BRKCOL-2610.Pdf

Home , Element (software), Microsoft Azure

Cisco Interoperability with Microsoft Part 1 – Collaboration & Applications

Tobias Neumann, Technical Solutions Architect

BRKCOL-2610 Cisco Webex Teams

Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space

The Cisco products, service or features identified in this document may not yet be available or may not be available in all areas and may be subject to change without notice. Consult your local Cisco business contact for information on the products or services available in your area. You can find additional information via Cisco’s World Wide Web server at http://www.cisco.com. Actual performance and environmental costs of Cisco products will vary depending on individual customer configurations and conditions.

• Introduction

• Architectural Considerations for Interoperability

• Legacy Interoperability Skype for Business Server & Online • Telephony • Chat & Presence

• Microsoft Teams Interoperability

• Conclusion

• What technical options do exist in each solution to achieve interoperability? • What is the user experience? • What are the operational aspects of a chosen scenario?

Things have changed significantly ....

• Microsoft Collaboration Solution • It’s all about Microsoft Teams and Office 365 • Skype for Business Server (premise solution) • Skype for Business Online (part of Office 365) • Cisco Collaboration Solution • Cisco Webex Teams • Cisco Unified Collaboration (premise) • Cisco Hosted Collaboration (HCS) & Hybrid

• Skype for Business Server (premise solution)

• Skype for Business Server 2019 last announced feature release (1) • New features moving workloads to the cloud (i.e. Cloud Voicemail and Cloud Auto Attendant)

• Deprecated: i.e XMPP Gateway, Persistent Chat, SQL Mirroring, Tools… • Skype for Business Server 2015 • Mainstream Support End Date 13/10/2020(2) • Skype for Business Online (Office 365) • Will be retired July 31st 2021(3)

(1) https://docs.microsoft.com/en-us/skypeforbusiness/whats-new (2) https://support.microsoft.com/en-gb/lifecycle/search?alpha=Skype%20for%20Business%20Server%202015 (3) https://techcommunity.microsoft.com/t5/microsoft-teams-blog/skype-for-business-online-to-be-retired-in-2021/ba-p/777833

Interoperability scenarios for Skype for Business Server

• Enterprise Voice (Mediation Server) - Microsoft Client as a softphone with telephony functionality • Messaging and Presence • SIP Routing (MS-SIP) for intra & inter domain federation, migration • XMPP only tested and supported for federation with Google Talk (discontinued) https://docs.microsoft.com/en-us/lyncserver/lync-server-2013-configuring-sip-federation-xmpp-federation-and-public-instant-messaging Interoperability scenarios for Skype for Business Online

• Enterprise Voice (Cloud Connector)

• Messaging and Presence - SIP Routing (MS-SIP) for inter domain federation only Video & Meeting Interoperability Skype for Business Server & Online Covered in BRKCOL-2611 Cisco Interoperability with Microsoft Part 2

We have heard you loud and clear… Interoperability is what customers demand! Identity, Calendaring, Workflow, Meetings, Video, Telephony, Devices…

And much more …. https://techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-amp-cisco-partner-to-simplify- meetings-and-calling-for/ba-p/971835 https://blogs.cisco.com/collaboration/cisco-and-microsoft-have-come-together-to-deliver-a-better-user- experience

Interoperability scenarios for Microsoft Office 365 and Teams

• Identity Management (Microsoft Active Directory, Microsoft Azure Active Directory)

• Cloud PBX • OneDrive for Business & SharePoint Online • Exchange Online Calendaring and Email • Office Productivity Suite

Video & Meeting Interoperability Microsoft Office 365 and Teams Covered in BRKCOL-2611 Cisco Interoperability with Microsoft Part 2

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 User Experience and Operational Aspects © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Many options… “How do I connect my existing Cisco Voice Infrastructure to my Microsoft real estate?” “Which way can I provide a … I am not going to tell compelling user experience?” you the answer… “How can I communicate with my business partners, who are using Microsoft, from my Cisco Collaboration Solution?” “What options do I have to integrate collaboration capabilities in my Microsoft Application Suite?”

We’re all engineers… but not everything that can be engineered on a lab bench makes sense in production…

Keep things simple!

Cisco Live Online https://www.ciscolive.com/global/on-demand-library.html?search=BRKCOL-2610#/session/1542224307426001rVGP Telephony Interoperability Skype for Business Online Telephony Cloud Connector – Cloud registered Microsoft Client as a softphone with telephony functionality Skype for Business Online (O365)

Not tested or verified by Cisco. No future plans with Microsoft’s shift towards Teams.

Starting October 1, 2018, new Office 365 customers with 500 seats or less will be onboarded to Teams and will not have access to Skype for Business Online. Tenants that are already using Skype for Business Online will be able to continue doing so (including provisioning new users) until they complete their transition to Teams. To learn more, see Microsoft Teams now the Set of preconfigured primary client for meetings and calling in Office 365. HyperV Virtual Machines https://docs.microsoft.com/en-us/microsoftteams/faq-journey

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 20 Interoperability Skype for Business Server Enterprise Voice Call Routing User has multiple options to initiate a call • Depending on dialing habit • Called party • License purchased

Different results • When dialing either SIP URI or phone number of Lync/SFB user (reverse number lookup), a “Lync to Lync” call is initiated • If a number is called and the called party is NOT a Lync/SFB user - call routed via mediation server (Enterprise Voice Routing) • If an Audio/Video call is initiated and the called SIP URI is not another Lync/SFB user – call routed via SIP routing logic (SIP static route)

Skype for Business only Skype for Business and Cisco IP phone

• Reach corporate extensions In addition to previous use case • Reach PSTN number • Available via corporate extension on both • Available via corporate extension devices simultaneously • Available via PSTN number • Access to users on both platforms from all • Telephony feature set user associated devices • Telephony feature transparency Possible with Direct SIP Integration Difficult to impossible to achieve • Integration with existing Cisco UCM system for • Simultaneous reachability on both devices on access to corporate extensions and PSTN different call control platforms (MSFT “Sim Ring” • Telephony features only available within the & CSCO “SNR”) high risk → call routing loops Skype for Business Domain • Telephony feature interoperability protocols SIP/QSIG not available with Mediation Server

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 Interoperability Skype for Business Server Enterprise Voice Call Routing SIP Trunk / Direct SIP Options 1/2 OCS 2007 / Lync 2010 & 2013 / Skype for Business (no media bypass) S4B Client S4B Front End S4B Med. Server Cisco UCM

RTaudio G.711 OCS 2007 / Lync 2010 & 2013 / Skype for Business (no media bypass), none G.711 on IP-PBX S4B Client S4B Front End S4B Med. Server Cisco UCM IOS Transcoder

RTaudio G.711 G.729/iLBC Flows show the SIP signaling and media paths in a SIP-trunk (Direct SIP) interoperability scenario Lync Mediation Server only supports G.711, requires additional transcoding resources if any other codec is used by devices connected through SIP-trunk Scenarios shown do not require the usage of a Media Termination Point (MTP)

Lync 2010, Lync 2013, Skype for Business (with Media Bypass)

S4B Client S4B Front End S4B Med. Server Cisco UCM

G.711 G.711 With the introduction of Media Bypass in Lync 2010, the S4B client can initiate direct G.711 media streams. Media paths is not hair pinned through the S4B Mediation Server, no transcoding. Signaling via the Mediation Server.

Review Microsoft guidance regarding Media Bypass http://technet.microsoft.com/en-us/library/gg412740.aspx Straight forward in a centralized (single site) topology without WAN links. More complicated in a distributed topology with one or more branch - check the following: Media Bypass shall only be utilized between WAN sites without bandwidth constrains Media Bypass and Call Admission Control (CAC) are mutually exclusive Media Bypass mandatorily requires all media to be represented by a single IP address – the reason why in the above example a Media Termination Point (MTP) has to be inserted.

Single Site Deployment Complex WAN Deployment

…. Remote locations • More scalable – no Mediation Server • Highly complex to configure and troubleshoot transcoding required • Mutually exclusive to CAC, required in some • LAN bandwidth CAC not required WAN topologies • Simple redundancy configuration with Cisco • Remote site MTPs required to keep media UCM cluster and Microsoft Mediation Server local Pool • Further complicated when redundancy is required • With roaming devices (i.e. PCs) certain call scenarios will still result in hair pinning and suboptimal media routing See hidden reference slides for further details

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 Interoperability Skype for Business Server Enterprise Voice Call Routing Multiple Site example (Lync/Skype for Business to Cisco UCM)

Site 1

Site 2 Site Central Site 1 Site

Central

S4B Front-End Site 2 Mediation Server Pool Server Pool To keep media local to a site each site requires a local media resource Alternate media IP definition in S4B trunk configured matches IP address of single media resource in MRGL/MRG of the trunk on Cisco UCM side Multiple sites require multiple trunks … and multiple MRGs, MRGLs and media resources … and multiple SIP security profiles, because unique identification of each trunk on Cisco UCM based on the signaling port (UCM side trunk identification based on peer IP address and local signaling port)

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 Interoperability Skype for Business Server Enterprise Voice Call Routing Multiple Site example (Lync/Skype for Business to Cisco UCM) with redundancy

Site 1 Site 2b Site

Site 2a Site Central

Site 1b Site Site 1a Site

Site 2

Mediation S4B Front-End Server Pool Server Pool

Two sites with Lync to Unified CM SIP trunk redundancy already require: 4 trunks, 4 MTPs/TRPs 4 MRGS, 4 MRGLs 2 SIP trunk security profiles

Skybe for Business Server Media Bypass implications on redundancy

Fixed media IP configuration for GW on S4B forces 1:1 relation between inbound SIP trunk on Unified CM and MTP Can not use MRG and MRGL for intelligent MTP selection (scalability, redundancy) Availability of SIP trunk depends on SIP signaling peer and MTP availability … which can not be monitored via SIP OPTIONS ping Only indication of failing MTP allocation for inbound EO call from Skype for Business Server: If UCM fails to allocate a MTP call can be signaled failed and left to Skype for Business Server to reroute using different SIP trunk Outbound calls from Unified CM need to be EO and have to be via MTP (MTP required – Media Bypass)

Multiple Site example – roaming user

Site 1

Site 2 Site Central Site 1 Site

WAN Site 2

S4B Front-End Mediation Server Pool Server Pool

Unified selects trunk to Lync based on called destination (+E.164 prefix) MTP (assumed) local to Lync client selected Alternate media IP definition in Lync trunk configured in same site as Lync client -> bypass activated Local media

Multiple Site example – roaming user

Site 1

Site 2 Site Site 1 Site

Site 2

S4B Front-End Mediation Server Pool Server Pool

Unified selects trunk to Lync based on called destination (+E.164 prefix), but Lync client moved to other site MTP (assumed) local to Lync client selected Alternate media IP definition in Lync trunk configured not in same site as Lync client -> no media bypass Mediation server in media path Media hairpins through central site BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 Enterprise Voice Call Routing

Multiple Site example – roaming user

Site 1

Site 2 Site Site 1 Site

Site 2

S4B Front-End Mediation Server Pool Server Pool

False assumption about Lync client location could lead to even worse media path: Unified CM selects trunk with MTP local to (assumed) location of Lync client: Site 2 Lync rejects media bypass, because MTP not local to IP address of Lync client Mediation server in media path, Media hairpins through remote and central site

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 Supported Feature Enterprise Voice (Direct SIP) with Cisco Unified Communications Manager • CLIP—calling line (number) identification presentation • CONP—connected Name identification presentation

• CLIR—calling line (number) identification restriction • CONR—connected Name identification restriction • CNIP—calling Name identification presentation • Hold and resume • CNIR—calling Name identification restriction • Conference call • Alerting Name • Audio Codec Preference List • Attended call transfer • Call Park/Pickup(see limitation section) • Early attended call transfer • CFU—call forwarding unconditional • Extend and Connect

• CFB—call forwarding busy • Shared Line on Cisco Endpoints • CFNA—call forwarding no answer • COLP—connected line (number) identification presentation • COLR—connected line (number) identification restriction

Skype for Business Server: Cisco Unified Communications Manager: • Add Cisco UCM to Skype for Business Topology • SIP trunk security profile • Trunk Configuration • SIP profile • Route Configuration • Media resource group and media resource group list • Voice Policy and PSTN Usage Configuration • Assign media resource group list (MRGL) in the default device pool • Dial Plan Configuration • Region configuration • Call Park range Configuration • Normalization script • Media Bypass Configuration • SIP trunk to Skype for Business • User Configuration • SIP and SCCP phones device configuration • Client Configuration • Route Group, Route List and SIP Route Pattern Voice Mail • Route pattern to Skype for Business and Skype for Business call park range

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/interoperability-portal/cucm-skype-business-tls-appnote.pdf

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Chat & Presence Chat & Presence Interoperability A single architecture for Inter- and Intra Domain Federation – Including Microsoft Interoperability Business to Business Federation Within a Business Federation Inter Domain Federation Intra Domain Federation Cisco Expressway SIP SIMPLE Federation with Cisco Expressway Partitioned Intra Domain Federation Microsoft

Cisco Expressway becomes the unified edge for all Cisco Expressway as centralized routing instance for B2B communications Microsoft Interoperability • Utilizing existing resources (B2B Video, Jabber MRA) • Streamlined configuration • Adds SIP SIMPLE capabilities on top of the already • Single point of contact for all Microsoft based existing XMPP federation services communications • Single routing instance for all B2B traffic • Removes requirement for 3rd party components (load • Provides chat & calling B2B capabilities to Microsoft balancers) Skype for Business on premise and Skype for • Integrates chat & calling federation inside the Business online enterprise (coexistence or migration)

• Microsoft uses a vendor specific dialect of SIP • Cisco Expressway has been enhanced to allow Search Rules to be based on SIP “dialect” and the type of traffic (chat/presence or audio/video)

Cisco Expressway SIP SIMPLE Federation with Microsoft Complex Routing (chat & calling)

Expressway

MSFT SIP IM&P

MSFT SIP IM&P AV & Share Cisco Expressway SIP SIMPLE Federation with Microsoft MSFT AV & Share UCM IM/P Basic Routing (chat & presence) S4B Front End

Standard SIP CMS AV & Share UCM Expressway S4B Front End UCM IM/P • Symmetric routing

• No certificate change required on Skype for Business Server

• Multiple neighbour zones supported with up to 6 neighbours

• Support Cisco UCM Multi Cluster deployment

Expressway-E Expressway-C UCM IM&P

CMS UCM Expressway-E

Single SIP based routing architecture provides: In addition: • Intra Domain Federation for Chat and Calling • Jabber and Cisco IP phone mobile remote access • B2B Federation with Microsoft Skype for Business premise • B2B Federation with Cisco UCM solution • B2B Federation with Microsoft Skype for Business online • B2B Federation with 3rd party standard SIP endpoints

• Presence and Chat between Cisco and Microsoft users (internal or B2B)

• Instant Messaging Presence • Point-to-point Message Exchange (IM) CUCM IM/P maps the two different set of user’s states following the rules reported in the next slides • Plain text IM format • Typing indication • Basic emoticons • Note: Due to the proprietary nature of Microsoft server group chat functionality, partitioned intradomain federation does not support group chat between Jabber clients and Microsoft Lync/SfB clients With Cisco UCM IM&P 11.5.1 SU4 temporary presence subscriptions fixed for Cisco Jabber clients

• Voice/Video calling between Cisco and Microsoft users, including bidirectional desktop sharing • Smooth migration available to Cisco solution. Chat & Calling available during migration. Cisco provided tools allow buddy list migration

Lync/SfB Cisco Jabber Cisco Jabber Lync/SfB

Available Available Available Available

Busy Busy Busy Busy Do Not Disturb Busy Do Not Disturb Busy Be Right Back Away On the Phone Away Away Away Offline Offline In a call Away

Offline Offline

Make the email address the multimodal communication address Most Microsoft deployment user email address for SIP communication Mapped to msRTCSIP-primaryuseraddress attribute in Active Directory Required for deployments utilizing multiple distinct email/SIP domains in a single Cisco UCM IM&P cluster or multi-cluster environment Available in Cisco UCM IM&P with version 10.x or higher Cisco UCM Directory synchronization allows to select attribute email or msRTCSIP-primaryuseraddress. Recommendation for migration scenarios is the to user the later.

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 Talking about Domains Configuration steps for Flexible Jabber ID • Cisco UCM Directory LDAP Sync Statement, configure directory URI mapping

• Cisco UCM IM & Presence, configure Advanced Presence

Settings IM Address Schema – Directory URI true Systems will automatically import all domains configured in Active Directory mail Existing buddy lists will be migrated to new flexible JID format @ • Configure Cisco Jabber to use Flexible JID

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 A word on Cisco Jabber Contact Search Source for contacts • Cisco Jabber contact sources • Active Directory/LDAP • Cisco UDS (service provided by Cisco UCM) • Outlook personal contacts Cisco UCM UDS data source required for clients outside the corporate network using Mobile Remote Access (MRA), Active Directory source not available when outside Corp. network and not on VPN. New UDS Proxy service on Cisco UCM allows enhanced scalability beyond 160.000 directory items. Requires Cisco Jabber 11.7 or higher.

• Microsoft Skype for Business/Lync • Clients have local address book, created by nightly synchronization with AD by AddressBook service of Microsoft server (Lync or S4B) • Only includes users that are enabled for Lync/S4B, aka that have msRTCSIP- primaryuseraddress attribute set (we get to that in a second)

• The Microsoft AddressBook service will only sync contacts that have attribute msRTCSIP-primaryuseraddress set • For migration scenarios the attribute is set for all existing Microsoft users • During migration when net new users are added to Cisco UCM (never enabled before for Microsoft Lync or S4B) msRTCSIP-primaryuseraddress must be set manually in Active Directory so these users are included into the AddressBook file that is downloaded to Microsoft clients

When a users search for contacts (either contact source in Cisco Jabber or AddressBook for Microsoft the search results are displayed including a snapshot of the users presence. Since this is a temporary display of information, clients do not establish a full “subscription” for each of the users in the result list. This is called a temporary presence subscription.

Up until now this issue prevented Jabber or Microsoft users to see presence in the search results.

With Cisco UCM IM&P 11.5.1 SU4 this issue has been addressed for Cisco Jabber clients.

This issue does not affect contacts that have been added to the buddy list of either clients. Full presence is displayed in that scenario.

Using basic (default) SIP routing – Cisco IM&P will route all requests to Microsoft that match any the configured domains Using advanced SIP routing – Cisco IM&P will verify that the destination user exist as a Microsoft Lync or Skype for Business user. Improves routing of mistyped/wrong SIP URIs

Advantages of the Expressway classification approach • Single TLS per subject UCM Expressway SIP broker Expressway traffic classification IM&P • Single TLS configuration S4B FE • Modification of S4B FE Inbound and Outbound requests routed certification optional via same paths Inbound and Outbound requests take (client/server role) different paths, makes configuration and troubleshooting more complicated

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 47 Configuration steps for Cisco Expressway classification Required Configuration Steps … (1/2) • Configure certificates on Lync and Cisco UCM

Highly recommended to use CA based certificates on both systems (Enterprise CA) • Configure security parameters on Cisco UCM IM&P (ACL, TLS peer, TLS context)

Single neighbor, either single Cisco Expressway or Expressway Cluster • Turn on Partitioned Intra Domain Federation & Configure SIP static route(s) on Cisco UCM IM&P Single route per domain pointing to Cisco Expressway next hop • Configure security parameters on Microsoft Lync (Trusted Application, Computer, etc.)

Single destination, Cisco Expressway • Configure SIP static route(s) on Microsoft Lync

Single route per domain pointing to Cisco Expressway next hop

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 Configuration steps for Cisco Expressway classification Required Configuration Steps … (2/2) • Configure neighbor zones on Cisco Expressway

One neighbor zone for UCM IM&P and Microsoft S4B • Configure search rules for specific traffic types

Route IM&P traffic from source zone S4B to Cisco UCM IM&P neighbor zone Route IM&P traffic from source zone Cisco UCM IM&P to neighbor zone S4B

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 49 Configuration steps for Cisco Expressway classification CUCM IM&P Configuration (1/2) TLS Peer Subject Security Incoming ACL

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 50 Configuration steps for Cisco Expressway classification Enable Partitioned Intra Domain Federation CUCM IM&P Configuration (2/2) TLS Context Configuration

SIP Route

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Configuration steps for Cisco Expressway classification Microsoft Skype for Business / Lync Server Skype for Business (Lync) PowerShell commands

Create Route $TLSrouteno1 = New-CsStaticRoute -TLSRoute -destination -port 5061 –usedefaultcertificate $true -MatchUri Set-CsStaticRouteConfiguration –Route @{Add=$TLSrouteno1}

Create Application Pool New-CsTrustedAppicationPool –Identity -Registrar -Site 1 –TreatAsAuthenticated $true – ThrottleAsServer $true –RequiresReplication $false –OutboundOnly –false

Create Application New-CsTrustedApplication –ApplicationID expressway. -ApplicationPoolFQDN -port 5061

Publish and enable the topology in Microsoft Skype for Business

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 57 Chat & Presence Adding Calling (Audio/Video) with Expressway Classification and Cisco Meeting Server Configuration for Cisco Expressway classification

Required Configuration Steps add calling… • Cisco UCM Configure Secure SIP Trunk Profile Configure Secure SIP Trunk to Expressway Configure SIP Route Pattern for URI Routing Configure UCM Cluster Mixed Mode for End to End Encrypted Calls (SRTP) (not covered in the reference material) • Configure additional neighbor zones on Expressway for Cisco UCM and CMS • Configure search rules for routing of media (A/V) traffic • No additional configuration required on Microsoft Skype for Business/Lync

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 Configuration for Cisco Expressway classification Cisco UCM Configure Secure SIP Trunk Profile Configure Secure SIP Trunk to Expressway

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 60 Configuration for Cisco Expressway classification Cisco UCM Configure SIP Route Pattern In a multi domain environment this step needs to be repeated for each SIP domain.

Partitioned Intra Domain Federation – Expressway classification User Experience Chat & Calling

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 68 Chat & Presence Adding Federation with Expressway Classification and Cisco Meeting Server Configuration steps for Cisco Expressway classification

Full Business to Business / Inter Domain Federation using Cisco Expressway It is possible to utilize an existing Microsoft Federation environment, during migration After successful migration it is recommended to transfer the federation functionality completely to Cisco Expressway for all modalities and use cases • SIP B2B Federation with Microsoft cloud O365/Skype for Business online • SIP B2B Federation with Microsoft Skype for Business or Lync on premise • Standard XMPP Federation (Cisco or 3rd party) • Standard SIP Audio/Video (Cisco or 3rd party) Full Open Federation is not supported at this point – under investigation for future release

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 70 Configuration steps for Cisco Expressway classification Required Configuration steps Inter Domain Federation with Cisco Expressway … The following steps assume that during migration the previous example has been implemented • Configure search rules for routing Inter-Domain Federation traffic B2B Search rule to route A/V traffic from Cisco UCM to CMS (transcoding) Modify search rule to route A/V traffic from CMS to Expressway-E traversal zone Modify search rule to route IM&P traffic from Cisco UCM IM&P to Expressway-E traversal zone • Utilizes existing Expressway-C, Expressway-E traversal zone and DNS neighbor zone

Remember the Command Line Migration Tools ? ExportContacts.EXE, DisableAccount.EXE, DeleteAccount.EXE

Cisco UCM IM & Presence 11.5 Provides New GUI Based Migration Tool • Replaced 3 tools with one easy to use Windows application • Old tools had to be run on EVERY server in the deployment with multiple command line arguments • New application is run on the Front-End server. Will connect remotely to all of the other servers in the deployment . • Added progress bars/counters for each stage of the migration • Error handling / reporting has been greatly improved • Added support for validating user accounts, before they get migrated: • Validates that accounts exist and are enabled in Active Directory • Validates that accounts exist and are enabled on the LCS/OCS/Lync server

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 73 Instant Messaging and Presence Partitioned Intra Domain Federation – Migration... • Added validation at every step of the process • Does not let the admin continue without validating previous stages • Contextual tool tip help guides the admin through the process

Easily launch Cisco Voice/Video from Microsoft Teams

• Cross launch to Webex Teams, Webex Calling or Cisco Jabber

• Works with UC Manager and Webex Calling

• Soft phone and Desk phone control support

Subject to Change Preview Release - Experience

• Key experience elements for preview release include…

Cisco Call button Contact address Webex Tab with Docs page on how added to MS resolution from dial pad for calling to optimize Teams pallette Office 365 behaviour (Single Calling platform) NOTE: Preview Release will co-exist with Webex Meetings integration to provide Calling and Meetings workloads

Subject to Change BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 78 Microsoft Direct Routing utilizing Cisco Unified Border Element Direct Routing without Media Bypass Cisco Unified Border Element Call Control (CUBE) being Microsoft certified for Direct Routing PSTN Hub

Media Controller Routing of Microsoft Cloud PBX calls Media to existing Cisco UCM infrastructure Processor or SIP PSTN trunks SIP Proxy Azure

PSTN CUBE HTTP REST signaling sRTP media SIP signaling Unified CM Subject to Change BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 79 Microsoft Direct Routing utilizing Cisco Unified Border Element Direct Routing with Media Bypass Microsoft Teams Direct Routing offers

Call Control similar Media Bypass capabilities as Lync/Skype For Business. Eliminates if PSTN Hub possible the need of Media Processor.

Media • Supports direct media between MS Teams Controller client and SBC/VoIP destination for G.711 Media only Processor • Calls to voice applications (Call Park, Auto

SIP Proxy Attendant, Call Queues) always require Azure cloud Media Processor (no bypass) • Mileage varies in global deployments with multiple redundant SBCs including roaming PSTN clients. CUBE HTTP REST signaling • Microsoft recommendation - MS Teams sRTP media SIP signaling client and SBC are on the same network Unified CM Subject to Change BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 80 Microsoft Direct Routing utilizing Cisco Unified Border Element Direct Routing with Media Bypass • MS Teams clients outside corporate Relay network require SBC IP address to be Call Control publicly exposed

PSTN Hub • Alternative to use MS Teams Transport Relay in Azure Media Controller

Media Processor

SIP Proxy Azure

PSTN CUBE HTTP REST signaling sRTP media SIP signaling Unified CM Subject to Change BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 81 Webex Teams Integration with Microsoft Office Cisco Webex Teams – Microsoft Office Presence and Click-X

Cisco Webex Teams provides integration into Microsoft Office Suite for Windows and Mac

Office Contact Card

Example, respond all with IM (Chat)

Webex Teams Microsoft Office integration for Windows offers two modes of operation: Webex Teams Consumer Organization (Free of Charge) • Teams user is part of consumer organization • User has local administrative privileges on Windows machine Webex Teams Enterprise Organization (Licensed) • Teams user is part of enterprise organization • User does/doesn’t have local administrative privileges on Windows machine Why the difference? Webex Teams can be installed without local administrative rights. The Microsoft integration necessitates registration of a DLL. Registration requires the user to have administrative privileges. “… there can be only one Conner MacLeod…” - not to disrupt existing enterprise applications

Webex Teams Consumer Account Webex Teams Consumer or Enterprise Account User with local administrative rights, Webex Teams Webex Teams Microsoft Office integration for Mac Microsoft Office integration for Windows available from available from settings: settings:

User can chose to enable integration

Webex Teams Enterprise Account User without local administrative rights, Webex Teams Microsoft Office integration for Windows Deploy Webex Teams • Default user mode installation C:\Users\\AppData\Local\Programs\CiscoSpark • Alternative deploy Webex Teams via software distribution • Admin controlled installation directory i.e. C:\Program Files\CiscoSpark • Allows for GPO control of QOS and Windows Firewall Example: msiexec /i c:\work\WebexTeams.msi INSTALLFOLDER="C:\Program Files" ALLUSERS=1

Active Directory Group Policy QOS

Microsoft SCCM

Webex Teams Enterprise Account User without local administrative rights, Webex Teams Microsoft Office integration for Windows Register Office integration for Webex Teams • Required DLL located in \CiscoSpark\dependencies • Execute with administrative privileges: regsvr32.exe /s spark-windows-office-integration.dll Can be automated via startup script/GPO Make sure the proxyaddress attribute is properly configured for the integration to work, must match Webex UserID Can be set via Exchange Management Shell/Admin or via Windows PowerShell Example (user at own risk):

Access Cisco Webex Teams from within your Microsoft Office Applications Excel, PowerPoint & Word Microsoft Office Add-In available from store at https://appsource.microsoft.com/en- us/product/office/WA200000068?tab=Overview

User level installation of add-in Assumes Office 365 Admin has not blocked user level installations

Search for Webex

User level installation of add-in Assumes Office 365 Admin has not blocked user level installations

Administrator level installation of add-in Deploy Add-In for group or all Office 365 users

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 93 Webex Teams Microsoft Office 365 SharePoint Online OneDrive for Business Integration Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Architecture Enterprise Content Solution to Webex Teams

Content posted to Webex Team space is uploaded directly from the client to ECM or a reference between existing content in ECM and Webex teams space is created. Content never passes through Cisco Webex cloud

Share from Personal OneDrive

Share from Webex Teams SharePoint Online native content store

Microsoft content store

Selected file to share

Select permissions ECM controlled

Webex Teams Space view

Joint editing of documents directly from Webex Teams

Webex Teams File activity view

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Adding existing Enterprise Content Solution to Webex Teams Webex Control Hub Administration Service - Messaging Manual enable user

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 98 Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Adding existing Enterprise Content Solution to Webex Teams Office 365 Administration Administrators can chose to restrict certain functionalities in Office 365 which can cause the Webex Teams integration not to function properly • Restricted access outside corporate network Requires users to be connected either to corporate or via VPN. With this policy in place users will get the error message: “Your sign in was successful but does not meet the criteria to access this resource.“ • Permissions for 3rd party applications By default, Azure AD tenants are configured to provide consent to third-party applications. When restricted by the administrator, an end user can’t sign in with Azure AD account in Webex Teams.

For details on how to administer the required permissions on Azure AD please check the following link https://collaborationhelp.cisco.com/article/en-us/7501oi

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 99 Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Adding existing Enterprise Content Solution to Webex Teams Webex Teams Client

New Cloud Settings

Login to Microsoft Office 365 Authorization for app integration (can be pre-authorized for all users by Azure AD administrator, see reference on previous slide)

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 100 Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Linked Folders Allows a complete content sync between Cisco Webex Teams Space and SharePoint Online / OneDrive for Business New space created, select files activity New option to select Folder Linking Office 365 SharePoint / OneDrive

Files posted from Webex Teams as well as files present in O365 available.

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 101 Webex Teams – Enterprise Content Management SharePoint Online/OneDrive for Business Linked Folders – Administration

What are Adaptive Cards? Adaptive Cards are platform agnostic snippets of UI, authored in JSON, that apps and services can openly exchange. When delivered to a specific app, the JSON is transformed into native UI that automatically adapts to its surroundings. It helps design and integrate lightweight UI for all major platforms and frameworks. Cisco Webex Teams has implemented the Adaptive Cards framework version 1.1 created by Microsoft. Supported Webex Teams Clients: Windows & Mac Desktop, Android & iOS Mobile, Web Client, Browser SDK More information: https://developer.webex.com/docs/api/guides/cards

Adaptive cards allow easy user interaction with bots and integrations. Applications can send user buttons, from fields, images and rich formatting. Forms can include simple buttons, drop- down lists, radio buttons, and text fields. Interactive card builder is a tool that allows easy construction of cards. Cisco Card Builder https://developer.webex.com/buttons-and- cards-designer Microsoft Card Builder https://adaptivecards.io/designer/

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 107 Adaptive Cards in Cisco Webex Teams Cisco Webex Teams Bots and Integration framework allows applications to sent cards similar to regular messages. Webex Teams client will render the card. Card actions are signaled using the existing webhook capabilities. Information provided by the user (button press, data entry) is not included in the webhook post but securely retrieved by the application upon receiving the notification.

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 108 Messaging Interoperability Cisco Webex Teams & Microsoft Teams 3rd Party Solution by Mio Full Synchronization Users and channels are synchronized between Webex Teams and Microsoft Teams Users

Spaces / Channels

Interoperability provided via SaaS Solution

Many options to interoperate • Identify your requirements and select the right scenario for your environment • User experience • Technical feasibility • Complexity • Operational implications • Understand the pros and cons of the selected scenario • “Mileage” of certain functionalities might vary when applied to a real life environment …Media Bypass in multi site deployment • Thoroughly evaluate (PoC) • Cisco remains committed to support interoperability scenarios

BRKCOL-2610 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 114 Complete your online session • Please complete your session survey survey after each session. Your feedback is very important.

• Complete a minimum of 4 session surveys and the Overall Conference survey (starting on Thursday) to receive your Cisco Live t-shirt.

• All surveys can be taken in the Cisco Events Mobile App or by logging in to the Content Catalog on ciscolive.com/emea.

Cisco Live sessions will be available for viewing on demand after the event at ciscolive.com.

Demos in the Walk-In Labs Cisco Showcase

Meet the Engineer Related sessions 1:1 meetings