The document discusses Microsoft Lync Server 2010 Edge architecture and scenarios. It provides an overview of the Edge topology and components, including the Access Edge Server, Web Conferencing Edge Server, and A/V Edge Server. It then summarizes scenarios for external user access, public IM federation, and NAT traversal using STUN, TURN, and ICE to relay media packets between internal and external clients.
The presentation introduces to local ethernet networks. Explains physical and data link OSI layers of ethernet networks. Few fundamental terms are also explained:
- duplex and half duplex communication
- collision domain
- ethernet switch logic
- VLAN tags
CISCO - CCNA 200-120
These notes will be the basis for more detailed revision.
These "CCNA 200-120" Revision Notes consist of concise summaries or outlines of topics covered, lists of essential information needed.
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
The presentation introduces to local ethernet networks. Explains physical and data link OSI layers of ethernet networks. Few fundamental terms are also explained:
- duplex and half duplex communication
- collision domain
- ethernet switch logic
- VLAN tags
CISCO - CCNA 200-120
These notes will be the basis for more detailed revision.
These "CCNA 200-120" Revision Notes consist of concise summaries or outlines of topics covered, lists of essential information needed.
If the number of spine switches were to be merely doubled, the effect of a single switch failure is halved. With 8 spine switches, the effect of a single switch failure only causes a 12% reduction in available bandwidth. So, in modern data centers, people build networks with anywhere from 4 to 32 spine switches. With a leaf-spine network, every server on the network is exactly the same distance away from all other servers – three port hops, to be precise. The benefit of this architecture is that you can just add more spines and leaves as you expand the cluster and you don't have to do any recabling. Intuition Systems will also get more predictable latency between the nodes.
As a trend, disaggregation seems to be most useful for very large companies like Facebook and Google, or cloud providers. The technology does not necessarily have significant implications for small or medium sized businesses. Historically, however, technology has a way of trickling down from the pioneering phases of existing only within large companies with tremendous resources, to becoming more standardized across the board.
Application Visibility and Experience through Flexible NetflowCisco DevNet
The world of applications is changing rapidly in the enterprise; from the way applications are increasingly hosted in the cloud, the diverse nature of apps and to the way they are consumed by many devices. The need for organizations and network administrators is to focus on "Fast IT" - "Innovation in the Enterprise" is growing, which means having to spend less time on daily operations, maintenance and troubleshooting and more time on delivering business value with newer services. Cisco AVC with its NBAR2 technology is designed to detect applications and measure application performance through measuring round trip time, retransmission rates, jitter, delay, packet loss, MoS, URL statistics etc. Those details are transmitted using Flexible Netflow/IPFIX, so partners could leverage the data for application usage reporting, performance reporting and troubleshooting application issues to deliver best possible application experience.
Watch the DevNet 2047 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92664&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
SVR402: DirectAccess Technical Drilldown, Part 2 of 2: Putting it all together.Louis Göhl
Take a sprinkling of Windows 7, add Windows Server 2008 R2, IPv6 and IPsec and you have a solution that will allow direct access to your corporate network without the need for VPNs. Come to these demo-rich sessions and learn how to integrate DirectAccess into your environment. In Part 1 learn about IPv6 addressing, host configuration and transitioning technologies including 6to4, ISATAP, Teredo and IPHTTPS. Through a series of demos learn how to build an IPv6 Network and interoperate with IPv4 networks and hosts. In Part 2 we add the details of IPSec, and components that are only available with Windows 7 and Windows Server 2008 R2 to build the DirectAccess infrastructure. Learn how to control access to corporate resources and manage Internet connected PCs through group policy. Part 1 is highly recommended as a prerequisite for Part 2.
As enterprises move to the cloud, robust connectivity is often an early consideration. AWS Direct Connect provides a more consistent network experience for accessing your AWS resources, typically with greater bandwidth and reduced network costs. This session dives deep into the features of AWS Direct Connect and VPNs. We discuss deployment architectures and demonstrate the process from start to finish. We’ll show you how to configure public and private virtual interfaces, configure routers, use VPN backup, and provide secure communication between sites by using the AWS VPN CloudHub.
Tools to aid in automatic deployments of Windows 8. This includes The Assessment and Deployment Kit (ADK), Microsoft Deployment Toolkit (MDT) and System Center 2012 Configuration Manager.
Cloud Intelligence - Get Your Head Out of the CloudsHarold Wong
Cloud Intelligence Conference Presentation: Introduction to Cloud Computing (Public, Private, Hybrid) with a level set on terminology and capabilities.
Cloud Intelligence - Build a Private Cloud in a 1,000 Easy StepsHarold Wong
Cloud Intelligence Conference Presentation: Guidance on what it really takes to build a Private Cloud using Microsoft technologies. The main focus is on getting started with a lab and providing next steps to really get going.
IT Camp Content. Overview of Server Migration Tools to get from Windows Server 2003 (or newer) to Windows Server 2008 R2. The migration tools are valid for core Windows infrastructure components such as Certificate Services, DHCP, File and Print, etc. This deck covers the basic setup and walks through File and Print and DHCP migration.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
56. Lync Server Edge scenarios External User Access Lync clients can transparently connect to the Lync Server deployment over the public Internet PIC Connecting with public IM providers Federation Federation with other Enterprises IM&P only, or All modalities A/V and Application Sharing
58. Terms & Acronyms Candidate Possiblecombinationof IP addressandportformediachannel NAT Network Address Translation TURN TraversalUsing Relay NAT STUN Simple Traversal of UDP through NAT Session Traversal Utilities for NAT
59. Home NATs General NAT/Firewall behavior Allow connections from the private network Blocks connection from the Internet Security/usability tradeoff Blocks attackers from harming your system PROBLEM: Also blocks incoming signaling and media Home Internet Home NAT
60. Corporate Firewalls Though more scrutinized, goals are similar Sharing of IP addresses Controlling data traffic from the internet Two firewalls isolate via perimeter network Work Perimeter Network Internet Inner FW Outer FW
61. Why is NAT Traversal a problem? SIP signaling over TCP uses Access Edge UDP media flows over separate channel Pre-ICE endpoints uses local IPs & ports No media can be sent between (a) and (w) UDP TCP INVITE m/c = a 200 OK m/c = w Access Edge Home Work a w Outer FW Inner FW Home NAT
62. Solution – STUN, TURN, ICE Add a Media Relay (aka A/V Edge Server) STUN reflects NAT addresses (b) and (e) TURN relays media packets (c) (d) (x) (y) ICE exchanges candidates (cand) and determines optimal media path All three protocols based IETF standards UDP TCP INVITE m/c = a 200 OK m/c = w Access Edge Home Work cand=a,b,c,d,e cand=w,x,y c b a STUN TURN Server (AV Edge) w d e x y Inner FW Outer FW Home NAT
64. Single IP address Edge Edge Server edge-int.contoso.com 172.25.33.10 SIP: 5061 Web Conf: 8057 A/V Conf: 443, 3478 edge.contoso.com 131.107.155.10 SIP: 5061 Web Conf: 444 A/V Conf: 443, 3478 Internal External
65. Multiple IP address Edge Edge Server access.contoso.com 131.107.155.10 443, 5061 External SIP edge-int.contoso.com 172.25.33.10 SIP: 5061 Web Conf: 8057 A/V Conf: 443, 3478 webcon.contoso.com 131.107.155.20 443 Internal External Web Conf av.contoso.com 131.107.155.30 443, 3478 External AV
66. Edge using NAT IP addresses Public IP space NAT Edge Server IP1 IP1’ External SIP Lync Server does not need to know translated SIP and Web Conf IP IP2’ IP2 Client Int External Web Conf Clients connect to IP for A/V traffic Translated AV IP must be configured in Lync Server IP3’ IP3 External AV
67.
68.
69. DNS Load Balanced Edge using NAT NAT Public IP space Edge Server 1 IP1 IP1’ DNS A records access.contoso.com IP1’ and IP4’ webcon.contoso.com IP2’ and IP5’ av.contoso.com IP3’ and IP6’ Int IP2 IP2’ IP3 IP3’ Translated AV IP addresses must be configured in Lync Server individually IP3 to IP3’ IP6 to IP6’ Edge Server 2 IP4 IP4’ Int IP5 IP5’ IP6 IP6’
70. Hardware Load Balanced Edge HLB Public IP space Edge Server 1 IP1 DNS A records access.contoso.com VIP1 webcon.contoso.com VIP2 av.contoso.com VIP3 Int IP2 IP3 VIP1 VIP2 AV client connections are initiated over the VIP. Subsequent client AV traffic (UDP) connect directly to Edge. TCP traffic continues to use VIP. NAT and HLB is not possible Edge Server 2 VIP3 IP4 Int IP5 IP6
71. DNS Load Balancing and Interop/Migraion Co-existence/Side-by-Side OCS 2007 OR OCS 2007 R2 pool and Edge Server can co-exist with Lync Server pool and Lync Edge Server Only a single Edge (server/pool) for Federation is possible DNS Load Balancing Legacy components do not support DNS LB If co-existence time is short: DNS LB If co-existence time is long: Hardware LB
73. Reverse Proxy and external access Forwards External HTTPS and HTTP traffic to Front End and Director Pool HTTPS Simple URLs (Join Launcher URL) Address Book (download and/or web service) ABS Distribution List Expansion DLX Web Ticket (Web Auth) HTTP Device Updates (Firmware) Device Update logs upload
74. Reverse Proxy and external access Simple URL forward to Director (recommended) Forwarding rule for Simple URL to a single Director (or Pool); port 443 Reverse Proxy certificate’s SAN to contain base FQDN of each Simple URL Web External Pool traffic forwarded to pools by Reverse Proxy Reverse Proxy requires a forwarding rule each Web External FQDN (Front End Pool and Director); port 443 If external Phone Devices are implemented, Reverse Proxy rule for port 80 is required Reverse Proxy certificate’s SAN to contain base FQDN of all configured Web external Pools (Front End Pool and Director)
75. Reverse Proxy Front End Pool1 Reverse Proxy Front End Pool2 Client Director join.contoso.com to Director meet.fabrikam.com to Director webext1.contoso.com to Pool 1 webext2.contoso.com to Pool 2 DNS LB not supported for HTTP/S traffic SAN in Reverse Proxy Certificate
84. Edge Validation Public Web Service Tool available for Edge Validation Supports OCS 2007 R2 and Lync Server 2010 https://www.testocsconnectivity.com
86. More Terms Internal IP address The IP address assigned to the network interface of the client computer. Reflexive IP address IP address of the public address assigned to the home router. Media relay address The public IP address of the Audio/Video Edge service that is associated with the internal Lync 2010 user’s pool.
87. nic a c default MRAS a b b c Allocate UDP candidate list c Media Relay Allocate TCP d e d e UDP TCP local remote Endpoint NAT/Firewall AddressDiscovery (AV)
88. c Address Discovery (Desktop Sharing) nic a default a MRAS b c candidate list Media Relay Allocate TCP c b UDP TCP local remote Endpoint NAT/Firewall
89. Address Exchange TURN TURN nic nic a b w x SIP INVITE c :: a,b,c,d local remote local remote y y c c default default 183 Session Progress y :: w,x,y,z w a a w 200 OK y :: w,x,y,z x b b x candidate list candidate list y c c y z d d z c y d z SIP NAT/Firewall Endpoint NAT/Firewall Endpoint 45
Slides Objective:Give an overview over the sessionNotes:This session will include the most important topics around changes for Edge Server in Lync Server 2010:Edge Scenarios – what Edge enables your users to doInterop Federation – Federations with non OCS/Lync Server 2010 environments: PIC, XMPP, Sametime, CiscoPlan for Edge –FQDNs/Simple URLs, Certificates, Firewall, Load BalancingManage Edge – Install, BigFin, FederationsEdge Architecture with Multiple sites
Slides Objective:Give an overview of ArchitectureNotes:Edge Server enables a Lync Server 2010 deployment to communicate with external participants – Remote users, Federated users (including PIC) and anonymous users. On the left side we have the public network/internet, then we have a perimeter network between an internal and external firewall. On the right side we have the internal network.In the perimeter the Edge Server runs three services: Access Edge, Web Conferencing Edge und AV Edge. Additionally there is a Reverse Proxy, publishing meeting content, address book, and group expansion.The director in the internal network is an optional role, that acts as a next hop server. It adds additional security and – in a deployment with multiple internal pools – offloads the distribution of users to their home pools.The internal deployment here is simplified, of course there can be additional components such as AV conferencing pool, Exchange UM, Monitoring Server,…Also the symbols for Edge and Front End show a pool, also single servers can be used.
Slide Objective: Discuss the planning for Edge Server locationsNotes: This is the same as in OCS 2007 R2. The only way to install Edge is as a consolidated Edge with all three server roles (Access Edge, Web Conferencing Edge, AV Edge). While multiple Edge Server (pools) can be used as SIP ingress points for remote user, only a single Edge Server (pool) can be used for Federation traffic (including PIC). However, the SRV record will point only to one Edge Server (pool) that is used for client sign in. To use localized Edge Servers (pools) for SIP traffic, GPOs can be used to specify connection settings.However, it is important to know, which Edge Server and also which Edge Server role is used when by a user. Remote users for SIP traffic always use the Access Edge Server they used for sign in (located either through automatic login or via “manual” configuration/GPO). Independently they will always use the AV Edge Server that is assigned to their home pool.For Federation/PIC traffic, the Access Edge server used for outgoing route is configured for the whole deployment. However, the AV Edge Server used for media sessions will always be the one, assigned to the home pool of a user.Because media traffic is very dependent on network quality such as latency, it makes complete sense to use localized Edge servers in all locations where you have also a pool.For conferences, the Web Conferencing Edge server and the AV Edge Server used for the conference will be the one assigned to the home pool of the user organizing the conference.
Slides Objective:Explain Edge Server ScenariosNotes:Edge Server is useful in a number of scenarios. Depending of the type of communication partner, different features are available. This is a description of the features:PresenceIM 1:1 – two party instant messagesIM conferencing – IM sessions with more than two usersCollaboration– Share the desktop, one or more applications, whiteboard and filesA/V 1:1 – two party Audio-/VideoA/V conferencing: Audio-/Video sessions with more than two peopleFile Transfer: Sending files over Lync 2010, two party only; in Lync Server 2010 File Transfer uses the ICE protocol to establish a media path between two endpoints. That means that in contrast to earlier versions of Lync 2010, we can now transfer files trough NATs and firewalls. In conferences, files are not sent directly to other users, they are uploaded to the meeting on Lync Server 2010 and participants can download it from there.In general there are four different kind of users that interact with an Edge environment:Remote Users: These are users of the same company, with an Active Directory account, however these users are not connected to the internal enterprise network and are also not using any VPN connection.Remote users will have the full feature set and the same user experience as internal users.Federated Users: Federated users are users from a different company with an Active directory account at that different company. They are configured for OCS at the other company and between your company and the other company, a Federation is established: a trust relationship to allow users from both companies to communicate with each others.Federated users will have the full features set except for address book. There is no address book sharing over the Edge Server, but contacts can be added to Active Directory Domain Services (AD DS) so that Federated users can be found. In Lync 2010, Federated users are marked with a planet icon to distinguish them from internal users. If the federation partner has an older version of Lync Server 2010, the user experience will be the same as in Migration/co-existence scenarios and the feature set will be limited. However, same as for co-existence, Federated users can use the Lync Attendee to join meetings with the full feature set.Anonymous users are users without an AD account in your OCS environment nor in a Federated one. These users can use the AOC to join meetings. However, the AOC does not offer presence or 1:1 capabilities – from a technical perspective this is a conference and hence hosted on a conference server, without peer-to-peer traffic in the client. Of course, you can have a conference with only two participants.Non Lync Server 2010 Federation partners such as PIC (MSN, Yahoo!, AOL) or XMPP partners support only basic presence (a reduced set of presence status) and 1:1 IM. The only exception is MSN, that will offer AV capabilities with the Windows Live Messenger client from Windows Live Essentials 2011.
Slides Objective:Discuss Federations with non-OCS/Lync Server 2010 environmentsNotes:Lync Server 2010 offers a number of interoperability scenarios with non OCS/Lync Server 2010 environments. Goal of this and the following slides is to give an overview over the solutions and create awareness of the possibilities, not to give deep dive configuration information. Detailed information is provided in the links sections.PIC (Public Internet Connectivity) is the integration of public Instant Messaging providers into Lync Server 2010. PIC can be activated also only for a subset of PIC partners.IBM Lotus Sametime and Cisco Presence allow integration for IM and Presence, on the Lync Server 2010 side this is configured as Federation.For XMPP an additional server in the perimeter network is required with the XMPP gateway installed on it. The XMPP gateway is provided by Microsoft and does not require an additional license.
Slides Objective:Provide a brief overview on how to set up interop FederationsNotes:Federation with Windows Live and AOL do not need additional licenses, Federation with Yahoo! requires the LyncServer 2010 Public IM Connectivity (PIC) per user subscription license. The LyncServer 2010 PIC license is sold separately on a per-user, per-month basis as a Microsoft service. PIC service licenses are available for Microsoft Volume License customers only.http://www.microsoft.com/en-us/lync/public-im-connectivity.aspxFederation with Google Talk and Jabber can be enabled through the Microsoft Office Communications Server 2007 R2 XMPP Gateway, available at no additional licensing cost. This Gateway provides presence sharing and instant messaging (IM) with XMPP networks like Google Talk.IBM Lotus Sametime requires version 8.0.2 with Hot-Fix One (HF1) or above of Sametime – Sametime is SIP/SIMPLE based – required Sametime Gateway.http://publib.boulder.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=/com.ibm.help.sametime.v85.doc/config/config_gw_conn_ocs.htmlCisco Unified Presence requires at least Unified Presence Server 7.0 and Adaptive Security Appliance 8.0.4.X. A guide for Federating Cisco Unified Presence with OCS can be found here: http://www.cisco.com/en/US/docs/voice_ip_comm/cups/7_0/english/integration_notes/federation/Integration_Guide_for_Configuring_Cisco_Unified_Presence_70__for_Interdomain_Federation.book.pdf
Slide Objective: Discuss Certificate requirementsNotes: Lync Server 2010 requires less public certificates (certificates that are signed by a public certification authority). A single public certificate can be used for Access Edge, Web Conferencing Edge, AV Edge and even Reverse Proxy if the SANs are manually added in the request. Consider the various SANs that might be required (Simple URLs, multiple domains)The wizard can automatically add all required Subject Names/Subject Alternate NameFor the internal interface, an internal certificate can be used.
Slide Objective: Explain port changes for Reverse Proxy from OCS 2007 R2.Notes:First explain the setup: this first diagram is about reverse proxy. On the left side is the external network, the internet. On the right side is the internal network, the corp net. In between, there is the perimeter network with an internal and external firewall. For the external interface, port 80 was added on Reverse Proxy. This port was not required in previous version.On the internal interface port 8080 was added to forward all requests send to port 80. Another change is, that request to port 443 are now mapped to port 4443 for web components. This enables us to use on the internal server port 443 for all internal queries and port 4443 for all external queries.
Slide Objective: Explain port changes for Edge Server from OCS 2007 R2.Notes:Again we have from left to right the external network, perimeter network and internal network. There is one Edge Server with all roles installed (Access Edge, Web Conferencing Edge and AV Edge). On the left side, the blue arrows at the top connect to the Access Edge IP. The single arrow in the middle connects to the Web Conferencing Edge and the green arrows at the bottom connect to the AV Edge.On the internal firewall, all connections point to the internal Edge IP address.For replicating the configuration, the central management store (CMS), running on one of the Front End Servers, uses port 4443 to push the configuration file to the internal interface of the Edge Server. The configuration data is stored on a SQL Express database on the Edge Server.
Slide Objective: Explain requirements for the 50,000-59,999 port rangeNotes: This has not changed from OCS 2007 R2.The port range is required for federated media traffic. If Federating with OCS 2007, the port range has to be opened for UDP and TCP in/ and outbound. For Federation with OCS 2007 R2 or Lync Server 2010 only TCP outbound is required.If you don’t open the port range, media to Federated contacts will not work at all (OCS 2007) respectively Desktop Sharing and File Transfer (OCS 2007 R2 and Lync Server 2010) – please note that File Transfer over firewalls will work only Lync Server 2010 to Lync Server 2010.
Slides Objective:Give an overview over the sessionNotes:This session will include the most important topics around changes for Edge Server in Lync Server 2010:Edge Scenarios – what Edge enables your users to doInterop Federation – Federations with non OCS/Lync Server 2010 environments: PIC, XMPP, Sametime, CiscoPlan for Edge –FQDNs/Simple URLs, Certificates, Firewall, Load BalancingManage Edge – Install, BigFin, FederationsEdge Architecture with Multiple sites