Cisco WebEx Meetings Server (CWMS)
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
2,419
On Slideshare
2,419
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
153
Comments
1
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Local Edition
  • 2. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicLocal EditionCisco WebEx Meetings Server (CWMS)Pete DePalmaCollaboration CSE
  • 3. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicAgenda•  Intro to CWMS•  CWMS Architecture•  CWMS Integrations•  CWMS High Availability and Flows
  • 4. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicLocal EditionIntro to Cisco WebEx Meetings Server
  • 5. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicNaming ConventionsWebEx <product>Old Name New Name Descriptionn/a WebEx Meetings Server On-prem Everything (Web/Scheduling/Audio)MeetingPlace Express On-prem Everything (Old, Dead Product!)WebEx WebEx Meetings Cloud (TC/MC/EC/SC, VoIP or PSTN Audio)MeetingPlace (MP) n/a Cloud WebEx Sched/Web, Only audio on-premWebEx Connect WebEx Messenger Cloud IM and PresenceQuad WebEx Social Cloud or on-premCisco Cloud Connector n/a Directory IntegrationCallway WebEx Telepresence Cloud-based Telepresence Infrastructure(Call Control/MCU, etc). Endpoints on-prem
  • 6. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCisco WebEx Meetings ServerWhat is it?• It’s WebEx….On PremisesNew = Deployment/Install, administration, monitoring• Same WebEx Meeting CenterExperience (WBS27)Including great iPhone & iPad clients, and high-qualityvideo• Integrated with Cisco UC SuiteJabber Escalation to WebEx, Outlook, Exch., Presence• Is not a “Scary new 1.0 product”What’s New then
  • 7. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS and WebEx CloudHigh Level ComparisonSaaS WebExWebEx EE (MC, TC, EC, SC, Messenger)Productivity Tools and some 3rd party Plug-InsExtensive CustomizabilityScalable (EC - 2000 in one conference)OpEx, subscription-basedAudio = WebEx Audio or TSP to 3rd partyLeading Web Collab feature developmentCWMS 1.1Meeting Center OnlyProductivity ToolsVery Limited Customizability (Logo, PS, TOS, LegalDisclaimer)2,000 Peak Attendees, only 100 per meetingCapEx, Perpetual User LicensesAudio is built in (requires CUCM)Built on WBS27, lagging behind
  • 8. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS and MeetingPlaceHigh Level ComparisonMeetingPlace 8.5Uses WebEx CloudSpecialized Audio Features – E.g. ContinuousMeetings / Reservationless MeetingsScalable and Geographic RedundancyResiliencyMostly OpExHas audio-only deployment modelCWMS 1.0WBS27, MC OnlyBasic Audio Conferencing + PC Based AudioLimited Scalability, Limited Geographicredundancy / no Geographic resiliencyCapExWeb Centric, not an audio only solution
  • 9. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSMisc. Features•  Jabber Integration (Escalation to CWMS Meeting)•  iPhone/iPad with/without VoIP audio•  New Productivity Tools (now WebEx Assistant)New feature not in cloud called “Call Internal Number”bypasses full E.164 formatting to dialed number to fit internaldial plan•  Capacity Control (Telephony, Video, SVS, MeetingParticipants)•  Recording (NFS)•  100% localized•  Web page logo and Email template customization•  ReportingSystem Usage/Resources, Meeting Usage, License Usage,etc.
  • 10. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSJabber Integration – CUCM 9• Simplified Configuration‒ UC Service‒ Service Policy‒ Assign to User• Typical WebEx integration functionality‒ See list of your WebEx meetings‒ Start Instant WebEx meeting‒ Toaster invitation‒ Escalate to WebEx
  • 11. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicLocal EditionCWMS Architecture
  • 12. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS ArchitectureComponents on the NetworkActiveDirectoryExternal Firewall CUCMInternalUsersIPv4 + IPv6TeleconferencingVirtual Appliance(s)Internal FirewallIPv4 Web/Video/PCAudio Traffic fromMobile UsersSAML 2.0Single SignOnGuest andMobile UsersIPv4 Web/Video/PCAudio Traffic fromInternal UsersWeb VMReverse Proxy VMMedia VMAdmin VMHA Web VMHA Media VMHA Admin VMDMZProxy’s are OPTIONAL HA is OPTIONALInternal VM(50 port)Internal HA VM(50 port)Internal VMs
  • 13. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS ArchitectureHW Requirements / Server SizingCommon Requirements•  UCS M2 Gen or above (Westmere Processor or above) w/AES-NI•  2.4GHz Processor or above•  vSphere ESXi version 5, 5.1(v1.1)•  Additional NIC recommended for VMware Management Network•  vCenter version 5 -•  DAS minimum 4 Drives - RAID 10 or RAID 5•  SAN Supported•  RAID Battery Backup50 Port.Requirements: vSphere Standard, 7200RPM HDD, 100Mbps NIC, Built in RAID, Add 2 Cores for vSphere 5.1Primary•  4 cores•  24 GB RAM•  1 NIC•  1 TB HDD*IRP•  4 cores•  12 GB RAM•  1 NIC•  300GB HDD*Co-Resident Configurations (1TB HDD*)Primary + vCenter•  8 cores•  36 GB RAM•  1 NICPrimary + IRP•  8 cores•  36 GB RAM•  2 NICPrimary + IRP + vCenter•  12 cores•  40 GB RAM•  2 NIC250 PortRequirements: vSphere Standard, 7200RPM HDD, 1GB NIC, 1TB HDD (Usable), Built in RAID - Example host C220-M3Primary•  12 Cores•  52 GB RAM•  1 NIC•  1TB HDD*IRP•  12 Cores•  36 GB RAM•  1 NIC•  300GB HDD*Primary & vCenter•  16 Cores•  56 GB RAM•  1 NIC•  1TB HDD800 or 2000 PortRequirements: vSphere Enterprise Plus (5.0) or Enterprise (5.1), 10,000RPM SAS, 10Gbps NIC, 1TB HDD (Usable), LSI 9260-8i - Example host C460-M2Primary•  40 Cores•  80 GB RAM•  4 NIC•  1TB HDD*IRP•  40 Cores•  36 GB RAM•  4 NIC•  300GB HDD** Usable HDD space after RAID Configuration
  • 14. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS and MeetingPlaceOther HW Considerations•  3rd Party Servers are on the uncommitted roadmapSpec-based on Cisco UCSC and B series only•  RAID Requirements for B SeriesMust be FC or FCoEEmulate RAID configuration specified for C-Series DASEmulate IOPS one would receive in C-Series DAS•  All server performance sizing is based off of 50% of ports doing video•  See CWMS Ordering Guide to help size the servers•  Eventually will go into the UC sizing tool, sizing spreadsheet for now.
  • 15. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS ArchitectureSW RequirementsCategory System RequirementsUCS •  UCS only, support for 3rd party servers planned•  No Co-Residency in V1 (vcenter or IRP can be co-resident in certain deploymenttypes)VMware •  VMware 5.0 & 5.1(v1.1)•  vSphere 5.0 or 5.1(v1.1) Standard for 50 & 250 User systems•  vSphere 5.0 Enterprise Plus for 800 & 2000 User Systems•  vSphere 5.1 Enterprise for 800 & 2000 User Systems•  vCenter mandatory•  One License per socketNetworking •  LAN•  DNS must be configured prior to deployment•  NTP required on ESXi Host•  Redundant configurations must have all NIC interfaces duplicated and connectedto independent switching fabric to support LAN Fault tolerance•  WAN•  Similar to SaaS WebEx for HQ Video, Web Share etc.•  Plan assuming 70-30 distribution in-company users (LAN) and internet users(WAN)Storage (Network AttachedStorage)•  Needed only if customer wants to record meetings and keep system snapshots (forDR)Teleconferencing •  CUCM 7.1, 8.6, 9.0, 9.1(v1.1) for SIP Trunk based TeleconferencingSSO (Single Sign On) •  If using ADFS 2.0 as iDP then customer needs AD (Active Directory) 2010•  Other SAML 2.0 SSO Compliant iDP also supported – same as SaaS WebEx•  PingFederation V6.5.2, ADFS V2, OpenAM V9.5.4
  • 16. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSSystem CapacitiesMedia Type 50 Port 250 Port 800 Port 2000 Port100% SIP/PC Audio 50 250 800 2000Encrypted Audio (sRTP)50 250 800 2000Secured MC Web (SSL) 50 250 800 200050% HQ Video (SSL)** 25 125 400 1000Single Meeting Max Size 50 100 100 100Oracle DB Max User Count 400k 400k 400k 400kOracle DB Max Active Meetings 12,5k 62,5k 250k 500kOracle Max Past Meetings 50k 250k 1m 2mRecorded Meetings Max at Peak 5% of Ports or 10% of Maximum meetings**Video cut off by CWMS if exceeds 50%, sizing assumes 50%Port = Actively participating Hosts + AttendeesEvent Center to supplement for large meetingsIncludes G.722 codec
  • 17. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicModel SizeSimultaneous UsersCompany KnowledgeWorkers based on usageAverage Minutes Per MonthRanges50 Ports ~ 500 heavy (10 to 1)~ 1,000 avg. (20 to 1)~ 1,500 light (30 to 1)50-125 K(2500 min/port)250 Ports ~ 2,500 heavy (10 to 1)~ 5,000 avg. (20 to 1)~ 7,500 light (30 to 1)130-750 K(3000 min/port)800 Ports ~ 8,000 heavy (10 to 1)~ 16,000 avg. (20 to 1)~ 24,000 light (30 to 1)1000 K - 2.8 M(3500 min/port)2000 Ports ~ 20,000 heavy (10 to 1)~ 40,000 avg. (20 to 1)~ 60,000 light (30 to 1)3-8 M(4000 min/port)Actual Usage may vary based on conferencing add growthCWMS ArchitectureSizing Guidelines
  • 18. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicPrimary Admin+ vCenterIRPor Primary Admin+ vCenter IRPor•  Separate Internal and DMZUCS ESXi hosts•  Singe UCS ESXi host•  ESXi host is dual-homed toInternal and DMZ (Layer 2)DataCenterESXi HostInternal DMZ Internal DMZPrimary Admin+ vCenterIRPHA Admin HA IRPInternal DMZPrimary Admin+ vCenter IRPHA Admin HA IRPInternal DMZorHigh Availability Option 1•  All Single DC•  vCenter can be co-resident app•  vCenter required, but can be existing customer vCenter system•  “Admin” VM = Admin + Media + Web applicationsHigh Availability Option 2No High AvailabilityCWMS Deployment Layouts50 Port System
  • 19. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicDataCenterESXi Host250 PortorPrimary Admin+ vCenterIRPInternal DMZ Primary Admin+ vCenterIRPHA Admin HA IRPInternal DMZ800 PortorPrimary Admin IRPInternal DMZ Primary Admin IRPHA Admin HA IRPInternal DMZ•  “Admin” VM = Admin + Media + Webapplications•  All Single DC•  For DR, simply mirror the layout inother Data Center (vCenter followVMware rules)•  No dual-homed ESXi server(s)•  vCenter required, but can beexisting customer vCenter system•  Only difference between 250 and800 port is resource consumptionand vCenter co-residency.•  Identical layout to 50 port with separate Internal/DMZ UCS ESXihosts•  vCenter can NOT be co-residentHigh Availability OptionHigh Availability OptionNo High AvailabilityNo High AvailabilityCWMS Deployment Layouts250/800 Port System
  • 20. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicDataCenterESXi HostorAdmin/MediaIRPInternal DMZWeb/MediaWeb/MediaAdmin/MediaIRPInternal DMZWeb/MediaWeb/MediaHA Admin/MediaHA WebHA IRPHigh Availability Option•  Separate Internal and DMZ UCS ESXi hosts•  Non-HA Total 7 app instances across 4 ESXi hosts•  HA  add one of each type of app instance (Admin/Media/Web/IRP) for N+1 redundancy•  For DR, simply mirror the layout in other Data CenterNo High AvailabilityCWMS Deployment Layouts2000 Port System
  • 21. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSBW Consumption•  Videoconference•  Video Streaming•  Integrated Audio (VoIP)•  Presentation Share•  Desktop and Application Share•  Type of Device
  • 22. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSBW Consumption – About Video / VoIPH.264 SVC based video“Layers” of quality (base layer + multiple enhancement layersEnhancement layers added where BW is available up to maxEnhancement layers removed when BW not available or performingpoorlyVarious frame rates supported in HQ2 participants  30fps, Multi-party  24fps“High Quality” 360p video2-way 360p for PCiPad 2+ provides 1-way 360p receive, 180p transmitVideo LayoutsMain Video and ThumbnailsIn full screen, can receive main video with 6 x ThumbnailsVoIP is audio via browserT0 T0 T0 T0T1 T1 T1T0 T1 T0T2 T2T3 T3 T3 T3
  • 23. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSBW Consumption – About Video / VoIP Cont…Remember, this is just WebEx (http://www.webex.com/pdf/wp_bandwidth.pdf)Various factors determine video BW usageType of Device (PC / iPad), camera vendor, lighting, TCP vs. UDP, movementMaximum and Average Video BW Usage for PC and iPadsDevice VideoCapabilityMax SendMbpsAve SendMbpsMax Rec.MbpsAve Rec.MbpsPC Main Video360p 2-way1.5 .911 1 .635iPad Main VideoR-360p / S-180p.5 .330 .1 .635Any Thumbnail90pn/a n/a .05 .04VoIP Audio .08 .08 .08 .08
  • 24. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicLocal EditionCWMS Integrations
  • 25. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCUBE CUBEPSTNCUCM-SMECUCMLeafClustersCUBE CUBEPSTNCUCMCUBE CUBEPSTNCUCM-SMELegacy PBXCWMS ArchitecturePBX Integrations
  • 26. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS ArchitectureAudio Integration•  G.722 recommended. G.729/711 supported as well. TLS/sRTP supported•  CWMS has no echo cancellation. Consider with PSTN and TDM PBXintegration.•  SIP Trunks to/from CUCM/SME•  Can go into TDM PBX from CUCM/SME•  Through SME, no cluster limit•  Call-back TeleconferencingJust like WebEx, this is what its engineered for (Best End User experience)•  Dial In Operations (Toll free, toll, non-DID)Uses SIP Refer to get to right media server (always)
  • 27. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMS ArchitectureSMTP Integration•  Email essential to CWMS for provisioningand password resets•  Is one of the first things configured uponinstall•  Self provisioning works as follows‒  When user is imported they are sent an email‒  In body of email, they click on link and beginprovisioning processSet Password, location, time zone, language‒  Auto provisioning with SSO, user simply logs in•  Password resets  user receives email
  • 28. Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 28CWMS ArchitectureAuthentication and Directory - SSO•  What is SSO?•  IdP - Identity Provider‒  Provided by customer’s Identity Management System‒  Example OpenAM, ADFS, Ping Identity•  SP - Service Provider‒  WebEx, CWMS•  Directory‒  Active Directory•  SSO-enabled Client‒  Browser‒  WebEx Assistant•  SAML 2.0‒  Typically used / designed for cloud environments‒  can be used internally
  • 29. Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 29CWMS ArchitectureAuthentication and Directory - SSO•  SAML 2.0 IdP support only•  2 ways to deploy•  SP InitiatedRecommended and secure for CWMSSP (or CWMS in our case) collects theauthenticationCredentials are sent to IdP (ex. ADFS orOpenAM)Pass/Fail sent back•  IdP initiatedSP redirects initial collection of credentials tocustomer provide web serverConsidered more secure, but more complex
  • 30. Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 30CWMS ArchitectureAuthentication and Directory - SSO•  SSO only used to authenticate•  Still need user DB,import .csv…or…•  Can emulate complete LDAPauthentication and DB synchby:‒  Enable SSO‒  Enable Auto Account Creation and AutoAccount Update•  LDAP synchronization comingin a few months
  • 31. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicLocal EditionCWMS High Availability and Flows
  • 32. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSSIP Routing Basics with CWMS•  CWMS must be front-ended with CUCM•  CWMS is web-based and “wants” to out-dial‒  It is the way it was intended to be utilized, although many misuse it (user training)•  CWMS of course supports dial-in as well‒  If you dial into CWMS, it must collect meeting ID and get you into the right server•  For Inbound calls‒  Calls from CUCM must be directed to SIP “Load Balancer”‒  SIP Load Balancer targets (2 of the Media VMs) are provided to you upon provisioning the system‒  Initial Calls from CUCM to SIP LB should be done in “circular” fashion using RGs and RLs‒  From there, CWMS must process calls and hold meetings on “application” server•  Two Trunk Types‒  CUCM SIP messages with CWMS “load balancer” servers‒  CUCM SIP messages with CWMS “application”servers
  • 33. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSHigh Availability and Routing for SIP (2000 Port Model)The Concept of VIPs (discussed later) do not apply to SIP, only WebSIP HA from CUCM to CWMS handled by CUCM routing mechanisms (RLsand RGs)Also, you can utilize SIP OPTIONS ping for smoother failoverSIP HA for inbound calls1.  The SIP “Load Balancer” receives all initial inbound SIP requests (but neverterminates actual media)2.  Caller Calls from CUCM to a server via RG/RLs3.  The SIP “Load Balancer” immediately does a SIP 3XX redirect of caller to oneof the media servers for IVR processing. There is no guarantee at this pointthat you are on the right media server where the meeting is in progress. Thisuses SIP Route patterns in CUCM and can go to any of the Media VMs4.  The IVR on the media server collects the meeting ID (DTMF)5.  The IVR does a SIP REFER to the media VM where the meeting is inprogress (assuming it is on a different server). This uses the same SIP routepatterns in CUCM and can go to any of the Media VMs.SIP HA for out-dial, CWMS simply generates call to number from the mediaserver where the active meeting is being held and none of the above mattersAdmin/MediaIRPInternal DMZWeb/MediaWeb/MediaHA Admin/MediaHA WebHA IRPMeeting AlreadyStarted Here3 45Example Shownwith 2000 portmodel112
  • 34. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSHigh Availability and Routing for SIP SummaryTherefore, with CWMS ArchitectureWe have 2 types of trunks“Load Balancer” Trunks and “Application Server”TrunksBecause CUCM can’t trunk to same IP address onsame ports, we utilize different port numbers. Thisequates to two CUCM SIP Security ProfilesIn 2000 port deployment model with HAWe have 2 trunks to the “load balancer” functionalityWe have 4 trunks to support Refers/Redirects (one foreach Media)In 50/200/800 port deployment model with HAWe have 2 trunks to the “load balancer” functionalityWe have 2 trunks to support Refers/Redirects (one foreach Media)Use SIP OPTIONS pingsAdmin/MediaIRPInternal DMZWeb/MediaWeb/MediaHA Admin/MediaHA WebHA IRP2000 port HAPrimary Admin IRPHA Admin HA IRPInternal DMZ50/200/800 port HA
  • 35. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSHigh Availability for Web Traffic - Split DNS example‒ We use Virtual IP addresses (VIPs) that works like HSRP, same L2 network, replying to ARPs appropriately‒ Admin/Media VMs on inside handle Private VIP for Web Traffic (web meetings and administration)‒ IRPs handle the Public VIP (for external web traffic coming in)‒ Heartbeat communication for VIPs happens between the real IP addresses‒ When active Admin/Media VIP or IRP VIP fails, the backup takes over and starts responding to ARP for the VIP‒ Split DNS (described later), the meeting URL points to internal server VIP (inside attendees) and the IRP serverVIP (external attendees)‒ Administration URL points to internal server VIPvmeeting.cisco.commeeting.cisco.commeetingadmin.cisco.comXX
  • 36. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSWeb Traffic Routing In Action (2000 port as example)Basic Web High Availability and Routing Example1.  Initial Web request comes in to VIP2.  Active server responds to ARP request for the .1address below3.  Load Balancer functionality provides client list ofservers based off of capacity/load calculations4.  Client connects to its Web server. Multiple serversmay be employed for the same meeting in heavyload. Here, client was connected to an overflowserver5.  cascading may occur (transparent to client)Active LBMeeting AlreadyStarted HereMeeting canCascade
  • 37. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public• Simplified Installation plays into asimplified DR strategy• Installation by .ova file‒ Open Virtualization Archive file (zipped OpenVirtualization Format, or OVF, files)‒ SW on the vdisk• VMware Scripted Installation‒ Requires v-Center‒ Contains properties file, asks for all networkinginformation, then performs scripted installation‒ Install the admin VM first‒ Web in, then choose Manual or Automated‒ Automated deploys all VMs for youCWMS ArchitectureProduct Installation
  • 38. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public• No Geographic redundancy HA yet• Must be on the same L2 network with no latency• Disaster Recovery‒ Basically a Geographically placed cold-standby‒ Have full .OVA ready at all times‒ Backups on simple NAS/NFS share‒ Replicate NFS data to another store in secondary datacenter. Includes Recordings and Backups‒ Re-install product (Manual or Auto Deploy). Very quick andeasy‒ Make sure newly installed system is pointed to backup NAS/NFS share‒ When CWMS sees backup file on NAS, provides option toinitialize DRCWMS ArchitectureDisaster Recovery and Dual Data Center
  • 39. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSDNS and Traffic Flow• DNS For‒ Admin URL (ex. https://meetadmin.cisco.com)‒ Meeting URL (ex. https://meet.cisco.com)• Two DNS Options‒ Flat DNS, or “non-split-horizon DNS”‒ Split DNS, or “split-horizon DNS”‒ This is in regards to the meeting URL (ex. https://meet.cisco.com)‒ Important, b/c it affects the traffic flow• Flat DNS‒ Resolves meeting URL to the same IP address for internal and external users‒ All meeting traffic flows through the IRP• Split DNS‒ Internet DNS resolves meeting URL to the IRP on DMZTraffic from Internet flows through the IRP‒ Internal DNS resolves to internal serverTraffic from internal network goes straight to internal web server.
  • 40. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSDNS and Traffic Flow – Flat DNS• External Client1.  DNS request to https://meeting.cisco.com2.  DNS responds with VIP of IRP3.  HTTP traffic from external client to IRP4.  IRP reverse proxies traffic to internalCWMS server where mixing occurs• Internal Client1.  DNS request to https://meeting.cisco.com2.  DNS responds with VIP of IRP3.  HTTP traffic from internal client to IRP4.  IRP reverse proxies traffic to internalCWMS server where mixing occurs21341234
  • 41. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSDNS and Traffic Flow – Split DNS• External Client1.  DNS request to https://meeting.cisco.com2.  External DNS responds with VIP of IRP3.  HTTP traffic from external client to IRP4.  IRP reverse proxies traffic to internalCWMS server• Internal Client1.  DNS request to https://meeting.cisco.com2.  Internal DNS responds with VIP ofinternal CWMS server3.  HTTP traffic from internal client tointernal CWMS server2134123
  • 42. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicInternet Reverse Proxy (IRP) Recommended inthe DMZPorts 443 and 80 will need to be open inbound tothe IRP.Other ports (listed) will need to be open inboundfrom the IRP to CWMS and outbound from CWMSto the IRP.CWMS ArchitectureFirewall Ports
  • 43. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicCWMSTips for in the Lab OnlyInstallation simply needs to see the # ofcoresCan Scale back after installationDo not need the required memory for it torunUtilize thin-disk provisioningUtilize ManyCam to emulate a video camerain VMExtended trial periodCWMS software will install and run for 6 monthswithout any licenseJabber works well in VMwareUtilize RDP version 7 to pass speaker/MIC
  • 44. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicNew Collaboration SRND9.xWhat is the Collaboration SRND?Evolution of our UC SRND and TP design guides:  Evolve from UC and TP design to Collaboration  Make video pervasive through doc  Change overall tone of document from voice to collaboration  Emphasize recommended but include supported  Expand scope to include more Social, Cloud and Mobile  Combine UC and TP/Video Design GuidanceCollaboration SRND
  • 45. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicFeedback•  Give us your feedback and you could win fabulousprizes. Winners announced daily.‒  Receive 20 Passport points for each session evaluationyou complete‒  Complete your session evaluation online now(open a browser throughour wireless network to access our portal) or visit one ofthe Internet stations throughout the Convention Center.•  Don’t forget to activate your Cisco Live Virtualaccount for access to all session material,communities, and on-demand and liveactivities throughout the year.Activate your account at the Cisco booth in theWorld of Solutions or visit www.ciscolive.com.45
  • 46. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco PublicRegister for Cisco Live - OrlandoCisco Live - OrlandoJune 23 – 27, 2013www.ciscolive.com/us4646