Infrastructure & Delivery Management Theatre<br />SCALING AND SECURING YOUR OCS InvestmentIs your Network Infrastructure R...
Legal Disclaimer<br />All or some of the products detailed in this presentation may still be under development and certain...
Abstract<br />Is Your Network Infrastructure Ready for Voice and UC Services?<br />OCS includes VoIP and conferencing comp...
Agenda<br />Case Study: Fabrikam Sports<br />Network Design Considerations<br />Ensuring Scalability and High-Availability...
OCS Case Study<br />Fabrikam Sports<br />5<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Inve...
Fabrikam Sports<br />OCS Case Study<br />Headquartered in San Francisco, the company was challenged to collaborate effecti...
A sound network infrastructure is required for OCS deployments so Fabrikam made Brocade products their standard for Ethern...
Layer 2-3 Network Objectives<br />A 3-tiered network architecture at the HQ, Seattle, and Austin offices, using Brocade Fa...
Layer 2-3 Network Objectives<br />QoS would be configured on all the switches<br />An 802.1p marking ACL will be configure...
Layer 4-7 Network Objectives<br />Complete redundancy is implemented at each layer<br />One of the most critical elements ...
Branch / Remote Sites<br />Internet<br />New York<br />Brocade MLX<br />OSPF 11<br />Brocade FCX<br />OSPF 20 - 50ms Laten...
OCS Enterprise Edition Considerations<br />OCS Enterprise Edition Front End Server, A/V Conferencing Server, Web Conferenc...
OCS Enterprise Edition Considerations<br />Internet<br />Expanded Deployment<br />OCS 2007 R2 Enterprise Edition in the co...
Layer 2-3 OCS Network Design Considerations<br />Campus Core<br />Multi-tier<br />Depending on size of network, use three-...
Layer 4-7 OCS Network Design Considerations<br />High Availability<br />ServerIron ADX switch pairs in front of Enterprise...
Best Practice—Layer 4-7<br />Use High Availability (HA) pairs to eliminate single-point-of-failure<br />Active Hot Standby...
Best Practice—Layer 4-7<br />OCS Enterprise Edition Front End Server, A/V Conferencing Server, Web Conferencing Server, an...
Best Practice for the Best ROI<br /><ul><li>Use ServerIron ADX to load balance multiple Enterprise Edition servers, maximi...
Use HA pairs of ServerIrons to eliminate single point of failure and assure stateful failover
Upcoming SlideShare
Loading in …5
×

UC Expo 2010 - Scaling and Securing your Microsoft OCS investment

844
-1

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
844
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • While easier to configure and manage a deployment without failover capability, if one unit fails, the entire Unified Communications environment goes down; no VOIP, no IM, no presence, and/or conferencing High Availability pairing allows a second Brocade ADX to provide uninterrupted server accessThere are three ways to deploy ADX in HA modeActive-Hot Standby – One active ADX, another ADX in standby (supported only with switch code)Active-Standby VIP – Both ADX’s can receive traffic but only the Active VIP handles the L4-7 traffic, the other VIP is in Standby (supported by router or switch code)Active-Active – Both ADX’s are active for the same VIP, where the ADX that receives the request, services it, and during failure, the remaining ADX handles all requests (supported by router or switch code)
  • UC Expo 2010 - Scaling and Securing your Microsoft OCS investment

    1. 1. Infrastructure & Delivery Management Theatre<br />SCALING AND SECURING YOUR OCS InvestmentIs your Network Infrastructure Ready for Voice and UC Services?<br />Harry PettyDirector, Product Marketing<br />UC EXPO<br />March 11, 2010<br />© 2010 Brocade Communications Systems, Inc.<br />
    2. 2. Legal Disclaimer<br />All or some of the products detailed in this presentation may still be under development and certain specifications, including but not limited to, release dates, prices, and product features, may change. The products may not function as intended and a production version of the products may never be released. Even if a production version is released, it may be materially different from the pre-release version discussed in this presentation. <br />NOTHING IN THIS PRESENTATION SHALL BE DEEMED TO CREATE A WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT OF THIRD-PARTY RIGHTS WITH RESPECT TO ANY PRODUCTS AND SERVICES REFERENCED HEREIN. <br />Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, File Lifecycle Manager, IronPoint, IronShield, IronView, IronWare, JetCore, MyView, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their respective owners.<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />March 11, 2010<br />2<br />
    3. 3. Abstract<br />Is Your Network Infrastructure Ready for Voice and UC Services?<br />OCS includes VoIP and conferencing components, protocols and call flow configuration in frontend server pools and perimeter networks<br />To underpin real-time video conferencing, VoIP and PBX capabilities hosted on servers inside your organization’s firewall, you need a network infrastructure that is smart, secure and scalable<br />This session will describe the latest techniques to ensure high-availability, while protecting your communications investment from capacity-limited obsolescence, as well as malicious threats and attack<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />3<br />
    4. 4. Agenda<br />Case Study: Fabrikam Sports<br />Network Design Considerations<br />Ensuring Scalability and High-Availability<br />Load Balancing OCS Frontend, Director, and Edge Servers<br />Securing the OCS Infrastructure Against Attacks<br /><ul><li>The Best Practice for the Best ROI</li></ul>Is your Network Infrastructure Ready for Voice and UC Services?<br />4<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />
    5. 5. OCS Case Study<br />Fabrikam Sports<br />5<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />“We’re consolidating telephony, conferencing, collaboration tools and email to reduce management costs for our rapidly growing mobile workforce, and to allow our communications infrastructure to scale to reach the company’s potential”<br />−Fabrikam Sports<br />This high-end sports apparel manufacturer’s popularity has created pressure to scale their IT infrastructure<br />
    6. 6. Fabrikam Sports<br />OCS Case Study<br />Headquartered in San Francisco, the company was challenged to collaborate effectively with 4,500 employees, apparel designed in Seattle, manufactured in Texas, with a regional New York sales office, 200 US-based reps and 50 reps split between Europe and Asia<br />They needed a solution that would support VoIP-based telephony, presence detection, mobile clients, and conferencing, to streamline and dramatically reduce the cost of communications<br />Easily integrated with their existing Exchange platform, the IT department chose Office Communicator 2007 R2<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />
    7. 7. A sound network infrastructure is required for OCS deployments so Fabrikam made Brocade products their standard for Ethernet load balancing, switching and routing, and Fibre Channel switching for storage, because they deliver the highest performance at the lowest cost and the lowest power consumption.<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />OCS Case Study<br />Building the right OCS infrastructure<br />Fabrikam Sports<br />
    8. 8. Layer 2-3 Network Objectives<br />A 3-tiered network architecture at the HQ, Seattle, and Austin offices, using Brocade FastIron CX at the access layer, FastIron SX at the aggregation layer, and NetIron MLX at the core, with 10 GbE 802.1ad trunks between each switch and the upper layer<br />The remote sales office in New York would deploy the FSX and FCX also with 10GbE 802.1ad trunks to the upper layer<br />SIP trunks would be purchased from the ISP allowing the company to take advantage of all the features of OCS across all offices and mobile users<br />Complete redundancy is implemented at each layer<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />
    9. 9. Layer 2-3 Network Objectives<br />QoS would be configured on all the switches<br />An 802.1p marking ACL will be configured to change the default DSCP value assigned OCS to a higher priority<br />In addition, traffic will be rate limited so that video and voice does not consume all available bandwidth<br />Rapid Spanning Tree will be configured on each VLAN<br />The right infrastructure design for OCS<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />Use QoS, Rate Limiting, and RST on each VLAN<br />
    10. 10. Layer 4-7 Network Objectives<br />Complete redundancy is implemented at each layer<br />One of the most critical elements in OCS deployment, ServerIron ADX switches would be configured in HA pairs before frontend, edge, and directory servers to scale performance, secure the servers and provide redundancy in the event of frontend server failure<br />ADX provides all users with a single connection point to the server pool, and ensures traffic is balanced between all real servers, preventing traffic from being sent to a failed server<br />ADX provides Denial of Service (DoS) attack security to all servers by ensuring hacker traffic is rejected without impairing the throughput of real traffic<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />
    11. 11. Branch / Remote Sites<br />Internet<br />New York<br />Brocade MLX<br />OSPF 11<br />Brocade FCX<br />OSPF 20 - 50ms Latency<br />Corporate Site<br />San Francisco<br />Brocade SX<br />Austin<br />SQL, Exchange, and SharePoint Clusters<br />Brocade ADX<br />OSPF 30 - 25ms Latency<br />Brocade FCX<br />Brocade <br />FC SAN<br /> OCS R2 <br />Monitoring<br />Seattle<br />OCS R2 Edge Server<br />DMZ<br />OSPF 40 - 5ms Latency<br />Brocade FCX<br />OCS R2 Director<br />OCS R2 Front End<br />Fabrikam Sports<br />Network Topology<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />11<br />
    12. 12. OCS Enterprise Edition Considerations<br />OCS Enterprise Edition Front End Server, A/V Conferencing Server, Web Conferencing Server, and Web Components Server can run on any combination of individual or separate servers<br />Any OCS pool with more than one Front End Server requires a hardware load balancer<br />A hardware load balancer is also required for arrays of OCS Edge Servers or even for an array of Standard Edition Servers when configured as a Director<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />12<br />
    13. 13. OCS Enterprise Edition Considerations<br />Internet<br />Expanded Deployment<br />OCS 2007 R2 Enterprise Edition in the consolidated configuration, one or more Enterprise Edition servers are deployed, each running the Frontend Server, A/V Conferencing Server, Web Conferencing Server, and Web Components Server<br />Recommended for most organizations that need high performance and high availability with easy scalability<br />A Layer 4-7 load balancer is required when multiple Enterprise Edition servers are pooled<br />Firewall<br />Access – FastIron CX<br />DMZ<br />OCS Edge<br />OCS Edge<br />OCS Antivirus<br />OCS Antivirus<br />Firewall<br />Core - NetIron MLX<br />Internal Network<br />Aggregation – FastIron SX<br />Load Balance – ServerIron ADX<br />OCS Frontend, AV, Monitoring, Web Conferencing <br />SQL Server<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />March 11, 2010<br />13<br />
    14. 14. Layer 2-3 OCS Network Design Considerations<br />Campus Core<br />Multi-tier<br />Depending on size of network, use three-tier architecture<br />Redundancy<br />Provide redundancy at all levels<br />Link Aggregation Groups<br />Provide at least 10GbE dynamic LAGs between each layer<br />Monitor LAGs and WAN link to see if congestion is occurring<br />Configure loopback interfaces to reduce port flapping<br />NetIron MLX<br />Core<br />FastIron SX<br />Aggregation<br />ServerIron ADX<br />OCS Servers<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />March 11, 2010<br />14<br />
    15. 15. Layer 4-7 OCS Network Design Considerations<br />High Availability<br />ServerIron ADX switch pairs in front of Enterprise Edition pools of OCS Directors, Frontend and Edge servers maximize application uptime and server farm utilization<br />Security<br />Shield applications from malicious attack without performance degradation<br />Scalability<br />ADX receives all client requests, performs health checks to identify outages and directs client connections to the most available resource, while servers can be added to or subtracted from the network in real time<br />ServerIron ADX HA Pair<br />server virtual EDVIP 10.5.57.90<br />server virtual DIRVIP 10.5.57.90<br />server virtual FEVIP 10.10.57.13<br />OCS 2007 R2<br />Edge Servers<br />server real ED1 10.5.57.11<br />server real ED2 10.5.57.12<br />OCS 2007 R2<br />Directors<br />server real DIR1 10.10.57.8<br />server real DIR2 10.10.57.9 <br />OCS 2007 R2<br />Frontend Servers<br />server real FE1 10.10.57.11<br />server real FE2 10.10.57.12 <br />Ports Load Balanced<br />server port 5060 tcp<br />server port 5061 tcp<br />server port 5063tcp<br />server port 135 tcp<br />server port 80 tcp<br />server port 443 tcp<br />server port 444 tcp<br />server port 5069 tcp<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />March 11, 2010<br />15<br />
    16. 16. Best Practice—Layer 4-7<br />Use High Availability (HA) pairs to eliminate single-point-of-failure<br />Active Hot Standby—One switch active, the other is standby with shared MAC address<br />Active-Standby VIP—both switches receive traffic but only one VIP is acting in standby<br />Active-Active—Both switches are active, allowing for oversubscription<br />Use Global Server Load Balancing (GSLB) to distribute services transparently across multiple sites of OCS R2 server farms<br />Use ‘one-arm’ or Direct Server Return (DSR) mode for a less network-intrusive topology, that allows higher throughput<br />Use HA, DSR , and GSLB to increase availability, reliability, and scalability<br />16<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />
    17. 17. Best Practice—Layer 4-7<br />OCS Enterprise Edition Front End Server, A/V Conferencing Server, Web Conferencing Server, and Web Components Server can run on any combination of individual or separate servers<br />Any OCS pool with more than one Front End Server requires a hardware load balancer<br />A hardware load balancer is also required for arrays of OCS Edge Servers or even for an array of Standard Edition Servers when configured as a Director<br />March 11, 2010<br />UC Expo | Scaling and Securing Your Microsoft OCS Investment<br />17<br />
    18. 18. Best Practice for the Best ROI<br /><ul><li>Use ServerIron ADX to load balance multiple Enterprise Edition servers, maximizing server utilization and client connections scalability
    19. 19. Use HA pairs of ServerIrons to eliminate single point of failure and assure stateful failover
    20. 20. Defend server pools against malicious attacks with ServerIron DoS offload for the best protection and throughout while under attack</li></li></ul><li>THANK YOU<br />For more information, please visit www.brocade.com<br />

    ×