Webex for Cisco BroadWorks Reference

These sections provide detail on data exchange and storage with Webex. All data is encrypted both in transit and at rest. For additional details, see Webex App Security.

See Lifecycle Management - BroadSoft Servers.

We expect the Service Provider to be "patch current" with the latest BroadWorks patches and Release Independent (RI) apps. The list of patches below is the minimum requirement for integrating with Webex.

Note	Make sure to review the patch notes for these software patches. Some patches may have additional CLI requirements.

Version R22

Version R23

Version R24

Following is the SAML SSO login flow for the Webex app when using BroadWorks authentication, and when Cross-Origin Resource Sharing is enabled, allowing for direct authentication to BroadWorks. The image displays client and user events on the left with text on the arrows representing what the client provides for authorization. Steps 1 and 5 are user events. The right side of the image represents login services events along with what gets returned to the client.

Following is the BroadWorks Service Discovery Flow that follows immediately from the preceding Webex SAML SSO login flow. The client uses the access token that was obtained while registering to Webex Device Management to request registration from the BroadWorks deployment.

Alternative Login Flows

The images above assume that SAML SSO Login is configured using BroadWorks authentication with direct BroadWorks authentication enabled (Cross-Origin Resource Sharing). Below are some alternative SAML SSO login flows:

• BroadWorks Authentication without direct BroadWorks authentication (Cross-Origin Resource Sharing):

  • The only difference is in step 5 and 6 of the Webex Login Flow. In step 5, the login credentials are validated by the IdP Proxy (rather than XSI) and a SAML Assertion is returned to the client.

  • The flow proceeds through the remaining steps in the two diagrams apply.

  • The SSO Token is not used in this flow.

• SAML SSO Webex Authentication:

  • In step 3 of the Webex Login Flow, the Common Identity service returns the Identity Provider used by Webex authentication.

  • At this point, an alternative SAML SSO login flow for Webex is invoked.

The following guidelines apply to testing and lab organizations:

• Service Provider partners are limited to a maximum of 50 test users that can be provisioned across multiple orgs.

• Any users beyond the first 50 test users will be billed.

• To ensure accurate processing on your invoice, all test orgs must include ‘test’ in the BroadWorks Org name.

• Internal test organizations must be designated within Webex Control Hub. This is in order to prevent test users from being billed as actual users.

Designating an Organization as a Test Organization

To designate an organization as a test organziation:

1. Sign in to Partner Hub and select Customers.

2. Select the appropriate Customer.

3. In the right control bar, enable the Internal Test Organization toggle.

For voicemail, make sure that you configure the Media Server to use one of the following codes:

• mp3

• wav—WAV files are supported in the following formats: PCM (supported on all platforms) and DVI-ADPCM (not supported on Android

If you are using wav files, run the following CLI commands to confiugre the application server and media server:

• AS_CLI/Service/VoiceMsg>set vmRecordingAudioFileFormat WAV

• MS_CLI/Applications/MediaStreaming/Services/IVR> set sendmail8kHzWavFileDefaultFormat ulaw

ACL

Access Control List

ALG

Application Layer Gateway

API

Application Programming Interface

APNS

Apple Push Notification Service

AS

Application Server

ATA

Analog Telephone Adapter, adapter that converts analog telephony to VoIP

BAM

BroadSoft Application Manager

Basic authentication

A method of authentication where an account (username) is validated by a shared secret (password)

BMS

BroadSoft Messaging Server

BOSH

Bidirectional-streams Over Synchronous HTTP

BRI

Basic Rate Interface BRI is an ISDN access method

Bundle

A collection of services as delivered to an end user or subscriber (cf. Package)

CA

Certification Authority

Carrier

An organization that handles telephony traffic (cf. Partner, Service Provider, Value Added Reseller)

CAPTCHA

Completely Automated Public Turing test to tell Computers and Humans Apart

CCXML

Call Control eXtensible Markup Language

CIF

Common Intermediate Format

CLI

Command Line Interface

CN

Common Name

CNPS

Call Notifications Push Server. A Notification Push Server that runs on an XSP in your environment, to push call notifications to FCM and APNS. See NPS Proxy.

CPE

Customer Premises Equipment

CPR

Custom Presence Rule

CSS

Cascading Style Sheet

CSV

Comma-Separated Value

CTI

Computer Telephony Integration

CUBE

Cisco Unified Border Element

DMZ

Demilitarized Zone

DN

Directory Number

DND

Do Not Disturb

DNS

Domain Name System

DPG

Dial Peer Group

DSCP

Differentiated Services Code Point

DTAF

Device Type Archive File

DTG

Destination Trunk Group

DTMF

Dual-Tone Multi-Frequency

End user

The person who is using the services, that is making calls, joining meetings, or sending messages (cf. Subscriber)

Enterprise

A collection of end users (cf. Organization)

FCM

Firebase Cloud Messaging

FMC

Fixed Mobile Convergence

Flow-through provisioning

Creating users in the Webex identity store by assigning the “Integrated IM&P” service in BroadWorks.

FQDN

Fully Qualified Domain Name

Full flow-through provisioning

Creating and verifying users in the Webex identity store by assigning the “Integrated IM&P” service in BroadWorks and asserting that each BroadWorks user has a unique and valid email address.

FXO

Foreign Exchange Office is the port that receives the analog line. It is the plug on the phone or fax machine or the plugs on your analog phone system. It delivers an on-hook/off-hook indication (loop closure). Since the FXO port is attached to a device, such as a fax or a phone, the device is often called the “FXO device”.

FXS

Foreign Exchange Subscriber is the port that actually delivers the analog line to the subscriber. In other words, it is the "plug in the wall" that delivers a dial tone, battery current, and ring voltage.

GCM

Google Cloud Message

GCM

Galois/Counter Mode (encryption technology)

HID

Human Interface Device

HTTPS

Hypertext Transfer Protocol Secure Sockets

IAD

Integrated Access Device

IM&P

Instant Messaging and Presence

IP PSTN

A service provider that provides VoIP to PSTN services, interchangeable with ITSP, or a general term for internet-connected 'public' telephony, collectively provided by major telecomms providers (rather than by countries, as PSTN is)

ITSP

Internet Telephony Service Provider

IVR

Interactive Voice Response / Responder

JID

The native address of an XMPP entity is called a Jabber Identifier or JID localpart@domain.part.example.com/resourcepart (@ . / are separators)

JSON

Java Script Object Notation

JSSE

Java Secure Socket Extension; the underlying technology providing secure connectivity features to BroadWorks servers

KEM

Key Extension Module (hardware Cisco phones)

LLT

Long-lived (or Long Life) Token; a self-describing, secure form of bearer token that enables users to remain authenticated for longer, and is not tied to specific applications.

MA

Message Archival

MIB

Management Information Base

MS

Media Server

mTLS

Mutual authentication between two parties, using certificate exchange, when establishing a TLS connection

MUC

Multi-User Chat

NAT

Network Address Translations

NPS

Notification Push Server; see CNPS

NPS Proxy

A service in Webex that supplies short-lived authorization tokens to your CNPS, enabling it to push call notifications to FCM and APNs, and ultimately to Android and iOS devices running Webex.

OCI

Open Client Interface

Organization

A company or organization representing a collection of end users (cf. Enterprise)

OTG

Outgoing Trunk Group

Package

A collection of services as delivered to an end user or subscriber (cf. Bundle)

Partner

An agent organization that works with Cisco to distribute products and services to other organizations (cf. Value Added Reseller, Service Provider, Carrier)

PBX

Private Branch Exchange

PEM

Privacy Enhanced Mail

PLMN

Public Land Mobile Network

PRI

Primary Rate Interface (PRI) is a telecommunications interface standard used on an Integrated Services Digital Network (ISDN)

PS

Profile Server

PSTN

Public Switched Telephone Network

QoS

Quality of Service

Reseller portal

A web site that enables the reseller’s administrator to configure their UC-One SaaS solution. It is sometimes referred to as BAM portal, admin portal, or management portal.

RTCP

Real-Time Control Protocol

RTP

Real-Time Transport Protocol

SBC

Session Border Controller

SCA

Shared Call Appearance

SD

Standard Definition

SDP

Session Description Protocol

SP

Service Provider; An organization that provides telephony or related services to other organizations (cf. Carrier, Partner, Value Added Reseller)

SIP

Session Initiation Protocol

SLT

Short-lived (or Short Life) Token (also called BroadWorks SSO Token); a single-use authenticated token that is used to gain secure access to web applications.

SMB

Small to Medium Business

SNMP

Simple Network Management Protocol

sRTCP

secure Realtime Transfer Control Protocol (VoIP call media)

sRTP

secure Realtime Transfer Protocol (VoIP call media)

SSL

Secure Sockets Layer

Subscriber

The person who is using the services, that is making calls, joining meetings, or sending messages (cf. End user)

TCP

Transmission Control Protocol

TDM

Time Division Multiplexing

TLS

Transport Layer Security

ToS

Type of Service

UAP

User Activation Portal

UC

Unified Communications

UI

User Interface

UID

Unique Identifier

UMS

Messaging Server

URI

Uniform Resource Identifier

URL

Uniform Resource Locator

USS

Sharing Server

UTC

Coordinated Universal Time

UVS

Video Server

Value Added Reseller (VAR)

An agent organization that works with Cisco to distribute products and services to other organizations (cf. Carrier, Partner, Service Provider)

VGA

Video Graphics Array

VoIP

Voice over Internet Protocol (IP)

VXML

Voice Extensible Markup Language

WebDAV

Web Distributed Authoring and Versioning

WebRTC

Web Real-Time Communications

WRS

WebRTC Server

XMPP

Extensible Messaging and Presence Protocol