requirement for both Unified MeetingPlace Application servers to share the same IP address mandates both Application servers to be connected to the same virtual LAN (VLAN) or IP subnet. This is not an issue when both servers are placed in a single data center; however, a dual data center design is supported only if the same VLAN (IP subnet) spans both data centers. All Unified MeetingPlace components as well as Unified CM communicate with this shared IP address. The physical NIC (with the shared IP address) of the standby server remains disabled until the primary server fails and the manual failover process is initiated by IT personnel.
For network requirements in deploying either multinode or a standby server, refer to the failover information in the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html
The virtual network interface is used for Informix database replication between the primary and standby servers. The database replication ensures that database tables related to users, groups, and meetings are synchronized between primary and standby servers. Cisco recommends placing the virtual network interfaces of the active and standby servers in the same VLAN. For further information regarding Unified MeetingPlace Application server redundancy, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html
Another key requirement for a Unified MeetingPlace solution is that the active Unified MeetingPlace Application server must be co-located with the active Unified MeetingPlace Media server(s). Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, failover to the standby Unified MeetingPlace Application server results in using EMS capabilities on the standby. In the case of Hardware Media Servers, there are some considerations when looking at single data center designs compared to dual data center designs.
Single Data Center Design
In a single data center design, multinode resiliency is automatically available in an active/active mode, and meetings are evenly distributed by the Meeting Director component between both nodes. If failure occurs on one conferencing node, calls will be dropped, and when users dial back into that same meeting ID or use the WebEx Callback feature in the meeting room GUI, then those meetings are automatically established on another node in that region or they overflow to another region if configured. Up to four conferencing nodes per site may be deployed.
With the Unified MeetingPlace Scheduling model, failover of the Unified MeetingPlace Application server occurs within the same geographic location. For this type of deployment, there would typically be one set of Unified MeetingPlace Hardware Media servers shared by the primary and standby Unified MeetingPlace Application servers. If the primary Unified MeetingPlace Application server fails, the Unified MeetingPlace Media server(s) must be synchronized with the standby (now primary) server. Unified MeetingPlace Web server(s) would also be shared for a Unified MeetingPlace scheduling deployment. Figure 22-9 illustrates the failover process for the Unified MP Application server in a single data center deployment.
Note For highly redundant solutions, it is also possible to have a set of standby Unified MeetingPlace Media servers and Web Collaboration servers in a single data center. Unified MeetingPlace Web servers cannot be made redundant with Unified MeetingPlace 8.x systems. The WebEx Scheduling Deployment model offers a more reliable redundant deployment model.
Figure 22-9 Failover of a Unified MeetingPlace Application Server in a Single Data Center Deployment
Dual Data Center Design
In a dual data center design, the WebEx Scheduling model with multinode conferencing nodes provides active/active failover per region, or overflow to other regions can be configured as well. Four regions with two sites per region is supported with a maximum of 14 conferencing nodes deployed for active/active load sharing in multiple data centers, based on customer requirements. If a conferencing node fails, audio calls are dropped, and when users call back in or use the WebEx Callback GUI feature from within the meeting room, the meetings are automatically started on an active node with capacity. All conferencing nodes within a region can be used to distribute calls, and overflow to another region is based on optional system administration settings.
With the Unified MeetingPlace Scheduling model, failover of the Unified MeetingPlace Application server occurs between different geographic locations across an IP WAN. Again, although both servers are separated geographically, both the active and standby Application servers must be connected to the same VLAN to ensure proper failover operation. For this type of deployment, the standby Application server must be co-located with a redundant Unified MeetingPlace Hardware Media server(s) with which it is synchronized. If the identical number of Unified MeetingPlace Media server audio and video blades is not maintained in the standby data center, system capacity will be reduced during failover scenarios where the standby Application server is promoted to active.
Unified MeetingPlace Media Server
Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, in a multinode deployment model, any conferencing node in a region can be used for taking those additional meetings. A maximum of four servers per site, two sites per region, and four regions may be deployed for a globally distributed architecture.
Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, failover to the standby Application server will result in using EMS capabilities on the standby. EMSs do not support cascading or clustering to other EMS instances. A maximum of one primary and one failover Unified MeetingPlace Application and EMS server is supported with Unified MeetingPlace solutions with either Unified MeetingPlace Scheduling or WebEx Scheduling deployment models. Active RSNA failover is not supported with any WebEx integrations (only standalone audio/video deployments).
The Unified MeetingPlace Application Server automatically performs failover to alternate HMSs (audio or video blades) in the system. For example, if the Application Server detects a loss of connectivity with an audio blade, it removes it from the list of active audio blades so that subsequent audio sessions will connect to an active audio blade. To avoid reduction in Unified MeetingPlace Media Server capacity during an audio or video blade outage, one option is to add additional HMS audio and video blades to the solution. The Application Server will not exceed the number of sessions for which it is licensed. Another option is to revert to the standby Unified MeetingPlace Application Server with its own set of HMSs (as in a dual data center design). These two options are not mutually exclusive; a standby Unified MeetingPlace Application Server with its own set of HMSs can gain further redundancy by adding more audio or video blades.
For further information regarding Hardware Media Server failover, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html
Unified MeetingPlace Web Server
The Unified MeetingPlace Scheduling model uses only one Web server with audio-only configuration for recordings and/or the Web scheduling interface. For existing customers using WebEx Integration to migrate to Unified MeetingPlace 8.5 (or later release) and still using the Unified MeetingPlace Scheduling model, then use an additional Web server deployed in a DMZ. Each Cisco Unified MeetingPlace system can have a maximum of one internal Web server and one Web server in the DMZ if using WebEx Integration only. There are no redundancy options for these servers. Unified MeetingPlace Web servers are implemented only for solutions incorporating the Unified MeetingPlace scheduling interface. The Unified MeetingPlace Lotus Notes or Jabber integration also cannot be made redundant.
WebEx Node for MCS or ASR
A Unified MeetingPlace solution supports unlimited nodes if WebEx Node for ASR is used, but the maximum number of supported WebEx Nodes for MCS depends on the deployment options. For a single Unified MeetingPlace Application server deployment, the solution supports a maximum of three WebEx Nodes for MCS. For a multi-node deployment with WebEx scheduling, the solution supports a maximum of four WebEx Nodes for MCS. Cascading meetings are supported across the WebEx Nodes for MCS and out to the WebEx Collaboration cloud. WebEx Nodes for MCS or ASR will each automatically provide a level of redundancy in case of a single node outage. After receiving a list of Meeting Zone URLs, the client then pings all the Meeting Zones URLs to determine the closest node. If a node does not respond, no clients will connect to this node. All internal users (even those that use VPN from remote locations) can connect to any of the WebEx Node for MCS servers.
If the WebEx Node for MCS or ASR that is hosting a meeting becomes unavailable, the next available WebEx Node for MCS or ASR automatically takes over. Any sharing and recordings will be stopped, and users will have to restart sharing and recording the meetings. When a customer has multiple WebEx Nodes for MCS or ASR active within a meeting with a subset of users on each node, content is cascaded between the WebEx Nodes for MCS or ASR. When there are three or more WebEx Nodes for MCS active in the same meeting, the cascade appears as a star with the WebEx Node for MCS that the host is on at its center. If a node fails, the clients automatically rejoin other nodes using the list presented to the client from WebEx within the client entry meeting window, with little or no effect to the end user. External scheduled meetings also allow for internal users to connect to the WebEx cloud as well, while internal scheduled meetings always stay internal on other redundant WebEx nodes (which can be distributed or co-located, depending on customer network design requirements). Audio calls remain intact on the Unified MeetingPlace system on-premises.
For more information on redundancy within the WebEx cloud, see High Availability.
Call Control
Unified MeetingPlace allows you to define multiple SIP outdial connections that point to Cisco Unified CM call processing subscribers. For redundancy, multiple SIP proxy servers should be configured to direct calls to call processing subscribers in the Unified CM cluster. These call processing subscribers should correlate with the Unified CM Group of the configured SIP trunk for Unified MeetingPlace calls in Unified CM. Note that the Unified MeetingPlace Application server will send outbound calls to SIP proxy server 1 only and will not send calls to SIP proxy server 2 unless communication with SIP proxy server 1 is lost. Only then will Unified MeetingPlace send a SIP INVITE message to the next available call processing agent in the list. Failure of the call processing agent should not affect existing calls. The existing media connection is torn down after the user disconnects.
Note The term SIP Proxy Server is simply the terminology seen on the Unified MeetingPlace Application Server configuration pages, and it does not imply that integration with any SIP Proxy server is supported.
For inbound calls, a single configured SIP trunk in Unified CM can be handled by up to three call processing subscribers found in its configured Unified CM Group. If the primary Unified CM call processing subscriber in the Unified CM Group is offline, the second one will take over initiating calls into the Unified MeetingPlace system. For more information, see Cisco Unified CM Trunks. For Unified MeetingPlace scheduling deployments with EMS, multiple Cisco IOS SIP gateways are required to provide redundancy for call delivery.
Capacity Planning
The capacity of a given Unified MeetingPlace solution depends on the design of the Cisco Unified Communications system (for example, audio codecs or video format used in conferencing) and the platform selected to run the Unified MeetingPlace solution components. For details, see the sizing information in the section on Collaborative Conferencing.
Network Traffic Planning
Network traffic planning for Unified MeetingPlace collaboration consists of the following elements:
•Call Control Bandwidth
Call control bandwidth is extremely small but critical. Co-locating the Unified MeetingPlace Application server with Unified CM helps protect against issues with call control. Remote locations need proper QoS provisioning to ensure reliable operation.
•Real-Time Transport Protocol (RTP) Traffic Bandwidth
RTP traffic consists of voice and video traffic. The Unified MeetingPlace Media servers supports G.711, G.729, G.722, and iLBC as audio codecs, and it supports a wide range of video codecs and bandwidths. For further information regarding bandwidth calculations per codec type, refer to the chapters on Network Infrastructure, and IP Video Telephony.
•Web Collaboration Bandwidth
Web collaboration bandwidth for a Unified MeetingPlace solution can be estimated the same way as for a WebEx SaaS solution. See Network Traffic Planning.
Design Considerations
The following design considerations apply to Unified MeetingPlace deployments:
•Only a single Unified MeetingPlace system is supported per WebEx site.
•For scenarios where any Unified MeetingPlace solution components are separated by network firewalls, it is imperative to ensure the correct pinholes are opened for all required traffic. For a detailed ports list, refer to the network requirements information in the latest version of the System Requirements for Cisco Unified MeetingPlace, available at
http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_device_support_tables_list.html
•Collaborative meeting systems typically result in increased top-of-the-hour call processing load. Capacity planning tools with specific parameters for Unified MeetingPlace are available to Cisco partners and employees to help calculate the capacity of the Cisco Unified Communications System for large configurations. Contact your Cisco partner or Cisco Systems Engineer (SE) for assistance with sizing of your system. For Cisco partners and employees, the Cisco Unified Communications Sizing Tool is available at http://tools.cisco.com/cucst.
•For more detail on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see Cisco Collaboration Clients and Applications.
•Call admission control with Unified MeetingPlace is performed by Unified CM. With locations-based call admission control, Unified CM can control bandwidth to the Unified MeetingPlace system by placing the SIP trunk specific to Unified MeetingPlace in a location with a set amount audio and/or video bandwidth allowed. Alternatively, Unified CM supports the use of Resource Reservation Protocol (RSVP), which can also provide call admission control. For further information regarding call admission control strategies, see the chapter on Call Admission Control.
•Unified MeetingPlace supports the following standard dual-tone multi-frequency (DTMF) transmission methods: RFC 2833 and KPML DTMF. Unified CM supports RFC 2833, and it is the recommended method for DTMF Relay.
•SIP signaling traffic from the Unified MeetingPlace Application server is marked CS3 (DSCP 0x18). However other traffic from the Unified MeetingPlace Application server, such as communications with Unified MeetingPlace Web servers, Media Servers, or the WebEx Site, are marked best-effort (DSCP 0x00). If any of this traffic is traversing low-speed or congested links, QoS considerations should be taken into account.
•The audio streams from the Unified MeetingPlace Media servers are marked EF (DSCP 0x2E), and the video streams are marked AF41 (DSCP 0x22) by default. These values are configurable from Unified MeetingPlace Administration.
•Web conferencing traffic is encrypted in SSL and is always marked best-effort (DSCP 0x00).
•The Unified MeetingPlace Meeting Director TSP component initiates dual outbound TCP port 443 connections to the WebEx Site and also provides SOCKS proxy server support.
•The Unified MeetingPlace WebEx Node for MCS or ASR initiates an outbound TCP port 443 connection to the WebEx Site but does not support any HTTPS proxy server. The WebEx Node for MCS or ASR must be allowed to connect directly to the WebEx Site without a proxy.
Cisco Unified Videoconferencing
As video is more widely deployed, meetings with video for the conference become more common. Cisco Multipoint Control Units (MCUs) are used for videoconferencing. Cisco Unified CM can enable IP phones and endpoints registered to it to use MCUs for videoconferencing. However, conferencing can also mean that users not only want to use voice and video conferencing but also want to have the ability to share desktop screens or applications on their desktops so as to enable collaboration.
Various solutions provide this functionality, and a Cisco Unified Videoconferencing solution provides the following key features:
•Audio conferences
•High resolution for video conferences
•Sharing of user desktops and applications using H.239 protocol
•Sharing of user desktops and applications with Web-based lightweight clients
•Conference control as moderator
•External participants from untrusted networks across firewalls and NAT
The Cisco Unified Videoconferencing collaboration solution consists of the following elements:
•Multipoint Control Unit (MCU)
The MCU is the conferencing device that receives the audio and video streams from IP phones or endpoints and mixes them to form the conference. The MCU uses its DSPs to perform this function. MCUs support various call signaling protocols such as Skinny Client Control Protocol (SCCP), H.323, or SIP. IP phones and endpoints use various signaling protocols to terminate calls at the MCU with the help of call control servers such as Unified CM.
•Cisco Unified Videoconferencing Manager
The Cisco Unified Videoconferencing Manager is a server that helps to manage the various video resources and MCUs in the enterprise. It provides the H.323 gatekeeper functionality. The Cisco Unified Videoconferencing Manager consists of two parts:
–Resource Manager
The Resource Manager manages resources such as Cisco MCUs, Cisco gatekeepers, H.320 gateways, terminals, and Cisco Unified Videoconferencing Desktop server connections. It also manages the meeting defaults on the MCU. The Cisco Unified Videoconferencing Manager provides the virtual MCU functionality that externally appears as a single MCU and internally uses cascading of the MCUs based on optimization criteria such as location, bandwidth, or delay to automatically manage the MCU ports and conferences. This provides optimum use of MCU ports that otherwise might be under-utilized by the organization. The Resource Manager also provides the scheduling intelligence so that resources like MCU ports can be reserved.
–Network Manager
The Network Manager manages the configuration of the various devices such as Cisco gatekeepers and endpoint terminals. It provides administrators with a tool to monitor device alarms and the status of calls or conferences.
•Cisco Unified Videoconferencing Desktop Server
The Cisco Unified Videoconferencing Desktop Server provides the functionality for Web-based users to participate in an H.323 video conference. The desktop clients communicate with the Desktop Server, and the Desktop Server communicates with the Cisco Unified Videoconferencing Manager for call signaling and with the MCU for the call and conference media. The Desktop Server provides interworking from the desktop client to H.239, and vice-versa. The Desktop Server also can stream conferences that can be viewed through Quicktime.
•Cisco Unified Videoconferencing Recording Server
The Cisco Unified Videoconferencing Recording Server records the meetings. It provides a mechanism for the enterprise to store and access recorded meetings. In a single screen view, the recordings capture the audio, video, and desktop or application sharing done during the meetings.
•H.239-based data sharing
H.323 endpoints support H.239 for data sharing. With this mechanism, endpoints use H.323 calls to add a media channel in addition to audio and video. This additional channel then is used by the endpoint to send data. Laptop or desktop screens connected to the endpoint then encode a VGA screen resolution, for example, into a video codec and send it over this data channel to be displayed at the far-end endpoint display. Unlike most conference collaboration methods, the desktop or application shared data is sent in a media channel that forms part of the video call.
Architecture
The central element in a videoconferencing design is the MCU, and it performs the actual conferencing. The MCU consists of a conference control block that interacts with a multipoint controller for signaling and a multipoint processor for audio and video mixing, as shown in Figure 22-10.
Figure 22-10 Functional Components of an MCU
Conferences can be cascaded between MCUs. When participants are added to a conference but one MCU does not have the capacity for all of them, another MCU can be used to expand the conference. The two MCUs have a cascade link that enables the conference to be on both the MCUs, as shown in Figure 22-11.
Figure 22-11 Cascaded MCU Conference
With H.323 endpoints, a separate gatekeeper device such as a Cisco IOS gatekeeper is needed so that H.323 endpoints can register to it. The Unified CM trunks can then provide the call routing based on the dial plan. Unified CM H.323 trunks can send conference calls to the gatekeeper, which in turn can route the calls to the Cisco Unified Videoconferencing Manager.
Note SIP-based desktop sharing, similar to H.239, is supported by Binary Flow Control Protocol (BFCP). However, Cisco Unified Videoconferencing Manager and Unified Videoconferencing MCUs do not support BFCP, therefore Cisco does not recommend using Unified CM SIP trunks for integrating with Unified Videoconferencing Manager if data sharing capabilities are desired for conference collaboration.
The Unified Videoconferencing Manager is used to manage the MCUs and to provide call connectivity to desktop clients that use the Cisco Unified Videoconferencing Desktop server. Figure 22-12 shows various components of a videoconferencing solution and how they connect with each other.
Figure 22-12 Cisco Unified Videoconferencing Solution
The MCU handles the media for the conference. With H.239, the endpoints send an additional media channel over which desktop or screen sharing can be sent into the conference and can be viewed by all participants on their endpoint screens. The Cisco Unified Videoconferencing Manager controls the MCU and the calls that are conferenced by the MCU. The MCUs can register to the internal gatekeeper in the Cisco Unified Videoconferencing Manager; this enables the Cisco Unified Videoconferencing Manager to closely control the MCU and the meetings on it.
The Cisco Unified Videoconferencing Manager has the enterprise user database. The users can be configured in the Cisco Unified Videoconferencing Manager or can be imported from the enterprise LDAP directory through LDAP integration. Users can then schedule their meetings through the scheduling functionality available in the Cisco Unified Videoconferencing Manager. Scheduling a meeting also reserves the MCU ports for the conference.
The Cisco Unified Videoconferencing Desktop server registers to the Cisco Unified Videoconferencing Manager gatekeeper as an H.323 endpoint. This enables the Desktop server to participate in the conferences on the MCU. When a desktop joins with the conference client, the desktop initiates a call to the MCU as a conference participant, thus enabling the desktop to participate in the call with desktop audio, video, and presentation sharing. While the desktop simulates an H.323 client to the MCU and the Cisco Unified Videoconferencing Manager, the desktop communicates over HTTP/HTTPS with the Desktop server. Every additional desktop adds another call into the MCU, thus using its port resources. The Desktop server in this case converts the HTTP/HTTPS connection from the desktop into an H.323 call to the MCU, with H.239 for the additional data channel.
Users can also use streaming with Real Time Streaming Protocol (RTSP) to participate in the conferences. Unlike the desktop, where users can participate with audio and video and can share their desktops, streaming provides users with the ability only to view the conference; they cannot participate in the conference or speak on the conference bridge. Streaming can be done through a common media player on the user's PC. Streaming of a conference causes the Desktop server to join the conference on the MCU, and it uses only a single MCU port regardless of the number of users listening into the streaming conference.
Integrating Unified Communications provides the enterprise with a way to bring together the videoconferencing network and the IP video telephony network. The Cisco Unified Videoconferencing Manager is an H.323 gatekeeper that can connect to Unified CM or other systems using H.323 trunks. The gatekeeper supports Empty Capabilities Set (ECS) to service the supplementary services invoked by the Unified Communications endpoints. Connectivity to external networks can be done using Cisco Unified Border Element as the topology-hiding gateway between the two.
The Desktop server can also be the Recording server. Recording of the conference uses the conference moderator's desktop to record the desktop or application sharing as well as the audio and video for the conference.
Integrating Cisco Unified Videoconferencing with WebEx is also possible. Deployments that want to use standards-based video through the enterprise room conferencing systems or devices that can make H.323, SIP, or ISDN-based video calls will find this integration useful. Also, enterprises that wish to keep the audio and video conferencing within the enterprise network for WebEx conferences can use this integration.
The WebEx conference uses the cloud to provide the desktop and the data sharing capabilities, while the audio and video are handled by the MCU and the Cisco Unified Videoconferencing Desktop server, which provides the desktop client as the video panel in the WebEx conference.
For key design considerations and additional details on how to integrate the solution, refer to the latest version of the Integration Note for Enabling Cisco Unified Videoconferencing Manager and Cisco WebEx, available at
http://www.cisco.com/en/US/products/ps7088/prod_installation_guides_list.html
High Availability
Enterprise systems must be highly available, and in a videoconferencing solution, all components should be highly available.
For high availability of the Cisco IOS gatekeeper, you can use HSRP or gatekeeper clustering. The gatekeeper is a Cisco IOS router that runs the gatekeeper functionality, and endpoints register to this device.
Hot Standby Router Protocol (HSRP)
Cisco IOS routers support Hot Standby Router Protocol (HSRP), which provides a single virtual address for redundant devices. If the active device becomes unavailable, the standby device can take over the function. The two devices must have identical configurations. Endpoints reregister to the available gatekeeper and process calls.
For additional information on HSRP for gatekeepers, refer to H.323 VoIP Gatekeeper for Cisco Access Platforms, available at
http://www.cisco.com/en/US/docs/routers/access/as5300/software/notes/0042gk.html
Gatekeeper Update Protocol (GUP)
Multiple Cisco IOS gatekeepers can be clustered together into a large single cluster. Elements in the cluster then exchange information on the endpoint registrations and calls. This provides failover for registrations as well as for active calls. However, endpoints and trunks that register to the gatekeeper cluster must support alternate gatekeeper functionality.
Cisco Unified Videoconferencing Manager
The Cisco Unified Videoconferencing Manager supports high availability with the help of an additional identical server. The primary server's IP address is used by the standby device but remains inactive. The Cisco Unified Videoconferencing Manager uses a second network connection to synchronize the databases with configuration and scheduling updates. If the primary server fails, the secondary server can be made active manually by enabling the services on it. The synchronization of the databases reduces the loss of scheduling and the overhead for restoring configurations.
Figure 22-13 shows the server with two networks: one for database replication that synchronizes the server database, and the other for enterprise connectivity.
Figure 22-13 Cisco Unified Videoconferencing Manager Redundancy
For additional details on high availability and redundancy, refer to the latest version of the Configuration Guide for Cisco Unified Videoconferencing Manager, available at
http://www.cisco.com/en/US/products/ps7088/products_installation_and_configuration_guides_list.html
MCU
To provide high availability for MCU devices, identical MCU ports must be made available. However, just providing for the MCU ports might not provide high availability for conference resources. The Virtual MCU provides the needed high availability because the Virtual MCU is managed by Cisco Unified Videoconferencing Manager. It automatically provides the needed ports for the conference, based on the available MCU capacities. If the MCUs have the service prefixes configured (service prefixes are used by the MCUs to convey the conference capabilities of the MCUs to Cisco Unified Videoconferencing Manager), then Cisco Unified Videoconferencing Manager extends the conference to the available MCUs in the event of MCU failures. Users on the failed MCU have to reconnect to join and participate in the conference again.
Cisco Unified Videoconferencing Desktop Server
The desktop server redundancy is provided by having separate servers. The servers are registered with the Cisco Unified Videoconferencing Manager running its gatekeeper. If a desktop server fails, users can be redirected to the next available desktop server. Because the conference is managed by the Cisco Unified Videoconferencing Manager and is on the MCU, existing users in the conference will have to join again to continue the conference. Desktop sharing will have to be restarted because the desktop server does not support high availability for data sharing. Endpoints that were sharing their desktops using H.239 will experience no impact due to Cisco Unified Videoconferencing Desktop failures. Streaming conferences will have the same experience as desktop clients because they use the same server for both functions.
Cisco Unified Videoconferencing Recording Server
Support for high availability is not available with the recording server. If the desktop server is not available, recording cannot happen. If a secondary desktop server is used, recording can be done thorough this server if that functionality is enabled. However, to provide high availability for recorded conferences, Cisco recommends storing the recording on a highly available network storage device, accessible by the recording servers.
Capacity Planning
The gatekeeper supports a large number of endpoint registrations and calls. The Cisco Unified Communications Sizing Tool calculates gatekeeper capacity based on the gatekeeper platform. The sizing tool is available to Cisco partners and employees (with valid login authentication) at http://tools.cisco.com/cucst.
For MCU capacities, refer to the product data sheets available at the following locations:
•http://www.cisco.com/en/US/products/ps10463/products_data_sheets_list.html
•https://www.cisco.com/en/US/products/hw/video/ps1870/products_data_sheets_list.html
Note MCU cascading takes up one port per blade or device, as applicable.
For Cisco Unified Videoconferencing Manager capacities with regard to the number of MCU ports and other server capacities, refer to Cisco Unified Videoconferencing Manager data sheet available at
http://www.cisco.com/en/US/products/ps7088/products_data_sheets_list.html
Design Considerations
The following design considerations can help to build a good Cisco Unified Videoconferencing solution:
•The MCU is a key element, and the physical location of the MCU is a key design consideration. The MCUs should be at the locations with the most conferencing traffic. This optimizes the conference by keeping most of the media traffic within the same location, with only a few additional participants joining over the WAN from other locations. Central locations should have a pool of MCUs that can cascade conferences.
•Cisco Unified Videoconferencing Manager should be deployed with server redundancy. The server redundancy should have database synchronization enabled to minimize the time to switch over in the event of a failure.
•Use redundancy for Cisco IOS gatekeepers. HSRP should be used where endpoints need to reach a single IP address. Gatekeeper clustering should be used when endpoints support alternate gatekeeper with RAS, when load balancing between different gatekeeper devices is desired, and where the gatekeeper needs to maintain reservation and call information in spite of device failures.
•Use the virtual MCU capability of the Cisco Unified Videoconferencing Manager so that dynamic cascading can provide efficiency in WAN streams for conferences.
•The Desktop Server should be deployed close to the MCU to minimize delay of the conference media streams.
•Cisco Unified Videoconferencing Manager provides integrations with LDAP. Enterprises should use LDAP integration to maintain a single user list. However, any existing users in Cisco Unified Videoconferencing Manager prior to LDAP synchronization will have to be migrated to the LDAP directory to prevent any loss of user information. Cisco Unified Videoconferencing Manager has another list of application users and administrators that is maintained in addition to the enterprise LDAP users.
•Cisco Unified Videoconferencing Desktop supports H.235 for sessions with the MCU. The Cisco Unified Videoconferencing Desktop server should be enabled to support HTTPS sessions from the client to the server so that the session between the client and Desktop server is secure.
•Security devices such as firewalls should provide the needed pinholes if external users need access to the Desktop server or a Recording server
•Scheduling integrations, such as Outlook plug-ins or Lotus Notes integrations, should be leveraged to provide users with an integrated scheduling mechanism.
•Cisco Unified Border Element should be used when connecting external H.323 endpoints so they can call the enterprise video systems and join conferences.
•Consider the scalability of servers when multiple functionality, such as Cisco Unified Videoconferencing Manager, Desktop Server, and Recording Server, is provided by a single server.