Académique Documents
Professionnel Documents
Culture Documents
Local Edition
Cisco Public
Agenda
Intro to CWMS CWMS Architecture CWMS Integrations CWMS High Availability and Flows
Cisco Public
Local Edition
Cisco Public
Naming Conventions
WebEx <product>
Old Name
n/a MeetingPlace Express WebEx MeetingPlace (MP) WebEx Connect Quad WebEx Meetings n/a WebEx Messenger WebEx Social
New Name
WebEx Meetings Server
Description
On-prem Everything (Web/Scheduling/Audio) On-prem Everything (Old, Dead Product!) Cloud (TC/MC/EC/SC, VoIP or PSTN Audio) Cloud WebEx Sched/Web, Only audio on-prem Cloud IM and Presence Cloud or on-prem Directory Integration Cloud-based Telepresence Infrastructure (Call Control/MCU, etc). Endpoints on-prem
Cisco Public
Including great iPhone & iPad clients, and high-quality video Jabber Escalation to WebEx, Outlook, Exch., Presence
Cisco Public
CWMS 1.1
WebEx EE (MC, TC, EC, SC, Messenger) Productivity Tools and some 3rd party Plug-Ins Extensive Customizability Scalable (EC - 2000 in one conference) OpEx, subscription-based Audio = WebEx Audio or TSP to 3rd party Leading Web Collab feature development
Cisco Public
MeetingPlace 8.5
CWMS 1.0
Uses WebEx Cloud Specialized Audio Features E.g. Continuous Meetings / Reservationless Meetings Scalable and Geographic Redundancy Resiliency Mostly OpEx Has audio-only deployment model
WBS27, MC Only Basic Audio Conferencing + PC Based Audio Limited Scalability, Limited Geographic redundancy / no Geographic resiliency CapEx Web Centric, not an audio only solution
Cisco Public
CWMS
Misc. Features
Jabber Integration (Escalation to CWMS Meeting) iPhone/iPad with/without VoIP audio New Productivity Tools (now WebEx Assistant)
New feature not in cloud called Call Internal Number bypasses full E.164 formatting to dialed number to fit internal dial plan
Capacity Control (Telephony, Video, SVS, Meeting Participants) Recording (NFS) 100% localized Web page logo and Email template customization Reporting
System Usage/Resources, Meeting Usage, License Usage, etc.
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
CWMS
Jabber Integration CUCM 9
Simplified Configuration
UC Service Service Policy Assign to User
Cisco Public
Local Edition
CWMS Architecture
Cisco Public
CWMS Architecture
Components on the Network
Proxys are OPTIONAL Reverse Proxy VM
IPv4 Web/Video/PC Audio Traffic from Mobile Users
HA is OPTIONAL
DMZ
External Firewall Internal Firewall
Internal Users
Active Directory
CUCM
Cisco Public
CWMS Architecture
HW Requirements / Server Sizing
Common Requirements UCS M2 Gen or above (Westmere Processor or above) w/AES-NI vCenter version 5 2.4GHz Processor or above DAS minimum 4 Drives - RAID 10 or RAID 5 vSphere ESXi version 5, 5.1(v1.1) SAN Supported Additional NIC recommended for VMware Management Network
50 Port. Requirements: vSphere Standard, 7200RPM HDD, 100Mbps NIC, Built in RAID, Add 2 Cores for vSphere 5.1 Primary
IRP
Co-Resident Configurations (1TB HDD*) Primary + IRP Primary + IRP + vCenter 8 cores 12 cores 36 GB RAM 40 GB RAM 2 NIC 2 NIC
250 Port Requirements: vSphere Standard, 7200RPM HDD, 1GB NIC, 1TB HDD (Usable), Built in RAID - Example host C220-M3 Primary 12 Cores 52 GB RAM 1 NIC 1TB HDD* IRP 12 Cores 36 GB RAM 1 NIC 300GB HDD* Primary & vCenter 16 Cores 56 GB RAM 1 NIC 1TB HDD
800 or 2000 Port Requirements: vSphere Enterprise Plus (5.0) or Enterprise (5.1), 10,000RPM SAS, 10Gbps NIC, 1TB HDD (Usable), LSI 9260-8i - Example host C460-M2 Primary 40 Cores 80 GB RAM 4 NIC 1TB HDD*
2013 Cisco and/or its affiliates. All rights reserved.
All server performance sizing is based off of 50% of ports doing video See CWMS Ordering Guide to help size the servers Eventually will go into the UC sizing tool, sizing spreadsheet for now.
Cisco Public
CWMS Architecture
SW Requirements
Category
UCS
System Requirements
UCS only, support for 3rd party servers planned No Co-Residency in V1 (vcenter or IRP can be co-resident in certain deployment types) VMware 5.0 & 5.1(v1.1) vSphere 5.0 or 5.1(v1.1) Standard for 50 & 250 User systems vSphere 5.0 Enterprise Plus for 800 & 2000 User Systems vSphere 5.1 Enterprise for 800 & 2000 User Systems vCenter mandatory One License per socket LAN DNS must be configured prior to deployment NTP required on ESXi Host Redundant configurations must have all NIC interfaces duplicated and connected to independent switching fabric to support LAN Fault tolerance WAN Similar to SaaS WebEx for HQ Video, Web Share etc. Plan assuming 70-30 distribution in-company users (LAN) and internet users (WAN) Needed only if customer wants to record meetings and keep system snapshots (for DR) CUCM 7.1, 8.6, 9.0, 9.1(v1.1) for SIP Trunk based Teleconferencing If using ADFS 2.0 as iDP then customer needs AD (Active Directory) 2010 Other SAML 2.0 SSO Compliant iDP also supported same as SaaS WebEx PingFederation V6.5.2, ADFS V2, OpenAM V9.5.4 Cisco Public 2013 Cisco and/or its affiliates. All rights reserved.
VMware
Networking
CWMS
System Capacities
Media Type
100% SIP/PC Audio Encrypted Audio (sRTP) Secured MC Web (SSL) 50% HQ Video (SSL)** Single Meeting Max Size Oracle DB Max User Count Oracle DB Max Active Meetings Oracle Max Past Meetings Recorded Meetings Max at Peak
**Video cut off by CWMS if exceeds 50%, sizing assumes 50% Port = Actively participating Hosts + Attendees Event Center to supplement for large meetings Includes G.722 codec
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
50 Port
50 50 50 25 50 400k 12,5k 50k
250 Port
250 250 250 125 100 400k 62,5k 250k
800 Port
800 800 800 400 100 400k 250k 1m
2000 Port
2000 2000 2000 1000 100 400k 500k 2m
CWMS Architecture
Sizing Guidelines
Actual Usage may vary based on conferencing add growth
~ 500 heavy ~ 1,000 avg. ~ 1,500 light ~ 2,500 heavy ~ 5,000 avg. ~ 7,500 light
50-125 K (2500 min/port) 130-750 K (3000 min/port) 1000 K - 2.8 M (3500 min/port) 3-8 M (4000 min/port)
Cisco Public
~ 8,000 heavy (10 to 1) ~ 16,000 avg. (20 to 1) ~ 24,000 light (30 to 1) ~ 20,000 heavy (10 to 1) ~ 40,000 avg. (20 to 1) ~ 60,000 light (30 to 1)
2013 Cisco and/or its affiliates. All rights reserved.
Data Center
ESXi Host
No High Availability
HA Admin
HA IRP
Internal
Primary Admin + vCenter
DMZ
IRP
or
Internal
Primary Admin + vCenter
DMZ
IRP
or
or
Singe UCS ESXi host ESXi host is dual-homed to Internal and DMZ (Layer 2)
Internal
Primary Admin + vCenter
DMZ
IRP
HA Admin
HA IRP
All Single DC vCenter can be co-resident app vCenter required, but can be existing customer vCenter system Admin VM = Admin + Media + Web applications
Cisco Public
Data Center
ESXi Host
Admin VM = Admin + Media + Web applications All Single DC For DR, simply mirror the layout in other Data Center (vCenter follow VMware rules) No dual-homed ESXi server(s) vCenter required, but can be existing customer vCenter system Only difference between 250 and 800 port is resource consumption and vCenter co-residency.
or
HA Admin
HA IRP
800 Port
No High Availability
Internal
Primary Admin
DMZ
IRP
or
Primary Admin
HA Admin
HA IRP
Data Center
ESXi Host
Internal
Admin/Media
DMZ
DMZ
Web/Media
IRP
or
HA Admin/Media HA Web HA IRP
Separate Internal and DMZ UCS ESXi hosts Non-HA Total 7 app instances across 4 ESXi hosts HA add one of each type of app instance (Admin/Media/ Web/IRP) for N+1 redundancy For DR, simply mirror the layout in other Data Center
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
CWMS
BW Consumption
Videoconference Video Streaming Integrated Audio (VoIP) Presentation Share Desktop and Application Share Type of Device
Cisco Public
CWMS
BW Consumption About Video / VoIP
H.264 SVC based video
Layers of quality (base layer + multiple enhancement layers Enhancement layers added where BW is available up to max Enhancement layers removed when BW not available or performing poorly Various frame rates supported in HQ 2 participants 30fps, Multi-party 24fps
T0 T3 T2 T3 T1 T3 T2 T3 T0
Video Layouts
Main Video and Thumbnails In full screen, can receive main video with 6 x Thumbnails
CWMS
BW Consumption About Video / VoIP Cont
Various factors determine video BW usage
Type of Device (PC / iPad), camera vendor, lighting, TCP vs. UDP, movement
Local Edition
CWMS Integrations
Cisco Public
CWMS Architecture
PBX Integrations
PSTN
PSTN
PSTN
CUBE
CUBE
CUBE
CUBE
CUBE
CUBE
CUCM-SME
Legacy PBX
Cisco Public
CWMS Architecture
Audio Integration
G.722 recommended. G.729/711 supported as well. TLS/sRTP supported CWMS has no echo cancellation. Consider with PSTN and TDM PBX integration. SIP Trunks to/from CUCM/SME Can go into TDM PBX from CUCM/SME Through SME, no cluster limit Call-back Teleconferencing
Just like WebEx, this is what it's engineered for (Best End User experience)
Cisco Public
CWMS Architecture
SMTP Integration
Email essential to CWMS for provisioning and password resets Is one of the first things configured upon install Self provisioning works as follows
When user is imported they are sent an email In body of email, they click on link and begin provisioning process
Set Password, location, time zone, language
Cisco Public
CWMS Architecture
Authentication and Directory - SSO
What is SSO? IdP - Identity Provider
Provided by customers Identity Management System Example OpenAM, ADFS, Ping Identity
SP - Service Provider
WebEx, CWMS
Directory
Active Directory
SSO-enabled Client
Browser WebEx Assistant
SAML 2.0
Typically used / designed for cloud environments can be used internally
Cisco Confidential
28
CWMS Architecture
Authentication and Directory - SSO
SAML 2.0 IdP support only 2 ways to deploy SP Initiated
Recommended and secure for CWMS SP (or CWMS in our case) collects the authentication Credentials are sent to IdP (ex. ADFS or OpenAM) Pass/Fail sent back
IdP initiated
SP redirects initial collection of credentials to customer provide web server Considered more secure, but more complex
Cisco Confidential
29
CWMS Architecture
Authentication and Directory - SSO
SSO only used to authenticate Still need user DB, import .csvor Can emulate complete LDAP authentication and DB synch by:
Enable SSO Enable Auto Account Creation and Auto Account Update
Cisco Confidential
30
Local Edition
Cisco Public
CWMS
SIP Routing Basics with CWMS
CWMS must be front-ended with CUCM CWMS is web-based and wants to out-dial
It is the way it was intended to be utilized, although many misuse it (user training)
Cisco Public
CWMS
High Availability and Routing for SIP (2000 Port Model)
The Concept of VIPs (discussed later) do not apply to SIP, only Web SIP HA from CUCM to CWMS handled by CUCM routing mechanisms (RLs and RGs) Also, you can utilize SIP OPTIONS ping for smoother failover SIP HA for inbound calls
1. The SIP Load Balancer receives all initial inbound SIP requests (but never terminates actual media) 2. Caller Calls from CUCM to a server via RG/RLs 3. The SIP Load Balancer immediately does a SIP 3XX redirect of caller to one of the media servers for IVR processing. There is no guarantee at this point that you are on the right media server where the meeting is in progress. This uses SIP Route patterns in CUCM and can go to any of the Media VMs 4. The IVR on the media server collects the meeting ID (DTMF) 5. The IVR does a SIP REFER to the media VM where the meeting is in progress (assuming it is on a different server). This uses the same SIP route patterns in CUCM and can go to any of the Media VMs.
Meeting Already Started Here
HA Admin/Media HA Web
2 3 5
Admin/Media
1
IRP
Web/Media Web/Media
HA IRP
SIP HA for out-dial, CWMS simply generates call to number from the media server where the active meeting is being held and none of the above matters
2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
CWMS
High Availability and Routing for SIP Summary
Therefore, with CWMS Architecture
We have 2 types of trunks Load Balancer Trunks and Application Server Trunks Because CUCM cant trunk to same IP address on same ports, we utilize different port numbers. This equates to two CUCM SIP Security Profiles
Internal
Admin/Media Web/Media Web/Media IRP
2000 port HA
DMZ
HA Admin/Media HA Web
HA IRP
50/200/800 port HA
Internal
Primary Admin
DMZ
IRP
HA Admin
HA IRP
CWMS
High Availability for Web Traffic - Split DNS example
We use Virtual IP addresses (VIPs) that works like HSRP, same L2 network, replying to ARPs appropriately Admin/Media VMs on inside handle Private VIP for Web Traffic (web meetings and administration) IRPs handle the Public VIP (for external web traffic coming in) Heartbeat communication for VIPs happens between the real IP addresses When active Admin/Media VIP or IRP VIP fails, the backup takes over and starts responding to ARP for the VIP Split DNS (described later), the meeting URL points to internal server VIP (inside attendees) and the IRP server VIP (external attendees) Administration URL points to internal server VIP
meetingadmin.cisco.com meeting.cisco.com
X
v
meeting.cisco.com
Cisco Public
CWMS
Web Traffic Routing In Action (2000 port as example)
Basic Web High Availability and Routing Example
1. Initial Web request comes in to VIP 2. Active server responds to ARP request for the .1 address below 3. Load Balancer functionality provides client list of servers based off of capacity/load calculations 4. Client connects to its Web server. Multiple servers may be employed for the same meeting in heavy load. Here, client was connected to an overflow server 5. cascading may occur (transparent to client)
ive Act
LB
Cisco Public
CWMS Architecture
Product Installation
Simplified Installation plays into a simplified DR strategy Installation by .ova file
Open Virtualization Archive file (zipped Open Virtualization Format, or OVF, files) SW on the vdisk
CWMS Architecture
Cisco Public
CWMS
DNS and Traffic Flow
DNS For
Admin URL (ex. https://meetadmin.cisco.com) Meeting URL (ex. https://meet.cisco.com)
Flat DNS
Resolves meeting URL to the same IP address for internal and external users All meeting traffic flows through the IRP
Split DNS
Internet DNS resolves meeting URL to the IRP on DMZ
Traffic from Internet flows through the IRP
Cisco Public
CWMS
DNS and Traffic Flow Flat DNS
External Client
1. DNS request to https:// meeting.cisco.com 2. DNS responds with VIP of IRP 3. HTTP traffic from external client to IRP 4. IRP reverse proxies traffic to internal CWMS server where mixing occurs
1 3 2
Internal Client
1. DNS request to https:// meeting.cisco.com 2. DNS responds with VIP of IRP 3. HTTP traffic from internal client to IRP 4. IRP reverse proxies traffic to internal CWMS server where mixing occurs
4
1 3 2
Cisco Public
CWMS
DNS and Traffic Flow Split DNS
External Client
1. DNS request to https:// meeting.cisco.com 2. External DNS responds with VIP of IRP 3. HTTP traffic from external client to IRP 4. IRP reverse proxies traffic to internal CWMS server
1 3 2
Internal Client
1. DNS request to https:// meeting.cisco.com 2. Internal DNS responds with VIP of internal CWMS server 3. HTTP traffic from internal client to internal CWMS server
2
Cisco Public
CWMS Architecture
Firewall Ports
Internet Reverse Proxy (IRP) Recommended in the DMZ Ports 443 and 80 will need to be open inbound to the IRP. Other ports (listed) will need to be open inbound from the IRP to CWMS and outbound from CWMS to the IRP.
Cisco Public
CWMS
Tips for in the Lab Only
Installation simply needs to see the # of cores Can Scale back after installation Do not need the required memory for it to run Utilize thin-disk provisioning Utilize ManyCam to emulate a video camera in VM Extended trial period
CWMS software will install and run for 6 months without any license
Cisco Public
Collaboration SRND
Change overall tone of document from voice to collaboration Emphasize recommended but include supported Expand scope to include more Social, Cloud and Mobile Combine UC and TP/Video Design Guidance
Cisco Public
Feedback
Give us your feedback and you could win fabulous prizes. Winners announced daily.
Receive 20 Passport points for each session evaluation you complete Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Dont forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.
Cisco Public
45
www.ciscolive.com/us
Cisco Public
46