Cisco offers a wide range of collaboration technologies that have the ultimate goal of allowing users to work in collaborative environments that result in faster, more efficient decision-making processes and increased productivity. There are many technologies that fall under the large collaboration umbrella, but this chapter focuses on design guidance surrounding the Cisco offerings in collaborative conferencing through audio, video, rich content sharing capabilities, and people-centric social collaboration platforms. This chapter also explores the differences in the various solutions and provides suggestions on when one solution may be a better fit than another.
The Cisco Collaboration services discussed in this chapter are available as on-premises, off-premises, or mixed deployments. This allows an organization to integrate with a Unified Communications solution in which they have already invested or, alternatively, to implement a service that is hosted “in the cloud.” This is one of the more important distinctions between the various solutions, and it is the first decision point when determining which solution is the best fit for an organization. This chapter contains sections on the following topics:
Each section defines the high-level architecture of the solution, followed by design guidance for high availability, capacity planning and other design considerations pertinent to the solution.
What’s New in This Chapter
This chapter incorporates new material to bring together design discussions surrounding Cisco's collaboration offerings. If you are reading this chapter for the first time, Cisco recommends reading the entire chapter.
Table 22-1 lists the topics that are new in this chapter or that have changed significantly from the previous release of this document.
Table 22-1 New or Changed Information Since the Previous Release of This Document
New or Revised Topic
Minor updates for Cisco Collaboration Systems Release 10.0
At a high level, collaborative conferencing involves receiving audio, video, and content from some or all of the attendees in a meeting, mixing those streams, and then sending the mixed audio, video, and content back to the attendees. Figure 22-1 illustrates a logical conference involving both internal and external participants, mobile and remote workers, or even attendees from other organizations.
Figure 22-1 Logical View of Collaborative Conferencing
These three aspects of a collaborative conference – audio, video and content sharing – are not exclusive. Cisco collaborative conferencing solutions integrate the three to create an enhanced user experience. Features such as the ability to determine active speakers, muting users from the content share interface, or choosing the video layout displayed in the content share, all imply that these three elements are integrated by the solution. All the collaborative conferencing solutions discussed in this chapter use the Cisco WebEx interface for content sharing. This provides a very consistent user experience across all the solutions.
When considering which conferencing solution is best for a given organization, many factors should be evaluated. Characteristics of an organization's users (number of remote workers, access capabilities, and video usage) as well as the range of available endpoints and their capabilities are important to consider. Video requirements such as high definition or interworking with an existing video infrastructure can also dictate a solution. The nature of the meetings themselves (for example, training scenarios, collaborative meetings, or how many meeting participants are external to the organization) is a critical characteristic to identify. Of course, initial cost, maintenance costs, and return on investment (ROI) all play a role as well.
One of the first delineations between the solutions is whether the resources performing each type of conferencing (or mixing) are located on-premises or off-premises. Access to cloud services, the size of the mobile workforce, and support staff levels are all considerations. Cisco WebEx software as a service (SaaS) offers a completely off-premises solution with an option to extend the cloud on-premises, while Cisco Unified MeetingPlace is a hybrid deployment with a mix of on-premises and off-premises equipment. Organizations that have deployed Cisco Unified Communications will benefit most from leveraging an on-premises solution. The later sections provide more detailed deployment options for each collaborative conferencing solution.
Table 22-2 summarizes available solutions from an on-premises cloud perspective.
Table 22-2 On-Premises, Cloud, and Hybrid Capabilities of Cisco Collaborative Solutions
Cisco Unified MeetingPlace (audio/video only deployment)
1.Cisco WebEx webcam video only and no support with standards-based video.
2.Cisco Unified MeetingPlace solutions may alternatively use the WebEx webcam video streaming capabilities of the cloud. However, Cisco does not recommend using both because there is no interoperability.
Cisco WebEx Software as a Service
Cisco WebEx is a collaborative conferencing solution that does not require any hardware to be deployed on-site. All services (audio, video, and content sharing) are hosted in the Internet through the Cisco WebEx Collaboration Cloud. This is often referred to as software-as-a-service (SaaS). Meetings can be initiated and attended from anywhere, anytime, and do not require connectivity back into the enterprise. This section describes solution characteristics and provides design guidance for deploying WebEx SaaS.
Cisco WebEx SaaS utilizes the Cisco WebEx Collaboration Cloud to deliver the conferencing solution to the customers. The Cisco WebEx Collaboration Cloud is a global network created with a carrier-class information switching architecture, and only Cisco Collaboration traffic flows over this network. Figure 22-2 shows the Cisco WebEx Collaboration Cloud architecture.
This network is purpose-built for real-time communications and has been specially formulated to minimize latency associated with TCP-layer flows. The network consists of application-specific multimedia switches at key peering points to handle rapid session traffic and to guarantee a high quality of service for WebEx meetings. These switches are housed in highly secure Cisco data centers interconnected via dedicated lines that circumvent the public internet. These data centers are located near the major internet access points to route meeting traffic around the globe securely and reliably. In addition to these large data centers housing major meeting nodes, Cisco deploys nodes around the world. The network is built on fully redundant clusters with Global Site Backup. These services and other facilities form part of the Cisco WebEx Collaboration Cloud Operational Support System.
Users can connect to a WebEx meeting using the meeting client running on the computer or mobile device. Once the connection is established, the WebEx Collaboration Cloud manages all synchronous real-time interactions that make up a WebEx meeting, as depicted in Figure 22-2. Users access WebEx applications via browsers through the WebEx Collaboration Cloud, which resides within the Web Zone. The Applications Program Interface (API) ties the WebEx applications to the switching platform in the Meeting Zone within the WebEx Collaboration Cloud core. Numerous clusters of interconnected and distributed collaboration switches, their associated databases, and the logical and physical network infrastructure make up the WebEx Collaboration Cloud core. Multi-layer security components and the WebEx Operational Support System encircle the network with an additional layer of protection.
The WebEx Collaboration Cloud delivers real-time traffic reliably using intelligent routing, Global Site Backup (GSB), and Global Server Load Balancing (GSLB). Based on the geographic location of WebEx meeting participants, the WebEx Collaboration Cloud determines the point of presence that offers the lowest latency and best performance. WebEx meeting hosts automatically get a backup site physically located in a geographically distant Cisco data center within the same region. In the unlikely event that the primary WebEx site becomes unavailable, GSB automatically switches all meeting activity to the backup site. GSLB is a load-balancing design that directs traffic to the least congested switch in the WebEx Collaboration Cloud in order to minimize the delays. Thus, if one meeting switch has congestion, traffic is directed to an alternate switch, resulting in faster screen updates and synchronization among participants, and a better meeting experience.
In the WebEx deployment model shown in Figure 22-3, all the content, voice, and video traffic from every client traverses the internet and is mixed and managed in the cloud at the WebEx data center. The WebEx data center is logically divided into the Meeting Zone and the Web Zone. The Web Zone is responsible for things that happen before and after a web meeting. It incorporates tasks such as scheduling, user management, billing, reporting, and streaming recordings. The Meeting Zone is responsible for switching the actual meeting once it is in progress between the endpoints.
Figure 22-3 WebEx Deployment
The Meeting Zone consists of two subsystems. Within the Meeting Zone there are collaboration bridges that switch meeting content. The multimedia platform is responsible for mixing all of the VoIP and video streams within a meeting. To join a WebEx session, an attendee first connects to the Web Zone. The Web Zone traffic flows only before or after the meeting, is relatively low bandwidth, and is mainly non-real time. The real-time meeting content share flows to and from the Meeting Zone and can be bandwidth intensive. Its real-time nature can place a heavy burden on enterprise access infrastructure. For further details regarding network traffic planning, see Capacity Planning.
Meeting Center uses the H.264 AVC/SVC codec to provide high-definition video for the conference. Higher network bandwidth is needed for those deployments. For further details regarding network traffic optimization for high-definition video, see Capacity Planning.
For details on IM and Presence services delivered by WebEx Collaboration Cloud, see the chapter on Cisco IM and Presence.
By default, all WebEx meeting data is encrypted using 128-bit SSL encryption between the client and Cisco's Collaboration Cloud. SSL accelerators within the cloud decrypt the content sharing information and send it to a WebEx conference bridge that processes the content and sends it back through an SSL accelerator, where it is re-encrypted and sent back to the attendees. All Web Zone and Meeting Zone traffic is encrypted using 128-bit SSL where SSL accelerators are used to off-load the SSL function from the Web and Meeting Zone servers.
After the meeting ends, no session data is retained in the WebEx cloud or an attendee's computer. Only two types of data are retained on a long-term basis: billing and reporting information and optionally network based recordings, both of which are accessible only to authorized enterprise users.
Some limited caching of meeting data is carried out within the Meeting Zone, and this is done to ensure that users with connectivity issues or who may be joining the meeting after the start time receive a current fully synchronized version of the meeting content.
Independent third parties are used to conduct external audits covering both commercial and governmental security requirements, to ensure the WebEx cloud maintains its adherence to documented security best practices. WebEx performs an annual SSAE 16 audit in accordance with standards established by the AICPA, conducted by Price Waterhouse Coopers. The controls audited against WebEx are based on ISO-27002 standards. This highly respected and recognized audit validates that WebEx services have been audited in-depth against control objectives and control activities (that often include controls over information technology and security related processes) with respect to handling and processing customer data.
For customers that require enhanced security, there is also an option to perform end-to-end 256 bit AES encryption for collaboration bridge and multimedia content so that traffic is never decrypted in the cloud. End-to-end encryption results in some lost features such as NBRs. For more information on enhanced WebEx security options, refer to the white paper Unleash the Power of Highly Secure, Real-Time Collaboration , available at
NoteEnhanced WebEx security options are available only for Meeting Center meetings. The WebEx security options come at no additional cost. Enhanced WebEx security options are available only for Meeting Center meetings. The WebEx security options come at no additional cost.
With respect to scheduling and initiating meetings, WebEx provides cloud-based web scheduling capability, but most organizations prefer to schedule from their corporate email system (Exchange, Lotus Notes, and so forth) or other enterprise applications. The WebEx Productivity Tools is a bundle of integrations with well known desktop tools incorporated into a single application. A WebEx administrator can control the specific integrations that are provided through the tool to their organization's user population. It can be downloaded and installed from the WebEx site, or it can be pushed out locally using standard desktop management tools. For more information on WebEx Productivity Tool, refer to the WebEx Productivity Tools FAQs , available at
There are several options for creating WebEx user profiles for an organization in the cloud. Security considerations for the actual usernames and passwords, as well as for handling a large number of user accounts, should be considered. A WebEx administrator can create user profiles manually by bulk import of a CSV template or by a programmatic approach. A programmatic approach uses one or a combination of the WebEx APIs, URL, and XML, or a Federated SSO solution. The programmatic approach can be used by a customer portal, which is an application such as a CRM tool or a Learning Management System that integrates directly into WebEx. In addition, the user can sign up for an account from the company's WebEx site, and the user profile will be created after the request has been approved.
For integrating directly with an organization's LDAP directory, Federated SSO with Security Assertion Markup Language (SAML) is the preferred approach. For more information regarding Federated SSO, refer to the white papers and technical notes available at
Cisco WebEx Meetings is the next generation of WebEx Meetings Center designed for people-centric collaboration. The Meetings service, persistent Meeting Spaces, Instant Messaging (IM) and Presence, and other services are integrated into a single platform that allows for collaboration anytime – before, during, and after meetings. This highly secure, cloud-based solution is delivered as the Software as a Service (SaaS) model through the Cisco WebEx Collaboration Cloud. (See Figure 22-4.)
Users can perform the complete meeting life cycle (prepare, meet, and follow-up) inside the WebEx Meetings portal. Before the meeting, organizer can set up the agenda, upload materials, schedule the meeting, and invite participants. When it is time to meet, the organizer can start the meeting and participants can join the meeting from the portal. Participants can then meet face-to-face via HD video and perform data or file sharing during the meeting. After the meeting, the organizer can track progress, share meeting recordings, and schedule follow-up meetings; and participants can access shared files and continue discussion from the portal. Cisco WebEx Meetings comes with Meeting Spaces, which is a centralized and persistent storage space. Each meeting has a corresponding space created with it so that files related to the meeting can be uploaded and shared with others.
The WebEx Meetings portal has an integrated IM web client that allows users to chat with each other. Because WebEx Meetings and IM and presence services are combined into a single platform, the administrator can maintain a single user identity across services to manage the network base policies. A single user contact list can also be created for meetings as well as IM and presence. Thus, this greatly simplifies the WebEx administration task.
For additional information on Cisco WebEx Meetings, refer to the product documentation available at
NoteCisco WebEx Meetings offers the enterprise both partial and full deployment options for IM and presence. Partial deployment enables users to perform IM and presence functions within the WebEx site using the integrated IM web client. Full deployment enables IM federation and the use of native clients (Cisco Jabber, for example) for IM and presence. Cisco WebEx Meetings offers the enterprise both partial and full deployment options for IM and presence. Partial deployment enables users to perform IM and presence functions within the WebEx site using the integrated IM web client. Full deployment enables IM federation and the use of native clients (Cisco Jabber, for example) for IM and presence.
The Cisco WebEx Collaboration Cloud has a very high level of redundancy built in and is managed by Cisco. It is designed for continuous service with a very robust cut-over to the redundant meeting nodes during outages. In addition to the primary WebEx site, every customer has a backup site physically located in a geographically distant WebEx data center within the same region. If a customer's primary site is unavailable, Global Site Backup (GSB) automatically moves all meeting activity to the backup site. Neither the hosts nor the participants notice that they are being redirected to the backup site. The GSB system facilitates continuous accessibility to WebEx meetings globally, and all attributes, address books, preferences, meeting schedules, and other real-time data are kept in sync between the primary and backup sites. Because of this synchronization, GSB provides redundancy and disaster recovery both before and after the meetings.
Cisco WebEx Cloud Connected Audio
Cisco WebEx Cloud Connected Audio (CCA) is an audio conferencing solution based on a hybrid deployment model that uses the on-premises IP telephony network to provide an integrated audio experience for an organization's WebEx meetings. WebEx CCA implements a SIP trunk connection from the organization's IP telephony network into the WebEx cloud infrastructure (see Figure 22-5). The audio conferencing traffic traverses through this SIP connection instead of the service provider PSTN connection and, thus, WebEx CCA provides significant savings on audio cost and maintains the same integrated and intuitive user experience as other WebEx audio options.
As shown in Figure 22-5, a typical WebEx CCA high-level design consists of the on-premises IP telephony network and the WebEx cloud infrastructure that are connected via the dedicated IP Peering Connections provided by the customer. The on-premises IP telephony network consists of a Cisco Unified Communications Manager (Unified CM) cluster and Cisco Unified Border Element. Cisco Unified Border Elements are deployed in the WebEx cloud infrastructure and they mark the entry point for an organization's IP telephony network. The Cisco Unified Border Elements in the cloud and at the customer site communicate with each other via SIP. WebEx CCA requires the customer to have two IP Peering Connections that connect with different WebEx data centers residing in geographically separated locations for redundancy purpose. The redundant IP links are configured in active/standby mode. All conferencing audio traffic flows through the primary link and fails-over to the secondary link if the primary link goes down. WebEx CCA also requires the gateway routers to support Border Gateway Protocol (BGP) and Bidirectional Forwarding Detection (BFD) protocol. BGP and BFD offer a significant faster re-convergence time in the event of a network failure.
NoteThe WebEx data center equipment, audio bridge, and servers run over the shared infrastructure along with other customers in the WebEx CCA solution. The WebEx data center equipment, audio bridge, and servers run over the shared infrastructure along with other customers in the WebEx CCA solution.
Cisco Unified CM has a SIP connection with the WebEx cloud through the Cisco Unified Border Element at the customer site to handle telephony signal. The conference dial-in number is owned by the customer and is terminated at the customer site. Call routing is handled at customer the site, call signaling and audio traffic is handled over the redundant IP peering connections, and call mixing is handled in the cloud. When users dial the conference number within the enterprise, Cisco Unified CM routes the call over the dedicated SIP trunk through the Cisco Unified Border Element to the WebEx cloud without traversing through the PSTN. When the conference users request callback, WebEx sends the call to the Cisco Unified Border Element at the customer site that routes it to the destination end-point. If the conference users reside outside of the enterprise network, calls are routed through the PSTN before terminating or after leaving the customer's IP telephony network. WebEx CCA supports only the G.711 audio codec, RFC 2833 DTMF, and SIP signaling.
WebEx CCA has the highly available and fully redundant architecture that is designed to ensure continuous service operation. Every major component has two instances in active and standby mode, backing up each other. There are two IP Peering Connections handled by two independent pairs of routers, two pairs of Cisco Unified Border Elements, and two audio conferencing bridges. If any of these components fails, its standby counterpart takes over. If the active peering link fails, the network will converge via the standby connection. All existing calls continue, but with a very brief interruption of the media flow. Cisco Unified Border Elements use the Out-of-Dialog OPTIONS ping mechanism to monitor the operational state of each other. Cisco Unified Border Elements at the customer site also monitor the Cisco Unified CM cluster using the Out-of-Dialog OPTIONS ping mechanism. Failure in responding to the ping results in removal of the unresponsive element from the dial-peer list of the sender, which commences routing all new calls via the standby instance. In case the active WebEx audio bridge fails, all calls associated with the bridge are terminated and the standby WebEx audio bridge is activated. WebEx will then prompt the users with a new number to connect to the newly activated bridge, which also re-dials all system-originated calls (callbacks) from before the failure.
Consider the following guidelines when deploying Cisco WebEx Cloud Connected Audio:
Cisco recommends using Cisco Unified CM 8.5 or later release with the WebEx CCA deployment.
Cisco recommends using a dedicated Cisco Unified Border Element for the WebEx CCA deployment to ensure a sound architecture and easy troubleshooting.
Cisco Unified Border Element can be deployed on either a Cisco Integrated Services Router (ISR) or an Aggregated Services Router (ASR), depending on the audio port capacity requirements.
Use an access control list (ACL) instead of packet inspection to restrict traffic in the firewall on the IP Peering link.
The system administrator must provide at least one toll and one toll-free number for guest dial-in.
If an audio codec other than G.711 is desired, use a transcoder to transcode the audio stream to G.711 before sending it to WebEx.
One Direct Inward Dialing (DID) Digital Number Identification Service (DNIS) must be passed to the WebEx cloud via the Cisco Unified Border Element for all conferencing numbers.
For more information on Cisco WebEx Cloud Connected Audio, refer to the documentation available at
For a given customer, the actual number of concurrent meetings is essentially unlimited. Different WebEx conferencing types have different capacities with respect to number of attendees. For a detailed product comparison table, refer to the Cisco WebEx Web Conferencing Product Comparison , available at
With the increased traffic out to the internet, it is important to consider network traffic planning. When planning for network traffic, the way that users use WebEx will make quite a bit of difference in the amount of traffic generated by the meeting. For example, if attendees use native presentation sharing (where the document is loaded to the WebEx site prior to sharing), it generates far less data than if they share their desktops. For a large enterprise, this can be important to understand to ensure correct traffic engineering, especially at the choke points in the network, such as the Internet access points. A preliminary estimate should be made around the average number of meetings to be hosted during the busy hour, along with the average number of attendees. Then, depending on the type and characteristics of these meetings, some projections on bandwidth requirements can be made. For more information regarding network traffic planning, please see the WebEx Network Bandwidth White Paper , available at
Observe the following design considerations when implementing a Cisco WebEx SaaS solution:
Collaborative meeting systems typically result in increased top-of-the-hour call processing loads. Cisco partners and employees have access to capacity planning tools with parameters specific to collaborative meetings to help calculate the capacity of the Cisco Unified Communications System for large configurations. Contact your Cisco partner or Cisco Systems Engineer (SE) for assistance with sizing of your system. For Cisco partners and employees, the Cisco Unified Communications Sizing Tool is available at http://tools.cisco.com/cucst .
All connections from WebEx clients are initiated out to the cloud. Typically, opening pinholes in network firewalls is not required as long as the firewalls allow intranet devices to initiate TCP connections to the Internet.
Based upon business requirements, design decisions have to be made about the following:
– User creation and authentication options (see User Profile, for details)
– Meetings scheduling options (see Scheduling, for details)
Cisco WebEx SaaS uses the multi-layer security model, and security extends from the WebEx infrastructure to the organization and individual meeting layer. There are various security options available, and depending on the business requirements., an organization can implement different levels of security. For security options and considerations, refer to the white paper Unleash the Power of Highly Secure, Real-Time Collaboration , available at
For more details on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see Cisco Collaboration Clients.
Cisco WebEx Meetings Server
Cisco WebEx Meetings Server is a highly secure, fully virtualized, private cloud conferencing solution that combines audio, video, and web conferencing in a single solution. Cisco WebEx Meetings Server addresses the needs of today's companies by presenting a comprehensive conferencing solution with all the tools needed for increased employee productivity as well as support for more dynamic collaboration and flexible work styles. Existing customers can build on their investment in Cisco Unified Communications and extend their existing implementation of Cisco Unified Communications Manager to include conferencing using the SIP architecture. In addition, Cisco WebEx Meetings Server leverages many capabilities from Cisco Unified CM to perform its functions; for example:
Use the SIP trunk connection with Unified CM to conduct teleconferencing
Utilize Unified CM's SIP trunk secure connection support for secure conferencing
Integrate with legacy or third-party PBXs through Unified CM
Leverage Unified CM's dual stack (IPv4 and IPv6) capability to support IPv6
These capabilities are discussed in more detail in the following sections.
Cisco WebEx Meetings Server is a fully virtualized, software-based solution that runs on Cisco Unified Computing System (UCS). It uses the virtual appliance technology for rapid deployment of services. Virtual appliance simplifies the task of managing the system. For example, using the hypervisor technology, system components can easily be moved around for maintenance, or system components can easily be rolled back to a working version if problem arises. The virtual appliance is distributed in the form of an industry standard format, Open Virtual Appliance (OVA). All the software components required to install WebEx Meetings Server are packaged inside the OVA. Traditionally, using an executable installer to install individual software components would take hours to deploy the software. However, using OVA can significantly reduce the amount of time required to deploy the software because all software components are pre-packaged inside the file. Thus, virtual appliance technology can help tremendously to reduce the deployment time for Cisco WebEx Meetings Server.
Figure 22-6 shows the high-level architecture for Cisco WebEx Meetings Server using the non-split horizon network topology. (For details on the non-split horizon network topologies, refer to the Cisco WebEx Meetings Server Planning Guide , available at http://www.cisco.com/en/US/products/ps12732/products_installation_and_configuration_guides_list.html .) Inside the virtual appliance, there could be one or more virtual machines (VMs) running. These are the administration, web, and media virtual machines. The administration and web virtual machines serve as the back-end processing for the administration and WebEx sites. These sites handle tasks that happen before and after the meeting, such as configuration, scheduling/joining meetings, and recording playback. The media virtual machine provides resource allocation, teleconference call control, and media processing (voice, video, and data) during the meeting. The number of virtual machines running inside the virtual appliance depends on the capacity desired and on whether high availability is needed. This provides various options for deployment size.
Figure 22-6 Cisco WebEx Meetings Server High-Level Architecture
Cisco WebEx Meetings Server offers the option of deploying the Internet Reverse Proxy (or edge servers) in the DMZ to facilitate external access. This option provides two advantages. First, all external participants can securely access the WebEx conferences from the internet without going through a VPN. Second, mobile users can join the meetings from a mobile device anywhere as long as there is internet connectivity. Note that the Internet Reverse Proxy is mandatory if mobile client access is enabled.
Internet Reverse Proxy is used to terminate all inbound traffic from the internet inside the DMZ. The content is then forwarded to the internal virtual machines through an encrypted Secure Socket Layer (SSL) or Transport Layer Security (TLS) tunnel. This encrypted tunnel is established by the internal virtual machines connecting outbound to the Internet Reverse Proxy. Therefore, there is no need to open TCP ports inbound from the DMZ to the internal network on the internal firewall. However, some outbound ports from the internal network need to be opened on the internal firewall to allow communication with the Internet Reverse Proxy in the DMZ.
All end-user sessions are 100% encrypted using industry standard Secure Socket Layer (SSL) and Transport Layer Security (TLS). All traffic between the virtual machines is sent over the secure channel. Federal Information Processing Standard (FIPS) encryption can also be turned on by a single policy setting, providing US Department of Defense (DoD) level security. Alternatively, the Internet Reverse Proxy can be deployed behind the internal firewall as shown in Figure 22-7.
Figure 22-7 Internet Reverse Proxy Behind the Internal Firewall
For security concerns, an organization would typically take several months to get approval in deploying a component inside the DMZ. Using this methodology, it could eliminate any DMZ components and bypass the approval process to get the WebEx Meetings Server deployment done quickly. All internet traffic (HTTP on port 80 and SSL on port 443) to the external firewall should be forwarded to the internal firewall. This will minimize the number of ports that need to be opened in the external and internal firewalls. However, placing the Internet Reverse Proxy inside the internal network implies that inbound internet traffic will terminate in the internal network. Although direct internet access to the internal network could be controlled by the firewalls, not all organizations allow terminating internet traffic directly on their internal network. Ensure that this deployment does not violate your organization's IT policy before choosing this option.
In a large enterprise deployment, an organization would require the Single Sign On (SSO) capability to allow end users to sign in using their corporate credentials. Cisco WebEx Meetings Server can connect to the corporate LDAP directory using the industry standard SAML 2.0 for SSO.
NoteCisco WebEx Meetings Server supports Meeting Center only. Cisco WebEx Meetings Server supports Meeting Center only.
NoteStarting with Cisco WebEx Meetings Server 1.1, Cisco Jabber integrated with the Cisco Unified CM IM and Presence Service can be used to join or start meetings hosted on WebEx Meetings Server. For Cisco Jabber support details, refer to the Starting with Cisco WebEx Meetings Server 1.1, Cisco Jabber integrated with the Cisco Unified CM IM and Presence Service can be used to join or start meetings hosted on WebEx Meetings Server. For Cisco Jabber support details, refer to the Cisco WebEx Meetings Server System Requirements, available at http://www.cisco.com/en/US/products/ps12732/prod_installation_guides_list.html.
Cisco Unified CM Integration
Cisco WebEx Meetings Server support both Cisco Unified CM and Session Management Edition (SME). Cisco Unified CM is a central piece of the WebEx Meetings Server architecture that allows the following:
Attendees joining the teleconference by means of Cisco IP Phone or PSTN
Integration of legacy or third-party PBXs with Cisco WebEx Meetings Server
Cisco Unified CM integrates with WebEx Meetings Server by means of SIP trunks to provide inbound and callback call control. Customer can choose to turn on security and run Transport Layer Security (TLS) and Secured Real-time Transport Protocol (SRTP) over the SIP trunk connection. A SIP trunk is configured in Unified CM with a destination address of the Load Balancer in WebEx Meetings Server, and then a route pattern (match the call-in access number configured in WebEx Meetings Server) must be used to route calls via the SIP trunk. A second SIP trunk is configured in Unified CM with a destination address of the Application Server in WebEx Meetings Server, and then a SIP route pattern must be used to route calls via the SIP trunk. When an attendee dials the access number to join the meeting, the first SIP trunk is used to send the call. After the call is connected and the caller enters the meeting ID, the Load Balancer issues a SIP REFER to Unified CM to send the caller to the Application Server that hosts the meeting via the second SIP trunk.
The system administrator can configure a SIP trunk in WebEx Meetings Server that points to a Unified CM to perform callback. Attendees can provide a callback number and have the system out-dial the number to the attendees to join the bridge. In the case of attendees requesting callback, the WebEx Meetings Server sends the SIP request to Unified CM along with the callback number via the configured SIP trunk. It is imperative for Unified CM to be able to resolve all dial strings received from a callback request to join the meetings. Callbacks may also be disabled system-wide by means of site administration settings. Unified CM is in control of all toll restrictions to various countries or other numbers that most enterprises will block, because WebEx Meetings Server does not have any toll restriction blocking itself.
WebEx Meetings Server supports the bidirectional SIP OPTIONS ping mechanism. The ping response from the remote end indicates that the remote end is active and whether it is ready to accept calls. Based on the response, WebEx Meetings Server or Unified CM can determine whether to send calls on the current SIP trunk or look for an alternate SIP trunk (if configured) to send calls. Note that SIP OPTIONS ping is supported in Cisco Unified CM 8.5 and later releases. Due to this reason, Cisco recommends using a compatible Cisco Unified CM version that supports SIP OPTIONS ping for Cisco WebEx Meetings Server deployment. For the list of compatible Unified CM versions, refer to the compatibility matrix in the Cisco WebEx Meetings Server System Requirements , available at
NoteCisco WebEx Meetings Server supports SIP trunk connection with Cisco Unified CM only. Cisco WebEx Meetings Server supports SIP trunk connection with Cisco Unified CM only.
Legacy PBX Integration
Some organizations that have a legacy PBX and are not ready to fully migrate to a Cisco Unified Communications solution, might want to use Cisco WebEx Meetings Server with their system for conferencing. Cisco Unified CM can be used to bridge the legacy PBX and Cisco WebEx Meetings Server together. Cisco WebEx Meetings Server can see only Unified CM and does not even know the PBX is behind Unified CM. As long as Unified CM can interoperate with the organization's PBX, Cisco WebEx Meetings Server can integrate with the organization's PBX. This integration can provide several benefits:
Allow users in the legacy system to experience the new technology
Allow an organization to adopt the new technology gradually, at its own pace
Protect the customer's investment in existing technology while allowing them to migrate to Cisco technology gradually
For further details on PBX interoperability with Unified CM, refer to the documentation available at
Cisco WebEx Meetings Server supports IPv4 only or dual stack (IPv4 and IPv6) addressing for telephony audio, while telephony signaling remains at IPv4. Audio streams can be IPv4, IPv6, or a mix of IPv4 and IPv6 in the same meeting. Cisco WebEx Meetings Server supports Alternate Network Address Types (ANAT) to enable both IPv4 and IPv6 media addressing in the Session Description Protocol (SDP) during the SIP Offer and Answer exchange on the SIP trunk with Unified CM to establish a media connection using the preferred addressing scheme.
Both IPv4 and IPv6 devices can be used for teleconferencing. With IPv6 devices, Cisco WebEx Meetings Server leverages Unified CM's capacity to translate the IPv6 signaling to IPv4 and transport it over a SIP trunk to the Cisco WebEx Meetings Server. With the telephony media addressing, Cisco WebEx Meetings Server can convert between IPv4 and IPv6. Therefore, Cisco WebEx Meetings Server can support IPv6 without any expensive MTP resources.
With ANAT, Cisco WebEx Meetings Server can support IPv6 telephony audio without the support of IPv6 telephony signaling. However, ANAT must be supported on both ends of the Unified CM SIP trunk. Be sure to enable ANAT on the Unified CM SIP trunk, otherwise there will be a failure to establish the call when attendees request callback or attempt to dial in.
If the WebEx Meetings Server has IPv6 enabled, ANAT headers will be included in the media offer. WebEx Meetings Server will always answer with ANAT headers if the media offer includes ANAT headers. The following paragraphs describe the media address version selection process between the IPv6-enabled WebEx Meetings Server and the dual-stack Unified CM using the ANAT header.
When WebEx Meetings Server sends a call to Unified CM, the SDP offer contains both IPv4 and IPv6 media addresses. If the called device is IPv6, Unified CM chooses IPv6 for the media connection and answers with the IPv6 media address in the SDP; if the called device is dual-stack, Unified CM uses the IP Addressing Mode Preference for Media parameter to determine the address version in the answer SDP. If the parameter is set to IPv6, then IPv6 will be used for the media connection.
When Unified CM sends a call to the WebEx Meetings Server through the SIP trunk, WebEx Meetings Server receives the SDP offer with an ANAT header. If the SDP offer contains both IPv6 and IPv4 media addresses, WebEx Meetings Server answers with the higher precedence address version specified in the ANAT header, which would be IPv6 in this case. If the SDP contains only an IPv6 address, WebEx Meeting Server answers with an IPv6 media address.
For information on deploying IPv6 in a Cisco Unified Communications system, refer to the latest version of Deploying IPv6 in Unified Communications Networks with Cisco Unified Communication Manager , available at
Cisco WebEx Meetings Server uses the N+1 redundancy scheme to ensure system availability in the event of component failures. At the system level, virtual machines and components inside run in active/active mode. If one component goes down, the system restarts the component. Status information is exchanged between system components. Using this status information, the system is able to distribute the requests evenly among the active components. Depending on the deployment size, the number of virtual machines in the backup or redundant system might or might not be the same as in the primary system.
In the high availability system, when the virtual machine hosting the meeting goes down, affected meeting clients will automatically reconnect to the available service within a short period of time. However, depending on the nature of the failure and which component has failure, not all clients and meetings would be affected. For descriptions of system behavior during a component failure, refer to the latest version of the Cisco WebEx Meetings Server Release Notes , available at
Inside the high availability system, there is a second network interface in the active administration and Internet Reverse Proxy virtual machine that is configured with the virtual IP address. The administration and WebEx site URLs use this virtual IP address to access the administration and WebEx sites. In the event of failover, the virtual IP address is moved over to the new active virtual machine. Thus, it provides access redundancy to the administration and WebEx site.
Disaster Recovery for Dual Data Center Design
For disaster recovery deployments where the backup WebEx Meetings Server system needs to be in a different geographic location, it is possible to deploy an identically configured recovery system in the second data center. The recovery system is pre-installed and should be shut down or put into maintenance mode while the WebEx Meetings Server system is operational in the primary data center. If a disaster occurs and the primary data center is down, the recovery system should be brought up and restored using the most current system backup from the WebEx Meetings Server in the primary data center.
Consider the following information when using the disaster recovery option:
Primary and recovery systems are independent of each other and do not connect together in any way.
The recovery system should have access to the system backup from the primary system to perform restoration.
Set up a Unified CM subscriber local to the recovery system to handle teleconferencing.
For detail information on disaster recovery requirements and procedures, refer to the Cisco WebEx Meetings Server Administration Guide , available at
The capacity of WebEx Meetings Server depends on the platform of choice and the number of conferencing nodes running in the deployment. For capacity planning details, see the section on Collaborative Conferencing.
If recording meetings is a requirement, sufficient disk space should be allocated on the Network Attached Storage (NAS) device to store the recordings. For disk space allocation detail, refer to the Meeting Recordings section in the Cisco WebEx Meetings Server Planning Guide , available at
Network traffic planning for WebEx Meetings Server collaboration consists of the following elements:
Call control bandwidth
Call control bandwidth is extremely small but critical. Co-locating the WebEx Meetings Server with Unified CM helps protect against issues with call control. Remote locations need proper QoS provisioning to ensure reliable operation. Call control bandwidth is used for establishment of calls between WebEx Meetings Server and Unified CM, and the amount of bandwidth required for each call depends on how the attendees join the meeting. For an attendee dialing into the meeting, the call consumes approximately the same amount of bandwidth as making two SIP calls. For an attendee requesting callback, the call consumes approximately the same amount of bandwidth as making one SIP call. For details about call control bandwidth estimation for SIP calls and QoS provisioning, see the chapter on Network Infrastructure.
Real-Time Transport Protocol (RTP) traffic bandwidth
RTP traffic consists of voice and video traffic. Voice bandwidth calculations depend on the audio codec used by each device. (See the chapter on Network Infrastructure, for bandwidth consumption by codec type.) Video bandwidth can be calculated the same way as WebEx SaaS. (See Network Traffic Planning.)
Web collaboration bandwidth
Web collaboration bandwidth for WebEx Meetings Server can be estimated the same way as WebEx SasS. (See Network Traffic Planning.)
The following additional design considerations apply to WebEx Meetings Server deployments:
For scenarios where any WebEx Meetings Server components are separated by network firewalls, it is imperative to ensure the correct pinholes are opened for all required traffic.
Collaborative meeting systems typically result in increased top-of-the-hour call processing load. Capacity planning tools with specific parameters for WebEx Meetings Server are available to Cisco partners and employees to help calculate the capacity of the Cisco Unified Communications System for large configurations. Contact your Cisco partner or Cisco Systems Engineer (SE) for assistance with sizing of your system. For Cisco partners and employees, the Cisco Unified Communications Sizing Tool is available at http://tools.cisco.com/cucst .
Using Transport Layer Security (TLS) and Secured Real-time Transport Protocol (SRTP) have no effect to the WebEx Meetings Server capacity. However, using TLS and SRTP does have an impact on Cisco Unified CM capacity.
WebEx Meetings Server has no built-in line echo cancellation. Use an external device such as a Cisco Integrated Service Router (ISR) to provide echo cancellation functionality.
For more details on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see the chapter on Cisco Collaboration Clients.
Call admission control with WebEx Meetings Server is performed by Unified CM. With locations-based call admission control, Unified CM can control bandwidth to the WebEx Meetings Server system by placing the SIP trunk specific to WebEx Meetings Server in a location with a set amount of audio bandwidth allowed. Alternatively, Unified CM supports the use of Resource Reservation Protocol (RSVP), which can also provide call admission control. For further information regarding call admission control strategies, see the chapter on Call Admission Control.
Cisco recommends marking both the audio streams and video streams from WebEx Meetings Server as AF41 (DSCP 0x22) to preserve lip-sync. These values are configurable in WebEx Meetings Server Administration.
Web conferencing traffic is encrypted in SSL and is always marked best-effort (DSCP 0x00).
For network requirements, network topology, deployment size options, and other deployment requirements and options for WebEx Meetings Server, refer to the Cisco WebEx Meetings Server Planning Guide , available at
Cisco WebEx Enabled TelePresence is a collaboration conferencing platform that combines the video experience of Cisco TelePresence with the presentation experience of Cisco WebEx Meeting into a single meeting. Cisco WebEx and TelePresence are optimized to work with standards-based video endpoints and WebEx meeting clients. They help customers to extend the reach of the meetings and simplify the experience for all participants. Attendees on TelePresence endpoints and WebEx meeting clients can securely share two-way video, audio, and content among themselves. This platform brings together the user experiences from two conferencing systems and extends the collaboration to more users on more devices in more locations.
Cisco WebEx Enabled TelePresence allows an organizer to schedule meetings using the familiar interface of Microsoft Outlook enabled by the WebEx Productivity Tools or with the Cisco TelePresence Management Suite (TMS). The host selects the participants, adds the preferred endpoints and the WebEx information, and sends the invitation to all attendees. Using the productivity tools, the attendees receive one meeting invitation with all the information about how to join through TelePresence or WebEx. The meetings can be launched using One Button To Push (OBTP) from the TelePresence endpoint, or Cisco TMS can automatically connect the endpoints with the meetings at the scheduled start time.
As shown in Figure 22-8, the high-level architecture of Cisco WebEx Enabled TelePresence consists of the enterprise collaboration network and the WebEx Cloud infrastructure that are connected through an IP connection. The enterprise collaboration network consists of Cisco Unified Communications Manager (Unified CM), Cisco TelePresence Video Communication Server (VCS) Control and Expressway, TelePresence Bridge, and Cisco TelePresence Management Suite (TMS). Cisco Unified CM and Cisco VCS Control are the call processing platforms that provide call routing and call control for the TelePresence endpoints within the enterprise. Cisco VCS Control also routes the non-local domain calls (calls to WebEx Cloud, for example) out to the internet through Cisco VCS Expressway. Cisco Unified CM and Cisco VCS Control are connected over a SIP trunk.
For details on integrating Cisco Unified CM with Cisco VCS, refer to the latest version of the Cisco VCS and CUCM Deployment Guide , available at
The TelePresence Bridge mixes the audio from the TelePresence endpoint participants and sends the mixed audio, the active speaker video, and the content sharing video to Cisco VCS Control, which routes the call to the WebEx Cloud using SIP. Similarly, the TelePresence Bridge receives the media (mixed audio, active speaker, and content sharing video) from the WebEx Cloud, cascades the audio into the TelePresence conference, and sends the content sharing video to the TelePresence endpoints. If the TelePresence Bridge detects that the active speaker is from the WebEx side, it switches the TelePresence endpoints to the active speaker video. If the active speaker is from the TelePresence side, the TelePresence Bridge sends the previous active speaker video to the TelePresence endpoint of the current active speaker.
Figure 22-8 Cisco WebEx Enabled TelePresence Using WebEx Audio with SIP
In the DMZ, Cisco VCS Expressway handles the traversal calls between the enterprise and WebEx Cloud, and it allows the signal and media to traverse through the internal and external firewalls. Cisco VCS Expressway connects with the WebEx Cloud through the configured DNS Zone and routes calls to WebEx via DNS lookup. Cisco VCS Expressway encrypts the SIP signal and media to TLS and secured RTP before sending them to the cloud, and it decrypts the incoming traffic before routing it to the enterprise network. Customers have an option to turn on encryption for the SIP signal and media traffic within the enterprise. Cisco VCS Expressway also provides the proxy function on call control for the TelePresence endpoints outside of the enterprise network and thus allows participants on these endpoints to join the WebEx Enabled TelePresence meetings.
When the WebEx Cloud receives the traversal calls and media sent from the enterprise network, the WebEx audio bridge cascades the audio into the WebEx conference, and WebEx switches to the active speaker video and displays the content sharing on the WebEx meeting clients. Similarly, WebEx Cloud sends the conference mixed audio, the active speaker, and content sharing video from the WebEx side to the Cisco VCS Expressway, which routes them to the TelePresence Bridge.
Cisco WebEx Enabled TelePresence supports H.264 video for active speaker and content sharing. It utilizes Binary Floor Control Protocol (BFCP) for content sharing and G.711 codec for audio. While Cisco WebEx uses H.264 video and G.711 audio codec, TelePresence can still use other video formats or codecs that are supported by the endpoints. The TelePresence Bridge will handle the audio and video interoperability between the TelePresence endpoints and WebEx meeting clients. In addition, there is a flow control on the link between the TelePresence Bridge and WebEx Cloud that regulates the bandwidth available for handling the media. For media from WebEx, the TelePresence Bridge always allocates 4 Mbps to ensure that WebEx sends the best quality of video possible to the TelePresence Bridge. For media from the TelePresence Bridge, depending on the capability of the device that runs the WebEx meeting client within the conference, WebEx allocates the bandwidth based upon the least capable device, with a maximum bandwidth of 4 Mbps. However, if the least capable device leaves the conference, the bandwidth will be re-allocated based on the next least capable device that runs the WebEx meeting client. Also, if the device running the WebEx meeting client cannot receive 180p video from the TelePresence Bridge, no video is sent to that device but its video will be sent to other participants, and this device will not be considered in the bandwidth allocation process. Live video sent from the TelePresence Bridge to WebEx varies from Common Intermediate Format (CIF) to HD 720p at 30 frames per second (fps), and content video is XGA (1024 x 768). The allocated bandwidth determines the resolution and frame rates used to display TelePresence video on WebEx clients. Depending on the TelePresence endpoints deployed, video resolution required, screen layout desired, and deployment options chosen, customers can deploy the TelePresence Bridge using the Cisco TelePresence Server or Cisco TelePresence MCU.
NoteThe TelePresence Bridge cannot be trunked with Cisco Unified CM for WebEx Enabled TelePresence meetings and must be registered with Cisco VCS Control. The TelePresence Bridge cannot be trunked with Cisco Unified CM for WebEx Enabled TelePresence meetings and must be registered with Cisco VCS Control.
WebEx and TelePresence participants can join the WebEx Enabled TelePresence meeting from within the enterprise or anywhere from the internet. For WebEx participants, they join the meeting using the WebEx meeting clients with either PSTN or VoIP audio. For TelePresence participants, they join the meeting via the One Button To Push (OBTP) or Auto Connect feature with the supported endpoints or by calling directly into the TelePresence Bridge. Once the participants successfully join the meeting, they can see the live video of each other from the endpoints and meeting clients. For presentation sharing with a WebEx user, either the user can make himself the presenter or the host can assign the presenter privilege to the user before he can start sharing the presentation. There is the WebEx site configuration to control this behavior. For presentation sharing with a TelePresence user, the user can connect the video display cable to his computer or press a button on the endpoint to start sharing his presentation without involving the host.
Cisco TelePresence Management Suite (TMS) is the key component for scheduling Cisco WebEx Enabled TelePresence meetings. It provides a control link to the Cisco WebEx meeting scheduler. This link enables Cisco TMS to create new meetings on Cisco WebEx calendar and to obtain Cisco WebEx meeting information that is distributed to meeting participants. The following options are available to schedule WebEx Enabled TelePresence meetings:
WebEx Productivity Tools
WebEx Productivity Tools is a suite of tools that allows users to schedule WebEx sessions quickly and easily. Productivity Tools includes an Outlook plug-in that allows an organizer to schedule WebEx Meetings, TelePresence resources, and WebEx Enabled TelePresence meetings. Cisco TelePresence Management Suite Extension for Microsoft Exchange (TMSXE) is required for the productivity tool to interface with Cisco TMS for booking the meetings. This option provides a seamless integration for users to schedule WebEx Enabled TelePresence meetings and to send the invitations to all participants directly inside the email client with a single transaction.
Smart Scheduler is a web-based tool that is hosted on Cisco TelePresence Management Suite Provisioning Extension (TMSPE), and it allow users to schedule WebEx Enabled TelePresence meetings using a browser. This could provide an option for users who would like to schedule meetings on mobile devices.
Note As long as the Cisco TMSPE option key has been installed, there is no extra license required for using Smart Scheduler.
WebEx Scheduling Mailbox
In this option, the network administrator needs to create a special mailbox account in Microsoft Exchange Server. When an organizer schedules a WebEx Enabled TelePresence meeting, he should include this special mailbox account in the invitees list. Cisco TMSXE monitors this account and requests Cisco TMS to book a WebEx Enabled TelePresence meeting if it sees this account in the recipients list. This option provides a convenient way, but with limited control of settings, for users to schedule meetings using any email clients that are supported by Exchange, such as Outlook for MAC or Outlook Web Access (OWA).
Cisco TMS Booking Interface
With this option, the meeting organizer has to log in to the Cisco TMS portal and schedule the WebEx Enabled TelePresence meetings from the Booking interface. This interface provides users with control of advanced settings for the meetings, and typically IT or help desk personnel uses this option to schedule meetings.
For Cisco TMS configuration details with these options, refer to the Cisco WebEx Enabled TelePresence Configuration Guide , available at
Scheduling a WebEx Enabled TelePresence meeting is a two-steps process. First, a request is sent to the WebEx Cloud to schedule the meeting on the WebEx calendar, and the WebEx Cloud responds with the meeting details that are passed to Cisco TMS. Second, Cisco TMS schedules the TelePresence meeting in its calendar. When it is the meeting start time, Cisco TMS pushes the meeting details to the TelePresence Bridge for joining the meeting on WebEx. The meeting details returned from WebEx include the date and time for the meeting, dial-in information, subject, meeting number, URL for joining the meeting, and so forth. Once the meeting has been scheduled, details for the WebEx and TelePresence portions of the meeting are sent to the host, and the host can forward the details to all participants. However, if the productivity tool is used, the meeting details are automatically included in the invitation that the host creates and sends to the meeting participants.
Single Sign On
Cisco WebEx Enabled TelePresence supports scheduling the WebEx portion of the meeting in Cisco TMS using Single Sign On (SSO). This feature requires the WebEx site to have Cisco TMS provisioned as the delegated partner and to have the Partner Delegated Authentication configured. With SSO enabled in Cisco TMS, only the user's WebEx username is stored in the Cisco TMS user profile without the need of the WebEx password. When the user schedules a WebEx Enabled TelePresence meeting, WebEx trusts Cisco TMS and requires only the WebEx username stored in Cisco TMS to schedule the meeting in the WebEx calendar. For Cisco TMS configuration details with SSO, refer to the Cisco WebEx Enabled TelePresence Configuration Guide , available at
All communications between the enterprise network and the WebEx Cloud are encrypted (using TLS and secured RTP) via the VCS Expressway in the customer's DMZ. Customers also have an option to turn on encryption for the SIP signal and media within the enterprise. A certificate has to be uploaded to the Cisco VCS Expressway to ensure that proper handshaking takes place for the TLS connection to be functional. That certificate cannot be self-signed and must be signed by a trusted Root Certificate Authority. For the list of the trusted Root Certificate Authorities, refer to the Cisco WebEx Enabled TelePresence Configuration Guide , available at
A password is required when the TelePresence Bridge calls into WebEx to join the meeting. The password is allocated for each WebEx Enabled TelePresence meeting scheduled on the WebEx calendar and is embedded in the SIP URI that is returned as part of the meeting details from the WebEx Cloud. This password is encoded into 22 bytes and qualifies for the security standards. At the start of the meeting, the TelePresence Bridge calls into WebEx using this SIP URI, and WebEx validates the password to authorize the call to join the meeting.
When it is the start time for the WebEx Enabled TelePresence meeting, Cisco TMS initiates the conference on the TelePresence Bridge for the TelePresence participants. Cisco TMS then instructs the TelePresence Bridge to make a SIP call out to the WebEx Cloud using the SIP URI that was returned as part of the scheduling process and to join the conference on the WebEx side. As a result, the TelePresence Bridge establishes separate audio, active speaker video, and content sharing video streams with the cloud for the meeting. The active speaker video, content sharing video, and conference control always travels over the IP network, but the audio can travel over either the IP network or the PSTN, depending on the deployment options chosen. The various audio options available for WebEx Enabled TelePresence are:
Figure 22-8 shows the deployment of Cisco WebEx Enabled TelePresence using WebEx Audio with SIP. In this option, the conference audio is established with the WebEx audio bridge through the SIP connection when the TelePresence Bridge calls out to the WebEx Cloud at the start of the meeting. The audio, active speaker video, content sharing video, and conference control are sent on the IP network from the TelePresence Bridge to the WebEx Cloud through Cisco VCS Expressway. As a result, the audio connection from the TelePresence Bridge cascades into the WebEx audio bridge.
WebEx Audio Using PSTN
For Cisco WebEx Enabled TelePresence deployment where the in-country rule does not allow toll bypass, WebEx Audio using the PSTN could be an option. Figure 22-9 depicts this deployment. In this option, the active speaker video, content sharing video, and conference control are sent over the IP network, but the audio is established with the WebEx audio bridge through the PSTN. This option requires the deployment of a voice gateway to connect the audio call between the IP network and the PSTN. During the scheduling process, when the meeting is scheduled on the WebEx calendar, WebEx passes the dial-out number and the meeting number to Cisco TMS. At the start of the meeting, Cisco TMS instructs the TelePresence Bridge to initiate a SIP call to the WebEx Cloud to establish the active speaker video and content sharing video. At the same time, Cisco TMS instructs the TelePresence Bridge to dial out through the PSTN to establish an audio connection with the WebEx audio bridge. After connecting with the WebEx audio bridge, the TelePresence Bridge sends out the meeting number as a DTMF dial sequence so that WebEx can associate the audio and video call legs. As a result, the audio connection from the TelePresence Bridge cascades into the WebEx audio bridge.
NoteThe Voice Gateway can be under the control of either Cisco Unified CM or Cisco VCS Control. The Voice Gateway can be under the control of either Cisco Unified CM or Cisco VCS Control.
Figure 22-9 Cisco WebEx Enabled TelePresence Using WebEx Audio with PSTN
The dial-out number returned from WebEx is in full E.164 number format (for example, +14085551212). The dial plan design in Cisco Unified CM or Cisco VCS Control should take into account the handling of E.164 numbers. For dial plan design with Cisco Unified CM, see the chapter on Dial Plan. For dial plan details with Cisco VCS Control, refer to the latest version of the Cisco VCS Basic Configuration Deployment Guide , available at
The Telephony Service Provider (TSP) Audio option is for customers who prefer to use the audio bridge hosted by their third-party telephony service provider. The TSP Audio configuration is very similar to WebEx Audio using the PSTN configuration, except that the audio bridge is hosted by the telephony service provider (see Figure 22-10). The TSP link between WebEx and TSP provides the advanced conference control features.
Figure 22-10 Cisco WebEx Enabled TelePresence Using Telephony Service Provider (TSP) Audio
During the scheduling process, in addition to the dial-out number and meeting number, extra digits for navigating through the IVR prompts on the TSP audio bridge are passed from WebEx to Cisco TMS. At the scheduled meeting start time, Cisco TMS instructs the TelePresence Bridge to initiate a SIP call to the WebEx Cloud to establish the video connections. At the same time, Cisco TMS instructs the TelePresence Bridge to dial out to the TSP audio bridge through the PSTN. Then the TelePresence Bridge plays out the meeting number as a DTMF dial sequence, along with additional DTMF digits to navigate through the IVR prompts on the audio bridge to start the meeting. On the WebEx side, WebEx participants start the WebEx session using the meeting client and dial into the TSP audio bridge or have callback from the audio bridge. Thus, the audio streams from TelePresence and WebEx participants are cascaded. From this point onward, information about the loudest speaker, participant list, and so forth in the WebEx side, is passed from the TSP to WebEx through the TSP link and then into the enterprise collaboration network.
NoteThe Voice Gateway can be under the control of either Cisco Unified CM or Cisco VCS Control. The Voice Gateway can be under the control of either Cisco Unified CM or Cisco VCS Control.
The dial-out number returned from WebEx is in full E.164 number format (for example, +14085551212). The dial plan design in Cisco Unified CM or Cisco VCS Control should take into account the handling of E.164 numbers. For dial plan design with Cisco Unified CM, see the chapter on Dial Plan. For dial plan details with Cisco VCS Control, refer to the latest version of the Cisco VCS Basic Configuration Deployment Guide , available at
There are two areas that must be considered when designing high availability for WebEx Enabled TelePresence: the enterprise collaboration network and the WebEx Cloud. The WebEx Cloud is managed by Cisco and already has the redundancy built into the infrastructure. For details, see the section on Cisco WebEx Software as a Service.
In the enterprise collaboration network, utilize the clustering option from Cisco Unified CM and Cisco VCS Control and Expressway to provide redundancy for call control on the TelePresence endpoints. In case the primary server fails, the endpoints can fail-over to the backup server for call control. When setting up the neighbor zone for the TelePresence Bridge in Cisco VCS Control, configure more than one peer in the peer list to provide redundancy.
The WebEx Cloud has the built-in capability to evenly distribute the traffic and dynamically add more capacity if thresholds are exceeded. Capacity planning for Cisco WebEx Enabled TelePresence involves sizing of the components running within the enterprise. The components include:
Cisco VCS Expressway must provide enough resources to handle the traversal call traffic for the deployment. For capacity details, refer to the latest version of the Cisco TelePresence Video Communication Server Administrator Guide , available at
Network traffic planning for Cisco WebEx Enabled TelePresence consists of the following elements:
WebEx Clients Bandwidth
The WebEx meeting client uses the Scalable Video Coding (SVC) technology to send and receive video. It uses multi-layer frames to send video and it allows the receiving client to automatically select the best possible resolution to receive video. For more information regarding network traffic planning for WebEx clients, refer to the Cisco WebEx Network Bandwidth White Paper available at
For each call to the WebEx Cloud, a minimum network bandwidth of 1.1 Mbps is required between the enterprise and the WebEx Cloud. For example, if a customer is expecting five simultaneous WebEx Enabled TelePresence meetings, network bandwidth of 5.5 Mbps is required. At the same time, a maximum bandwidth of 4 Mbps is supported per call.
For optimal SIP audio and video quality between the TelePresence Bridge and the WebEx Cloud, Cisco recommends setting up the video bandwidth of at least 1.3 Mbps in the region associated with each endpoint registering with Cisco Unified CM.
The following design considerations apply to Cisco WebEx Enabled TelePresence deployments:
Upgrade from previous versions of WebEx Enabled TelePresence that use the Cisco TelePresence MultiPoint Switch infrastructure is not supported, and customers using those previous versions should plan for migration.
Every user who wants to schedule a WebEx Enabled TelePresence meeting must have an account in the WebEx site.
TelePresence endpoints can register with Cisco Unified CM or Cisco VCS Control for call control. Cisco recommends registering the endpoints with Unified CM whenever possible.
Any endpoints that can register with Cisco Unified CM or Cisco VCS Control and that are supported by the TelePresence Bridge can be used to join the Cisco WebEx Enabled TelePresence meeting.
Only devices managed by the Cisco TelePresence Management Suite (TMS) can use One Button to Push (OBTP) or the Auto Connect feature to join the WebEx Enabled TelePresence meeting.
Ensure that the Cisco Unified CM Neighbor Zone in Cisco VCS Control is configured with Binary Flow Control Protocol (BFCP) enabled.
Provision Hybrid Audio in the WebEx site to allow the use of SIP audio for the TelePresence Bridge and PSTN audio for WebEx participants.
Cisco WebEx Enabled TelePresence does not support Cisco WebEx Meetings Server.
The TelePresence Bridge becomes the default host if no host is present when it joins the WebEx Enabled TelePresence meeting.
The TelePresence Bridge will call into the WebEx Cloud at meeting start time even if no TelePresence or WebEx participant has joined yet.
Cisco TelePresence Conductor is not supported in Cisco WebEx Enabled TelePresence.
The organizer's WebEx account and Outlook time zone should match; otherwise, the meeting scheduled in WebEx and in the Cisco TMS calendar will have different start times.
Cisco Unified MeetingPlace
Cisco Unified MeetingPlace combines the benefits and capabilities of Cisco WebEx content sharing with the ability to host the audio and standards-based video portions of the collaboration meetings on-premises. Customers that have invested in Unified Communications solutions are able to leverage and extend their existing deployments to include audio and video conferencing using an all-SIP architecture. Unified MeetingPlace deployments vary depending on several options such as scalability, scheduling interface options, media resource options, and degree of high availability required. These options are discussed in more detail in this section.
There are two different deployment models available with Unified MeetingPlace architecture:
Multinode Unified MeetingPlace Audio with WebEx Scheduling model for large global enterprises:
– Provides scalability to 14,400 G.711 audio ports using multiple Conferencing Nodes
– Provides active/active resiliency for audio conferences
– Provides virtualization support on the Cisco UCS platform
– Provides enhanced WebEx integration features
– Provides user-based licensing for Active Users and hardware-based server capacity for ports
Note Multinode deployment support is available with Cisco Unified MeetingPlace 8.5 and later releases.
Unified MeetingPlace Scheduling model:
– Available to installed base of Unified MeetingPlace customers only
– Available as audio/video only with no Web conferencing (no WebEx) to new or installed-base customers
– Provides continuous meetings with blast outdial
– Provides Cisco Unified Communications Manager Video Telephony ad-hoc support
– Provides scalability to a maximum of 1,200 audio ports with Cisco Unified MeetingPlace Express Media Server (EMS) using G.711
– Provides active/warm-standby resilience with manual failover
NoteThis chapter focuses on audio, video, and Web sharing solutions. However, Unified MeetingPlace also supports deployments utilizing audio only or audio and video only. This chapter focuses on audio, video, and Web sharing solutions. However, Unified MeetingPlace also supports deployments utilizing audio only or audio and video only.
This section covers system-level design guidance of a Cisco Unified MeetingPlace system in the Cisco Unified Communications environment. This chapter does not cover any hardware requirements or software component configurations of Unified MeetingPlace that are not related to system design. For information on these topics, refer to the Unified MeetingPlace product documentation available at
NoteThe implementation of any Cisco Unified MeetingPlace 8. The implementation of any Cisco Unified MeetingPlace 8.x web conferencing solution requires the purchase of a WebEx site. The WebEx services are independent of Cisco Unified MeetingPlace licensing.
Unified MeetingPlace Architecture
This section provides a high-level overview of each Unified MeetingPlace component and its function in the solution.
Unified MeetingPlace Meeting Director Server
The Meeting Director node supports several functions for multinode deployments with a WebEx scheduling front end. This is a required component used to support multinode configurations only. The Meeting Director module includes a WebEx Telephony Service Provider (TSP) connection to the WebEx collaboration cloud for integration using outbound TCP 443 only for a two-way communication path for the audio commands. The Meeting Broker Director is responsible for distributing audio meetings between different conferencing nodes in an equal load sharing methodology. The Events Aggregator monitors conferencing node capacity and events happening in real time. UserSync is used to synchronize all profiles from WebEx Site if it is enabled.
A multinode system has one Primary Meeting Director node and one Secondary Meeting Director node for redundancy, which can be located in any customer data center behind a corporate firewall. If the Primary Meeting Director fails, the Secondary Meeting Director becomes active. Cisco recommends that you configure your Meeting Directors as regional masters and that you locate your Meeting Directors in different data centers to provide greater system resiliency.
A "combined node" provides both Meeting Director and conferencing functionality, and it is supported when there are fewer than four Conferencing Nodes in a system. With more than four Conferencing Nodes, both Meeting Directors must reside on a dedicated hardware server.
Unified MeetingPlace Application Server (Conferencing Node)
The Unified MeetingPlace solution centers around the Unified MeetingPlace Application Server, also referred to as a Conferencing node in a multinode configuration, which provides audio and video mixing functionality through SIP trunking from a Unified CM or Session Management Edition call control system. At least one conferencing node is required in order to host conferences. Additional conferencing nodes provide greater capacity and resiliency.
The Unified MeetingPlace Application server is installed on a Cisco Unified Computing System (UCS) platform running the Linux operating system and the IBM Informix Dynamic Server (IDS) database, and it acts as the audio/video conference node component that mixes audio and standards-based video conferences in an enterprise network. The Unified MeetingPlace Application server controls the media servers of the solution, and it communicates with the Unified MeetingPlace Meeting Director component in a multinode configuration. The Unified MeetingPlace Application server supports SIP back-to-back user agent (B2BUA) and sends/receives calls through a SIP trunk connection with Cisco Unified CM or Session Management Edition (SME) for call delivery for inbound and outbound callbacks. The Cisco Unified MeetingPlace Express Media Server is also an optional software component that can be installed co-resident on the Unified MeetingPlace Application server and it is the preferred media mixer for most customer scenarios.
The Cisco Unified MeetingPlace Express Media Server (EMS) provides the audio and video conferencing functionality for the solution. The Express Media Server is the cost-effective option with Cisco Unified MeetingPlace, and it performs audio mixing and standards-based video switching in software that is co-resident on the Unified MeetingPlace Application Server. The EMS allows for a single-box software-only solution for a Cisco Unified MeetingPlace audio/video-only deployment, or it can be deployed in a multinode configuration. Media cannot be cascaded across EMS instances; therefore, the capacity of a Unified MeetingPlace EMS solution depends on the UCS platform on which it is installed, or whether you install multiple Unified MeetingPlace Application and Express Media servers for scalability in a multinode deployment. Scalability in a multinode deployment can provide a maximum of 14,400 G.711 ports and requires the use of a WebEx Scheduling model.
For ultimate capacity on Express Media Servers, G.711 audio-only provides the highest number of simultaneous ports for audio conferencing. If G.729 or G.722 audio codecs are needed, then capacity is much less. Also, if standards-based video mixing is used, again this lowers capacity depending on the type mixing and maximum bandwidth settings. For instance, a Cisco UCS B-Series Blade Server using G.711 audio-only can support a maximum of 1,200 ports. To enable maximum capacity, Cisco highly recommends providing network layer audio codec transcoding to G.711 in Cisco Integrated Services Routers (ISRs) for calls that transverse a WAN in G.729 or G.722 and terminate in a Unified MeetingPlace conferencing node or single system. For more information, see Capacity Planning.
All Unified MeetingPlace 8. x web conferencing solutions require a WebEx site. A WebEx site for a given organization will have the format companyXYZ .WebEx.com . Enterprise customers may use Meeting Center only or a combination of all the WebEx centers, which is called Enterprise Edition and which supports Meeting Center (MC), Event Center (EC), Training Center (TC), and Support Center (SC). WebEx packages for Active Host, Named Host, Ports, or minutes are all supported with Cisco Unified MeetingPlace 8.5 and later releases.
Event Center and Training Center offer additional integration features. Event Center Audio Broadcast allows for efficient use of Unified MeetingPlace Audio. Only presenters in an event meeting are connected to the Unified MeetingPlace Audio system, and all participants (up to 3,000) join by means of a browser URL and can listen to the audio broadcast in streaming mode (not multicast). Unified MeetingPlace audio can support a maximum of 500 audio ports in a single large meeting with auto-mute if desired, but Cisco highly recommends using the Event Center Audio broadcast feature for large meetings for one-to-many functions. Training Center offers the use of audio/web breakout rooms and mute participants upon entry.
A single WebEx Site is tied to only one Unified MeetingPlace system. A Unified MeetingPlace system in the multinode deployment model requires using the WebEx Scheduling model only. Multiple WebEx Sites cannot be supported on one Unified MeetingPlace system, and multiple Unified MeetingPlace systems cannot be supported on one WebEx Site.
Cisco Unified MeetingPlace 8.5 and later releases with WebEx WBS27 FR 26 and above allow Unified MeetingPlace to be integrated without any need for provisioning. Existing WebEx customers that have this release can easily add Unified MeetingPlace Audio to their existing site without any provisioning requests or changes. In addition, this WebEx release also supports Dual Audio vendor, which will allow for either WebEx Audio and Unified MeetingPlace Audio on the same site or Unified MeetingPlace Audio and TSP Audio on the same site. There is an administrative portal to the WebEx site that is used to configure key parameters that tie the site to the Unified MeetingPlace deployment. For more information regarding the WebEx site configuration, refer to the Administration Documentation for Cisco Unified MeetingPlace , available at
NoteFor Unified MeetingPlace audio/video-only deployments, a WebEx site is not required. For Unified MeetingPlace audio/video-only deployments, a WebEx site is not required.
WebEx Site Dual Audio Support
A WebEx site using Release 27 FR26 or above supports a new feature called Dual Audio Vendor support. This feature allows for the following configurations and integrations:
WebEx Audio/VoIP + Unified MeetingPlace audio
TSP audio + Unified MeetingPlace audio
The Dual Audio Vendor feature enables existing WebEx sites with TSP Audio or WebEx Audio to configure Unified MeetingPlace Audio as well, and do a phased migration from one type to the other, which allows future meetings already scheduled with the first audio provider to still be used while all new future meetings start using Unified MeetingPlace Audio. This also allows different regions of the world to use different audio systems based on profile default settings. For example, Singapore can use WebEx Audio while all North America users are set to use Unified MeetingPlace Audio only.
In addition, profiles can be configured to offer both audio providers, and users must know how to schedule using each provider per meeting. Specific WebEx session types can also be configured to use one type of audio provider based on the meeting type scheduled.
Dual Audio Vendor support does not provide automatic overflow from one to the other or combining of both audio systems together.
Unified MeetingPlace Audio currently does not support "mixed" audio conferencing with the WebEx VoIP feature. So if customers want to use WebEx Audio with VoIP, this dual vendor audio support would have to be configured, and users would have to know to choose the WebEx Audio/VoIP option to use this function.
User Based Licensing
Starting with Cisco Unified MeetingPlace 8.5, a user-based licensing model is used. In previous versions of Unified MeetingPlace, ports-based licensing was used. A user-based licensing model allows customers to purchase systems based on the "active" users on the Unified MeetingPlace system. Active users are defined as a profiled account that schedules meetings or hosts meetings on Unified MeetingPlace. System reports are available for monitoring active usage to see if the system has exceeded the purchased user count. Also, a minor SNMP alarm is sent if the active user count is above licensed user count. In no way will Unified MeetingPlace block a conference call or profiled host from having a meeting. Customers may provision as many users as they need without any issues by using the various provisioning options available through WebEx or native to Unified MeetingPlace. The Unified MeetingPlace database will support a maximum of 400,000 profiles.
NoteA user license (audio, web, or video) is not granted to any particular user but, rather, is a system-wide resource shared by all users in the Unified MeetingPlace system. A user license (audio, web, or video) is not granted to any particular user but, rather, is a system-wide resource shared by all users in the Unified MeetingPlace system.
System capacity for the total number of audio callers connected simultaneously is dependant entirely on the hardware server model and number deployed. Peak usage and future growth both must be factored in when designing a Unified MeetingPlace on-premises solution. If you deploy two Cisco UCS B-Series Blade Servers or C210 Series Rack-Mount Servers with Unified MeetingPlace Application and EMS software, you will have 1,200 G.711 ports per server or 2,400 total ports or 1,200 redundant ports that all profiled users and guests can utilize. Conferencing nodes have active/active load sharing of all meetings. If one server is down, the calls on that server are dropped and users can immediately dial back in or use Callback from the WebEx meeting room user interface, and that meeting will be reestablished automatically on the other server (or the least busy server in the region). Unified MeetingPlace supports up to 14 conferencing nodes with a total of 14,400 G.711 ports. If G.729, G.722, and/or standards-based video is used, it will reduce these capacity numbers.
Unified MeetingPlace supports both scheduled and reservationless meetings. Reservationless meetings are audio only (or audio/video only if video is enabled).
The Cisco Unified MeetingPlace solution offers two scheduling interface options:
WebEx Scheduling Model using Productivity Tools, One Click, and WebEx scheduling interfaces
Unified MeetingPlace Scheduling Model using Outlook, Lotus Notes, Conference Manager, or Web scheduling interfaces
In many cases, user familiarity with a particular interface will influence the decision of which option to choose. If users are currently using a WebEx SaaS deployment and simply want to pull audio/video resources on-premises, or if this is a new Unified MeetingPlace installation, Cisco recommends the WebEx scheduling deployment model. The WebEx Scheduling model is required for multinode deployments of Unified MeetingPlace 8.5 or later releases. However, if Unified MeetingPlace is currently deployed, it might be beneficial to maintain the same scheduling interface. While there are certainly differences, both have a web-based user scheduling portal and both have their own integrations with common calendaring systems (Outlook or Lotus Notes). Also, WebEx scheduling supports Enterprise Edition meetings (Meeting Center, Event Center, and Training Center sessions), while Unified MeetingPlace scheduling supports Meeting Center sessions only. The Unified MeetingPlace scheduling model is not available for new customers deploying Unified MeetingPlace 8.5.
The WebEx Scheduling deployment model supports Meeting Center only or WebEx Enterprise Edition (EE), which includes Meeting Center, Event Center, and Training Center session types, all of which can integrate to Unified MeetingPlace Audio. Event Center and Training Center are always considered external meeting types, and internal users join the cloud for those session types.
WebEx Scheduling utilizes all the current WebEx Productivity Tools (see Cisco WebEx Software as a Service), and all audio and WebEx recordings for external meetings are stored in the WebEx Collaboration cloud under the Network Based Recording site per host account.
Single-Site WebEx Scheduling Deployments
With WebEx scheduling, there are no Unified MeetingPlace Web servers required, and the click-to-attend URL in a meeting invitation takes users directly to the WebEx site. Figure 22-11 illustrates a high-level view of a sample Unified MeetingPlace solution with WebEx scheduling and dual Express Media Servers with active/active redundancy.
Figure 22-11 Unified MeetingPlace Single-Site Solution with WebEx Scheduling and Express Media Server
As shown in Figure 22-11, the Cisco Unified MeetingPlace system connects with the cloud through the telephony service provider (TSP) link, which allows for in-meeting controls such as the ability to mute attendees or to see active speakers. This TSP link is established by the Meeting Director outbound to the cloud via a TLS encrypted dedicated socket connection on TCP port 443 to the customer WebEx site.
This hybrid architecture does not require any "inbound" ports to be opened through the firewall. The Meeting Director TSP supports only SOCKS proxy servers (not HTTP or HTTPS proxy). Users joining WebEx meetings also use TCP 443 outbound only through firewalls to the WebEx Collaboration Cloud. WebEx publishes the IP ranges required if firewall settings to limit internet access are necessary.
Cisco recommends a maximum latency between all components of 300 ms round-trip time (RTT), wherever components may be deployed in the enterprise network. Standard VoIP network best practices also apply to deploying Unified MeetingPlace on-premises conferencing resources. SIP trunking latency between Unified MeetingPlace conferencing nodes from/to Unified CM must adhere to this same standard for optimal conferencing performance.
For all network requirements, refer to the latest version of the System Requirements for Cisco Unified MeetingPlace , available at
Multisite deployments consist of sites and regions. Conferencing nodes and Meeting Director nodes are installed in data centers based on customer requirements for both capacity resiliency.
Sites are logical groups of nodes that have similar functions and capabilities. For example, a site might contain nodes with high-definition video capabilities. Sites are identified by a unique name in the system and can belong to only one region. A site contains one to all of the nodes in a region. You can configure a preferred site to host all meetings for specific user profiles.
Regions are groups of one or more sites. Regions are identified by a unique name in your system. You can have up to four regions in your system, and regions are also used to assign time zones.
A multinode Unified MeetingPlace Audio and Web Conferencing system has the following capacities:
14,400 G.711 audio ports
14,400 web sessions
16 Cisco Unified MeetingPlace application server nodes consisting of two Meeting Director nodes and 14 conferencing nodes (12 with 1,200 G.711 ports = 14,400 ports, and 2 extra conferencing nodes for resiliency is supported)
1,200 ports per conferencing node (G.711) until the 14,400 limit is reached
Maximum of four nodes per site
Maximum of two sites per region (two sites with up to two nodes each, or one site with up to four nodes)
Maximum of four regions
Note Capacities will be lower depending on G.729 or G.722 codec use, video use type, and bandwidth allowed.
Meetings are distributed evenly by configuring inbound SIP trunks to all Conferencing Nodes in a circular method in Unified CM or Session Management Edition. Callbacks initiated from within a WebEx meeting room are distributed by the Meeting Director who is monitoring all conferencing node traffic. The Meeting Director will start a new meeting on the least busy node in the region and based on the timezone of the host who scheduled that meeting. For inbound calls, the first person who joins the meeting will dictate which conferencing node they land on based on the SIP circular hunt mode. If that meeting ID is started on a different node within the same region or in a different region, a SIP Refer command will be initiated automatically to redirect that caller to the conferencing node where the host is assigned. All callers into the same meeting ID will be routed to one node in the system based on either timezone or the node on which the meeting was started by the first attendee. Thus, all users in the system will always dial their local Unified MeetingPlace dial-in numbers (or use callback) to join any meeting anywhere in the world. The SIP Refer will automatically redirect them to the proper node for that particular meeting, depending on the timezone of the host who scheduled that meeting. If a reservationless meeting ID is used, callbacks are distributed based again on the timezone where that host resides, but load sharing among multiple nodes is used for maximum capacity and resiliency.
Centralized Deployment Model with Multinode WebEx Scheduling
The example in Figure 22-12 consists of one region with active/active resiliency in a single site. This system requires two Cisco UCS servers to provide for two Meeting Director and/or EMS servers deployed in one sites and one region, which is a centralized deployment model. Scalability is 1,200 G.711 ports with active/active redundancy, and both servers equally share the meeting load from all time zones. Unified CM SIP trunk sizing needs to take into account only simultaneous peak SIP traffic, not 2,400 ports of SIP traffic. The Meeting Director is co-located with two different conferencing nodes. The 1,200 ports generally can support a ratio of 20 users to 1 port with typical conferencing usage patterns, so this configuration should be able to support a total of 24,000 users.
Figure 22-12 Unified MeetingPlace Multinode Deployment with WebEx Scheduling for One Region
Two-Region Multinode Unified MeetingPlace Deployment Model with Webex Scheduling
The example in Figure 22-13 consists of two regions in a globally distributed design with active/active resilience in each region. Also, data center sites are configured based on customer data center design. All conferencing nodes in a region are load-balanced, and nodes in different sites or regions can fail-over to other regions by means of administration settings.
This system requires four Cisco UCS servers to provide for two Meeting Director and/or EMS servers and two Conferencing Nodes in two sites and two regions. Scalability is 1,200 G.711 ports per region with active/active redundancy. Unified CM SIP trunk sizing needs to take into account only simultaneous peak SIP traffic, not 2,400 ports of SIP traffic. The Meeting Director is co-located with two different conferencing nodes and can be located in either data center depending on customer requirements.
Figure 22-13 Unified MeetingPlace Multinode Deployment with WebEx Scheduling for Two Regions
Unified MeetingPlace Multisite Solution with WebEx Scheduling and Three Regions
The example in Figure 22-14 consists of three regions in a globally distributed design with active/active resilience in each region. Also, separate data center sites are configured for site redundancy. All conferencing nodes in a region are load-balanced, and nodes in different sites or regions can fail-over to other regions by means of administration settings.
This system requires eight servers to provide for two Meeting Directors and six Conferencing Nodes. Scalability is 1,200 G.711 ports per region with active/active redundancy per region.
Figure 22-14 Unified MeetingPlace Multisite Solution with WebEx Scheduling for Three Regions
There are two difference types of video available to customers:
Unified MeetingPlace standards-based third-party room/desktop or Unified Communications Video (H.323, SIP, or SCCP)
WebEx HQ Video for Meeting Center and Training Center using webcams only
Customers must choose between these two options because there is no interoperability available today between them. Do not enable both because doing so will cause confusion for end users.
With respect to standards-based Unified MeetingPlace video, when video is mixed by the Unified MeetingPlace components on-premises, the video is displayed on the standard room and desktop endpoints themselves. It is not seen in the WebEx video pod inside the web meeting, and Cisco recommends disabling the webcam HQ Video feature on the WebEx site, otherwise there could be a mix of video conferencing with endpoints and webcam video shown in the WebEx application with no tie between them. User-based licensing supports both audio and video usage on any Unified MeetingPlace system. Enabling video on Conferencing Nodes will affect capacity based on the video type and bandwidth used.
For information about standards-based video devices supported with Unified MeetingPlace, refer to the latest version of the Compatibility Matrix for Cisco Unified MeetingPlace , available at
Alternatively, if no Unified MeetingPlace video conferencing is deployed, users could take advantage of the WebEx HQ/HD Video capabilities using pure webcams-only mixed in the cloud.
Unified Communications Client Services Framework (CSF) devices and Cisco Unified Video Advantage are both webcam-only or SCCP/SIP video standards-based devices. How the client joins a meeting and which video option is enabled will determine the video experience for the end user. (See Table 22-3.)
Table 22-3 Supported Video Options
WebEx HQ Video
Standards-based support for H.323, SIP, and SCCP
Global Access guest/users
WebEx Owned Profile Management
There are two ways to configure profile management: WebEx Owned Profiles or Unified MeetingPlace Owned Profiles.
WebEx owned profile management allows for profiles to be provisioned in the following ways:
Account sign-up (automatically approved or with system administrator approval required)
Manual account creation
Import periodically from Excel spreadsheet file
Federated single sign-on (SSO) option (accounts automatically created upon login)
WebEx XML API (custom account management)
With WebEx Owned Profile enabled, Unified MeetingPlace automatically synchronizes all user profiles from the cloud through the X.509 encrypted link and creates users on Unified MeetingPlace Conferencing nodes. Users can then use the Profile Number and PIN code to access the reservationless audio-only meetings.
NoteThe Profile Number is eight digits in length and is assigned randomly when the user profile is created. The PIN code can be created by the user upon first logging in to the WebEx site. Optionally, the Profile Number can also be customized by retrieving it from the LDAP directory through the WebEx XML API by using a custom code for mapping LDAP fields to WebEx Profile fields. The Profile Number is eight digits in length and is assigned randomly when the user profile is created. The PIN code can be created by the user upon first logging in to the WebEx site. Optionally, the Profile Number can also be customized by retrieving it from the LDAP directory through the WebEx XML API by using a custom code for mapping LDAP fields to WebEx Profile fields.
Unified MeetingPlace then accesses profiled user information through an XML API User Synch module to automatically configure all users on Unified MeetingPlace Conferencing Nodes. When installing the Meeting Director primary server (the first one in the installation cycle), you choose the WebEx Owned Profile setting and the system then operates automatically to synchronize user profiles from the cloud through an X.509 encrypted link.
When WebEx Owned Profiles is enabled, the Unified MeetingPlace system uses a Profile Number and PIN code, which users enter only for reservationless audio-only meetings. When the user profile is newly created, WebEx Site with Unified MeetingPlace will atomically assign a random Profile Number to that user. Upon first logging in to the WebEx Site, that user is prompted to configure a PIN code. If customers want a specific number to be assigned to the users based on an LDAP field, then the WebEx XML API must be used for provisioning a custom code that uses LDAP fields to map to WebEx profile fields. The Profile Number and PIN length requirements are set in the Unified MeetingPlace System Administration parameters. Profile Numbers can be 4 to 8 digits in length, and PIN codes can be 5 to 24 digits in length.
NoteWebEx Owned Profile is mandatory in order to enable the optional WebEx Federated Authentication Service (FAS) LDAP capability. For more information on FAS, refer to the WebEx WebEx Owned Profile is mandatory in order to enable the optional WebEx Federated Authentication Service (FAS) LDAP capability. For more information on FAS, refer to the WebEx Federated SSO Authentication Service Technical Overview, available at http://developer.cisco.com/documents/4733862/4734214/Federated+SSO+Authentication+Service.pdf.
WebEx XML API
If you want to control the creation of the MeetingPlace Profile ID with a field that exists in the LDAP profile, then you must write a script to call the WebEx XML APIs for User Service and Create Users functions. One of the parameters for this XML API is the Unified MeetingPlace profile number (mpProfileNumber) assignment. Unified MeetingPlace profile numbers must be between 4 digits and 8 digits in length. Unified MeetingPlace profile numbers are used only with audio-only meetings or reservationless meetings that are audio-only, where the host must log into meetings with this profile number that is the meeting ID and PIN code to start the meeting. All other callers are in a waiting room on Unified MeetingPlace until the host logs in and starts the meeting. Normal scheduled WebEx and Unified MeetingPlace combined meetings do not require the use of this profile number and PIN code to start them.
For more information on the XML API, refer to the documentation available at
Unified MeetingPlace Owned profile management is available only for existing customers that wish to retain the use of current profiles for use with WebEx. New customers will not be able to provision the WebEx site using the Unified MeetingPlace-to-WebEx SSO integration, which is supported only on installed systems already provisioned in this manner.
If there is no SSO enabled between Unified MeetingPlace and WebEx, all WebEx host accounts must be provisioned by manual export from Unified MeetingPlace to the WebEx site by an administrator (to be updated periodically), and all end-user authentication is provided by the local WebEx host account passwords. WebEx host accounts may also be requested via the WebEx Site and then exported into the Unified MeetingPlace system for profile management. The SSO option must be chosen when ordering the WebEx Site for integration with Unified MeetingPlace on-premises, and it is available only for existing customers who already have Unified MeetingPlace and WebEx installed.
Unified MeetingPlace Scheduling Deployment
The Unified MeetingPlace scheduling deployment option requires the use of two Unified MeetingPlace Web Servers, solely for scheduling and attending meetings. They do not provide any web conferencing functionality. Figure 22-15 illustrates a high-level view of a sample Unified MeetingPlace solution with Unified MeetingPlace scheduling and EMS.
Figure 22-15 Unified MeetingPlace Solution with Unified MeetingPlace Scheduling and EMS
With Unified MeetingPlace scheduling, when users select the click-to-attend URL in an invitation, they first connect with a Unified MeetingPlace Web server customer-configured URL (HTTPS option recommended). The Unified MeetingPlace Web servers immediately initiate a connection to the organization's WebEx site and create a meeting, and the WebEx site returns a join URL which the MeetingPlace Web servers pass onto the clients in the form of a redirect to the WebEx Media Tone Network via secure HTTPS. This redirect behavior is completely transparent to the user, and user authentication is performed solely by the on-premises Unified MeetingPlace system, which is required to enable the SSO capability.
When a Unified MeetingPlace profiled user schedules a WebEx meeting or accesses the My WebEx link from the Unified MeetingPlace web user interface, WebEx automatically creates the user account based on the Unified MeetingPlace user profile with the SSO option enabled. The Unified MeetingPlace profile could be either from the local Unified MeetingPlace userID and password or from LDAP integration with Unified CM, which is the most commonly used. Several Unified MeetingPlace user profile attributes are inherited by WebEx, including username, password, first name, last name, telephone number, and email address. Because a WebEx Site is dedicated to a specific customer and the WebEx user profile is based on the Unified MeetingPlace user profile, there should not be any user profile conflicts. No WebEx host accounts are created manually because the Unified MeetingPlace SSO integration provides this function via the WebEx TSP link. Passwords are not sent over the TSP Link to WebEx. WebEx will trust all internal user traffic redirected by the Unified MeetingPlace Web servers. Guest users do not use any passwords or authentication to join WebEx meetings (except the WebEx Meeting Password if configured).
Cisco Unified Communications Manager
Cisco Unified Communications Manager (Unified CM) is also a central piece of the architecture, and it provides inbound and callback by means of SIP trunks. A SIP trunk is configured in Unified CM with a destination address of the Unified MeetingPlace Application server(s), and then a route pattern(s) must be used to route calls via the SIP trunk to Unified MeetingPlace. Typically there are three phone numbers that are sent in email notifications for use for dial-in capabilities: Toll free (optional), toll number, and internal Unified CM DN for abbreviated dialing for internal callers. In Unified MeetingPlace there is a separate configuration for callback or outdial feature support by means of SIP trunks to a primary Unified CM subscriber, and subsequent subscribers are used if the primary is not accepting calls due to various conditions. The IP addresses or hostnames of multiple Unified CM call processing subscribers are listed for outbound call delivery in a hunt mode.
It is imperative for Unified CM to be able to resolve all dial strings received from a callback request within a WebEx Meeting room after joining. Callbacks may also be disabled system-wide on the WebEx Site by means of Site Administration settings. Unified CM is also in control of all toll restrictions to various countries or other numbers most enterprises will block, because Unified MeetingPlace does not have any toll restriction blocking itself.
In a multinode deployment the Unified CM or Session Management Edition systems are a critical component supporting Unified MeetingPlace in geographically disbursed enterprises. Unified CM clusters with intercluster trunks (ICTs) are required to accommodate Unified MeetingPlace conferencing servers with their unique assigned dial-in numbers and to resolve all calls based on dial plans between sites and to the PSTN for guest or outside mobile users. Guest users can either dial in or use the WebEx callback feature within a meeting room after joining. Multinode Unified MeetingPlace conferencing nodes in a region are configured in a route group in a circular method, where all inbound calls are distributed evenly between all nodes. Callbacks are initiated by the Meeting Director, which chooses the least busy conference node per region based on the timezone of the host of that meeting. The SIP Refer command is used to send dial-in callers to the conferencing node chosen to host that meeting ID.
Additional guidelines for redundancy are described in the section on High Availability. Third-party PBXs can be integrated with Unified MeetingPlace through Unified CM only. For further details on PBX interoperability with Unified CM, refer to the documentation available at
Unified MeetingPlace supports receiving both Early Offer (EO) and Delayed Offer (DO) SIP Invite messages. Unified MeetingPlace initiates EO SIP Invites for outbound calls, and Unified CM sends calls to Unified MeetingPlace by using DO SIP invites. Unified CM can be configured to use EO, but this might require the use of a media termination point (MTP) resource. For more information, see SIP Offer/Answer Model.
NoteFor Unified MeetingPlace audio/video deployments involving the Express Media Server (EMS), Unified MeetingPlace also supports call delivery by means of a Cisco IOS SIP gateway or Cisco Unified Border Element. LDAP synchronization capabilities are lost with this deployment. For more information, refer to the latest version of the For Unified MeetingPlace audio/video deployments involving the Express Media Server (EMS), Unified MeetingPlace also supports call delivery by means of a Cisco IOS SIP gateway or Cisco Unified Border Element. LDAP synchronization capabilities are lost with this deployment. For more information, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace, available at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/products_implementation_design_guides_list.html.
Another criterion for choosing a deployment model is where customers prefer meeting recordings to be stored and accessed. Meeting participants can start audio-only recording via a voice user interface such as a telephone, or they can start audio and web recording from a WebEx meeting room. Audio recording invokes a call event from the WebEx Collaboration cloud to the Unified MeetingPlace Media server via the PSTN voice gateways. For the Unified MeetingPlace scheduling deployment model, the recorded meetings are available from the Unified MeetingPlace Web user interface to download and play back with a WebEx recording playback program. The internal Unified MeetingPlace web server (with optional SAN/NAS) stores those recordings on-premises.
Unified MeetingPlace Scheduling uses the WebEx Network Based Recording (NBR) storage for all meetings that are scheduled as external meetings. Users can access these external recordings via the company’s WebEx site.
All Unified MeetingPlace and WebEx recordings are played back via the standard NBR recording playback program provided by download to the local users’ PCs. All files are editable as well by WebEx editing tools for NBR recordings.
Other Architectural Considerations
Some integration options available with a Unified MeetingPlace Scheduling deployment model may require additional integration servers. Outlook and Exchange calendaring integration is inherently built into the Unified MeetingPlace Application server. However, Lotus Notes integration requires additional software that is co-resident on the Internal Unified MeetingPlace Web server, but other integrations do not require the deployment of the Internal Unified Meeting Web server.
For more information on available Unified MeetingPlace integrations, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace , available at
This deployment model is for current customers who already have the Unified MeetingPlace Web components deployed. The other requirement for deploying this model include using the following features:
Audio-only or audio/video-only deployments with no WebEx integration
– Primary/warm standby redundancy is available with this deployment.
Continuous meetings with blast outdial for audio-only meetings
– Primary/warm standby redundancy is available with this deployment.
Unified CM Video Telephony ad-hoc audio/video mixing for conference bridge resources
– Multiple instances of Unified MeetingPlace in ad-hoc mode can be used per Unified CM cluster. Each Unified CM cluster requires its own Unified MeetingPlace audio-only server(s).
– Multiple Unified MeetingPlace servers can be configured in hunt fashion on the conference bridge resource group configuration per cluster.
– Standards-based video will affect overall capacity, depending on the type and bandwidth of video setting on Unified MeetingPlace.
Most deployments use the single-site deployment model, with all server components and users located at a single site interconnected by a single LAN. Solution components vary as discussed in the section on Architecture. Single-site deployments have the following common characteristics:
The Express Media Server is automatically co-located with the Application server.
Network Time Protocol (NTP) must be implemented to allow Unified MeetingPlace components to synchronize their clocks to a network time server or network-capable clock. NTP is a critical network service for Unified MeetingPlace because it ensures accurate time for scheduling meetings. The external NTP source can be specified during Unified MeetingPlace Application server installation, and other Unified MeetingPlace components will synchronize with the application server automatically.
For existing customer installations only, Unified MeetingPlace Scheduling audio, video, and web recordings and meeting attachments can optionally be stored on an external customer-provided SAN/NAS storage server.
For deployments with Unified MeetingPlace Scheduling, you must deploy a single Unified MeetingPlace Web server for internal users and a single Unified MeetingPlace Web server located in the DMZ for external participants.
For deployments with Unified MeetingPlace Scheduling, the round-trip delay between the active Unified MeetingPlace Application server and any Unified MeetingPlace Web server(s) in the solution must not be greater than 150 ms.
For a detailed list of incoming and outgoing ports by component, refer to the latest version of the System Requirements for Cisco Unified MeetingPlace , available at
This section describes redundancy considerations for the following Unified MeetingPlace components:
Unified MeetingPlace Application Server
Unified MeetingPlace Media Server
Unified MeetingPlace Web Server
Unified MeetingPlace Application Server
Unified MeetingPlace in a multinode deployment with WebEx Scheduling automatically provides active/active resiliency, and customers can choose the level of redundancy per region and site. Regions can be configured to overflow to other regions if desired.
Unified MeetingPlace with the MeetingPlace Scheduling model allows for an active (primary) and a single warm standby Unified MeetingPlace Application server for failover. Each Unified MeetingPlace Application server in a failover deployment is configured with the same IP address associated to its physical network interface controller (NIC) and a unique IP address associated to a virtual network interface. The requirement for both Unified MeetingPlace Application servers to share the same IP address mandates both Application servers to be connected to the same virtual LAN (VLAN) or IP subnet. This is not an issue when both servers are placed in a single data center; however, a dual data center design is supported only if the same VLAN (IP subnet) spans both data centers. All Unified MeetingPlace components as well as Unified CM communicate with this shared IP address. The physical NIC (with the shared IP address) of the standby server remains disabled until the primary server fails and the manual failover process is initiated by IT personnel.
For network requirements in deploying either multinode or a standby server, refer to the failover information in the latest version of the Planning Guide for Cisco Unified MeetingPlace , available at
The virtual network interface is used for Informix database replication between the primary and standby servers. The database replication ensures that database tables related to users, groups, and meetings are synchronized between primary and standby servers. Cisco recommends placing the virtual network interfaces of the active and standby servers in the same VLAN. For further information regarding Unified MeetingPlace Application server redundancy, refer to the latest version of the Planning Guide for Cisco Unified MeetingPlace , available at
Another key requirement for a Unified MeetingPlace solution is that the active Unified MeetingPlace Application server must be co-located with the active Unified MeetingPlace Media server(s). Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, failover to the standby Unified MeetingPlace Application server results in using EMS capabilities on the standby.
Single Data Center Design
In a single data center design, multinode resiliency is automatically available in an active/active mode, and meetings are evenly distributed by the Meeting Director component between both nodes. If failure occurs on one conferencing node, calls will be dropped, and when users dial back into that same meeting ID or use the WebEx Callback feature in the meeting room GUI, then those meetings are automatically established on another node in that region or they overflow to another region if configured. Up to four conferencing nodes per site may be deployed.
Dual Data Center Design
In a dual data center design, the WebEx Scheduling model with multinode conferencing nodes provides active/active failover per region, or overflow to other regions can be configured as well. Four regions with two sites per region is supported with a maximum of 14 conferencing nodes deployed for active/active load sharing in multiple data centers, based on customer requirements. If a conferencing node fails, audio calls are dropped, and when users call back in or use the WebEx Callback GUI feature from within the meeting room, the meetings are automatically started on an active node with capacity. All conferencing nodes within a region can be used to distribute calls, and overflow to another region is based on optional system administration settings.
Unified MeetingPlace Media Server
Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, in a multinode deployment model, any conferencing node in a region can be used for taking those additional meetings. A maximum of four servers per site, two sites per region, and four regions may be deployed for a globally distributed architecture.
Since the Express Media Server runs in software on the Unified MeetingPlace Application server itself, failover to the standby Application server will result in using EMS capabilities on the standby. EMSs do not support cascading or clustering to other EMS instances. A maximum of one primary and one failover Unified MeetingPlace Application and EMS server is supported with Unified MeetingPlace solutions with either Unified MeetingPlace Scheduling or WebEx Scheduling deployment models. Active RSNA failover is not supported with any WebEx integrations (only standalone audio/video deployments).
Unified MeetingPlace Web Server
The Unified MeetingPlace Scheduling model uses only one Web server with audio-only configuration for recordings and/or the Web scheduling interface. For existing customers using WebEx Integration to migrate to Unified MeetingPlace 8.5 (or later release) and still using the Unified MeetingPlace Scheduling model, then use an additional Web server deployed in a DMZ. Each Cisco Unified MeetingPlace system can have a maximum of one internal Web server and one Web server in the DMZ if using WebEx Integration only. There are no redundancy options for these servers. Unified MeetingPlace Web servers are implemented only for solutions incorporating the Unified MeetingPlace scheduling interface. The Unified MeetingPlace Lotus Notes or Jabber integration also cannot be made redundant.
Unified MeetingPlace allows you to define multiple SIP outdial connections that point to Cisco Unified CM call processing subscribers. For redundancy, multiple SIP proxy servers should be configured to direct calls to call processing subscribers in the Unified CM cluster. These call processing subscribers should correlate with the Unified CM Group of the configured SIP trunk for Unified MeetingPlace calls in Unified CM. Note that the Unified MeetingPlace Application server will send outbound calls to SIP proxy server 1 only and will not send calls to SIP proxy server 2 unless communication with SIP proxy server 1 is lost. Only then will Unified MeetingPlace send a SIP INVITE message to the next available call processing agent in the list. Failure of the call processing agent should not affect existing calls. The existing media connection is torn down after the user disconnects.
NoteThe term SIP Proxy Server is simply the terminology seen on the Unified MeetingPlace Application Server configuration pages, and it does not imply that integration with any SIP Proxy server is supported. The term SIP Proxy Server is simply the terminology seen on the Unified MeetingPlace Application Server configuration pages, and it does not imply that integration with any SIP Proxy server is supported.
For inbound calls, a single configured SIP trunk in Unified CM can be handled by up to three call processing subscribers found in its configured Unified CM Group. If the primary Unified CM call processing subscriber in the Unified CM Group is offline, the second one will take over initiating calls into the Unified MeetingPlace system. For more information, see Cisco Unified CM Trunks. For Unified MeetingPlace scheduling deployments with EMS, multiple Cisco IOS SIP gateways are required to provide redundancy for call delivery.
The capacity of a given Unified MeetingPlace solution depends on the design of the Cisco Unified Communications system (for example, audio codecs or video format used in conferencing) and the platform selected to run the Unified MeetingPlace solution components. For capacity planning details, see the sizing information in the section on Collaborative Conferencing.
Network Traffic Planning
Network traffic planning for Unified MeetingPlace collaboration consists of the following elements:
Call Control Bandwidth
Call control bandwidth is extremely small but critical. Co-locating the Unified MeetingPlace Application server with Unified CM helps protect against issues with call control. Remote locations need proper QoS provisioning to ensure reliable operation.
Real-Time Transport Protocol (RTP) Traffic Bandwidth
RTP traffic consists of voice and video traffic. The Unified MeetingPlace Media servers supports G.711, G.729, and G.722 as audio codecs, and it supports a wide range of video codecs and bandwidths. For further information regarding bandwidth calculations per codec type, refer to the chapter on Network Infrastructure.
Web Collaboration Bandwidth
Web collaboration bandwidth for a Unified MeetingPlace solution can be estimated the same way as for a WebEx SaaS solution. See Network Traffic Planning.
The following design considerations apply to Unified MeetingPlace deployments:
Only a single Unified MeetingPlace system is supported per WebEx site.
For scenarios where any Unified MeetingPlace solution components are separated by network firewalls, it is imperative to ensure the correct pinholes are opened for all required traffic. For a detailed ports list, refer to the network requirements information in the latest version of the System Requirements for Cisco Unified MeetingPlace , available at
Collaborative meeting systems typically result in increased top-of-the-hour call processing load. Capacity planning tools with specific parameters for Unified MeetingPlace are available to Cisco partners and employees to help calculate the capacity of the Cisco Unified Communications System for large configurations. Contact your Cisco partner or Cisco Systems Engineer (SE) for assistance with sizing of your system. For Cisco partners and employees, the Cisco Unified Communications Sizing Tool is available at http://tools.cisco.com/cucst .
For more detail on the various Cisco collaborative client offerings and how they fit into collaborative conferencing solutions, see Cisco Collaboration Clients.
Call admission control with Unified MeetingPlace is performed by Unified CM. With locations-based call admission control, Unified CM can control bandwidth to the Unified MeetingPlace system by placing the SIP trunk specific to Unified MeetingPlace in a location with a set amount audio and/or video bandwidth allowed. Alternatively, Unified CM supports the use of Resource Reservation Protocol (RSVP), which can also provide call admission control. For further information regarding call admission control strategies, see the chapter on Call Admission Control.
Unified MeetingPlace supports the following standard dual-tone multi-frequency (DTMF) transmission methods: RFC 2833 and KPML DTMF. Unified CM supports RFC 2833, and it is the recommended method for DTMF Relay.
SIP signaling traffic from the Unified MeetingPlace Application server is marked CS3 (DSCP 0x18). However other traffic from the Unified MeetingPlace Application server, such as communications with Unified MeetingPlace Web servers, Media Servers, or the WebEx Site, are marked best-effort (DSCP 0x00). If any of this traffic is traversing low-speed or congested links, QoS considerations should be taken into account.
The audio streams from the Unified MeetingPlace Media servers are marked EF (DSCP 0x2E), and the video streams are marked AF41 (DSCP 0x22) by default. These values are configurable from Unified MeetingPlace Administration.
Web conferencing traffic is encrypted in SSL and is always marked best-effort (DSCP 0x00).
The Unified MeetingPlace Meeting Director TSP component initiates dual outbound TCP port 443 connections to the WebEx Site and also provides SOCKS proxy server support.
Cisco WebEx Social
Cisco WebEx Social is a people-centric enterprise collaboration platform that encompasses social networking, real-time communications, content management, and business process capabilities. Cisco WebEx Social integrates with Cisco Collaboration products and other third-party applications to offer a number of integrated collaboration services (see Figure 22-16). These services can greatly enhance the users’ collaboration experience and increase productivity as well as empowering the users to choose their method of collaboration. In addition, Cisco WebEx Social is OS-independent and can be accessed from a web browser or from a mobile device. An organization can utilize Cisco WebEx Social to share information such as documents, videos, and presentations; conduct meetings; click-to-dial a contact; post information; join communities; participate in discussion forums; create blogs; and much more – all within a single environment. With Cisco WebEx Social, users can always have access to the most up-to-date information.
Figure 22-16 Cisco WebEx Social Collaboration Services
Cisco WebEx Social provides a number of collaboration services as shown in Figure 22-16. This section describes the architecture of each collaboration service and the solution design guidance around them. For more information on deployment models, capacity, fault tolerance, and network requirements for Cisco WebEx Social, refer to the Cisco WebEx Social documentation available at
Cisco WebEx Social integrates with Cisco Unified CM to provide the call control capability (see Figure 22-17). Users can perform click-to-dial using Unified CM's WebDialer application or make calls using the Cisco Web Communicator browser plug-in. Cisco Web Communicator uses the same common framework as the Cisco Jabber client to provide voice and video media, and call control services. Cisco Web Communicator supports both desk phone control and softphone modes.
Figure 22-17 Cisco WebEx Social Call Control Architecture
As shown in Figure 22-17, Cisco WebEx Social sends requests to the WebDialer service inside Unified CM by using the Simple Object Access Protocol (SOAP) over an HTTPS interface to perform the click-to-dial function. When a Unified CM cluster is added to Cisco WebEx Social, WebEx Social uses the SOAP interface to retrieve a list of Unified CM nodes that have the WebDialer service enabled, and it caches the list internally. When a user makes a call using click-to-dial, Cisco WebEx Social picks a Unified CM node from the list and sends the request to that node. Cisco WebEx Social implements a custom round-robin algorithm to distribute the requests evenly among the Unified CM nodes in the list. If there is a failure in sending the call request to a particular node, the next node in the list is used.
Cisco Web Communicator is a plug-in running inside the browser that can act as a softphone or desk phone controller. In softphone mode, Cisco Web Communicator uses the Cisco CallManager Cisco IP Phone (CCMCIP) service on Unified CM to discover its device name for registration with Unified CM. Cisco WebEx Social uses the SOAP interface to retrieve a list of TFTP servers, and Cisco Web Communicator picks one server from the list to download the phone configuration to register with Unified CM. Cisco Web Communicator is a Cisco Jabber Client registered with Cisco Unified CM as a SIP device that utilizes all the call control capabilities and functionality of a Cisco Unified IP Phone, including configuration of registration, redundancy, regions, locations, dial plan management, authentication, encryption, user association, and so forth. The SIP signals are carried over the connection between Cisco Web Communicator and Cisco Unified CM.
In desk phone control mode, Cisco Web Communicator is configured to control a remote desk phone using Computer Telephony Integration Quick Buffer Encoding (CTI QBE). Cisco Web Communicator uses the Cisco CallManager Cisco IP Phone service to retrieve a list of devices associated with the WebEx Social user, and the user has to choose devices from the list for Cisco Web Communicator to control. The CTI requests are sent over the connection between Cisco Web Communicator and Cisco Unified CM. Cisco WebEx Social retrieves a list of Unified CM nodes that have CTI Manager enabled, and Cisco Web Communicator uses the first node in the list to send CTI request. In the event that the current CTI connection fails or becomes unavailable, Cisco Web Communicator uses an alternate Unified CM node from the list for CTI request.
NoteWebDialer and the Cisco Web Communicator plug-in are independent of each other, and WebEx Social can make calls as long as one of them has been enabled. However, if Cisco Web Communicator is enabled, it will always be used to perform click-to-dial. WebDialer and the Cisco Web Communicator plug-in are independent of each other, and WebEx Social can make calls as long as one of them has been enabled. However, if Cisco Web Communicator is enabled, it will always be used to perform click-to-dial.
Cisco Web Communicator supports all audio codecs that Cisco Jabber client supports; for example, G.711, G.729a, and G.722.1. Cisco Web Communicator leverages the Cisco Precision Video Engine (PVE) to deliver high-quality video, and it supports Cisco ClearPath Media Resilience Mechanisms. The video is based upon the H.264 Advanced Video Coding (AVC) standard and can support frame sizes from QCIF to 720p HD at a rate of up to 30 frames per second.
Cisco Web Communicator is built on the same framework as the Cisco Jabber clients for voice, video, and call control services. For additional detail about those services, refer to the information on Cisco Jabber clients in the chapter on Cisco Collaboration Clients.
There are two areas that can be considered for high availability when using WebDialer for click-to-dial. First, the WebDialer service should be enabled in more than one node within the Unified CM cluster so that WebEx Social can send the SOAP request to an alternate node in case the current node fails or becomes unavailable. Second, high availability could be implemented on the WebDialer level inside the Unified CM cluster. For details on high availability with WebDialer, see the section on WebDialer.
NoteCisco WebEx Social does not use the Redirector servlet inside the WebDialer application. Cisco WebEx Social does not use the Redirector servlet inside the WebDialer application.
Cisco Web Communicator can use TFTP and CTI Manager services enabled in multiple nodes to perform phone configuration downloads and CTI control. In the event that one node fails, there will be a backup node available to perform the function. For resiliency, Cisco recommends having the TFTP and CTI Manager services enabled on more than one Unified CM node within the cluster. For additional details on CTI deployment, see the chapter on Call Processing. For additional details on TFTP server deployment, see the chapter on Network Infrastructure.
When operating in softphone mode, Cisco Web Communicator is registered with Unified CM as a SIP endpoint, and it supports all of the registration and redundancy capabilities of a registered endpoint of Unified CM.
Dial Plan Considerations
Dial plan and number normalization considerations must be taken into account when deploying a Unified Communications system. When performing click-to-dial on a contact inside Cisco WebEx Social, the number associated with the contact must be in a form that Cisco Unified CM can recognize and dial.
Deployments may vary, depending on the configuration of the directory and the Unified CM that is integrated with Cisco WebEx Social. In the case where the directory contains a full E.164 number (for example, +14085551212) for work, mobile, and home telephone numbers of the WebEx Social user and Unified CM also contains an E.164 dial plan, the need for additional dial rules is minimized because every lookup, resolution, and dialed event results in an E.164 formatted dial string.
If a private dial plan (for example, 5551212) has been implemented for Unified CM, then translation of the E.164 number to a private directory number needs to occur in Unified CM. When a user performs a click-to-dial on that contact, Unified CM applies translation patterns that allow the number being dialed (for example, +14085551212) to be presented to the endpoint as the private number (5551212 in this example). When that user makes an on-net call to another user within the Unified CM cluster, directory lookup rules are used to allow an incoming number of 5551212 to be presented for reverse number lookup caller identification as +14085551212.
Private numbering plan deployments can arise, where the dial plan used for your company and the telephone number information stored in the LDAP directory might require the configuration of translation patterns and directory lookup rules in Cisco Unified Communications Manager to manage number format differences. Directory lookup rules define how to reformat the inbound call ID to be used as a directory lookup key. Translation patterns define how to transform a phone number retrieved from the LDAP directory for outbound dialing. For additional details on translation patterns and directory lookup rules, see the chapter on Dial Plan.
IM and Presence
IM and presence services provide WebEx Social users with the ability to monitor the presence status and the ability to engage in instant messaging conversations with others. In order to use IM and presence, a chat server has to be configured. Cisco WebEx Social supports chat servers such as Cisco IM and Presence, Cisco WebEx Messenger, and Microsoft OCS. For an official list of supported chat servers along with their compatible versions, refer to the Cisco WebEx Social Compatibility Guide , available at
As shown in Figure 22-18, Cisco WebEx Social utilizes the Cisco AJAX XMPP Library to communicate with Cisco IM and Presence within the Unified CM cluster, or it uses WebEx Messenger in the cloud via Bidirectional-streams Over Synchronous HTTP (BOSH) for presence status and instant messaging. The Cisco AJAX XMPP Library allows the chat client running in the browser to use XMPP over the HTTP connection with the users residing in Cisco IM and Presence or WebEx Messenger. All the presence updates and instant messages are sent and received through the BOSH binding URL configured in the system.
Figure 22-18 Cisco WebEx Social IM and Presence Interface
Cisco WebEx Social acts as both the publisher and subscriber for the users' presence status. When users change their presence status from the web portal, WebEx Social publishes the corresponding presence updates. When a user signs in or new contacts are added to the user’s contact list, WebEx Social creates a temporary subscription for the presence status of each user in the contact list, up to the configured maximum, and that subscription lasts for the entire login session.
A user can log into multiple presence devices. For example, a user can log into WebEx Social, Cisco Jabber IM and Cisco WebEx Messenger client using the same Jabber ID and make himself "available". If another user sends an instant message to that user, the incoming message is received in all non-negative priority logged-in devices. Once the user replies to the IM from a particular device, the recipient device "locks on" to the sending device and all messages are sent between that pair of devices. This continues until an event on any of the logged-in devices tells the recipient device to "unlock;" for example, changes of the user's presence state (manually or automatically) or the user signing in or out. Also, the presence priority of the WebEx Social chat client can be configured to indicate its relative priority comparing to other logged-in presence devices for a particular user. For presence priority configuration details, refer to the latest version of the Cisco WebEx Social Administration Guide , available at
Cisco WebEx Social uses the Microsoft Office Communicator Web Access (CWA) API to interface with the Microsoft Office Communicator Server (OCS). This solution allows WebEx Social users to exchange presence status and perform instant messaging with users residing in OCS, or vice versa. The major components include the CWA AJAX library running in the WebEx Social web portal, a proxy in the WebEx Social Application Server, the CWA server, and OCS. The WebEx Social chat client sends requests to the proxy, and the proxy intercepts the requests and forwards them directly to the CWA server that communicates with OCS. The responses are then sent directly from the OCA server back to the chat client via the CWA server. This entire communication is performed through an asynchronous data channel that consumes a single browser TCP session.
NoteBoth Cisco WebEx Social and Microsoft OCS must be synchronized to the same Active Directory. Both Cisco WebEx Social and Microsoft OCS must be synchronized to the same Active Directory.
The WebEx Social chat client and Microsoft Office CWA browser client register with OCS using the same priority, but the Microsoft Office Communicator desktop client registers with higher priority. This means that when a user logs into OCS using both the Microsoft Office Communicator client and the WebEx Social chat client, an incoming message will be received in the Microsoft Office Communicator client first and then in the WebEx Social chat client after some delay. Also, depending on which client type the user signs into and who initiates the IM, there will be some behavior differences. For details on the various scenarios and behaviors, refer to the information on Microsoft OCS IM behavior scenarios in the latest version of the Cisco WebEx Social Administration Guide , available at
The Cisco AJAX XMPP Library is used to communicate with Cisco IM and Presence or Cisco WebEx Messenger, and that library already has the redundancy and failover mechanism built-in as long as the high availability has been configured with the chat server. When utilizing Cisco IM and Presence with WebEx Social, be sure to deploy Cisco IM and Presence with high availability. For Cisco IM and Presence high availability deployment details, see the chapter on Cisco IM and Presence. Cisco WebEx Messenger resides in the WebEx Collaboration Cloud and has high availability built-in. For details on Cisco WebEx Messenger high availability, see the chapter on Cisco IM and Presence.
In order to have high availability when integrating with Microsoft OCS, high availability should be implemented inside the product. For detailed information on high availability with Microsoft OCS and CWA, refer to the respective product documentation available from Microsoft.
Cisco Jabber Client Integration
Cisco WebEx Social offers users an option to perform call control and IM and presence using the Cisco Jabber client installed in the desktop instead of Cisco Web Communicator and the built-in chat client. For call control, when the user makes a call in the WebEx Social portal, this option launches the logged-in Cisco Jabber client on the desktop to send the call. Similarly, the Cisco Jabber client receives all the incoming calls for the user. For IM and presence, this option disables the instant messaging capability from the WebEx Social portal. Instead, when the user performs click-to-chat, this option launches the logged-in Cisco Jabber client on the desktop to start the IM session. Similarly, the Cisco Jabber client receives all the incoming IM sessions for the user. Initially when the user signs in to WebEx Social, that user’s presence state appears to others as "Not on Chat," and others cannot send instant messages to that user. Once the user signs in using the Cisco Jabber client and makes himself available, he can start sending and receiving instant messages from there. With this option, the user cannot change his presence status from WebEx Social but all status changes made from his Cisco Jabber client are reflected in WebEx Social, and WebEx Social can be used to monitor the presence status of others.
Cisco WebEx Social allows users to interact with the voicemail in their Cisco Unity Connection inboxes from the Voice Messages portlet. Inside the portlet, the user can listen to, create, and forward voicemail. The portlet shows the voicemail sender's photo as well as his presence status, and the user can do click-to-call or click-to-chat with the sender inside the portlet. Cisco WebEx Social uses the Representational State Transfer (REST) API to retrieve voicemail header information from Cisco Unity Connection and proxy the audio files to the browser. That means the audio file will be downloaded and played inside the browser.
NoteThe Voice Messages portlet cannot play private or secure messages from the PC; however, the user can select the option to play them on the phone. The Voice Messages portlet cannot play private or secure messages from the PC; however, the user can select the option to play them on the phone.
Using the Cisco Unity Connection clustering option, voice messages of a user are replicated to all the nodes within the cluster. Cisco WebEx Social provides an option to configure multiple voicemail servers within the cluster. In case the current voicemail server fails or becomes unavailable, an alternate voicemail server can be used as a backup. For resiliency, Cisco recommends creating a Cisco Unity Connection cluster and adding multiple Unity Connection nodes to the voicemail server configuration inside Cisco WebEx Social.
Calendar and Conferencing
Cisco WebEx Social can retrieve all the meeting or event information details (for example, meeting start and end time, meeting creator, and participants) from a calendar server and the WebEx Meeting Center, and can put them into the unified calendar. Inside the Calendar Portlet, the unified calendar displays a list of meetings for today by default. Users can navigate through the calendar and display the meetings for that day. Cisco WebEx Social will regularly request the new meeting data from the calendar server according to the configured request time-out. If a new meeting has been scheduled, it will be displayed in the Calendar Portlet in the next request update. Cisco WebEx Social supports calendar servers such as Microsoft Exchange and IBM Lotus Domino (see Figure 22-19). For the complete list of supported servers and corresponding versions, refer to he Cisco WebEx Social Compatibility Guide , available at
Figure 22-19 Calendar and Conferencing Services Interfaces
Depending on the version of Microsoft Exchange deployed, Cisco WebEx Social can utilize Web Distributed Authoring and Versioning (WebDAV) or Exchange Web Service (EWS) protocols to communicate with the Exchange server for synchronization with the meeting information. WebDAV and EWS can be transported over HTTP or HTTPS, depending on the Exchange Server configuration. Cisco WebEx Social can be configured to use both WebDAV and EWS protocols simultaneously with different Exchange servers, as long as the servers support the protocol. When using WebDAV and if LDAP synchronization is enabled, the exchange server hostname and domain name can be retrieved from the LDAP directory attributes to dynamically construct the Exchange Server URL. In that case, users configured in the directory that uses different exchange servers can construct the exchange URL dynamically without manual configuration in WebEx Social.
Cisco WebEx Social talks to IBM Lotus Domino via the Common Object Request Broker Architecture (CORBA) Internet InterORB Protocol (IIOP) connection. This connection can be made secured by enabling the Secure Sockets Layer (SSL).
For the conferencing service, Cisco WebEx Social interacts with the WebEx Meeting Center using the WebEx XML API over the HTTP interface. With this, WebEx Social collects and displays the scheduled WebEx meetings in the Calendar Portlet. Users can start or join the meetings from within the Calendar Portlet. The user can do a single click to create a WebEx meeting in the individual's hover card and other places within Cisco WebEx Social. The user can also create an instant meeting with multiple users within the Calendar Portlet. This integration with WebEx supports Single Sign On.
There are options available in Microsoft Exchange and IBM Lotus Domino to configure high availability. For details, refer to the respective product documentation from those companies.
The WebEx Meeting Center resides in the WebEx Collaboration cloud that already has the high availability mechanism built-in. For details, refer to the section on Cisco WebEx Software as a Service.
When planning for the capacity of a Cisco WebEx Social deployment, be sure to correctly size the platforms installed with Cisco WebEx Social and all Cisco Collaboration products used by Cisco WebEx Social. For capacity planning of Cisco WebEx Social, refer to the Cisco Validated Design Guide for Cisco WebEx Social, available at
The rest of this section concentrates on the capacity planning for the Cisco Collaboration products for Cisco WebEx Social.
Cisco Web Communicator operates as either a SIP endpoint registered to Unified CM or as a desk phone controller of a Cisco Unified IP Phone using a CTI connection to Unified CM. When planning a deployment of Cisco WebEx Social that uses Cisco Web Communicator, Cisco partners and employees can utilize the Cisco Unified Communications Sizing Tool (available at http://tools.cisco.com/cucst) to assist in the appropriate sizing of SIP registered endpoints and CTI controlled devices.
When deploying Cisco Web Communicator as an endpoint for call control, the bandwidth, quality of service (QoS), and other network requirements need to be considered in order to have a satisfactory user experience. Cisco Web Communicator is similar to the Cisco Jabber client in many ways for call control. For additional details about the network requirements, refer to the information on the Cisco Jabber client in the chapter on Cisco Collaboration Clients.
When using WebDialer to perform click-to-dial, its impact to Cisco Unified CM has to be considered. WebDialer uses CTI to control devices, therefore the Cisco Unified Communications Sizing Tool can be used to perform the sizing. For additional capacity planning considerations with WebDialer, see the chapter on Cisco Unified CM Applications.
Observe the following design considerations when deploying Cisco Collaboration Services with Cisco WebEx Social:
The WebEx Social user's Screen Name should match the user ID of the Cisco Unified CM end user (for call control and IM and presence) and WebEx account (for WebEx Meeting and WebEx Messenger), especially when single sign-on (SSO) is enabled. This allows WebEx Social to retrieve device information from Unified CM and meeting information from WebEx, and to have IM and presence function correctly.
The directory number of the WebEx Social user profile might be a full E.164 number if it is synchronized with the telephoneNumber attribute in LDAP. If Unified CM uses a private enterprise dial plan, translation patterns or directory lookup dial rules might be required for the translation between the E.164 number and the private directory number.
Cisco Web Communicator uses CTI to control the Cisco Unified IP Phone in desk phone control mode; therefore, when sizing a Unified CM deployment, you must also account for other applications that require CTI usage.
For firewall and security considerations, the port usage required for Cisco Web Communicator can be found in the Cisco WebEx Social product documents.