Microsoft Cloud Connector Edition (CCE) is software that provides PSTN and PBX connectivity through Office 365. It discusses CCE architecture, requirements, and deployment options. CCE uses a set of 4 virtual machines (domain controller, central management store, mediation, and edge server) installed on customer hardware to enable Cloud PBX users to use on-premises PSTN/PBX resources while supporting up to 500 concurrent calls. The document also covers CCE call flows, multi-site deployments, redundancy, and automatic updates.
Enhance your Collaboration Experience by Enabling Pervasive Video on your Cis...Cisco Canada
Shawn Cardinal, Cisco Collaboration CSE discusses enhancing your collaboration experience by enabling pervasive video on your Cisco Unified Communications Manager at Cisco Connect Toronto 2015.
Eyeball Server Management User and Administration GuideEyeball Networks
Eyeball Server Management User and Administration Guide
The Eyeball Server Management (ESM) system is used for the administration and monitoring of the server products from Eyeball Networks, such as AnyFirewall™ Servers, SIP Proxy Servers and XMPP Servers. There are three different components of the ESM:
presence-box
User Administration:
add, modify, remove or disable user accounts and set per- user parameters for a server
stats
Server Statistics:
service usage statistics for servers
bandwidth-box
Server Monitoring:
real- time state and load information about your company’s servers
In order to restrict access to the different components, ESM implements a role- based access control model with two roles: ‘administrator’ (full access) and ‘monitoring’ (access to server monitoring only).
The ESM system utilizes a single grouping of users regardless of whether or not a particular user has access to an Eyeball Server or not. For example an account can be created and assigned monitor status within ESM but has no other privileges on an Eyeball Network AnyFirewall, SIP Proxy or XMPP server.
Collaboration Architecture Design: Unified Call Control and Dial plans for Vo...Cisco Canada
learn the latest enhancements on architecture and dialplan for rich media environments which include voice and video and desktop. The products and solutions discussed are relevant for any deployment of SIP, H.323, audio and video endpoints (either hard endpoints or soft clients). Some of the newer features/capabilities we'll discuss include: Global Dial Plan Replication (GDPR), VCS working as a gateway for cross platform B2B. I will discuss call control integrations with Cisco Unified Communications Manager 10.x and Cisco Video Communications Server 8.x and will give guidance on architectural deployments with Cisco Unified Communications Manager on most common scenarios (single site, multiple site, SME topology) for both point-to-point and multipoint calls. For more information please visit our website here: http://www.cisco.com/web/CA/index.html
Enhance your Collaboration Experience by Enabling Pervasive Video on your Cis...Cisco Canada
Shawn Cardinal, Cisco Collaboration CSE discusses enhancing your collaboration experience by enabling pervasive video on your Cisco Unified Communications Manager at Cisco Connect Toronto 2015.
Eyeball Server Management User and Administration GuideEyeball Networks
Eyeball Server Management User and Administration Guide
The Eyeball Server Management (ESM) system is used for the administration and monitoring of the server products from Eyeball Networks, such as AnyFirewall™ Servers, SIP Proxy Servers and XMPP Servers. There are three different components of the ESM:
presence-box
User Administration:
add, modify, remove or disable user accounts and set per- user parameters for a server
stats
Server Statistics:
service usage statistics for servers
bandwidth-box
Server Monitoring:
real- time state and load information about your company’s servers
In order to restrict access to the different components, ESM implements a role- based access control model with two roles: ‘administrator’ (full access) and ‘monitoring’ (access to server monitoring only).
The ESM system utilizes a single grouping of users regardless of whether or not a particular user has access to an Eyeball Server or not. For example an account can be created and assigned monitor status within ESM but has no other privileges on an Eyeball Network AnyFirewall, SIP Proxy or XMPP server.
Collaboration Architecture Design: Unified Call Control and Dial plans for Vo...Cisco Canada
learn the latest enhancements on architecture and dialplan for rich media environments which include voice and video and desktop. The products and solutions discussed are relevant for any deployment of SIP, H.323, audio and video endpoints (either hard endpoints or soft clients). Some of the newer features/capabilities we'll discuss include: Global Dial Plan Replication (GDPR), VCS working as a gateway for cross platform B2B. I will discuss call control integrations with Cisco Unified Communications Manager 10.x and Cisco Video Communications Server 8.x and will give guidance on architectural deployments with Cisco Unified Communications Manager on most common scenarios (single site, multiple site, SME topology) for both point-to-point and multipoint calls. For more information please visit our website here: http://www.cisco.com/web/CA/index.html
Eyeball Networks AnyFirewall Server V10 Administrator GuideEyeball Networks
AnyFirewall Server supports applications on any mobile or fixed device, and supports all NAT types including full cone, address restricted cone, port restricted cone, and symmetric.
AnyFirewall Server delivers complete TURN server functionality, relaying media traffic in port blocked Enterprise level NAT traversal scenarios.
AnyFirewall Server can be deployed with AnyFirewall Engine and AnyFirewall Gateway for an end-to-end firewall and NAT traversal solution, or can be combined with third-party, standards-based products.
NATs and firewalls break end-to-end connectivity for networked applications including voice, video conferencing, file sharing, and online gaming. AnyFirewall Server is a carrier-grade STUN server, providing NAT traversal support through any NAT, firewall, proxy, or UPnP.
This presentation provides an overview of some of the concepts and functions associated with z/OS Communications Server's exploitation of the System z sysplex capability. This includes topics such as dynamic VIPA, sysplex distributor, and sysplex autonomics.
AnyFirewall Engine is the world’s most widely deployed NAT and firewall traversal toolkit, having been deployed to more than 20 million subscribers by licensees including Comcast, Digital Lifeboat, Intel, Maxis, Nokia, Nokia Siemens Networks, Polycom, BlackBerry, Smartvue, and more.
AnyFirewall Engine can be deployed with AnyFirewall Server and AnyFirewall Gateway for an end-to-end firewall and NAT traversal solution, or can be combined with third-party, standards-based products.
NATs and firewalls break end-to-end connectivity for networked applications including voice, video conferencing, file sharing, and online gaming. AnyFirewall Engine is a software toolkit, based on STUN, TURN, and ICE, which enables guaranteed firewall and NAT traversal for fixed and mobile applications over any fixed or mobile network, through any NAT or firewall, and to any device.
Understanding and Troubleshooting ASA NATCisco Russia
Презентация с вебинара, организованного в рамках сообщества Cisco Support Community.
Приглашаем Вас на другие мероприятия Cisco Support Community, а также к участию в жизни нашего сообщества технической поддержки Cisco:
http://cs.co/CSCRu
Squire Technologes: Session Border Controller (SVI_SBC) Presentation. Highlighting the key features and functionality of the SVI_SBC. The Session Border Controller provides a mature, proven carrier grade technology packed with feature rich capabilities allowing operators to rapidly deploy services. A flexible licensing model allows clients to meet budget requirements and scale as and when future growth dictates.
Capability includes: SIP Trunks, Skype for Business, IMS / 4G Services, WebRTC Gateway, Lawful Intercept and Billing.
This presentation discusses the principles of IP Routing as they apply to z/OS, the z/OS implementation of static routing through the TCP/IP profile, and dynamic routing with OMPROUTE.
SMC-D with IBM z13 and z13s Internal Shared Memory (ISM) provides a highly optimized intra-CPC communications.
SMC-D is expected to provide substantial performance, throughput, response time, and CPU consumption
benefits compared to standard TCP/IP communications over HiperSockets.
Eyeball Networks AnyFirewall Server V10 Administrator GuideEyeball Networks
AnyFirewall Server supports applications on any mobile or fixed device, and supports all NAT types including full cone, address restricted cone, port restricted cone, and symmetric.
AnyFirewall Server delivers complete TURN server functionality, relaying media traffic in port blocked Enterprise level NAT traversal scenarios.
AnyFirewall Server can be deployed with AnyFirewall Engine and AnyFirewall Gateway for an end-to-end firewall and NAT traversal solution, or can be combined with third-party, standards-based products.
NATs and firewalls break end-to-end connectivity for networked applications including voice, video conferencing, file sharing, and online gaming. AnyFirewall Server is a carrier-grade STUN server, providing NAT traversal support through any NAT, firewall, proxy, or UPnP.
This presentation provides an overview of some of the concepts and functions associated with z/OS Communications Server's exploitation of the System z sysplex capability. This includes topics such as dynamic VIPA, sysplex distributor, and sysplex autonomics.
AnyFirewall Engine is the world’s most widely deployed NAT and firewall traversal toolkit, having been deployed to more than 20 million subscribers by licensees including Comcast, Digital Lifeboat, Intel, Maxis, Nokia, Nokia Siemens Networks, Polycom, BlackBerry, Smartvue, and more.
AnyFirewall Engine can be deployed with AnyFirewall Server and AnyFirewall Gateway for an end-to-end firewall and NAT traversal solution, or can be combined with third-party, standards-based products.
NATs and firewalls break end-to-end connectivity for networked applications including voice, video conferencing, file sharing, and online gaming. AnyFirewall Engine is a software toolkit, based on STUN, TURN, and ICE, which enables guaranteed firewall and NAT traversal for fixed and mobile applications over any fixed or mobile network, through any NAT or firewall, and to any device.
Understanding and Troubleshooting ASA NATCisco Russia
Презентация с вебинара, организованного в рамках сообщества Cisco Support Community.
Приглашаем Вас на другие мероприятия Cisco Support Community, а также к участию в жизни нашего сообщества технической поддержки Cisco:
http://cs.co/CSCRu
Squire Technologes: Session Border Controller (SVI_SBC) Presentation. Highlighting the key features and functionality of the SVI_SBC. The Session Border Controller provides a mature, proven carrier grade technology packed with feature rich capabilities allowing operators to rapidly deploy services. A flexible licensing model allows clients to meet budget requirements and scale as and when future growth dictates.
Capability includes: SIP Trunks, Skype for Business, IMS / 4G Services, WebRTC Gateway, Lawful Intercept and Billing.
This presentation discusses the principles of IP Routing as they apply to z/OS, the z/OS implementation of static routing through the TCP/IP profile, and dynamic routing with OMPROUTE.
SMC-D with IBM z13 and z13s Internal Shared Memory (ISM) provides a highly optimized intra-CPC communications.
SMC-D is expected to provide substantial performance, throughput, response time, and CPU consumption
benefits compared to standard TCP/IP communications over HiperSockets.
Moving the PBX from the Cloud to the Web - What does that mean?, One.doAlan Quayle
Moving the PBX from the Cloud to the Web - What does that mean?
Moshe Maeir
Founder
Fone.Do
The future of Web based PBXes.
Developing a WebRTC based PBX at fone.do
SoftwareONE Microsoft Licensing Update and the Future of the Microsoft DesktopSoftwareONEPresents
So Windows 10 has landed! But what does it mean for your desktop strategy? And what’s the latest on Bring Your Own License (BYOL)? This revised presentation is taken from a webinar broadcast on Thursday 5th November 2015 detailing recent announcements from Microsoft, upcoming changes and discussing how they may affect your organisation's desktop strategy.
Unified Communication Partners (UCP) is a consultancy Fuji & OKI Office Printers best-suited to small and medium business enterprises across Australia.
¿Qué es un SBC Session Border Controller?
1. Esta creciendo el mercado de SIP Trunking?
2. La seguridad en VoIP es un gran problema?
3. Experimentas Audio en un solo sentido?
4. Es difícil la interoperabilidad SIP a SIP entre fabricantes
5. Conoces de alguien que sufrió ataques su PBX ?
What is Microsoft Enterprise Mobility Suite and how to deploy itPeter De Tender
Key components of the Enterprise Mobility Suite are Azure AD Premium, Windows Intune and Azure Rights Management.
Learn from Peter De Tender, Microsoft Infrastructure Architect, MCT and MVP not only what the Microsoft Enterprise Mobility Suite is, but also how one can deploy it in an enterprise organization. By attending this session, you will gain the knowledge to optimize the adoption of IT, BYOD and SaaS as the core cloud solution components. Key concepts that will be covered are identity and access management, mobile device management and data protection.
Am 17.2.2017 durfte ich am MakerCON 2017 in Heidelberg einen Vortrag zur Verwendung von Creative Commons-Lizenzen im Bereich des 3D-Drucks halten. In meinem Vortrag stelle ich primär dar, dass die (digitalen) Pläne, welche für den Druck verwendet werden und diese Lizenzen gestellt werden können.
Open Educational Ressources (OER) wird in der heutigen Zeit bei den vorhandenen Möglichkeiten des E-Learning immer relevanter. Zu beachten gilt dabei jedoch, dass nicht jedes Material, welches scheinbar frei im Web verfügbar ist auch entsprechend genutzt werden kann und darf. Hierzu durfte ich gemeinsam mit Martin Ebner am 28.10.16 an der TU Graz ein Seminar halten und darf hier nun meine Folien zur Verfügung stellen. Meine Folien beschäftigen sich primär mit den rechtlichen Aspekten, zumal die Bereiche OER und Creative Commons (CC) von Herrn Ebner abgedeckt wurden. Weiterführende Informationen zu CC finden Sie übrigens in den ebenfalls von mir veröffentlichten Präsentationen
In diesem Wintersemester halte ich an der Johannes-Kepler-Universität Linz einmal mehr die LVA 'Grundlagen Privatrecht' im Masterstudium Webwissenschaften ab. Es freut mich besonders, die LVA diesmal nicht alleine, sondern gemeinsam mit Mag. Ecker im Co-Teaching durchführen zu können.
Hier finden Sie die Folien meines Teils der LVA, konkret ab Kapitel 4 mit Schwerpunkt auf Webrecht. Mag. Ecker befasst sich seinerseits in seinem Teil mit den Grundlagen und dem Vertragsrecht.
A presentation about UCS and usNIC to the Math & Computer Science and Leadership Computing Facility divisions at Argonne National Laboratory (ANL). Presented to ANL by Dave Goodell (Cisco) on 2014-09-02.
Enterprise Border Session Controller (E-SBC) for Network Inter-Connectivity.
AnyConnect Gateway protects enterprise networks from attacks with topology hiding and provides secure delivery of SIP, voice, and video conferencing services. AnyConnect Gateway supports TLS encryption for secure SIP signaling and SRTP encryption and VPN connections for secure data transport with confidentiality, message authentication, and replay protection. Together these protocols protect voice, video conferencing, and unified communications from eavesdroppers, hackers and spoofers.
Couchbase Server on Azure Cloud - best practices for deploying a development or production environment with Couchbase Server on Microsoft's Azure Cloud Platform.
Technical 201: Moving Enterprise Windows Workloads to AWS
The cloud is the new norm for organizations of all sizes. In this session you will learn how to create an entire Microsoft Enterprise environment in AWS that includes AWS Active Directory Service, Simple System Management (SSM) service, MS Exchange and SharePoint. These will further integrate with new end user productivity services such as AWS WorkSpaces, AWS WorkDocs, and AWS WorkMail.
Speaker: Dr Peter Stanski, Solutions Architect, Amazon Web Services
if your are always confused about ip tunneling L2/L3 tunneling ipsec acces vpn u have to come to right place This presentation in pdf will get you started on right path towards tunnling concept & implementaion
Navigating the world of forex trading can be challenging, especially for beginners. To help you make an informed decision, we have comprehensively compared the best forex brokers in India for 2024. This article, reviewed by Top Forex Brokers Review, will cover featured award winners, the best forex brokers, featured offers, the best copy trading platforms, the best forex brokers for beginners, the best MetaTrader brokers, and recently updated reviews. We will focus on FP Markets, Black Bull, EightCap, IC Markets, and Octa.
Structural Design Process: Step-by-Step Guide for BuildingsChandresh Chudasama
The structural design process is explained: Follow our step-by-step guide to understand building design intricacies and ensure structural integrity. Learn how to build wonderful buildings with the help of our detailed information. Learn how to create structures with durability and reliability and also gain insights on ways of managing structures.
In the Adani-Hindenburg case, what is SEBI investigating.pptxAdani case
Adani SEBI investigation revealed that the latter had sought information from five foreign jurisdictions concerning the holdings of the firm’s foreign portfolio investors (FPIs) in relation to the alleged violations of the MPS Regulations. Nevertheless, the economic interest of the twelve FPIs based in tax haven jurisdictions still needs to be determined. The Adani Group firms classed these FPIs as public shareholders. According to Hindenburg, FPIs were used to get around regulatory standards.
Digital Transformation and IT Strategy Toolkit and TemplatesAurelien Domont, MBA
This Digital Transformation and IT Strategy Toolkit was created by ex-McKinsey, Deloitte and BCG Management Consultants, after more than 5,000 hours of work. It is considered the world's best & most comprehensive Digital Transformation and IT Strategy Toolkit. It includes all the Frameworks, Best Practices & Templates required to successfully undertake the Digital Transformation of your organization and define a robust IT Strategy.
Editable Toolkit to help you reuse our content: 700 Powerpoint slides | 35 Excel sheets | 84 minutes of Video training
This PowerPoint presentation is only a small preview of our Toolkits. For more details, visit www.domontconsulting.com
Personal Brand Statement:
As an Army veteran dedicated to lifelong learning, I bring a disciplined, strategic mindset to my pursuits. I am constantly expanding my knowledge to innovate and lead effectively. My journey is driven by a commitment to excellence, and to make a meaningful impact in the world.
3 Simple Steps To Buy Verified Payoneer Account In 2024SEOSMMEARTH
Buy Verified Payoneer Account: Quick and Secure Way to Receive Payments
Buy Verified Payoneer Account With 100% secure documents, [ USA, UK, CA ]. Are you looking for a reliable and safe way to receive payments online? Then you need buy verified Payoneer account ! Payoneer is a global payment platform that allows businesses and individuals to send and receive money in over 200 countries.
If You Want To More Information just Contact Now:
Skype: SEOSMMEARTH
Telegram: @seosmmearth
Gmail: seosmmearth@gmail.com
B2B payments are rapidly changing. Find out the 5 key questions you need to be asking yourself to be sure you are mastering B2B payments today. Learn more at www.BlueSnap.com.
Top mailing list providers in the USA.pptxJeremyPeirce1
Discover the top mailing list providers in the USA, offering targeted lists, segmentation, and analytics to optimize your marketing campaigns and drive engagement.
Recruiting in the Digital Age: A Social Media MasterclassLuanWise
In this masterclass, presented at the Global HR Summit on 5th June 2024, Luan Wise explored the essential features of social media platforms that support talent acquisition, including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok.
Building Your Employer Brand with Social MediaLuanWise
Presented at The Global HR Summit, 6th June 2024
In this keynote, Luan Wise will provide invaluable insights to elevate your employer brand on social media platforms including LinkedIn, Facebook, Instagram, X (formerly Twitter) and TikTok. You'll learn how compelling content can authentically showcase your company culture, values, and employee experiences to support your talent acquisition and retention objectives. Additionally, you'll understand the power of employee advocacy to amplify reach and engagement – helping to position your organization as an employer of choice in today's competitive talent landscape.
buy old yahoo accounts buy yahoo accountsSusan Laney
As a business owner, I understand the importance of having a strong online presence and leveraging various digital platforms to reach and engage with your target audience. One often overlooked yet highly valuable asset in this regard is the humble Yahoo account. While many may perceive Yahoo as a relic of the past, the truth is that these accounts still hold immense potential for businesses of all sizes.
3. SfB with PSTN/EV Deployment Options
“Cloud PBX”
in Office 365
PSTN services
provided by
Microsoft
User homed on
‘Cloud PBX’ in
Office 365
PSTN via
On Prem CCE &
SBC
Skype for
Business Server
and PSTN
services 100%
on-premises
Online Hybrid On Premises
4. TDM PBX/IP-PBX &
Voicemail
Analog phones
Analog fax
machine
Local SIP
Carrier
PSTN
SIP Trunk
to ITSP #2
“Drop in” installation
Painless interconnect to
PBX and Skype for
Business O365, enabling
co-existence and simple
migration using AD
Legacy Support
Analogue and FAX
tightly integrated
SBC Functionality
Security & Demark
Protocol and transcoding
support
SIP Registrar
Standard SIP devices can
register and interconnect
CCE
Office 365
Microsoft Office and Exchange
Hybrid Benefit - Integration & Migration
5. 5
ITSP UK
Multi-Site, Multi-Country, Mixed Deployments
Multi-Site Deployments using Hybrid
• Meet local regulatory requirements
• Provide integration to each site’s needs
• Maintain or choose provider country by country
CCE
Office 365
Microsoft Office and Exchange
London
ITSP
Japan
CCE
TokyoPSTN
New York
6. 6 Confidential and Proprietary – NDA use only
• Set of 4 VMs (Domain Controller, Central Management Store,
Mediation and Edge server) installed on customer hardware
• Enables Cloud PBX users to use on-premises PSTN / PBX
resources
• Supports up to 50 or 500 concurrent calls
Microsoft Cloud
Connector Edition
(CCE) is software that
provides PSTN and
PBX connectivity
through Office 365
• Windows Server 2012 R2 ISO image (Standard or Data Center
edition)
• Local server administrator account with permissions to install /
configure Hyper-V on host servers
• Qualified SBC/Gateway (minimum of two recommended)
• Internet / Express Route connection for deployment
General Requirements
What is Microsoft Cloud Connector Edition (CCE)?
7. 7 Confidential and Proprietary – NDA use only
User and call control in O365
Mediation server and SBC/GW on
premise
Placed in DMZ
2 NICs’ one DMZ, other internal for media
One CCE per Tenant
Media is kept local provided the
recommended firewall rules are used
CCE Architecture
8. 8 Confidential and Proprietary – NDA use only
A Minimal Topology (minTop)
– The minimum components required to run a
Mediation server
No SBA
No local users / registrar
Could change in future releases
– Fixed set of 4 VM’s
– Automatically updates
– 100% managed through O365
No local administration other than deployment
– Independent from Company AD etc
Separate dedicated forest and DNS zone
CCE Virtual Machine Details
9. 9 Confidential and Proprietary – NDA use only
CCE is stateless
– Calls are load balanced across
multiple CCE’s in a site
– If the CCE goes down the calls
are re-built on the remaining
devices
– SBC/GW’s work in Active /
Active to CCE
High Availability
10. 10 Confidential and Proprietary – NDA use only
Each user is
configured with
“Gateway Affinity”
All calls will be made
and received through
the users home site,
even when traveling
Multiple Sites
11. 11 Confidential and Proprietary – NDA use only
Internal Firewall Rules
Source IP Destination IP Source Port Destination Port
Cloud Connector
Mediation component
SBC/PSTN Gateway Any TCP 5060**
SBC/PSTN Gateway Cloud Connector
Mediation component
Any TCP 5068/ TLS 5067
Cloud Connector
Mediation component
SBC/PSTN Gateway UDP 49 152 – 57 500 Any***
SBC/PSTN Gateway Cloud Connector
Mediation component
Any*** UDP 49 152 – 57 500
Cloud Connector
Mediation component
Internal clients TCP 49 152 – 57 500* TCP 50,000-50,019
(Optional)
Cloud Connector
Mediation component
Internal clients UDP 49 152 – 57 500* UDP 50,000-50,019
Internal clients Cloud Connector
Mediation component
TCP 50,000-50,019 TCP 49 152 – 57 500*
Internal clients Cloud Connector
Mediation component
UDP 50,000-50,019 UDP 49 152 -57 500*
Firewall Considerations
External Firewall Rules
Source IP Destination IP Source port Destination port
Any Cloud Connector
Edge External
Interface
Any TCP 5061
Cloud Connector
Edge External
Interface
Any Any TCP 5061
Cloud Connector
Edge External
Interface
Any Any TCP 80
Cloud Connector
Edge External
Interface
Any Any UDP 53
Cloud Connector
Edge External
Interface
Any Any TCP 53
Cloud Connector
Edge External
Interface
Any UDP 3478 UDP 3478
Any Cloud Connector
Edge External
Interface
TCP 50,000-59,999 TCP 443
Any Cloud Connector
Edge External
Interface
UDP 3478 UDP 3478
Cloud Connector
Edge External
Interface
Any TCP 50,000-59,999 TCP 443
12. From Skype for Business On Premise
to Cloud PBX with CCE
13. 13
Skype for Business On Premise
Confidential and Proprietary
Skype for Business
User
Skype for Business
User
Front-End role
PSTN PSTN GW
Sonus EDGE
Mediation role
Domain
Controller
Central
Management
Store (CMS)
EDGE role
Skype for Business
User
External
Firewall
14. 14
From OnPrem to Cloud Connector Edition
Confidential and Proprietary
Skype for Business
User
Skype for Business
User
Front-End role
PSTN PSTN GW
Sonus EDGE
Mediation role
Domain
Controller
Central
Management
Store (CMS)
EDGE role
Skype for Business
User
Domain
Controller
Skype for Business
Online user in
internal network
Skype for Business
Online user in internet
Skype for Business
Online infrastructure
External
Firewall
Internal
Firewall
Cloud PBX
16. 16 Confidential and Proprietary – NDA use only
Sonus Cloud Link Appliance
Independently tested, award winning low to mid-range capacity Session Border Controllers for enterprise
premise deployments
SBC 1000 & SBC 2000
CCE Offering
Up to 500 CCE sessions on a single
appliance
– COM Express module (“ASM”) with state of the art
server class CPU, memory, SSD
– SBC capacity up to 600 sessions
Unparalleled TDM and analog port options
– 16 PRI, 48 FXS in single appliance
– Rich PRI, FXS, FXO, BRI port mix
Easy configuration wizard to speed CCE
deployment
Secure architecture to minimize service
disruption
17. 17 Confidential and Proprietary – NDA use only
Sonus SBC 1000/2000
CCE ASM
SBC
Ethernet
Private protocol over
internal Ethernet
Web Server
WS2012 R2 Base OS
FXS FXO BRI PRI
How Does Sonus Cloud Link Work?
UX Comms runs on the base OS
– Deploys and manages the VM’s
– Provides information back to the SBC UI for operational status
UX
Comms
18. 19 Confidential and Proprietary – NDA use only
Sonus SBC 1000/2000
CCE ASM
SBC
Ethernet
Private protocol over
internal Ethernet
Web Server
WS2012 R2 Base OS
FXS FXO BRI PRI
Auto Update - Sonus Cloud Link CCE
4 VM’s are running on the previous release
Host CCE process downloads new VM’s
New VM’s are brought up – grace license. Old VM’s are shut down
V-Switch is moved to the new VM’s
UX Comms is notified about the update – UI is updated
UX
Comms X
19. 20
ASM CPU:
– 8 Cores, 16 thread “Broadwell” Xeon® CPU
for embedded platforms
– SSD 512GB HDD
• ASM Server blade CPU is LATEST Technology
• We offer 16 threads within the Broadwell CPU
• We can allocate enough vCPU threads to the Mediation server (Media Transcode for CCE)
• We allocate 1 x vCPU thread for the other 3 MV’s
• + 1vCPU x 4VM during Auto-Update = 16 vCPU threads
• Therefore we can SCALE correctly to the 500 sessions (vCPU threads to Mediation VM determines
this) even during auto-update – no performance impact during auto-update.
• No sharing of vCPU threads (Thread sharing between VM’s can have serious performance impact)
Application Solution Module (ASM) for Cloud Link Cloud Connector
Edition Deployments
23. 24
Non-Sonus Cloud Connector Edition Installation is Lengthy
* Source: https://blogs.technet.microsoft.com/nexthop/2016/05/11/cloud-connector-edition-smaller-hardware
Confidential and Proprietary
Installation understand process follows Microsoft®
Cloud Connector Edition installation instructions
– Get CCE bits (Hyper-V, CloudConnector.msi,
Windows Server ISO) on Host Server (~40 min)
– Create virtual switch adapter (5 min)
– Create VHD using CloudConnector.msi and
WS2012R2 ISO (4 hours)
– Complete an answer file (.ini) with customer
information (45 fields, 20 min)
– Create file share to host certificate and
configuration exchange between Host/VM and
HostHA1/HostHA2 (10 min)
– Import certificate for CCE EDGE (~45 min)
– Deploy the CCE VM on the host (2 hours)
– Configure gateway
– Activate your O365 tenant for hybrid capability
– Create a PSTN site to assign the user
Install procedure may take 7+ hours at every site (Increased OPEX)
24. 25
Sonus Cloud Link – CCE solution 6.1
Confidential and Proprietary
Faster deployment
CCE Setup Wizard
End User oriented
Partner oriented
HA support
Pre-loaded Package
Easy configuration template
More secure and reliable
Preconfigured firewall
Environment validator
Logs helper
25. 26
Sonus Cloud Link – CCE Setup Wizard
5 straightforward tabs to click through
Key configuration settings
– ASM Configuration
– Generate CSR or Import Signed CSR
Easily
– Configure CCE
Assign external IP addresses for
Mediation and Edge servers
Configure number of concurrent calls
Configure CCE High Availability (HA)
HA Master
HA Slave
Deploy CCE VM!
Sonus Cloud Link may reduce CCE install time by 5+ hours, with no additional
software downloads
Confidential and Proprietary
26. 27
Enhanced SBC Config Wizards
New SBC Cloud Connector Edition
template
Inherits information from CCE
– Minimizes time and errors
Customized for your CCE
deployment
Optimized for CCE performance
Optimized for CCE security
28. 29 Confidential and Proprietary – FOR INTERNAL INFORMATION PURPOSES ONLY
CCE – Network Architecture
External
Firewall
Internal
Firewall
29. 30 Confidential and Proprietary – FOR INTERNAL INFORMATION PURPOSES ONLY
CCE – Network Architecture
External
Firewall
Internal
Firewall
30. 32 Confidential and Proprietary – FOR INTERNAL INFORMATION PURPOSES ONLY
Cloud Tenant, Public Domain and DNS
An Office 365 Tenant with E5, or E3 + Cloud PBX option
Licenses
– Microsoft subscription
A Global or Skype Online Administrator Account on your
Office 365 Tenant
– Can be configured when creating your Office365 account
A public Domain Name associated with your Office 365
Tenant.
– From any vendor and associated on Office365 portal
A public IP for the CCE (Edge External Side).
– Delivered by customer IT or Internet Provider
A DNS Record on the Public Domain forwarding to this
public IP.
31. 33 Confidential and Proprietary – FOR INTERNAL INFORMATION PURPOSES ONLY
CCE Firewall
Internal firewall
– From Intern User to CCE
UDP/TCP 49 152 - 57 500
– From CCE to Intern User
TCP 50,000-50,019
UDP 50,000-50,019
External firewall
– From Public to CCE
TCP 5061
TCP 443
UDP 3478
– From CCE to Public
TCP 5061
TCP 80
UDP/TCP 53
UDP 3478
External
Firewall
Internal
Firewall
32. 34 Confidential and Proprietary – FOR INTERNAL INFORMATION PURPOSES ONLY
Certificate
A certificate (X509) is:
– An electronic “passport" signed by an Authority
– Allowing to exchange information securely over a network
– Using a Trusted Chain (PKI).
– Allowing to link a Public Key to an FQDN (or an email)
A certificate contains:
– The Name (FQDN) of the Authority that sign it
– A validity
Not Before
Not After
– The Name (FQDN or email) of the computer or user
– The public Key of the computer or user
41. 45
O365 Tenant organization
Confidential and Proprietary
HybridPSTN
Site
Tenant
HybridPSTN
Appliance
SiteName
FQDN EDGE
Update Managment
HybridPSTN
Appliance
HybridPSTN
Site
HybridPSTN
Appliance
CCE Hostname
Deployment state
Update state
User 2User 1
42. 46
O365 Tenant organization
Confidential and Proprietary
HybridPSTNSite and HybridPSTNAppliance are created
automatically when registering CCE during deployment
They can be display and managed from Office365 Tenant
Powershell:
All the HybridPSTNAppliance on a site are High Availability
– User will use randomly the HybridPSTNAppliance
All the HybridPSTNSite are independant
– If all the Appliance on a HybridPSTNSite are down, User assigned to
this HybridPSTNSite loses service
43. 47
Auto-Update – IMPORTANT!!
User configures the tenant HybridSite with time window
Can NOT be stopped – Default is ANYTIME!
Will be executed 1by1 on HA deployment
Windows Update
– Apply update VM
– Drain Call
– Reboot VM
– Apply Update Host
– Reboot Host
CCE Update
– Build a new set of 4 VM from scratch
– Once new set is ready, retire the previous version pack of VM
https://support.sonus.net/display/UXDOC61/Managing+Your+Office+365+Tenant
UPDATE!
Manual Windows OS Updates now
supported:
https://technet.microsoft.com/EN-
US/library/mt740658.aspx
44. 48
O365 Tenant Portal – Checking Update Status
Confidential and Proprietary
Basic information about Site and Appliance:
Basic User management: