2025 - Intercompany Media Engine


Published on

Cullen Jennings from Cisco in his Keynote presentation about Cisco's Intercompany Media Engine and talk about the future of the telecommunication at IMTC 2025 event.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

2025 - Intercompany Media Engine

  1. 1. Cisco Intercompany<br />Media Engine<br />Cullen Jennings, Ph.D.<br />fluffy@cisco.com<br />
  2. 2. TemporaryWorker<br />BranchOffice<br />HQ<br />Customer<br />Consultant<br />Vendor<br />Communities, Not Just Companies:Business Processes Extending Beyond the Enterprise<br />Need for secure, inter-company collaboration driven byglobalization, free agency, customer intimacy<br />2<br />
  3. 3. Current State for UC: Islands of Productivity Interconnected by the PSTN<br />Company A<br />Cisco<br />Unified CM<br />PSTN<br />Gateway<br />Insidethe Organization:<br /><ul><li>Voice
  4. 4. Video
  5. 5. Wideband Audio
  6. 6. Rich Caller ID
  7. 7. Presence
  8. 8. Alert on Available</li></li></ul><li>BetweenOrganizations:<br />Current State for UC: Islands of Productivity Interconnected by the PSTN<br />Company A<br />Company B<br />Session Manager<br />Cisco<br />Unified CM<br />PSTN<br />Gateway<br />PSTN<br />Gateway<br />Insidethe Organization:<br /><ul><li>Video
  9. 9. Voice
  10. 10. Wideband Audio
  11. 11. Rich Caller ID
  12. 12. Presence
  13. 13. Alert on Available
  14. 14. Voice ONLY</li></li></ul><li>The Growing Disparity …… <br />BASIC VOICE<br />BASIC VOICE<br />Joe<br />123<br />Joe<br />123<br />CALLING NAME/NUM<br />CALLING NAME/NUM<br />ALERT ON AVAILABLE<br />COLLAB<br />Enterprise<br />Public<br />Video<br />Roster<br />Rich Caller ID<br />Unified Communications<br />Is landlockedby the PSTN<br />time<br />
  15. 15. Cisco Intercompany Media Engine<br />The Cisco Intercompany Media Engine (IME) represents the first time that companies can conduct secure, high-quality, voice and video telephone calls across the internet - using their existingtelephone numbers - without the need to re-provision or replace currently deployed infrastructure.<br />
  16. 16. Intercompany Boundary-Less Communications Among Business Partners and Customers<br />Cisco Intercompany Media Engine<br />Submitted to IETF: Accelerating business value through standardization<br />Enterprise video telephony and high fidelity wideband audio across companies<br />Enables innovative collaboration capabilities and applications to be shared among partners<br />Secure, efficient network utilization with reduced costs<br />Utilizes SIP and PSTN coexistence<br />Multiple levels of security plus voice spam blocking<br />Effortless for users and administrators<br />Easy to use: Self learning<br />Consistent user experience<br />Company A<br />AtoZ, Inc.<br />Company B<br />Borderline, Inc.<br />
  17. 17. PSTN<br />PSTN<br />Gateway<br />PSTN<br />Gateway<br />Cisco<br />Unified CM<br />Cisco<br />Unified CM<br />Internet<br />Extranet<br />Enterprise B<br />Enterprise A<br />Moves Calls from PSTN to Direct SIP Trunks Automatically<br /> SupportsExisting Phones & Numbers<br />Worldwide Unlimited Scale<br />Low Provisioning – Self Learning<br /> Saves Costs<br />Secure<br /> Works with or without Service Provider<br />Automated Spam Blocking<br /> Brings Full UC Experience<br />QoS Insurance via PSTN<br /> Internet or Extranet<br />
  18. 18. How It Works - Cisco IME High-Level Call Flow<br /><ul><li>All participating enterprise configure Cisco IME and their phone numbers
  19. 19. Enterprise IME Servers then:
  20. 20. Form worldwide P2P network
  21. 21. Publish phone numbers they “own” to P2P network
  22. 22. First call to a number goes over the PSTN
  23. 23. PBX in both enterprises send call info with start and stop time to their IME Servers. This forms a shared secret
  24. 24. Later, the IME Servers performs call validation to servers in P2P network that claim to “own” the number
  25. 25. Provides proof of that previous PSTN call went to the IME server that claims to “own” the number</li></ul>IME<br />Internet/<br />Extranet<br />IME<br />IME<br />IME<br />Enterprise<br />A<br />Enterprise<br />B<br />PSTN<br />
  26. 26. How It Works Cisco IME Call Flow<br /><ul><li>Upon successful validation, the originating side IME Server securely pushes learned route to the PBX
  27. 27. The next call placed to that phone number is a Secure Business to Business call over the IME SIP Trunk instead of PSTN.
  28. 28. Seamless Fallback to PSTN if QoS problems detected</li></ul>IME<br />Internet/<br />Extranet<br />IME<br />IME<br />IME<br />Enterprise<br />A<br />Enterprise<br />B<br />PSTN<br />
  29. 29. How Cisco Intercompany Media Engine Works <br />Session ManagementEdition<br />Unified CM SessionManagement Edition<br />PSTN<br />Company A<br />Company B<br />IntercompanyMedia Engine<br />IntercompanyMedia Engine<br />IP Network<br />Firewall<br />Firewall<br />PBX<br />1. Employee at Company A places a DID voice call to colleague at Company B<br />2. At completion of call, respective Session Management Edition systems send call details to Cisco Intercompany Media Engine<br />3. Company A’s IME initiates validation with Company B’s IME and returns a SIP route and validation ticket to Company A’s Unified CM Session Management Edition, via IME <br />4. Next time employee at Company A calls colleague, Unified CM Session Management Edition places an SIP call over the IP network and sends the ticket in the header to Company B’s firewall to enable the rich media session to securely pass<br />
  30. 30. Cisco IME Security built-in from ground-up<br />All IME traffic is encrypted - media and signaling (TLS+SRTP)<br />Encryption at perimeter firewall - no need to turn on security in your entire enterprise<br />End to end secure media if both phones are in secure mode<br />Dial plan information in the Cisco IME network is hashed. 128 bit node id’s stored not numbers. <br />False number advertisement prevention<br />Spam protection - blocks unwanted calls right at the firewall<br />Protection against Denial of Service Attacks on CPU, memory. and bandwidth<br />Spam<br />
  31. 31. Combining Three Powerful Technologies<br />To provide the first mechanism to move calls from the PSTN and securely send them over any IP network<br />DHT:<br />PSTN:<br />SIP:<br />For Scale (testimony of Scale is Skype with > 500 Mill Users and > 50 Mill users online at a time)<br />For validation of phone number ownership<br />For its flexibility and feature delivery<br />
  32. 32. Enabling a Collaboration “Network Effect”<br />Hosted Boot Strap Server APAC<br />Company “A” SIP Trunk<br />Company “B” SIP Trunk<br />Company “N” SIP Trunk<br />Hosted Boot Strap Server North America<br />Hosted Boot Strap Server EMEA<br />Company “C” SIP Trunk<br />Hosted IME Boot Strap Servers that authenticate, distribute configuration, look for bad guys, send upgrade notifications, license management and more<br />RCDN 8.0 <br />CUCM<br />ViPRNet<br />Public Internet<br />Service Provider Hosted IME Servers<br />Company “E” SIP Trunk<br /> SP Network<br />Company “D” SIP Trunk<br />
  33. 33. IETF Submissions:<br />draft-rosenberg-dispatch-vipr-overview<br />draft-rosenberg-dispatch-vipr-pvp<br />draft-rosenberg-dispatch-vipr-reload-usage<br />draft-rosenberg-dispatch-vipr-sip-antispam<br />draft-rosenberg-dispatch-vipr-vap<br />draft-ietf-p2psip-reload<br />ViPR: VerificationInvolvingPSTNReachability<br />ViPR Standardization Efforts<br />Encouraging Industry-Wide Interoperability from the Start<br />
  34. 34. Cisco Intercompany Media Engine Deployment Components<br />Cisco Media Convergence Servers (MCS) for Cisco IME Server with HP and IBM Software equivalents<br />Large 7845 up to 40,000 users<br />Small 7825 up to 10,000 users<br />Cisco ASA 5500 Series Adaptive Security Appliances (ASA): <br />5510, 5520, 5540, 5550 and 5580 .<br />Version 8.3<br />Cisco Unified Communications Manager 8.0<br />Cisco ASA 5500<br />Cisco Unified CM 8.0<br />
  35. 35. Architecture<br /><ul><li>Cisco ASA 5500 Series
  36. 36. Notifies UCM of need to fall back
  37. 37. Provides TCP/ (TLS) Conversion
  38. 38. Provides RTP/SRTP Conversion
  39. 39. Ticket Validation (Using Shared Secret between ASA and IME Link Server)</li></ul>Cisco IME Server<br />Sits in DMZ<br />Participates in P2P Network<br />Provides Call Validation<br />Sends Route updates to UCM<br />Cisco Unified Communications Manager 8.0<br />Receives updated routes from IME Server; updates dialplan.<br />Publishes DIDs to IME Link Server<br />Executes PSTN Fallback<br />Enrollment Server hosted by GoDaddy.com<br />Certificate Authority for IME Server Certificate<br />IME Server 8.0<br />UCM 8.0 / SME 8.0<br />
  40. 40. Deployment ModelsThree Main Integration Models:<br />ViPRNet<br />ViPRNet<br />ViPRNet<br />Native Cisco Unified CM 8.0 Integration<br />Cisco IME Integration for Cisco Unified CM 6.x and up, with a Cisco Unified CM-SME front end<br />Third Party PBX integration With CM-SME front end<br />1<br />2<br />3<br />Unified<br />CM 8.0<br />Unified<br />SME 8.0<br />Unified<br />CM 6.0<br />Unified<br />SME 8.0<br />3rd PartyPBX<br />SIP<br />SIP<br />ASA <br />ASA <br />ASA <br />PSTN <br />PSTN <br />PSTN <br />Native 8.0 Integration<br />Cisco IME Integrationwith Unified CM 6 +<br />Third PartyPBX Integration<br />