Cisco Hosted Collaboration Solution, Release 11.5 Solution Reference Network Design Guide
Contents
Change History
Change History
Cisco Hosted Collaboration Solution System Overview
Cisco Hosted Collaboration Solution System Overview
Cisco HCS LE Deployment Options
Private Cloud Option
Managed UC Applications Option
On Premises Network and UCS Infrastructure Considerations
Service Provider Cloud Option
Target Markets
Small or Medium Business With Single Location
Small or Medium Business With Multiple Locations
Enterprise With Single Location
Enterprise With Multiple Locations
Cisco HCS Hierarchy
HCS Subsystems
Cisco Hosted Collaboration Solution Fulfillment Subsystem Overview
Multitenant Expressway Architecture
Multitenant Expressway Restrictions
Multitenant Expressway Component Version Requirements
System Architecture
Cisco HCS System Architecture
Cisco HCS Shared Architecture
Functional Layers
Customer/Customer Premises Equipment Layer
UC Infrastructure Layer
Telephony Aggregation Layer
Management Layer
SP Cloud Layer
Data Center Architecture
Data Center Deployment Concepts
Points of Delivery
Small Medium Business Solutions
Deployment Comparison HCS
Dedicated Instance
Dedicated Server
Shared Architecture
Shared Architecture
Shared Architecture and Management
Shared Architecture and Cisco Unified Communications Manager
Shared Architecture and Cisco Unified Communications Manager IM and Presence Service
Shared Architecture and Telephony Aggregation
Supported Endpoints
Factors Impacting Customers per Cluster
Prerequisites to Set Up Shared Architecture
VMs and Clusters OVA Specification
UC App OVA Specifications
Expressway OVA Specifications
Contact Segregation
Recommended Virtual Machine Sizing
Partitioned Unity Connection
HCS Data Center Architecture and Components
Solution Architecture
Architecture Considerations and Layers
Data Center Design for Large PoD
Data Center Aggregation Layer
Access-to-Aggregation Connectivity
Data Center UCS and Access Layer
Prerequisite and Components
HCS Deployment on Vblock
HCS on FlexPoD
Service Insertion
Virtual Switch Deployment
Storage Integration
Traffic Patterns and Bandwidth Requirements for Cisco HCS
Data Center Bandwidth Capacity
Data Center Oversubscription in Network Layers
Data Center Design for Small PoD
Small PoD Architecture
Small Pod Deployment Models
Small PoD Redundancy
Options for Storage Connectivity
Small PoD Storage Setup
PSTN Connectivity to Small PoD
Small PoD Layer 2 Scale
Virtual Machines per CPU Core for Small PoD
Small PoD Layer 2 Control Plane
Small PoD Layer 3 Scale
Data Center Design for Micro Node
Micro Node Deployment Models
Shared Architecture and Micro Node
Virtualization Architecture
Capacity and Blade Density
VMware Feature Support
Cisco Unified CDM 8.1(x) and 10.x+ Coexistence
Service Fulfillment System Architecture
Service Fulfillment Architectural Layers
Hosted Collaboration Mediation - Fulfillment Layer
API Gateway Proxy for Cisco Unified Communications Domain Manager
Message Routing
Message Exchange Patterns
Prime Collaboration Deployment for UC Applications
IP Addressing for HCS Applications
Domain Management Layer
Device Layer
Cisco Unified Communications Domain Manager Architecture
Deployment Topologies
Provisioning
Self Provisioning Overview
Cisco Unified Communications Domain Manager 10.1(x) Platform Architecture
Cisco Unified Communications Domain Manager 10.1(x) Network Connectivity
ID Management and ID Provider Architecture
Northbound Notification
Cisco Unified Communications Domain Manager 8.1(x) Architecture
Cisco Unified Communications Domain Manager 8.1(x) Deployment
Cisco Unified Communications Domain Manager 8.1(x) Components
Cisco Unified Communications Domain Manager 8.1(x) Administration Node
Cisco Unified Communications Domain Manager 8.1(x) Application
Cisco Unified Communications Domain Manager 8.1(x) Operating System (Ubuntu)
Unified Communications Domain Manager and Local DHCP
Cisco Unified Communications Domain Manager 8.1(x) Platform Architecture
Cisco Unified Communications Domain Manager 8.1(x) Network Connectivity
HCS License Management
HCS License Manager (HLM)
Multiple Deployment Mode
HCM-F License Dashboard
Prime License Manager (PLM)
Cisco HCS Spark Flex Plan - Hosted
License Management for Cisco Spark Flex - Hosted
Coresident Prime License Manager
Cisco Prime Collaboration Assurance Overview
Voice and Video Unified Dashboard
Device Inventory Management
Voice and Video Endpoint Monitoring
Diagnostics
Fault Management
Reports
Cisco Expressway
Aggregation System Architecture
Session Border Controller (SBC) in HCS
Cisco Unified Border Element (Enterprise Edition)
Network Infrastructure
Service Provider IP Infrastructure
Service Provider IP Connectivity Requirements
HCS Traffic Types
Traffic Type and Requirements
Signaling
Media
Management
Data
HCS Management IP Addressing Scheme
Service Provider NAT/PAT Design
Grouping VLANs and VLAN Numbering
Line Side Access Infrastructure Overview
VPN Options
Service Provider IP infrastructure design MPLS VPN
HCS Tenant Connectivity Over Internet Model
FlexVPN
AnyConnect VPN
Signaling Aggregation Infrastructure
IMS Network Integration
Features and Services
IMS Supplementary Services for VoLTE
Applications
Unified Communications Manager Design
Cluster Architecture
General Cluster Guidelines
Cluster
Publisher
Subscriber
Call Processing Subscriber
TFTP Subscriber
Media Resource Subscriber
Call Processing Redundancy
Call Processing Load Balancing
TFTP Redundancy and Load Balancing
UCS Guidelines
CUCM OVA
Voice Gateways and SRST
Cisco Voice Gateway Types
Gateway Protocols
Survivable Remote Site Telephony
Remote Site Design
Infrastructure
Ethernet Connectivity
DNS
TFTP
IP Multimedia Subsystem Network Architecture and Components
Essential IMS Network Elements
CUCM ISC Interface
Media Resources
MoH
Annunciator
Audio-Ad Hoc Conferencing
Media Termination Point
Transcoder
Audio Codecs Support in HCS
HCS Video
Intra-Enterprise Point-to-Point Video Calling
HCS Hosted Inter-Enterprise Point-to-Point Video Calling
Unified Communications Manager Controlled MCU Video Conference Resources
Non-HCS to HCS Enterprise Point-to-Point Video Calling
Connectivity from SBC
HCS Enterprise Video
HCS LYNC Integration Video Network View
HCS LYNC Integration Signaling and Media Flow
HCS TelePresence Conductor Support
Conductor Signaling and Media Flow
Virtual TelePresence Datacenter Deployment
OTT Support for Video Endpoints
HCS Jabber Guest Integration
Scheduling with TMS
Fax
Supported Fax Gateways
Inbound Fax from PSTN
Outbound Fax to PSTN
Fax Within the Customer
Cisco Unified Attendant Console
Cisco UC Integration for Microsoft Lync 2010
Cisco UC Integration for Microsoft Lync 2010 Guidelines
Application Dial Rules and Directory Lookup Dial Rules
LDAP Integration
Cisco Unified Communications Manager IM and Presence Service
IM and Presence Service Cluster
IM and Presence Service High Availability
Clustering Over the WAN
Multicluster Deployment
Interdomain Federation
IM and Presence Service Integration with Mobility
Cisco Unity Connection Integration
Third-party Presence Server Integration
Third-Party Presence Server Integration—Microsoft Office Communications Server
Third-Party Presence Server Integration—IBM Lotus Sametime
Cisco Paging Server
Voice Mail and Integrated Messaging (Cisco Unity Connection)
Cisco Unity Connection Cluster
Traffic Engineering
Unified Communications Manager Integration in SIP
Web/IMAP Unity Connection Cluster Failover
Unity Connection Telephony Port Sizing
Considerations when Deploying a Cisco Unity Connection Cluster
Configuration for Dial-Out Voice Messaging Ports
Audio Codec
Unity Connection Digital Networking
IMAP
WebEx Meeting Center - Cisco HCS Deployment
Detailed Cisco UC Integration for Cisco WebEx Connect Implementation
WebEx Cloud Connect Audio
Enterprise User calls Into WebEx and Calls from WebEx CCA to Enterprise Users
External Users Calls into WebEx and Calls from WebEx CCA to External Users
Mobility
Mobile Connect
Mobile Connect Mid-Call Features
Enterprise Feature Access
Mobile Voice Access Enterprise
Mobile Voicemail Avoidance
Clientless FMC Integration with NNI or SS7
Clientless FMC Integration with IMS
Mobile Clients and Devices
Cisco Jabber
IMS Clients
Cisco AnyConnect Mobile Client
Intelligent Proximity for Mobile Voice
Cisco TelePresence Exchange System
Cisco TelePresence Exchange System Starter Package
Cisco HCS Rendezvous Video Conferencing
CTX System Architecture
Signaling Considerations
Ad-Hoc Video Conferencing
Scheduled and VMR video meetings for customers with dedicated video equipment
CUVA/CUPC CAST Support
CAC
Bandwidth Management
Alpha Dialing
Media Considerations
RTCP
TelePresence Interoperability Protocol
TelePresence Exchange System MCUs
Other MCU Options
Virtualized Cisco TelePresence Exchange
Cisco HCS for Contact Center
Functional Layers
Top-level Architecture Components
Cisco Unified Border Element Enterprise
Unified Contact Center Enterprise
Cisco Unified Customer Voice Portal
Unified Communications Manager
Unified Intelligence Center
Cisco Finesse
Centralized SBC in Cisco HCS for Contact Center
Cisco Unified Contact Center Express
Hosted Unified CCX Deployment
Limitations
On-Premises Unified CCX Deployment
Limitations
Cisco Emergency Responder
Emergency Responder Network Elements in Cisco HCS
Emergency Responder Monitoring
Deploying and Configuring Cisco Emergency Responder in Cisco HCS
Cisco Emergency Responder Backup and Restore
Cisco Unified Attendant Console - Advanced
Integration with Cisco HCS
Cisco Unified Attendant Console - Advanced Redundancy
Cisco Unified Attendant Console - Advanced Provisioning
Cisco Unified Attendant Console - Advanced Assurance
Jabber Guest for Dedicated Instance
HCS Extender
Deployment Considerations
Networking Considerations
Infrastructure Platform Automation Considerations
Routing Failure Considerations
Assurance Considerations and Impact to HCM-F
Cisco Hosted Collaboration Mediation Fulfillment Impact
Service Assurance for HCS Extender Deployment
Endpoints in Cisco HCS
Cisco Collaboration Client Applications for HCS
Cisco Collaboration Clients and Applications
Cisco Unified Client Services Framework
Client Services Framework
Client Services Framework – Call Control
Softphone Mode
Deskphone Control Mode
Client Services Framework: Audio and Video Media
Quality of Service for Audio and Video Media from Softphones
QOS Enforcement Using a Trusted Relay Point (TRP)
Client Services Framework – Instant Messaging and Presence Services
Client Services Framework – Audio, Video and Web Conferencing Services
Client Services Framework – Contact Management
Cisco Unified CM User Data Service (UDS)
LDAP Directory
WebEx Directory Integration
Client Services Framework Cache
Directory Search
Client Services Framework – Dial Plan Considerations
Translation Patterns
Application Dialing Rules
Directory Lookup Rules
Client Transformation
Deploying Client Services Framework
Capacity Planning for Client Services Framework
High Availability for Client Services Framework
Design Considerations for Client Services Framework
Common Deployment Models for Jabber Clients
On-Premises Deployment Model
Cloud-Based Deployment Model
Hybrid Deployment Model
Client-Specific Design Considerations
Configure Cisco Jabber for Windows
Cisco Jabber for Windows Directory Integration
Video Rate Adaptation And Resolution
Configure Cisco Jabber for Mac
Cisco Jabber for Mac Directory Integration
Supported HCS Cisco Collaboration Client Applications
Mobile Services
Cisco Jabber for Windows
Cisco Jabber for Mac
Cisco Jabber for iPhone
Cisco Jabber for Android
Cisco Jabber Android IM Client
Cisco Jabber for iPad
Cisco Jabber iPad Video
Cisco Jabber Guest
Push Notifications Overview
Legacy Desktop Clients
Cisco Spark Hybrid Services Architecture Overview
Core Components
Components and Roles
Cisco Cloud Collaboration Management
Management Connector
Directory Connector
Calendar Connector
Call Connector
Call Service Connect Architecture and Call Flow
Expressway-C and Expressway-E on a Shared Deployment
Calling ID and Class-of-Service
Multiple Unified CM Cluster Deployment Considerations
Toll Fraud and Identity Theft Mitigation on a Dedicated Deployment
Toll Fraud and Identity Theft Mitigation on a Shared Deployment
Multitenant Expressway Spark Hybrid Architecture
References
HCS Dial Plans
Cisco HCS Dial Plan Model
Cisco HCS Architecture Primer
Aggregation Layer
Infrastructure Layer: Unified Communications Manager - Leaf Clusters
Customer Premises Layer
Voicemail - Cisco Unity Connection
Introduction to Country Dial Plans for Cisco Unified Communications Domain Manager 8.1(x)
Cisco HCS Dial Plans for Cisco Unified Communications Domain Manager 10.1(x)
Intra-Site Extension Dialing
Multi-Site Customer with ISP Included in SLC
Multi-Site Customer with Extension Prefix and no ISP
Single Site Customer
Customer (Single- or Multi-Site) Without PSTN Prefix
Flat Dial Plan (no Site Location Code)
Multi-Site Customer with ISP
On-Net Call Flows
Intra-Site On-Net Call
Inter-Site On-Net Call
VoIP Trunking On-Net Call
Off-Net Call Flows
Local Gateway (LBO)
Aggregation (CBO)
VoIP
Emergency Call Handling
Non-CER Through Aggregation
Non-CER Through Local Gateway
Cisco Emergency Responder
Introduction to PSTN Call Processing and Routing
Dial Plan Determination
Country Dial Plan Deployment
Feature Chaining
Features Supported
Forced On-Net (Feature Code 01)
Originating Call Screening (Feature Code 02)
Time of Day with Calling Line Identification Presentation and Calling Line Identification Restriction (Feature Code 03)
Forced Authorization Code (Feature Code 04) and Client Matter Code (Feature Code 05)
Emergency Handling
Routing Feature
Route Selection
Class Of Service
Introduction to Country Dial Plans in Cisco Unified Communications Domain Manager 10.1(x)
Cisco Unified Communications Domain Manager Shell Dial Plan Schemas
Sharing Lines Across Sites
System Security
System Security
Security Architecture Requirements
Security Threats
Privilege Abuse Threat
Network Threat
Network and Cisco HCS Customer Isolation
Customer Separation at Layer 3
Customer Separation at Layer 2
Securing Service Provider and End Customer Traffic
Application Level Inspection
ASA Deployment Recommendation
Firewall Requirements for Cisco HCS
Guidelines and Limitations
Firewall Virtual Context Mode Guidelines
Firewall Guidelines
Security Options for Shared Data Center Deployments
MPLS Transport Environment
Site-to-Site VRF-Aware IPsec VPN over Internet Environment
Cisco Unified Communications Domain Manager System and Network Security
Security
Security Patches and Updates
Using Your Own Repository Mirrors
Configuration Encrypted
Backup Encrypted
Application Install Files Encrypted
Protected Application Environments (Jails)
Restricted User Shell
Creating Additional Users
Granting and Revoking User Rights
Password Strength Rules
SSH Session Limit
Privilege Elevation for Support
Network security
Dynamic Firewall
Web Certificates
Network URI Specification
Federal Information Processing Standards
Port Usage
Cisco Unified Communications Applications Port Usage
Cisco Unified Communications Manager Port Usage
Cisco Unity Connection Port Usage
Cisco Unified Attendant Console Advanced Port Usage
Cisco Emergency Responder Port Usage
Cisco Expressway Port Usage
Hosted Collaboration Mediation Fulfillment Port Usage
Hosted Collaboration Mediation Fulfillment Port Usage
Other HCM-F Port Usage Information
Prime License Manager Port Usage
Cisco Unified Communications Domain Manager 8.1(x) Port Usage
Other Cisco Unified Communications Domain Manager 8.1(x) Ports
Cisco Unified Communications Domain Manager 10.6(1) Port Usage
Service and Ports List
Cisco Prime Central for HCS Port Usage
Cisco Prime Unified Operations Manager or Cisco Prime Unified Service Monitor port usage
Cisco HCS for Contact Center Port Usage
Cisco Unified Intelligent Contact Management Enterprise Port Usage
Cisco Unified Customer Voice Portal Port Usage
Cisco Unified Intelligence Center Port Usage
Cisco Unified E-Mail Interaction Manager and Cisco Unified Web Interaction Manager Port Usage
Remote Silent Monitoring Application Port Usage
Cisco Finesse Port Usage
Cisco Unified Contact Center Domain Manager Web Server Port Usage
Cisco MediaSense Port Usage
Port Usage
Cisco Paging Server Port Usage
Cisco TelePresence Port Usage
Prime Collaboration Deployment Port Usage
Securing Cisco HCS Management Traffic
Security at Virtual Access
Policy Enforcement on Nexus 1000V
Server-to-Server Filtering
Recommendations for Use of Nexus 1000V
Storage Security
Transport Layer Security and Secure Real-Time Transport Protocol
Cisco Unified Communications Domain Manager Considerations for TLS and SRTP
Encryption Support for Video Endpoints
Multitenant Expressway Security
Certificate Management and Service Discovery
Server Certificate
Domain Certificate
Expressway-E Domain Certificate
Domain Certificates and Clustered Systems
Viewing a Currently Uploaded Domain Certificate
Add a New Domain
Generate a Certificate Signing Request
Upload a New Domain Certificate
Endpoint Service Discovery with Domain Certificates
88xx Service Discovery without Domain Certificates
Jabber Service Discovery without Domain Certificates
Option 1: With Voice Services Domain
Option 2: Without Voice Services Domain
Comparison of Jabber Options
DX70/80 Service Discovery without Domain Certificates
XMPP Federation Certificate Requirements
Safeguarding Certificates
SSO
Quality of Service Considerations
Quality of Service Considerations
Guidelines for Implementing Quality of Service
Quality of Service Domains
Cross-Platform Classification and Marking
QoS Considerations for Shared Deployments
QoS Considerations for Cisco Unified Border Element (Enterprise Edition) Deployments
HCS Redundancy and High Availability
Data Center Infrastructure
Data Center Interconnect
Geo-Redundancy
Recover from Level 3 Geo-Redundant Design Outage
Geo-Redundancy for Cisco Unified Communications Domain Manager
Multinode Cluster with Unified Nodes
Multinode Cluster Hardware Specifications
Alternative Geo-redundant Cluster Hardware Specification
Clustering Considerations
Cisco Unified Communications Domain Manager 10.x/11.5(x) Redundancy and Disaster Recovery
Cluster Failure Scenarios
High Availability Failure Protection
Data Center Redundancy
Active-Standby Data Centers
Active-Active Data Centers
Application Redundancy
Unified Communications
High Availability for Deployment Models
Cisco Unified Communications Manager Cluster Overview
Cisco Unity Connection Cluster Overview
Cisco HCS for Contact Center High Availability
Cisco HCS Management
Cisco UCS and UCSM
Vmware vSphere and vCenter Server
Cisco HCS Service Fulfillment and Service Assurance Domain Managers
Installation and Upgrade
Planning, Installation, and Customer Onboarding
Site Preparation
System Upgrade Planning
Capacity and Performance
Capacity Planning Overview
Capacity Definition
Benefits of Capacity and Performance Monitoring
Busy Hour Definition
Cisco HCS Capacity Planning
Backup and Restore
SAN Engineering
UCS Application Engineering
Network Infrastructure Metrics
System Scalability and Performance
Third-Party Applications and Integrations
Third-Party Applications and Integrations
SIP Applications
Guidelines for SIP Applications and Generic SIP Trunks
SIP Applications for Cisco Unified Communications Domain Manager 8.1(x)
SIP applications for Cisco Unified Communications Domain Manager 10.1(x)
Guidelines for SIP-Verified Phones and Third-Party SIP Phones
Limitations and Restrictions for Third-Party SIP Phones
CTI-Based Applications
Where to Configure Support for CTI Applications
CTI-Based Applications for Cisco Unified Communications Domain Manager 8.1(x)
CTI-based applications for Cisco Unified Communications Domain Manager 10.1(x)
Third-party PBX Integration in Cisco HCS
OTT Deployment and Secured Internet with Collaboration Edge Expressway
Cisco Expressway Over-the-Top Solution Overview
Supported Functionality
Endpoint Support
Design Highlights
Expressway Sizing and Scaling
Virtual Machine Options
Cisco HCS Clustered Deployment Design
Expressway with Shared Cisco Unified Communications Manager
Network Elements
Internal Network Elements
Cisco Expressway Control
DNS
DHCP Server
Router
DMZ Network Element
Expressway-E
External Network Elements
EX60
DNS (Host)
NTP Server Pool
NAT Devices and Firewalls
SIP Domain
Jabber Client SSO OTT
IdP and the Directory On Premises with Synchronization from Unified CM to Unified CDM
IdP and the Directory On Premises with Synchronization from Unified CDM to Unified CM
IdP and the Directory in the Customer Domain in Data Center with Synchronization from Unified CM to Unified CDM
IdP and the Directory in the Customer Domain in Data Center with Synchronization from Unified CDM to Unified CM
BtoB Calls Shared Edge Expressway
Cisco Expressway Over-the-Top Solution Overview
Supported Functionality
Endpoint Support
Design Highlights
Cisco Expressway Sizing and Scaling
Virtual Machine Options
Network Elements
Billing
Billing
Service inventory billing
Cisco Unified Communications Manager
Cisco Unified Border Element Enterprise Edition
RADIUS
XML
IMS diameter Rf
Cisco TelePresence Billing
Localization
Localization
Appendix A: Cisco HCS UC Virtual Machine Recommendations
Cisco HCS UC Virtual Machine Recommendations
Terminology
Assumptions
UC Application Resource Requirements
Recommended Design Overview
VMware and Cisco UCS Recommendations
For a Large Cisco HCS Deployment
For a Small Cisco HCS Deployment
For a Small Static Cisco HCS Deployment
Micro Node Deployment (C-Series)
Storage Recommendations
Design Considerations
VMware CPU Scheduling
VMware Ready Time
VMware ESXi Reservation
Cisco Unity Connection Virtualization Considerations
VMware Software Upgrades for Cisco HCS
Design Base
Consistent Blade Hardware Within a VMware Cluster
Virtualized Hardware Oversubscription
Two VMware Cluster Types
Oversubscribed and Non-Oversubscribed Clusters
Oversubscribed Clusters Design
Spare Capacity on Oversubscribed Blades and the Failure Set
Distributing Blades or Hosts Across Chassis - Oversubscribed Cluster
Calculating Oversubscribed Cluster Capacity
Non-Oversubscribed Clusters Design
Spare Hardware on Non-Oversubscribed Blades and the Failure Set
Distributing Blades or Hosts Across Chassis - Non-Oversubscribed Cluster
Calculating Non-Oversubscribed Cluster Capacity
Disjoint Cluster Pairs
Disjoint Oversubscribed Cluster Pair Example
Disjoint Non-Oversubscribed Cluster Pair
Distributing VMs in a UC Cluster on vSphere Clusters
One or Two Node UC Cluster
Three or More Node UC Cluster
UC Cluster Geo-Redundancy
Storage Detailed Design
Design Considerations and Constraints
LUN Sizing and Disk Usage Optimization
Options for Storage Configuration
Option 1 - Two-Tier Storage
Two-Tier Storage Architecture
Two-Tier Resiliency
Minimum Storage Pool Number Required
LUN Distribution in Tiered Storage Pools
UC Cluster Distribution in LUNs and Tiered Storage Pools
Two-Tier Scheduled Jobs
Option 2 - Traditional Fiber Channel Drive Storage
Traditional Fiber Channel Drive Storage Architecture
Fiber Channel Resiliency
LUNs
UC Cluster Distribution in LUNs
Fiber Channel Scheduled Jobs
ESXi Boot