The Unified Workspace
Unifying IP Communications and Collaboration Applications
• Unifying voice, video, data, and mobility applications on both fixed and mobile networks: With rich call control, unified messaging, and unified client software, workers can take their workspace (and all its advanced capabilities) with them wherever they go.
• Enabling more effective communications: With presence and instant messaging, people can check the availability of colleagues, know how and where co-workers wish to be reached, and click-to-communicate in real time.
• Delivering media-rich collaboration: When voice, video, and web conferencing solutions use the power of the integrated network, people can collaborate instantly. They can also easily escalate sessions by adding video to an audio conversation or by adding web conferencing or whiteboarding to an existing audio or video conversation.
• Enabling the creation of business applications: With Cisco service creation platforms, customers and partners can develop innovative rich-media and web applications, making it possible to embed unified communications capabilities into existing business process systems.
The Power of an Integrated Network
An End-to-End System
• Device-aware: Because Cisco integrates intelligence throughout the network - even in the endpoints - a Cisco Integrated Network "knows" which device is being used, where it is being used, and what unified communications applications it is allowed to use.
• Application-aware: A Cisco Integrated Network actively participates with applications, automatically providing the appropriate rights, priorities, and organizational policies of each application.
• Network-aware: Cisco Unified Communications applications seek out the network services they require to help ensure that applications receive the appropriate quality of service (QoS).
Lower Total Cost of Ownership
• The networking costs per employee are, on average, almost 50 percent lower: According to a report by IDC (Operational Excellence in Networking: Industry Leaders Point the Way, IDC, April 2007), companies that consolidate router, switch, security, wireless, and voice vendors have, on average, a 45.6-percent lower cost per employee than those with six or more vendors.
• Each endpoint has a lower cost of ownership: According to a customer study conducted by Sage Research (Unified Communication Application: Uses and Benefits, Sage Research, 2006; http://www.cisco.com/en/US/solutions/collateral/ns340/ns394/ns165/net_implementation_white_paper0900aecd8040970b.pdf), organizations that use a single, primary network vendor have on average a 26-percent lower cost of ownership per endpoint than those that use multiple vendors.
• The overall network cost of ownership is substantially lower: Sage Research also found that organizations that use a single vendor for IP telephony have a 43-percent lower network cost of ownership than those that use multiple vendors. These savings are derived from all areas, including network deployment and maintenance, network performance improvements, and benefits for both IT and end users.
Recommendations for a Head Office or Campus
Faster, More Cost-Effective Deployments
• When a Cisco Unified IP Phone is plugged into a wall jack, the Cisco Catalyst switch automatically detects the phone and extracts the device information through either Link Layer Discovery Protocol-Media Endpoint Devices (LLDP-MED) or Cisco Discovery Protocol exchange.
• Then, using the Cisco Embedded Event Manager (EEM) feature in the Cisco Catalyst switch, you can automatically configure the switchport for voice. Cisco EEM is a powerful and flexible automation technology. It reduces deployment costs by allowing administrators to set policies that control the actions that a switch should dynamically take when specific events occur.
• For administrators who use Cisco Network Assistant, Cisco offers an alternate method for configuring switches for voice. When a Cisco Unified IP Phone is plugged in, the Smartports Advisor feature on the Cisco Catalyst switch can automatically send a dialogue box prompt to the Cisco Network Assistant management interface. The administrator can then apply the appropriate Smartports Advisor voice macros to that switchport for easy configuration.
• If you need to move to a new location, you simply unplug your phone and plug it into the wall jacks in your new office. Removing the voice configuration on the previous switchport helps to strengthen security. You can remove the configuration dynamically when the phone is unplugged.
Nonstop Communications over the LAN
Figure 1. Recommended Network Topology for Highly Available Campus Network
• Maintain triangle topologies for Layer 3 routing peers, especially between the core and distribution switches: This topology helps ensure that a switch can take two equal paths to get to a destination. These two paths will simultaneously reside in the routing table. If a link failure occurs, the traffic will flow on the other path without requiring a route recalculation.
• Summarize routes from the distribution to the core: This process prevents the core switches from having to respond to routing advertisements coming from the access and distribution layers.
• Deploy switches with high-availability innovations: Cisco Catalyst 6500, Catalyst 4500, and Catalyst 3750-E switches lead the industry in meeting uptime requirements with advanced technology that contains, detects, and resolves faults faster with minimal effect on voice traffic. Features such as Stateful Switchover (SSO) preserve critical state information across dual supervisor engines to help ensure that unified communications traffic is continually switched if a primary supervisor engine fails. Cisco IOS® Software Modularity allows you to upgrade single software modules without having to take the switch out of service, thereby increasing up-time even for planned upgrades. This feature localizes the effect of software process faults with a protected memory architecture. Even if a software process failure occurs, voice and video traffic can continue.
Quality of Service
• Maintaining voice quality through the switch: The CoS value for unified communications voice traffic is controlled by the Cisco Catalyst switch. The switch indicates to the Cisco Unified IP Phone which voice VLAN ID it should use and then automatically applies the appropriate CoS value. The switch can also indicate CoS for traffic coming from devices attached to the phone using the Extended Trust feature. A CoS value of 5 indicates high priority and is usually reserved for voice. Call signaling is given a value of 3, and best-effort traffic is given a value of 0. So even if a rogue PC tries to raise its CoS value to 5, the Cisco Unified IP Phone resets the CoS value on the incoming packets of that PC to the CoS value indicated by the switch.
• Monitoring traffic to ensure QoS: Voice traffic is typically assigned the highest-priority queue. You can set an EEM script on a Cisco Catalyst 6500 Switch to detect excessive packet drops and automatically alert the network administrator. Additional voice traffic monitoring and troubleshooting capabilities are provided through the network analysis module (NAM), a data, voice, and video traffic-analysis blade. For example, if dial tone or call setup latency exceeds specified thresholds, the NAM detects these anomalies, analyzes Cisco Unified Communications Manager response times, and then sends an alert to a network operator. For H.323, Media Gateway Control Protocol (MGCP), Skinny Client Control Protocol (SCCP), and Session Initiation Protocol (SIP) traffic, the NAM monitors active calls between caller and callee pairs and identifies call quality degradation by reporting packet loss and jitter statistics. The NAM also performs Differentiated Services (DiffServ) QoS monitoring and provides traffic usage information for each DiffServ code point, helping validate QoS planning assumptions and detect unauthorized or incorrectly marked traffic that could adversely affect voice QoS.
• Smartports macros: Based on Cisco best practices, Smartports macros can be applied to any Cisco Catalyst switch to make port configuration much simpler and more accurate. With a standard or customized Cisco Smartports macro, an administrator no longer has to log into each switchport and configure all the parameters for voice VLANs, port security, Dynamic Host Configuration Protocol (DHCP) snooping, and Spanning Tree PortFast. Instead, the administrator automatically uploads the Smartports macros, which include all the proper settings. Cisco Smartports macros do not function in third-party or multivendor network environments. As you might imagine, the loss of this powerful cost-and-time-saving tool really accumulates when it comes to the moves, adds, and changes that generate significant costs each year. Cisco Smartports make these configuration changes as easy as possible, providing a greater return on investment.
• AutoQoS macros: Cisco developed AutoQoS macros in response to customer demand for a faster way to deploy QoS configurations, which are traditionally deployed manually on hundreds or thousands of switch and router ports. This powerful feature of Cisco IOS Software automatically handles a range of tasks, including classifying applications, generating policies, configuring QoS, monitoring and reporting to test QoS effectiveness, and enforcing service-level consistency. After Cisco AutoQoS evaluates a network environment and determines policy, it configures the port on an access switch to prioritize voice traffic - with only one command. And it still offers the flexibility to adjust and tailor QoS settings to customer-specific requirements. It also automatically monitors QoS settings and makes this information available in reports, with notification of abnormal events.
• Cisco IOS IP service-level agreements (SLAs): This tool actively monitors the health of the underlying network by generating and then analyzing traffic between multiple network locations or across multiple network paths. It uses the timestamp information to calculate performance metrics such as jitter, latency, network and server response times, packet loss, and mean-opinion-score (MOS) voice-quality scores. Administrators can schedule a Cisco IOS IP SLAs operation at any point in time or continuously over any time interval. Cisco IOS IP SLAs is configured to monitor per-class traffic over the same link by setting the DiffServ code point (DSCP) bits. Administrators can specify measurement characteristics including packet size, packet spacing, protocol type, DSCP marking, and other parameters. They can use measurement statistics provided by Cisco IOS IP SLAs operations for troubleshooting, problem analysis, and designing network topologies (Figure 2).
• Cisco IOS IP SLAs Responder: This component is embedded in the destination Cisco routing device. It processes measurement statistics and sends detailed timestamp information about the processing delay of the destination router back to the source Cisco router. Cisco recommends that round-trip delay be less than 150 ms and jitter be less than 30 ms for successful transmission of voice traffic. Unidirection measurements are also possible.
Figure 2. How It Works - Cisco IOS IP SLAs Operations
• Secure connectivity: Cisco offers many options that help ensure secure communications. For example, VLAN segmentation keeps voice traffic on separate virtual network segments. Voice and Video Enabled VPN (V3PN) provides secure remote connectivity. WLANs are protected through Wi-Fi Protected Access (WPA) and WPA2. Call management and endpoints offer strong voice media encryption using the Secure Real-Time Transport Protocol (SRTP), and Transport Layer Security (TLS) provides protection for signaling traffic. At the application layer, Cisco uses HTTPS to permit protected remote management of IP communications applications. And the Cisco Unity® system is the first voice messaging system to offer encrypted messaging.
• Trust and identity: To contextually identify users and establish trust, many standards-based authentication mechanisms must work together. Cisco offers support for traditional authentication, authorization, and accounting (AAA) services in the infrastructure, as well as more advanced capabilities elsewhere with such tools as Extensible Authentication Protocol (EAP) and digital certificates. Wireless LANs (WLANs) can allow IP phones to transparently connect on ports where user authentication with 802.1x is mandated. By deploying Cisco Network Admission Control (NAC) framework, customers can restrict non-security-compliant wired and wireless endpoints that may be vulnerable or infected with worms, viruses, or spyware. All these threats are stopped before they can enter the network and potentially disrupt voice services.
• Threat defense: Cisco uses many techniques to provide protection against aggressive threats. Integrated and standalone firewalls and intrusion detection systems protect the infrastructure, the voice VLANs, and WLANs. A hardened OS and integrated host intrusion prevention solution called Cisco Security Agent protects the call-processing components. To protect endpoints against common Layer 2 exploits such as man-in-the-middle attacks, Cisco employs advanced dynamic Address Resolution Protocol (ARP) inspection protection and other tools on its LAN switches and unified IP phones. In addition, the Cisco Unified Communications applications themselves offer security features. For example, Cisco Unified Communications Manager can support multiple levels of administration access and advanced protection against toll fraud. Finally, the Cisco Integrated Network infrastructure is designed to withstand denial-of-service (DoS) attacks so that data and voice traffic continues to be forwarded even when DoS attacks occur. Cisco Catalyst 6500 and Catalyst 4500 switches provide such protection through CPU rate limiters as well as control plane policing (CoPP), which is embedded in the hardware.
Scalable Wireless Services
• Simplified wireless voice deployment and management: Cisco integrates wireless controller functions into its switches and routers so network managers can scale and manage wireless networks as easily as they scale and manage traditional wired networks. For example, the Cisco Catalyst 6500 Series/7600 Series Wireless Services Module (WiSM) supports zero-touch deployments that require no preconfiguration of access points. It also supports QoS policies, mobility groups, and back-end services, as well as other important tools such as template-based configuration management, which allows quick application of systemwide wireless security configurations.
• Wireless voice call roaming: Efficient roaming is critical for voice applications, which are unforgiving of any delays in authentication. The Cisco Catalyst 6500 WiSM, the Cisco Catalyst 3750G-24WS, and the WLCM offer fast, secure roaming that facilitates roaming of voice clients between access points in the same subnet (Layer 2 roaming) or between subnets (Layer 3 roaming) without disruption to voice calls.
• Integration with diverse wireless clients: A growing number of client devices support 802.11 wireless voice communications today, including dual-mode cell phones, personal digital assistants (PDAs), laptop softphones, and Wi-Fi handsets such as the Cisco Unified Wireless IP Phone 7920. Cisco Compatible Extensions, a licensing program for wireless clients, facilitates secure interoperation of these devices with the Cisco Unified Wireless Network. It also helps enable interoperability of client-side features such as power-save mode, QoS, and assisted roaming. Wireless clients that support Cisco Compatible Extensions undergo extensive testing at an independent third-party test lab to help ensure support for innovative Cisco features, as well as interoperability with the Cisco WLAN infrastructure.
Video as a Simple Addition
• Enable video endpoints: You can introduce traditional video conferencing equipment based on the H.323 video conferencing onto the converged network, and you can enable these systems to automatically register to Cisco Unified Communications Manager. Thereafter you can easily control them with Cisco Unified Communications Manager.
• Optimize video delivery: IP Multicast is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a single stream of information to multiple recipients. This technology is ideal for video applications where the same large set of data or video must be transmitted efficiently to multiple clients.
• Dramatically simplify video conferencing management: Call detail records (CDRs) are also integrated into and managed by Cisco Unified Communications Manager. IT managers no longer must download CDRs from two separate systems. Instead, all phone and video records are located in one place.
• Maximize PoE port density
• Minimize the number of switches required
• Expand savings through decreased use of electricity, backup UPS, and battery power systems
Voice and Data Teams Share a Common View of the Network
• Query Cisco Catalyst switches to ascertain the operational status of the switch as well as the system resources and different ports and interfaces
• Alert administrators in case of operational faults
• Track IP phone inventory and IP phone status changes
• Create a variety of reports that document all the moves, adds, and changes of IP phones
• Increase productivity and enable faster trouble isolation by providing contextual diagnostic tools that troubleshoot through diagnostic tests, performance, and connectivity details about different elements of the Cisco Unified Communications infrastructure
• When an administrator is alerted to a voice problem by a switch, the administrator can instruct the switch to mirror the real-time voice traffic so it can be analyzed.
• The Encapsulated Remote Switched Port Analyzer (ERSPAN) on the Cisco Catalyst 6500 Switch mirrors the traffic across the campus and across Layer 3 boundaries to a central site, where it can be analyzed.
• The NAM analyzes the traffic, eliminating the need for the administrator to go on site with a portable troubleshooting tool to solve the problem.
Recommendations for a Branch Office
Providing Optimum Voice Quality Across the WAN
• Network-aware Call Admission Control (CAC): Cisco integrated services routers not only support standards-based QoS, they also exchange information with Cisco Unified Communications Manager to enable network-aware CAC with QoS. CAC allows the network to accept or reject a call based on bandwidth and policy considerations. A primary enabler to this solution is the Cisco IOS Software feature called Cisco RSVP Agent. It facilitates dynamic adjustment to changes in the network, supports complex network topologies, and helps enable unified data, voice, and video network designs.
• Resource Reservation Protocol (RSVP): This IETF standards-based signaling protocol secures and reserves bandwidth across the WAN for calls accepted by Cisco RSVP Agent (Figure 3). The resulting user experience is characterized by superior QoS and reliability for calls amid meshed and multitiered networks. Cisco RSVP Agent is supported on the Cisco 2800 and Cisco 3800 Series Integrated Services Routers.
• Low Latency Queuing (LLQ) on the WAN interfaces: This technology gives voice traffic a higher priority over other forms of traffic on the link.
• Traffic shaping: Traffic shaping prevents WAN traffic from reaching the line rate in case of speed mismatches with the central hub. It is also used to stay within the committed information rate delivered by the service provider.
• Link fragmentation and interleaving (LFI): This technology is very helpful when WAN links are less than 768 kbps. LFI takes large packets destined for the WAN and cuts them into manageable pieces for transmission. It allows voice packets to be interleaved within these pieces and transmitted across the WAN. Without LFI, voice packets would have to wait until the entire large packet was transmitted across the WAN before they would be allowed on the link. This delay, of course, could affect the quality of the voice connection.
• WAN optimization: Service modules on Cisco integrated services routers support a variety of technologies that optimize WAN transport. For example, the Cisco Wide Area Application Services (WAAS) Network Module minimizes protocol chatter as it traverses the WAN link, conserving bandwidth for business-critical applications. The Cisco Network Capacity Expansion (NCE) services module can focus on bandwidth optimization through compression, and the Performance Routing services module is a Cisco routing innovation that determines optimized routing paths for different types of applications.
Figure 3. Cisco Integrated Services Routers and Cisco Unified Communications Manager Help Ensure Optimal Voice Quality Across the WAN
Delivering Resiliency for Intrabranch Communications
Nonstop Communications over the WAN
• If the WAN link to a remote office fails and the connection to the Cisco Unified Communications Manager for the domain is lost, the phones in that branch office automatically redirect to the Cisco Unified SRST-enabled router.
• The Cisco Unified SRST-enabled router automatically takes over and offers a rich set of telephony functions to help ensure business continuity with minimal effect on the system.
• When the disrupted WAN link is restored, the phones automatically reregister with the original Cisco Unified Communications Manager and, again, no manual intervention is required.
Figure 4. Integrated Voice Redundancy if WAN Failure Occurs
Simplifying Services Integration
Award-Winning Services and Support
• Comprehensive planning, design, implementation, and optimization services to help ensure a smooth and efficient migration to unified communications
• End-to-end integrated and validated solutions and systems that are easier to order, install, manage, upgrade, and use
• In-depth training, certification, and expertise delivered by Cisco and our worldwide partners
• Twenty-four-hour technical assistance and comprehensive service and support for the complete solution
• They can have one point of contact to receive speedy implementation and problem resolution.
• They can be among the first to deploy new features as they are developed. They will do so knowing that the unified communications solution and the integrated network will be completely compatible.
• When a high-tech Fortune 500 company replaced its old TDM voice technology with VoIP at 75 percent of its sites, it saved more than US$35 million in voice operating expenses over a span of 30 months. The company estimates its unified communications savings from employee productivity to be $220 to $280 million. This large enterprise was also able to integrate 30 acquisitions in 3 years with no increase in IT voice staff.
• By deploying unified communications across the business, a U.S. government agency exponentially increased its unified communications benefits. The agency expects to reduce annual travel costs by US$10 million and has already reduced voice conferencing costs by 50 percent while increasing monthly usage from 400,000 minutes to 2.5 million minutes in the first year.
• A high-end Japanese retailer used the embedded unified communications capabilities in its inventory application to optimize the customer experience in one of its biggest profit centers. The result? In the 6 months that the company piloted its radio frequency identification (RFID)-enabled in-store inventory application, it increased revenue growth by 113 percent over the previous year. At the same time, the company reduced its sales cycle time by 20 percent while dramatically improving customer satisfaction.