TANDBERG Telepresence and Video Conferencing with Microsoft ...

8,269
-1

Published on

0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,269
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
284
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

TANDBERG Telepresence and Video Conferencing with Microsoft ...

  1. 1. Solution Guide TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 D1459101 January 2010
  2. 2. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Contents 1 Executive summary ......................................................................................................7 2 Business benefits .........................................................................................................8 3 Visual communications network components...........................................................9 3.1 Video conferencing endpoints....................................................................................................... 9 3.2 Video conferencing infrastructure ................................................................................................. 9 3.2.1 Call control and management.......................................................................................... 10 3.2.2 Services ........................................................................................................................... 10 4 TANDBERG integration with Microsoft Office Communications Server 2007 (R2) ......................................................................................................................................12 4.1 Background ................................................................................................................................. 12 4.2 Mobility – PC video peripherals................................................................................................... 12 4.3 Small scale integration (Individual registration model)................................................................ 13 4.4 Comprehensive Video Integration (CVI) ..................................................................................... 14 4.4.1 The benefits ..................................................................................................................... 14 5 Individual registration model details.........................................................................17 5.1 Individual registration benefits..................................................................................................... 17 5.2 Solution capabilities..................................................................................................................... 17 5.2.1 Endpoint configuration ..................................................................................................... 17 5.2.2 Authentication & registration............................................................................................ 18 5.2.3 Presence/Search/Instant Messaging............................................................................... 18 5.3 Security ....................................................................................................................................... 20 5.4 Individual registration model call scenarios ................................................................................ 20 5.4.1 Office Communicator to video conference room system................................................. 20 5.4.2 Personal system (MPOP) calling scenario ...................................................................... 22 5.4.3 Escalation ........................................................................................................................ 23 5.4.4 Multiparty calling with TANDBERG endpoints................................................................. 23 5.4.5 Office Communicator call features................................................................................... 24 5.5 Management and directories....................................................................................................... 25 5.6 Individual registration model limitations ...................................................................................... 26 5.6.1 Password management limitations .................................................................................. 26 5.6.2 Bandwidth management limitations ................................................................................. 27 5.6.3 Limited interoperability..................................................................................................... 27 5.7 Products supporting Individual registration ................................................................................. 29 6 Comprehensive Video Integration - details ..............................................................30 6.1 SIP trunk base functionality......................................................................................................... 30 6.1.1 Security ............................................................................................................................ 31 6.1.2 Presence/Contact search ................................................................................................ 33 6.1.3 Basic SIP trunk summary ................................................................................................ 34 6.2 SIP trunk advanced capabilities – OCS Relay............................................................................ 34 6.2.1 Simplified password management - Authentication/authorization................................... 36 6.2.2 Presence/Contact search ................................................................................................ 37 6.3 Integrated architecture - VCS considerations ............................................................................. 38 © 2010 TANDBERG Page 2 of 67
  3. 3. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 7 CVI use cases ..............................................................................................................40 7.1 Office Communicator to video conference room system ............................................................ 40 7.2 Personal system (MPOP) calling scenario.................................................................................. 42 7.3 Office Communicator to/from external H.323/SIP video system calling (Expressway) .............. 43 7.4 Escalation.................................................................................................................................... 45 7.5 Office Communicator call features .............................................................................................. 46 7.6 Multiparty calling with TANDBERG endpoints ............................................................................ 47 7.7 Office Communicator to/from ISDN video calling........................................................................ 48 7.7.1 Outbound calling from Office Communicator to an ISDN video system.......................... 48 7.7.2 Inbound calling to Office Communicator from an ISDN video system............................. 49 7.8 Audio calling to/from video endpoints via an Office Communications Server audio gateway/PBX ..................................................................................................................................................... 50 7.9 Telepresence............................................................................................................................... 50 7.10 Conferencing ............................................................................................................................... 52 7.10.1 Conferencing background................................................................................................ 52 7.10.2 Conferencing call scenarios............................................................................................. 54 7.10.3 Call policy enforcement - bandwidth limited calls ............................................................ 57 8 Deployment preparation.............................................................................................59 8.1 Required TANDBERG software versions ................................................................................... 59 8.2 Required Microsoft software versions ......................................................................................... 59 9 Solution limitations.....................................................................................................60 9.1 Calling scenarios not supported.................................................................................................. 60 9.2 Additional know limitations .......................................................................................................... 60 10 Understanding HD video calling with Office Communicator ..................................61 Appendix A: Roadmap.....................................................................................................62 Appendix B: VCS details .................................................................................................63 Appendix C: References..................................................................................................64 Appendix D: About TANDBERG .....................................................................................65 Appendix E: VCS SIP trunk and OCS to PBX integration ............................................66 Disclaimers and notices ......................................................................................................67 © 2010 TANDBERG Page 3 of 67
  4. 4. Figures Figure 1: TANDBERG PrecisionHD USB Camera........................................................................... 12 Figure 2: TANDBERG PrecisionHD USB camera FOV vs. Consumer camera FOV ...................... 13 Figure 3: Small Scale Video Integration........................................................................................... 13 Figure 4: Comprehensive Video Integration – Simplified network diagram .................................... 14 Figure 5: Enabling AD account for Communications Server............................................................ 18 Figure 6: Enhanced 2007 Presence model setting for TANDBERG endpoints ............................... 18 Figure 7: TANDBERG conference room systems in the Office Communicator Contact list............ 19 Figure 8: Multiple device support ..................................................................................................... 20 Figure 9: Example error response when sending IM to a TANDBERG endpoint ............................ 20 Figure 10: Calling from Office Communicator .................................................................................... 21 Figure 11: Example of a contact in the directory on TANDBERG MXP endpoints ............................ 21 Figure 12: Office Communicator to/from conference room calling .................................................... 22 Figure 13: Personal video system (MPOP) calling scenario.............................................................. 23 Figure 14: Office Communicator in a multiparty call hosted on a TANDBERG MXP ........................ 24 Figure 15: Example call forwarding rule screen for Office Communicator......................................... 24 Figure 16: Example Office Communicator Transfer Call screen........................................................ 25 Figure 17: Example screen shot for enabling Enterprise Voice ......................................................... 25 Figure 18: TMS and video conferencing system directories .............................................................. 26 Figure 19: Individual registration model call limitations – H.323 calling............................................. 28 Figure 20: Video conferencing to Office Communications Server integration – AD accounts not required ............................................................................................................................. 31 Figure 21: OCS Relay – Conference room model ............................................................................. 35 Figure 22: OCS Relay – Personal system and single identity support .............................................. 36 Figure 23: OCS Relay and presence aggregation ............................................................................. 38 Figure 24: VCS architecture options .................................................................................................. 38 Figure 25: Example CVI architecture ................................................................................................. 40 Figure 26: Calling from Office Communicator .................................................................................... 41 Figure 27: Office Communicator to/from conference room calling .................................................... 41 Figure 28: Example of a contact in the directory on TANDBERG MXP endpoints ............................ 42 Figure 29: Personal video system (MPOP) calling scenario.............................................................. 43 Figure 30: Home office worker video conference system connectivity .............................................. 44 Figure 31: External organization video conference connectivity by URI dialing ................................ 44 Figure 32: External organization video conference connectivity by IP dialing ................................... 45 Figure 33: Office Communicator call forwarding rule set example .................................................... 46 Figure 34: Office Communicator Transfer Call example.................................................................... 47 Figure 35: Example screen shot for enabling Enterprise Voice ......................................................... 47 Figure 36: Office Communicator in a multiparty call hosted on a MXP endpoint............................... 48 Figure 37: Calling ISDN video systems from Office Communicator .................................................. 49 Figure 38: Calling Office Communicator from an ISDN video system ............................................... 50 Figure 39: Office Communicator in a call with the TANDBERG Telepresence solution .................... 51 Figure 40: Telepresence integrated with Office Communications Server.......................................... 51 Figure 41: TANDBERG T3 Telepresence System............................................................................. 52 Figure 42: Active speaker view .......................................................................................................... 53 Figure 43: Four-way continuous presence......................................................................................... 53 Figure 44: 7+1 continuous presence.................................................................................................. 54 Figure 45: Adding Office Communicator users when scheduling a multiparty conference in TMS ... 55
  5. 5. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Figure 46: Example TMS confirmation message with connection information .................................. 55 At the time of booking TMS verifies that the necessary conferencing resources will be available at the scheduled time and reserves these resources. ................................................................ 55 Figure 47: Example Contact list with a group of virtual meeting rooms............................................. 56 Figure 48: Main office and branch office connected with a bandwidth policy in place ...................... 58 © 2010 TANDBERG Page 5 of 67
  6. 6. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Revision history Date Version & change information January 2010 Initial Release Copyright © TANDBERG 2010. All rights reserved. This Solution Guide may not be copied, photocopied, translated, reproduced, or converted into any electronic or machine-readable form in whole or in part without prior written approval of TANDBERG. TANDBERG reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of TANDBERG to provide notification of such revision or change. TANDBERG provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. TANDBERG may make improvements or changes to the product(s) and/or the program(s) described in this documentation at any time. All other product and company names herein may be trademarks of their respective owners. The software incorporated in this product is owned by Tandberg Telecom AS or its licensors. By using this product you agree to abide by the End User License Agreements for this product, which can be found at www.tandberg.com. Patent, copyright and other information related to this product can also be found at that location. © 2010 TANDBERG Page 6 of 67
  7. 7. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 1 Executive summary Unified Communications (UC) is broadly understood as the seamless integration of communications devices, modalities and capabilities for the individual user; allowing the user to have a single identity rather than a myriad of device identities. Visual communications is among the key communications modes within the UC ecosystem. As organizations begin to evaluate and plan for the deployment of UC solutions, visual communications becomes a key driver to implementation. TANDBERG is the industry leader in visual communications solutions. TANDBERG’s video first, open approach to UC leverages deep integrations with other UC desktop, voice, and network solutions resulting in an end-to-end visual UC solution that works for everyone in the organization —with quality that is absolute. This document focuses on TANDBERG’s open and integrated approach to enabling a visual UC environment with Microsoft Office Communications Server 2007 (R2). This is more than just making a typical video conference room work with a Microsoft Office Communicator client; it enables an organization’s video conferencing assets to work seamlessly with the broader UC environment and enables a user to have one identity in a common corporate directory/phone book, while having the freedom and flexibility to communicate with a wide range of devices in a variety of environments. The TANDBERG approach to Microsoft Office Communications Server integration maximizes ROI by allowing organizations to: • Support existing investments in standards-based video conferencing systems. • Migrate existing video conferencing assets into the UC environment with minimal disruption to both the video conferencing deployment and the rest of the communications environment. • Enable Microsoft Office Communicator users to take advantage of the advanced functionality of the video conferencing network, while maintaining seamless connectivity with the rest of the UC environment. This document: • Outlines how the TANDBERG integration with the Microsoft Office Communications Server can leverage the latest advances in video conferencing technology such as Telepresence and High Definition (HD 1) video quality. • Explains how to integrate an existing deployment of TANDBERG or other standards-based video conferencing technology in a range of installations, from the simple to the more comprehensive: • HD video and the PC • Desktop video appliances • Conference room video conference systems • Multiparty video conferencing • Cross network connectivity • Business to business (B2B) connectivity • Telepresence connectivity 1 For purposes of this document HD means 720p, unless specified otherwise. This convention is used because 720p is the maximum video resolution supported by the Microsoft Office Communicator client. It is important to note that the TANDBERG solution can support up to 1080p. © 2010 TANDBERG Page 7 of 67
  8. 8. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 2 Business benefits The migration from VoIP allowed the telephony service to be provided over the data network. This predominantly benefitted the IT administrator because there was only one network to manage for both voice and data, and simplified moves/new users/configuration changes because moving the CEO’s phone extension became a matter of unplugging the phone and connecting it to the data jack in a new office. While that provided time and cost savings to the IT administrator, the end user experience was fundamentally unchanged; one phone was replaced for another, but the user was still only able to make audio calls. Communicating visually is the “New Way of working”. It delivers on the promise of Unified Communications providing end users a transformative communications experience changing a one dimensional conversation into a multifaceted collaboration experience. Two key attributes of UC: • Presence: presence is the “dial tone” of UC. Presence allows users to see the status (for example, online, free or busy) of the people they are trying to reach and allows them to take action based on this information. Presence changes how, who and when we reach someone thereby making the communications process more efficient, it is not your Grandmother’s dial tone any more. • Video: video changes how we actually communicate and allows users to communicate more effectively, as proven in study after study. In today’s competitive landscape in which organizations are not only trying to reduce travel and their overall carbon footprint, but also to do more with less, visual communications allows organizations to implement “Green Initiatives” via tele-work; to improve productivity with more effective meetings and individual conversations, and to engender a more tightly-knit workforce. Visual communications is bringing back the sense of community and camaraderie in the ever expanding global work environment, resulting in a more efficient, effective and productive workforce. UC combines productivity drivers such as presence and visual communications with more traditional and familiar communications tools such as voice and web collaboration in an effort by businesses and organizations to stay ahead in today’s global economy. The ability to tie these communications channels into a combined and seamless experience for the end user is just the first step; ultimately the UC experience becomes interwoven with typical end users’ business processes. Microsoft Office Communications Server 2007 R2 is a platform for UC which provides a couple of the key elements. Combine this with the TANDBERG visual communications solution and you have the major components needed to build the unified communications solution being demanded by the end user. © 2010 TANDBERG Page 8 of 67
  9. 9. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 3 Visual communications network components This chapter provides an overview of the components in a comprehensive visual communications network. For further detail, see the TANDBERG web site (www.tandberg.com). 3.1 Video conferencing endpoints Video conferencing endpoints are purpose-built hardware appliances used for “video conferencing”; often, they are completely integrated packages including the screen(s), camera(s) and microphone(s) in addition to the actual “engine”, which is know as the “codec”. These are always-on IP solutions which do not require a PC to operate. There are three categories: Personal systems: examples shown: TANDBERG E20 and TANDBERG MXP 1700 Conference room systems: examples shown: TANDBERG Dual 52” Profile, TANDBERG C90 Codec, TANDBERG C60 Codec, and TANDBERG C20 Codec Telepresence systems: examples shown: TANDBERG Immersive T3, TANDBERG Immersive T1) Industry Products: examples shown: TANDBERG Intern MXP, TANDBERG FieldviewTM, TANDBERG Tactical MXP) 3.2 Video conferencing infrastructure Most communications solutions include network components that the end-user does not see that make them function; for example, a PBX allows phones in an office to work. Equally, the video © 2010 TANDBERG Page 9 of 67
  10. 10. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 conferencing endpoints described in the previous section rely on a series of infrastructure components, enabling a scalable and manageable deployment with additional services beyond those capable with the endpoints alone. 3.2.1 Call control and management The TANDBERG infrastructure products which provide call control and management are the Video Communications Server (VCS) and the TANDBERG Management Suite (TMS). TANDBERG Video Communications Server (VCS) - this appliance-based server provides: • H.323 gatekeeper • SIP registrar/proxy • Protocol interworking • Secure B2B connectivity • Microsoft Office Communications Server interconnect • PBX trunking • Call control and bandwidth management • Call routing TANDBERG Management Suite (TMS) - even with TANDBERG or other vendors’ endpoints registered individually to Office Communications Server, a software management platform is needed to manage these devices. TMS functionality includes: • Management • Monitoring • Maintenance • Scheduling • Common directories • Call Detail Records • Software updates 3.2.2 Services Additional core infrastructure products enable services such as: • Multi-party conferencing between Office Communicator and the standards-based video conferencing environment. • The ability to record calls from Office Communicator • Connectivity between Office Communicator and ISDN-based video conferencing devices. A few examples of the TANDBERG network products that provide these services are: TANDBERG product family of Multipoint Conferencing Units (MCUs): An MCU enables multiple video conferencing endpoints (including Office Communicator clients) to meet together in a conference in which all participants are able to see one another. Key features include: • HD video support. • Continuous presence – the ability to see all participants on one screen simultaneously. © 2010 TANDBERG Page 10 of 67
  11. 11. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 • Individual transcoding - important in mixed endpoint environments, by allowing all users in the conference to have the best possible experience. • ClearVision – the ability to provide better video quality than that actually received from the endpoint (making low quality video connections look better). TANDBERG Telepresence Server: An application-specific MCU enabling multiparty telepresence conferences including standards based telepresence conference rooms and multivendor video conferencing endpoints (including the Office Communicator client). TANDBERG ISDN Gateway: A gateway for ISDN-based video conferencing endpoints that allows IP-only devices, including Office Communicator clients to connect to ISDN-only devices. TANDBERG Content Server (TCS): A network-based recording and streaming solution allowing the recording and streaming of any video conference session, including Office Communicator clients. It also allows any video conferencing endpoint, including an Office Communicator client, to become a studio for creating recordings for purposes such as a team announcement. TCS allows for integration with SharePoint making it easy to leverage any video conference system to create and publish content into SharePoint. For a complete list of TANDBERG infrastructure products, see the TANDBERG web site: www.tandberg.com © 2010 TANDBERG Page 11 of 67
  12. 12. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 4 TANDBERG integration with Microsoft Office Communications Server 2007 (R2) 4.1 Background UC provides seamless connectivity between the PC-based communications paradigm and the current and evolving visual communications landscape. The integration of high quality visual communications with tools such as IM and presence elevate the level and quality of communications, enabling greater productivity. The Microsoft UC solution based on Office Communications Server 2007 R2 is a platform for scalable PC-based communications encompassing, instant messaging (IM), presence, voice calling, video calling, conferencing and collaboration - tightly integrated into other Microsoft business productivity applications such as the Exchange, SharePoint and Office. The Office Communications Server platform provides two main user clients, the Office Communicator client and the LiveMeeting client. This document focuses on the interoperability of the video conferencing environment with the Office Communicator client. It showcases how TANDBERG is able to support a range of Office Communications Server deployments, from the smallest to the largest, with a variety of solutions suited to customer needs: • Mobility – PC video peripherals • Small scale integration – Individual registration • Comprehensive video integration – Gateway approach Each one is discussed in greater detail in the rest of this chapter. 4.2 Mobility – PC video peripherals Users of video are demanding that communication from the conference room and on the road is clear, reliable and effective. TANDBERG’s PrecisionHDTM USB Camera is the best in its class of enterprise- grade USB cameras and the first camera providing true 720p widescreen format video at 30fps to be certified as Optimized for Microsoft Office Communicator. When used with Office Communications Server 2007 R2 and the Office Communicator client, the camera enables users to maximize their video communications in business-quality HD and with superior audio capabilities; meaning they can connect with clarity and purpose anywhere, anytime providing mobility of business quality communications. Figure 1: TANDBERG PrecisionHD USB Camera The camera was also designed to provide a view of the user suitable for today’s demanding business communications environment. The following images show the same user at the same distance from a typical consumer-grade camera and from the enterprise-grade TANDBERG PrecisionHD USB camera, illustrating how the TANDBERG camera enables more effective communication. © 2010 TANDBERG Page 12 of 67
  13. 13. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 TANDBERG enterprise camera field of view Typical consumer camera field of view Figure 2: TANDBERG PrecisionHD USB camera FOV vs. Consumer camera FOV Consumer-grade web cameras tend to have a wide field of view (FOV) resulting in much of the transmitted image being of the user’s surroundings rather than of the actual individual when sitting a normal distance from the camera. The PrecisionHD USB camera has an optimized field of view resulting in a more favorable image of the user. Often in PC-based visual communications, the size of the display dedicated to the video image is only a portion of the total screen real estate; therefore it is critical for the image in the video window be optimized to see the far end participant’s facial features and expressions. This improves the “in person experience” provided by communicating visually, as well as reducing “meeting strain”. 4.3 Small scale integration (Individual registration model) For those customers that want to use video conferencing on a slightly larger scale than just the PC and the Office Communicator client, TANDBERG provides the MXP range of TANDBERG endpoints and the TANDBERG E20 endpoint that can register individually with Office Communications Server. This makes it convenient and easy for small organizations to introduce TANDBERG video conferencing systems into their deployment of video-enabled Office Communicator users. MXP Office Communicator MXP E20 Client Example registration: All devices register directly with the Office Communications Server Figure 3: Small Scale Video Integration © 2010 TANDBERG Page 13 of 67
  14. 14. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 This type of small scale integration is often referred to as “Individual registration”. Office Communicator users can search for these systems, add them as contacts in their Contact list and call them in exactly the same way that they do any other Office Communicator user. A benefit is that no additional equipment is needed, although it is important to note this can limit the overall function/capabilities of the video conferencing network. For details about the Individual registration model see chapter 5. 4.4 Comprehensive Video Integration (CVI) For small installations (typically 10 or fewer video conferencing endpoints) that do not need full video functionality the Individual registration model is acceptable. An environment with typically 10 or less video conferencing endpoints is manageable without additional infrastructure components to manage, maintain and support it. However, for deployments with additional video conferencing systems and infrastructure, TANDBERG strongly recommends an alternative to the Individual registration model which provides a fully-featured video conferencing environment that can also be integrated into the Office Communications Server. Full scale or Comprehensive Video Integration (CVI) is the joining of the TANDBERG Total Solution with the Microsoft Office Communications Server 2007 (R2) environment. This integration is based on the TANDBERG Video Communications Server (VCS) acting as a gateway, thereby providing a SIP trunk between the fully functioning video conference environment and Office Communications Server. This provides the richest feature set on the market of any video integration with Office Communications Server. The benefits of this integration model are explained below and the model is described in detail in chapter 6. Office Video Communicator SIP TRUNK Conferencing Environment Environment VCS Figure 4: Comprehensive Video Integration – Simplified network diagram 4.4.1 The benefits Bandwidth management Often referred to as Call Admission Control (CAC), the VCS has comprehensive bandwidth management features which are essential to deploying a robust, reliable video conferencing network: it manages the bandwidth for video calls between the two environments (in addition to the bandwidth for calls within the video conferencing environment). Single identity – call forking An important attribute of the Office Communications Server environment is its support of a Single Identity. This is also a very important attribute of call forking and the FindMe functionality in VCS. VCS supports the Office Communications Server call forking model and extends it allowing users to have multiple video conferencing devices in addition to their Office Communicator client/devices. Further, the VCS allows users to configure and control which of these devices ring © 2010 TANDBERG Page 14 of 67
  15. 15. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 when their Office Communicator address is called. VCS makes it very easy to enable the single identity concept with both TANDBERG and 3rd party video conferencing endpoints. Protocol interworking There are two main voice and video over internet protocols, H.323 and SIP. Office Communications Server supports SIP, traditional endpoints (many of which only support H.323) a converter between SIP and H.323 is required. The VCS is such a converter providing interworking between the SIP and H.323 signaling protocols allowing Office Communicator to connect individually to H.323 (“traditional”) video conferencing devices without the need for additional video conferencing components such as a multipoint control unit (MCU). In the TANDBERG integration with Office Communications Server an MCU is only used when a conference is actually needed. Password management VCS is treated as a trusted host to Office Communications Server; video conferencing devices registered to VCS benefit from this and do not need to be individually authenticated to the Office Communications Server. This is a big benefit for administrators when maintaining their password management policies minimizing potential administrative issues. Advanced conferencing experience The Multiway functionality of VCS is available when there is a TANDBERG Codian MCU in the network. The Multiway conferencing service allows TANDBERG endpoints to easily escalate a point-to-point video call to a multiparty conference by calling and connecting to additional users, including Office Communicator clients. 3rd party video conferencing support VCS supports standards-compliant 3rd party video conferencing equipment and therefore acts as a gateway for legacy endpoints and network devices to interoperate with Office Communications Server. The benefits of the VCS integration with Office Communications Server also apply to these 3rd party endpoints. Business to Business (B2B) and remote worker video conference connectivity VCS supports the TANDBERG solution known as Expressway, an industry proven, open standard means of providing secure firewall traversal for audio and video media, easily enabling B2B, branch office and tele-worker connectivity. The TANDBERG integration with Office Communications Server allows Office Communicator users to transparently leverage the Expressway solution to connect with customers, partners and remote workers video conferencing systems. Presence enablement Typically, H.323 video conference systems do not publish presence. VCS has an internal presence engine which can create presence on behalf of video conferencing systems and solutions that would never be able to publish presence to Office Communications Sever on their own behalf. This is important because it allows: • The user to know whether a remote party is available for conferencing or engaged in a call. • The Office Communicator experience to be transparent (identical) regardless of who or what the user is trying to reach. Office Communications Server audio gateway/PBX integration interworking VCS enables advanced features such as digit manipulation for complex dial plan integration. For example, the VCS can enable video conferencing systems to call through an Office Communications Server environment which has been integrated with a PSTN audio gateway or PBX integration. By taking advantage of the Office Communications Server’s integration with the audio gateway/PBX, it allows the video devices to make and receive audio calls from the PSTN- or © 2010 TANDBERG Page 15 of 67
  16. 16. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 PBX-based phones respectively and provides a greater ROI for the investment in the audio/PBX integration with Office Communications Server. The call scenarios covered in this document further highlight the benefits mentioned previously of leveraging a SIP trunk between Office Communications Server and the video conferencing environment via the TANDBERG VCS, providing the most feature rich video-enabled UC environment on the market. © 2010 TANDBERG Page 16 of 67
  17. 17. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 5 Individual registration model details This chapter defines the current support for TANDBERG video conferencing systems to act as IP devices in an Office Communications Server environment. It also covers the benefit and limitations of the Individual registration model. 5.1 Individual registration benefits The Individual registration model allows Office Communications Server to enhance the overall visual communications capabilities of a UC solution by registering video conferencing endpoints directly to the Office Communications Server. This provides a low cost of entry to enable personal video conferencing appliances and conference room video conferencing systems to interoperate with the PC-based Office Communicator environment. 5.2 Solution capabilities 5.2.1 Endpoint configuration The following TANDBERG endpoints support the Individual registration model with Office Communications Server (R2). • MXP (F software series) • E20 (TE software series) The following summarizes the settings required on these endpoints (see the individual product manual for more detail). • SIP Mode = On • SIP Server Type = Microsoft • SIP Address (URI) = SIP URI assigned to the AD account created for this device. • Server Discovery = Manual • Server Address = the address to the Office Communications Server • Transport = TCP or TLS • Verify TLS = Off • SIP Authentication o Username = the login user name of the corresponding AD account. o Password = the corresponding password for the account Tech Tip: If your Office Communications Server is deployed in a multi-forest domain, please enter your SIP authentication username as <username@DNSDomainName>. Note that the pre-Windows2000 format <domainuser> is not supported. To obtain your login username, open a command line prompt and enter the command “echo %USERDNSDOMAIN%”. The output of this command is your DNSDomainName. © 2010 TANDBERG Page 17 of 67
  18. 18. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 5.2.2 Authentication & registration The endpoints use NTLMv1 authentication, and register to the Office Communications Server as if they were an Office Communicator client. Therefore a valid Active Directory account is required and it must be enabled for Communications Server. Figure 5: Enabling AD account for Communications Server 5.2.3 Presence/Search/Instant Messaging The TANDBERG endpoints support the Office Communications Server 2007 Enhanced Presence model, which means that this does not need to be disabled when creating the user account. This setting can be found in the Front End server properties, the “Other Settings” option of the “Communications” tab. Figure 6: Enhanced 2007 Presence model setting for TANDBERG endpoints © 2010 TANDBERG Page 18 of 67
  19. 19. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 When registered to the Office Communications Server, the TANDBERG endpoints can: • Publish presence. Three states are supported: o Offline o Available o In Call • Support being searched from the Office Communicator client search field, like any other contact. Conference room systems TANDBERG endpoints that are conference room systems can be thought of as autonomous “devices” and therefore have their own contact information. For example, the following figure shows several conference rooms added as contacts: the “Bellevue.Rainier” conference room is in a call, while the “SanFrancisco.Baybridge” conference room is online and available. Figure 7: TANDBERG conference room systems in the Office Communicator Contact list Personal systems TANDBERG endpoints in the Office Communications Server environment can also be personal systems. They can register with the same credentials as an existing Office Communicator user. Office Communications Sever supports the concept of Multiple Points of Presence (MPOP; the ability to register multiple “devices” with a given Office Communicator user. Office Communications Server is responsible for aggregating the presence from the multiple devices associated with a given individual and publishing one combined presence state. Therefore, with the Personal System model a user would not search for a “video conference system contact” but rather the individual they are trying to reach. This is explained further in the call scenarios section later in this chapter. © 2010 TANDBERG Page 19 of 67
  20. 20. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Bob has multiple devices Both the OC client and the associated with him, however he 1700 MXP register to OCS appears as a single contact in the as bob@fictbiz.com Contact list Bob’s office Registration with OCS Figure 8: Multiple device support Instant Messaging TANDBERG video conference systems are not designed to support Instant Messaging (IM). When an Office Communicator user tries to IM a contact which is a video conference system a message is displayed in the Office Communicator chat window. Figure 9: Example error response when sending IM to a TANDBERG endpoint 5.3 Security There are two main protocols for securing a real time communications session in SIP: Transport Layer Security (TLS) and Secure Real Time Protocol (SRTP). TLS encrypts the SIP signaling stream while SRTP encrypts the actual audio and video media streams, preventing others from eavesdropping in on the actual audio/video call. The TANDBERG devices which register directly with Office Communications Server support interoperability with the Office Communications Server implementation of TLS and SRTP, ensuring that both signaling and media are encrypted. Tech Tip: Since the TANDBERG endpoints that register directly to Office Communications Server support interoperable SRTP, it is possible to leave the Front End Server policy setting to “Require Encryption”. Note this is the default out of the box setting with Office Communications Server 2007 R2. 5.4 Individual registration model call scenarios 5.4.1 Office Communicator to video conference room system To call from Office Communicator to a TANDBERG video conference room, users: © 2010 TANDBERG Page 20 of 67
  21. 21. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 • Search for the conference system, if it is not already in the user’s Contact list. • Right-click on the conference room system contact. • Start video call. Figure 10: Calling from Office Communicator When users in the conference room want to call an Office Communicator user, they search for the address of the Office Communicator user in the directory of the video conference system. (Directories of video conference systems are discussed later in this document.) Figure 11: Example of a contact in the directory on TANDBERG MXP endpoints © 2010 TANDBERG Page 21 of 67
  22. 22. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 An example of the call flow for a call in either direction is shown below. Call signaling Media path Figure 12: Office Communicator to/from conference room calling 5.4.2 Personal system (MPOP) calling scenario When a TANDBERG video conference system is registered to the Office Communications Server with an existing user’s credentials, the calling process is the same as described above. The call will be forked to all devices. Tech Tip: Forking, also known as call splitting, is a feature that enables an incoming call to ring several extensions either in parallel or sequentially, or in a combination of these two. The first one extension that answers establishes the session. Call forking is associated with the MPOP functionality in the Office Communications Server environment. The TANDBERG VCS FindMe functionality also leverages forking capabilities. In the typical Personal System scenario, a user has a TANDBERG video conferencing system such as the TANDBERG 1700 MXP or the TANDBERG E20 on their desk. The device is often also used as their phone replacement because it can provide audio-only calling in addition to high quality video. Reasons why users have a dedicated video conference system on their desk in addition to running Office Communicator on their PC include: • The ability to provide a “personal telepresence” experience. • Dedicated screen real estate to video participants leaving the PC screen for content. • Dedicated processing leaving the PC to be used for processing intensive data activities. • Always-on functionality and reliability, i.e. there is no PC required When calling a user with both an Office Communicator client and a TANDBERG personal video conferencing system, the calling party doesn’t need to know what devices the callee has. They need only know that they are trying to connect with a specific individual – they simply call the user. The call is forked to both the Office Communicator client and the video conference system. Typically, the user answers the call with the personal video conference system when in the office. When on the road, the call can be answered with the Office Communicator client. The figure below shows the following call scenario: • Alice finds Bob in the Contact list. • Alice right-clicks on Bob to start a video call. © 2010 TANDBERG Page 22 of 67
  23. 23. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 • The call rings on Bob’s PC with Office Communicator and on the 1700 MXP. • Bob is in the office; therefore, he answers the call on the 1700 MXP. Bob’s office Alice Call signaling Media path Figure 13: Personal video system (MPOP) calling scenario 5.4.3 Escalation Escalation from voice to video is supported for both the conference room and personal system models. The typical scenario for this is when an Office Communicator user selects a contact and clicks the “Communicator Call” icon . This establishes an audio call with the video conference system and then the user can click the camera icon in Office Communicator which will escalate the call to a video session. 5.4.4 Multiparty calling with TANDBERG endpoints Several of the TANDBERG MXP endpoints support a feature called Multisite. Multisite is the ability for the video conferencing system to host a multiparty call, similar to a second and third line conferencing capability of many phones. Multiple Office Communicator users can call into the video conferencing system or the video conferencing system can call out to multiple users. The call process is the same as that described above when calling between Office Communicator and a video conferencing system in that each Office Communicator user would start a video call with the conference room or the video conference system would call out to each Office Communicator participant, or some combination. The conference room video endpoint manages the multiple connections and the combined video image showing all participants. Refer to the TANDBERG MXP endpoints datasheet and Administrator guide for more information on the number of sites which may be hosted in a multisite call, as well as the video layouts supported. © 2010 TANDBERG Page 23 of 67
  24. 24. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Figure 14: Office Communicator in a multiparty call hosted on a TANDBERG MXP 5.4.5 Office Communicator call features The TANDBERG endpoints which support registration directly to Office Communications Server are also able to support the following Office Communicator client features when they are initiated from the Office Communicator interface. • Call Transfer • Call Forward • Call Redirect • Call Hold/Resume • Audio and Video Mute • Audio and Video Pause An Office Communicator user would define their personal call forwarding/redirect rules in the configuration screen. Figure 15: Example call forwarding rule screen for Office Communicator Tech Tip: It is important to note that all of the individual call forwarding/redirect rules as shown above are “number” based and not URI based. © 2010 TANDBERG Page 24 of 67
  25. 25. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 The following image shows the screen an Office Communicator user would see when trying to transfer a call. The user would select from the list of available contacts to transfer too, or search in the search bar for the appropriate contact. Figure 16: Example Office Communicator Transfer Call screen Tech Tip: Office Communicator users must be enabled for Enterprise Voice in order to leverage the call transfer features and other “Enterprise Voice” features of the Office Communications Server platform. Consult the Microsoft documentation for further detail. Figure 17: Example screen shot for enabling Enterprise Voice 5.5 Management and directories Endpoints which are registered directly to the Office Communications Server are not managed or provisioned by it. This is a major consideration for the Individual registration model, being appropriate for a small scale integration of video conferencing equipment with Office Communicator. © 2010 TANDBERG Page 25 of 67
  26. 26. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 It is possible to manage the TANDBERG video conferencing system individually; however, for a more scalable deployment the TANDBERG Management Suite (TMS) should be deployed. TMS allows an administrator to manage and maintain all of the video conferencing endpoints. One very important attribute of TMS is support for managing directories/phone books on the video conferencing systems. These are essential for users to easily find and connect with one another and with conference rooms. TANDBERG is able to provide a directory of the Office Communicator users based on the LDAP integration capabilities of TMS. TMS pulls the list of SIP URIs of the Office Communicator users from Active Directory and makes a phone book available on the video conferencing systems, allowing the video conference system user to easily place calls to individual Office Communicator users. Directories/ Phone books TMS Figure 18: TMS and video conferencing system directories 5.6 Individual registration model limitations While the Individual registration model provides a simple method for providing integration of video conferencing with Office Communicator, it is important to understand the limitations. These limitations can be addressed with the Comprehensive Video Integration approach - see the next chapter. 5.6.1 Password management limitations It is common practice for IT administrators to set a password renewal policy in which users must create a new password at a set interval. Users are familiar with re-setting their password on their PC; however, there are a couple of issues when dealing with passwords on video conferencing systems. • Password expiration notification • Changing the password Email is often used as a notification mechanism for changing a user’s password. There is no parallel notification mechanism for video conferencing systems; therefore, it is likely that the password on a video conferencing system could expire, and the system would stop functioning, resulting in calls to the help desk. Additionally, the actual process of setting a password on a video conferencing system with a typical remote control interface is often an administrative rather than an end-user function. © 2010 TANDBERG Page 26 of 67
  27. 27. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 This issue can be mitigated by changing the password expiration policy so that passwords don’t expire. This may work for conference room systems but, typically, is not acceptable for personal video systems because it would mean that the user’s password policy would also be set not to expire. The TANDBERG Comprehensive Video Integration model (see the next chapter) provides an alternative approach, which simplifies password management and is more scalable. 5.6.2 Bandwidth management limitations Video conferencing equipment that registers directly with the Office Communications Server is limited to the feature set of that platform. Office Communications Server (R2) does not provide mechanisms for bandwidth management. (You can set the maximum bandwidth for video calls via Group Policy; however, there is no mechanism for Call Admission Control-type functionality.) Due to the bandwidth consumption of video calling, an important attribute in a typical video conferencing deployment is to allow the network administrator to control the bandwidth of video calls and the maximum number of video calls allowed over different portions of the network. This is done in order to ensure the quality of the calls and that there is bandwidth for other applications. The TANDBERG Comprehensive Video Integration model (see the next chapter) provides an alternative allowing for bandwidth management of the video conferencing assets in the network and all video calls between Office Communicator and video conferencing systems. 5.6.3 Limited interoperability Existing video conferencing deployment limitations Most existing video conferencing deployments are based on a standard called H.323. Many of today’s video conferencing systems, including the TANDBERG MXP series of endpoints, support both the H.323 and SIP protocols. It is possible to simultaneously register an endpoint to both the existing H.323 video conferencing environment and to Office Communications Server (i.e. the SIP environment). While this is functional, it has some limitations, described here. Management and Administration Video conferencing systems that are dual registered must be managed both as an Office Communicator registration and as a video conferencing registration. This can cause confusion about which group in the IT organization is responsible for the day to day maintenance and administration of the device. Calling H.323-only systems require an MCU or embedded Multisite When the user of a video conferencing system registered directly to Office Communications Server wants interoperability with an existing H.323 video conferencing deployment (either internal to the organization or potentially an external customer or partner), an MCU is needed to mix the SIP and H.323 protocols as shown in the diagram below. In addition, the call model is not as simple as selecting a contact from the Contact list and calling; the user must know that there is an MCU and organize a “meeting” with the H.323 participant. While this is functional, TANDBERG recommends the CVI approach to integration which allows calling to H.323 systems directly from Office Communicator. © 2010 TANDBERG Page 27 of 67
  28. 28. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Alice H.323- SI H.32 X Call signaling * H.323-only systems cannot register Media path with Office Communications Server Alice H.323- SI H.32 With Individual registration, Alice is not able to call the H.323-only system directly; Alice must call into a device that can literally bridge the Microsoft-SIP with the H.323 protocol. This presents user experience issues as well as it is a resource intensive solution for mixing signaling protocols Figure 19: Individual registration model call limitations – H.323 calling Calling ISDN video conferencing systems requires an MCU or embedded Multisite The same restrictions apply when trying to call an ISDN video conferencing system from an Office Communicator client as when calling from Office Communicator to an H.323 video conferencing system. For this reason, TANDBERG also recommends the CVI approach to integration (see the next chapter). Audio gateway calling not supported with Individual registration When using an audio gateway or PBX integration with Office Communications Server, the Microsoft environment expects the number normalization to occur on the end client (Office Communicator or the video conferencing endpoint in this case). Typically, number normalization occurs in the network and not on the end client. Unless the endpoint supports the Microsoft model of number normalization, even if the endpoint can register with the Office Communications Server and make audio/video calls with Office Communicator clients, it will not be able to leverage the audio gateway associated with the environment. This is limiting for conference room based meetings in which an audio participant is added to the video call hosted on the conference room © 2010 TANDBERG Page 28 of 67
  29. 29. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 system. It is also limiting in the environment where users would like the video conferencing endpoint to be their phone replacement. The TANDBERG CVI integration provides a solution to this limitation of the Individual registration model – see the next chapter. Video conferencing feature set limitations When a video conferencing system is registered to Office Communications Server or any other call control platform that is not designed with video conferencing in mind, typically there are limitations to the video conferencing feature set. For example, there is a protocol for content sharing in the video conference environment; however, this is not support by Office Communications Server. Therefore, video conferencing endpoints lose this feature with the Individual registration model. This is addressed in the CVI model – see the next chapter. 5.7 Products supporting Individual registration The following TANDBERG products support Individual registration: • MXP (F software series) with Office Communications Server 2007 R1 and R2 • E20 (TE software series) with Office Communications Server 2007 R1 and R2 • MCU 4200 and 4500 series and the MSE 8420 and 8510 blades series – Office Communications Server 2007 R1 only (For R2 interoperability the CVI model described later is this document is required) © 2010 TANDBERG Page 29 of 67
  30. 30. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 6 Comprehensive Video Integration - details The integration between VCS and Office Communications Server is based on a SIP trunk between both environments (see Figure 4). Leveraging the SIP trunk capabilities of VCS enables the most dynamic combined environment by allowing them to work seamlessly with one another without limiting the unique capabilities of each environment. This section provides additional detail about this SIP trunk and two possible options for how to leverage it in an Office Communications Server environment. (Refer to the TANDBERG Deployment Guide: Microsoft OCS 2007 R1 and R2 and VCS Control X5 for details on how this trunk is configured.) There are two elements to the SIP trunk between VCS and Office Communications Server: the SIP trunk itself and an application which runs on the VCS that utilizes it known as the “OCS Relay”. This application enables additional advanced functionality above that possible with a standard SIP trunk in an Office Communications Server environment. In order to leverage the SIP trunk between VCS and Office Communications Server, there are two main attributes which must be configured on Office Communications Server. • Trusted Host: The SIP Trunk between VCS and Office Communications Server leverages the Trusted Host model supported by Office Communications Server; therefore, the VCS must be configured as a Trusted Host. • Static Route: In order to route calls from the Office Communications Server Environment to the video conferencing environment a static route must be defined on Office Communications Server. While Office Communications Server R1 only allowed routing to a separate domain, Office Communications Server R2 allows the configuration of a static route to the same domain. Tech Tip: The VCS to Office Communications Server integration makes use of the Office Communications Server routing logic to operate. For this reason it is important to understand the call routing logic of the Office Communications Server. When Office Communications Server receives a call it checks the following: • If the user is registered to Office Communications Server. The call is only proxied to the registered OC user. • If the user is not registered but there is an account in AD, Office Communications Server responds with a 480 Temporarily Unavailable. • If the user is not in AD (i.e. therefore not registered to Office Communications Server) the call will be routed through the configured static route.   6.1 SIP trunk base functionality This section describes the basic level of functionality provided by VCS over the SIP trunk with Office Communications Server without the OCS Relay capability enabled. This is provided for customers who wish to enable and test the basic connection between VCS and Office Communications Server so they know what to expect before enabling the recommended OCS Relay capability for the best level of support and the most scalable solution. See the section, SIP trunk advanced capabilities – OCS Relay Basic SIP Trunk functionality includes: • Authentication/authorization: AD accounts not required • Basic presence: offline and available presence for VC systems registered into the VCS network © 2010 TANDBERG Page 30 of 67
  31. 31. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 • Protocol interworking: Microsoft SIP to SIP/H.323 o Enables support for 3rd Party video conferencing systems • Bandwidth management for calls between VCS and • Video conference feature set o Dual stream support o Multiway 6.1.1 Security Authentication/authorization When video conference endpoints register individually with Office Communications Server, they must have a valid AD account. Often this is not an issue, particularly for customers who are using the TANDBERG – Microsoft Exchange integration. In this case, AD accounts will have been created previously for the endpoints in order to create their exchange mailbox accounts for scheduling purposes. However many deployments do not have AD accounts configured for video conferencing endpoints. The SIP trunk between VCS and Office Communications Server allows for these devices to be easily integrated into the Office Communications Server environment with minimal additional configuration. Example An organization is trying to integrate their existing video conferencing network with their Office Communications Server deployment. The video conferencing network is deployed as conf.room@video.fictbiz.com and their Office Communications Server deployment is configured as first.last@company.com conf.room@video.fictbiz.com alice@fictbiz.com Any standards-based SIP TRUNK video conferencing system supported by VCS @fictbiz.com @video.fictbiz.com Alice can enter In this example no AD account is conf.room@video.fictbiz.com in needed for the conference room the Office Communicator search system, however Alice must know Field; she can then right click to the full URI. Also a route is needed “Start a Video Call”. to video.fictbiz.com Figure 20: Video conferencing to Office Communications Server integration – AD accounts not required This organization can configure their VCS to interface with Office Communications Server and define a static route on Office Communications Server to interface with VCS. This configuration allows calling between Communicator and the conference room in both directions. The above case is an example of a multiple domain deployment. The VCS also supports single domain deployments. (The section on the Advanced capabilities of the SIP trunk covers how to © 2010 TANDBERG Page 31 of 67
  32. 32. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 leverage AD accounts in the integration so that users do not need to be aware of the multiple domains and can take advantage of the Office Communicator search capabilities.) Signaling encryption (TLS vs. TCP) Where the OCS gateway VCS communicates directly to an Office Communications Server Director or Front End Processor (FEP) (not through a Hardware Load Balancer) use of TCP in the initial deployment can facilitate functional verification and troubleshooting. Certificate creation, loading and then enabling TLS can be carried out once the system is operational. If hardware load balancers front end the Office Communications Server system, it is recommended that TLS is used from the outset. In general TANDBERG recommends using TLS in final deployments, following the certificate creation guide and the VCS deployment guide will lead you through to a successful TLS installation. See the reference section of this document for further information on the aforementioned guides Media encryption (SRTP) Currently both TANDBERG and Microsoft have implementations of the SRTP (Secure Real Time Transport) protocol for encryption of media (i.e. encryption of the audio and video traffic). However, the implementations are not interoperable at this time. TANDBERG is working on addressing these differences, as well as investigating the implications for interoperability between the SIP and H.323 versions of media encryption. Therefore on the Office Communications Server Front End Servers, it is important to set encryption to either “Support Encryption” which means it is optional or “Do Not Support” which means it is turned off. TANDBERG recommends setting the encryption state to “Support Encryption” in order to allow Office Communicator to Office Communicator calls to be encrypted, while calls over the SIP trunk between Office Communicator and video conferencing systems will not be encrypted. If encryption is set to “Required” on the Front End Servers, calls will fail between Office Communicator and the video conferencing environment. Tech Tip: The Microsoft Office Communications Server 2007 R2 is delivered with the Front End Server encryption policy set to “Required”. While the Office Communicator 2007 R2 client has its encryption setting as “best effort” by default the Front End server setting has precedence; therefore this is all that is needed to force encryption in an Office Communicator environment. However, some organizations also leverage a Group Policy object to set the registry on the client machine to “require” encryption as well. TANDBERG is not recommending this practice but rather drawing attention to it in order to help with troubleshooting when there is a security mismatch. If there is a security incompatibility as indicated above, when calling between Office Communicator and the video conferencing environment over the TANDBERG VCS Gateway integration with Office Communications Server, the following should be checked: © 2010 TANDBERG Page 32 of 67
  33. 33. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 It is also possible to verify the value of the registry setting on a client machine to determine the encryption state. 0 = Support Encryption 1 = Require 2 = Do Not Support   6.1.2 Presence/Contact search The TANDBERG VCS supports SIP for Instant Messaging and Presence Leveraging Extensions (SIMPLE) for presence. With the base SIP trunk between VCS and Office Communications Server the “offline” and “available” call states are supported via standards-based SIMPLE interoperability. Office Communications Server has implemented a variation of the SIMPLE protocol when it comes to the “in call” presence state; therefore, “in call” presence is not supported. Office Communicator users must enter the entire name/address of the user/room they are trying to connect to if that user/room does not have a valid AD account. This is the case with the basic SIP trunk between VCS and Office Communications Server. © 2010 TANDBERG Page 33 of 67
  34. 34. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Tech Tip: Office Communicator leverages AD to search for users. Because the basic SIP trunk between VCS and OCS does not require an AD account for the video conferencing system, the Office Communicator user must enter the entire name of the video system they are trying to reach. After the name has been entered in Office Communicator, the contact can be added to the Contact list like any other contact and called like any other contact (right click and select Start a video call). The OCS Relay function of VCS supports both the “in call” presence state and actual search from Office Communicator; another reason why TANDBERG recommends that the basic SIP trunk capabilities between VCS and OCS be used only for initial set up and testing, as well as to understand the interworking between VCS and OCS. However, the recommendation is to leverage the OCS Relay function of VCS which provides advanced capabilities over the basic SIP trunk capabilities. OCS Relay is described later in this document. Tech Tip: In an “OCS Gateway” deployment, the VCS presence server for the OCS Relay / OCS Domain should be enabled on the OCS Gateway VCS 6.1.3 Basic SIP trunk summary The implementation of the basic SIP trunk as outlined in this section enables the core capabilities of the integration between the VCS and Office Communications Server. After the SIP trunk is in place, the VCS can be used for the following Office Communicator scenarios: • Basic presence indication of video conferencing systems in Office Communicator (offline and available). • Point-to-point calling to/from Office Communicator to video conferencing systems regardless of protocol, including: o Telepresence. o Conference rooms. o Personal video conference systems. o External H.323 video conferencing systems. • Multiparty conferences on standards-based MCUs. • Video conference system calling to PSTN via OCS-based audio gateway. • Bandwidth management for the above call scenarios. These scenarios are covered in more detail in the CVI use cases chapter. 6.2 SIP trunk advanced capabilities – OCS Relay VCS contains an application called “OCS Relay” which provides advanced functionality in addition to the basic SIP Trunk between VCS and Office Communications Server. OCS Relay allows video conferencing systems which are registered into the VCS environment to have their registration “proxied” into Office Communications Server allowing video conference systems to appear as Office Communicator clients to the Office Communications Server. This provides several benefits which are described in more detail later in this document: • Simplifies password management on video conferencing endpoints • Support for contact search from Office Communicator • Single identity support • Improved presence support © 2010 TANDBERG Page 34 of 67
  35. 35. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Tech Tip: OCS Relay requires additional configuration as described in the Configuration Guide and a valid AD/Office Communicator account be configured. Tech Tip: OCS Relay works in both a “same domain” and “separate domain” configuration. In both cases Office Communications Server Relay enables the appearance of a single domain as far as the Communicator user is concerned. The following diagrams show how OCS Relay is used for both the personal device and conference room scenarios. OCS Relay can be extended to any SIP or H.323 registration on VCS; for example, Telepresence systems and conferences hosted on an MCU. This is very useful when enabling 3rd party devices with Office Communications Server, as well as for older video conferencing systems which only support H.323 and may never be able to register directly with Office Communications Server. Figure 21: OCS Relay – Conference room model © 2010 TANDBERG Page 35 of 67
  36. 36. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Figure 22: OCS Relay – Personal system and single identity support 6.2.1 Simplified password management - Authentication/authorization The Individual registration model requires that the video conferencing devices register and authenticate directly with the Office Communications Server, which can present some administrative challenges. Often organizations have password expiration policies that require users to reset their passwords on a set interval. This is a common practice and easily adhered to in a PC environment; however, it may present issues when video conferencing devices are registered individually to Office Communications Server because most video conferencing devices often do not provide a user interface that is conducive to accessing and changing passwords. This has traditionally been the domain of the video conferencing equipment administrator. One option is to allow passwords not to expire for video conferencing systems. Whether this is an acceptable solution depends on the level of adherence to the internal policy. However, there is another consideration which must be taken into account. Personal video conferencing systems such as the TANDBERG 1700 MXP or TANDBERG E20 have grown in popularity over the years: these systems are often configured with the credentials of a given user. When considering personal video conferencing appliances it is no longer a simple matter of setting the password expiration policy to never expire. The VCS provides a better approach to password management, leveraging the Trusted Host relationship with Office Communications Server. Both personal systems and conference room systems may be registered with VCS and then the OCS Relay proxies their registration into Office Communications Server making them appear like any other Office Communicator registration without the need to administer password credentials on the video conferencing systems themselves. Note there are authentication mechanisms which may be employed between the endpoint and VCS. (See the TANDBERG endpoint and VCS Administrator guides for additional information.) © 2010 TANDBERG Page 36 of 67
  37. 37. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 6.2.2 Presence/Contact search The VCS’s OCS Relay application has three key elements relating to presence: • Implementation of the Microsoft Office Communications Server 2007 enhanced presence model • Support for single identity • Presence aggregation Enhanced presence model The OCS Relay application on VCS leverages the Office Communications Server 2007 Enhanced Presence Model (in contrast to other video conferencing vendors who have only implemented the Microsoft 2005 Presence Model that is a remnant from the Live Communications Server environment). Implementation of the 2007 Enhanced Presence Model simplifies configuration of the corresponding Office Communicator account – there is no need to disable “enhanced presence” for these accounts, and doing so limits user functionality provided by Office Communications Server 2007(R2). Single identity The notion of a “single identity” is a very important paradigm in Unified Communications. Microsoft has a function called MPOP (Multiple Points of Presence): the ability for the Office Communications Server platform to support multiple devices registered as a single user. For example, MPOP allows a user to be logged in on Office Communicator on two different PCs as well as running Communicator Mobile. The presence from all three devices is then aggregated by Office Communications Server and calls to this user are forked to all three devices, as appropriate. VCS supports a similar call forking mechanism based on its FindMe functionality. The OCS Relay ties these “single identity” mechanisms together, allowing users to have both Office Communicator devices and video conferencing devices under one single identity in the combined Office Communications Server and VCS environment. When OCS Relay is enabled and configured, the accounts which have been registered to Office Communications Server via the OCS Relay have valid AD accounts (see Figure 21:and Figure 22:). Therefore searching for these users is just like searching for any other valid contact from within Office Communicator: just start entering the name in the search field and Office Communicator does the look up. This applies to both personal users and room systems. For personal users, the Office Communicator URI is found and there is no indication if the user has a corresponding OCS Relay registration. This is the normal and correct behavior because it allows the user to have a single identity regardless of what devices may be associated with the user. Then it is possible to initiate a video call to that user and the called party is able to answer the call on the device that is most convenient, possibly a PC with a USB camera or their TANDBERG video endpoint. Presence aggregation The use of OCS Relay also has deployment benefits: when OCS Relay is implemented, the video conferencing systems publish presence to the Office Communications Server. It is then the responsibility of Office Communications Server to manage presence subscriptions from Office Communicator clients. OCS Relay allows customers to take advantage of the scale that Office Communications Server enables for managing and distributing presence across a very large organization. © 2010 TANDBERG Page 37 of 67
  38. 38. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Figure 23: OCS Relay and presence aggregation 6.3 Integrated architecture - VCS considerations There are two main VCS architecture options for integration with Office Communications Server. • Recommended architecture based on a separate VCS environment serving as the gateway to Office Communications Server, called the “OCS Gateway” in this document. • Simplified architecture based on enabling the Office Communications Server gateway functionality on the VCS environment, which also acts as the VCS Control for the video conferencing environment. Figure 24: VCS architecture options The following benefits of a dedicated VCS acting as an OCS Gateway should be taken into account when determining the architecture for a given deployment. © 2010 TANDBERG Page 38 of 67
  39. 39. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 Simplified administration • All OCS-related functionality is running on a dedicated VCS environment. • All video conferencing is running on a dedicated VCS environment. • Limits the number of “trusted devices” configured on Office Communications Server. • Simplified “domain” support between the Office Communications Server environment and the video conferencing environment. VCS license utilization Office Communications Server interworking requires that all calls are interworked and therefore routed through the VCS in order to modify the Microsoft signaling to work with the standards-based video conferencing environment. This means that VCS must have its “Call Routed Mode” set to “Always”. In a typical video conferencing deployment, TANDBERG recommends the “Call Routed Mode” be set to “Optimal” in order to make the most efficient usage of the call licenses. Therefore a separate VCS environment acting as an OCS Gateway is recommended. Presence propagation A separate VCS environment acting as the OCS Gateway which is configured as the video network’s presence server allows the OCS Gateway to handle the subscriptions and presence requests from Office Communications Server for the video network. This prevents presence requests from having to propagate through the video conferencing network. Advanced Configuration The OCS Relay function leverages a configuration tool on the VCS knows as CPL (Call Processing Language). CPL is also used on VCS for advanced functions such as defining policy for ISDN gateway usage or policy for compliance recording of video conference calls. It is often difficult to combine CPL for various functions; therefore, enabling a separate VCS environment to act as an OCS Gateway provides separate CPL scripts for the appropriate portions of the network. See the TANDBERG Deployment Guide: Microsoft OCS 2007 R1 and R2 and VCS Control X5 for: • Additional information behind the importance of a dedicated VCS environment acting as an OCS Gateway. (See the section, “Why add an OCS Gateway VCS Control”.) • Architecture implications of the Microsoft Director server. (See the appendix, “VCS and Microsoft OCS Director”.) • Architecture implications of hardware load balancers in the Microsoft Office Communications Server environment. (See the section, “VCS and hardware load balancers in front of a bank of FEPS”.) © 2010 TANDBERG Page 39 of 67
  40. 40. TANDBERG Telepresence and Video Conferencing with Microsoft Office Communications Server 2007 R2 7 CVI use cases The following use cases are based on an environment configured with OCS Relay. The following diagram depicts the elements required in the solution for the various call scenarios: not all elements are required for all call scenarios. Note: The VCS Control shown in this diagram has been simplified for the purpose of illustration: the VCS Control image represents both a VCS environment acting as the OCS Gateway and the VCS Control for the video conferencing network. Figure 25: Example CVI architecture 7.1 Office Communicator to video conference room system This model provides the same user experience as that of the Individual registration call scenario between Office Communicator and video conference rooms. However, this model extends the reach of this scenario to any standards-based video conferencing system supported by VCS. These can be SIP- or H.323-based video conferencing systems (TANDBERG and 3rd party video conferencing equipment), and the OCS Gateway model removes these protocol complexities from the end user allowing them to use the interface that they are familiar with. In order to make a video call from Office Communicator to a video conference room, users: • Search for the conference system, if it is not already in the user’s Contact list. • Right-click on the conference room system contact. • Start the video call. © 2010 TANDBERG Page 40 of 67

×