The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Review what the client supports before you begin installation. Learn about hardware and software requirements. Find out what ports the client requires and what protocols it uses.
For successful deployment, ensure that client workstations meet the software requirements.
This version of Cisco Jabber for Mac is not supported on Apple OS X Yosemite 10.10
Cisco Unified Communications Manager version 8.0(1) or later
Cisco Unified Presence version 8.0(3) or later
Cisco Unity Connection version 8.5 or later
Cisco WebEx Meetings Server version 2.0 or later
Cisco Expressway Series for Cisco Unified Communications Manager
Cisco TelePresence Video Communication Server
Cisco Jabber requires an active connection to the presence server to successfully fall back to Cisco Unified Survivable Remote Site Telephony.
For Cisco Unified Communications Manager Express support details, refer to the Cisco Unified CME documentation: http://www.cisco.com/en/US/products/sw/voicesw/ps4625/products_device_support_tables_list.html
High availability refers to an environment in which multiple nodes exist in a subcluster to provide failover capabilities for instant messaging and presence services. If one node in a subcluster becomes unavailable, the instant messaging and presence services from that node failover to another node in the subcluster. In this way, high availability ensures reliable continuity of instant messaging and presence services for Cisco Jabber.
Cisco Jabber supports high availability with the following servers:
Multi-node Deployment Administration
Planning a Cisco Unified Presence Multi-Node Deployment
High Availability Client Login Profiles
You cannot place an active call on hold if failover occurs from the primary instance of Cisco Unified Communications Manager to the secondary instance.
If high availability is configured on the server, then after the primary server fails over to the secondary server, the client temporarily loses presence states for up to one minute. Configure the re-login parameters to define how long the client waits before attempting to re-login to the server.
Active Directory Domain Services for Windows Server 2012 R2
Active Directory Domain Services for Windows Server 2008 R2
Active Directory for Windows Server 2003 R2
Cisco Unified Communications Manager User Data Service (UDS)
OpenLDAP
Directory integration with OpenLDAP requires you to define specific parameters in a Cisco Jabber configuration file. See LDAP Directory Servers for more information.
Cisco Jabber allows users search for and add local contacts in the Mac Address book.
To enable the Address Book plug-in:
To communicate with local contacts in Mac Address book using the client, local contacts must have the relevant details. To send instant messages to contacts, local contacts must have an instant message address. To call contacts in Mac Address book, local contacts must have phone numbers.
Cisco Jabber for Windows and Cisco Jabber for Mac support Computer Telephony Integration (CTI) servitude, or CTI control of Cisco Jabber from a third party application.
For more information on CTI servitude, see the CTI documentation for the appropriate version of Cisco Unified Communications Manager.
Cisco TAPI: http://developer.cisco.com/web/tapi/home
Cisco JTAPI: http://developer.cisco.com/web/jtapi/home
The following table lists outbound ports and protocols that Cisco Jabber uses:
Port | Protocol | Description | ||
---|---|---|---|---|
443 | TCP
(XMPP and HTTPS) |
XMPP traffic to the Cisco WebEx Messenger service. The client sends XMPP through this port in cloud-based deployments only. If port 443 is blocked, the client falls back to port 5222.
|
||
389 | UDP / TCP | LDAP directory server | ||
636 | LDAPS | LDAP directory server (secure) | ||
3268 | TCP | Global Catalog server | ||
3269 | LDAPS | Global Catalog server (secure) | ||
5222 | TCP
(XMPP) |
XMPP traffic to Cisco Unified Presence or Cisco Unified Communications Manager IM and Presence Service. |
||
8443 | TCP
( HTTPS ) |
Traffic to Cisco Unified Communications Manager and Cisco Unified Communications Manager IM and Presence Service. | ||
7080 | TCP
( HTTPS ) |
Cisco Unity Connection for notifications of voice messages (new message, message update, and message deletion) | ||
53 | UDP / TCP | Domain Name System (DNS) traffic | ||
37200 | SOCKS5 Bytestreams |
Peer to peer file transfers. In on-premises deployments, the client also uses this port to send screen captures. |
||
5060 | UDP/TCP |
Session Initiation Protocol (SIP) call signalling |
||
5061 | TCP |
Secure SIP call signalling |
Cisco Unified Communications Manager, Cisco Unified Communications Manager IM and Presence Service, and Cisco Unified Presence, refer to the TCP and UDP Port Usage Guide.
Cisco Unity Connection, refer to the System Administration Guide.
Cisco WebEx Meetings Server, refer to the Administration Guide.
Cisco WebEx services, refer to the Administrator's Guide.
Cisco Jabber supports the same CTI devices as Cisco Unified Communications Manager version 8.6(1). See the CTI Supported Device Matrix in the CTI Supported Devices topic.
In certain cases, you might need to apply COP files to Cisco Unified Communications Manager.
COP File | Description | Cisco Unified Communications Manager Versions |
---|---|---|
ciscocm.installcsfdevicetype.cop.sgn | Adds the CSF device type to
Cisco Unified
Communications Manager.
For more information, see Software Requirements. |
7.1.3 |
ciscocm.addcsfsupportfield.cop.sgn | Adds the
CSF Support Field field for group configuration
files.
For more information, see Create Group Configurations. |
8.6.x and lower |
cmterm-cupc-dialrule-wizard-0.1.cop.sgn | Publishes application dial rules and directory lookup rules to
Cisco Jabber.
For more information, see Publish Dial Rules. |
All supported versions |
For on-premise deployments, the Cisco Jabber for Mac client displays the In a meeting (according to my calendar) checkbox on the window.
Deployment | Select In a meeting (according to my calendar) | Do Not Select In a meeting (according to my calendar) |
---|---|---|
You enable integration between Cisco Unified Presence and Microsoft Exchange or Cisco Unified Communications IM and Presence and Microsoft Exchange. |
Cisco Unified Presence or Cisco Unified Communications IM and Presence sets availability status | Availability status does not change |
Note | In a meeting availability status refers to calendar meetings that are created using the Cisco Unified Presence and Microsoft Exchange integration or Cisco Unified Communications IM and Presence and Microsoft Exchange integration. In a WebEx meeting availability status refers to Cisco WebEx meetings. The client does not display other availability statuses from other calendar sources (such as Microsoft Outlook for Mac). |
Cisco Jabber uses TLS to secure XMPP traffic over the network between the client and server. Cisco Jabber encrypts point to point instant messages.
Connection | Protocol | Negotiation Certificate | Expected Encryption Algorithm |
---|---|---|---|
Client to server | XMPP over TLS | X.509 Public Key Infrastructure certificate | AES 256 bit |
After the server and client negotiate TLS encryption, both the client and server generate and exchange session keys to encrypt instant messaging traffic.
Version | Key Length |
---|---|
Cisco Unified Communications IM and Presence versions 9.0.1 and higher | 2048 bit |
Cisco Unified Presence versions 8.6.4 and higher | 2048 bit |
Cisco Unified Presence versions lower than 8.6.4 | 1024 bit |
Cisco Unified Presence and Cisco Unified Communications IM and Presence both use 256 bit length session keys encrypted with the AES algorithm to secure instant message traffic between Cisco Jabber and the presence server.
If required, you can log and archive instant messages for compliance with regulatory guidelines. To log instant messages, you either configure an external database or integrate with a third party compliance server. Cisco Unified Presence and Cisco Unified Communications IM and Presence do not encrypt instant messages you log in external databases or in third party compliance servers. You must configure your external database or third party compliance server as appropriate to protect the instant messages you log.
For more information about encryption levels and cryptographic algorithms, including symmetric key algorithms such as AES or public key algorithms such as RSA, see Next Generation Encryption.
For more information about X509 Public Key Infrastructure certificates, see the Internet X.509 Public Key Infrastructure Certificate and CRL Profile document.
Connection | Protocol | Negotiation Certificate | Expected Encryption Algorithm |
---|---|---|---|
Client to server | XMPP within TLS | X.509 Public Key Infrastructure certificate | AES 128 bit |
The following servers negotiate TLS encryption with Cisco Jabber using X.509 Public Key Infrastructure (PKI) certificates with the Cisco WebEx Messenger service.
After the server and client negotiate TLS encryption, both the client and server generate and exchange session keys to encrypt instant messaging traffic.
The Cisco WebEx Messenger service uses 128 bit length session keys encrypted with the AES algorithm to secure instant message traffic between Cisco Jabber and the Cisco WebEx Messenger service.
The Cisco WebEx Messenger service can log instant messages, but it does not archive those instant messages in an encrypted format. However, the Cisco WebEx Messenger service uses stringent data center security, including SAE-16 and ISO-27001 audits, to protect the instant messages it logs.
For more information about encryption levels and cryptographic algorithms, including symmetric key algorithms such as AES or public key algorithms such as RSA, see Next Generation Encryption.
For more information about X509 Public Key Infrastructure certificates, see the Internet X.509 Public Key Infrastructure Certificate and CRL Profile document.
By default, instant messaging traffic between the client and the Cisco WebEx Messenger service is secure. You can optionally specify policies in the Cisco WebEx Administration Tool to secure instant messaging traffic between clients.
Sending clients encrypt instant messages with the AES 256 bit algorithm. Receiving clients decrypt instant messages.
Clients can send and receive instant messages to and from other clients that do not support encryption.
Policy combination | Client to client encryption | When the remote client supports AES encryption | When the remote client does not support AES encryption |
---|---|---|---|
Support AES Encoding For IM = false Support No Encoding For IM = true |
No |
Cisco Jabber sends unencrypted instant messages. Cisco Jabber does not negotiate a key exchange. As a result, other clients do not send Cisco Jabber encrypted instant messages. |
Cisco Jabber sends and receives unencrypted instant messages. |
Support AES Encoding For IM = true Support No Encoding For IM = true |
Yes |
Cisco Jabber sends and receives encrypted instant messages. Cisco Jabber displays an icon to indicate instant messages are encrypted. |
Cisco Jabber sends encrypted instant messages. Cisco Jabber receives unencrypted instant messages. |
Support AES Encoding For IM = true Support No Encoding For IM = false |
Yes |
Cisco Jabber sends and receives encrypted instant messages. Cisco Jabber displays an icon to indicate instant messages are encrypted. |
Cisco Jabber does not send or receive instant messages to the remote client. Cisco Jabber displays an error message when users attempt to send instant messages to the remote client. |
Note |
For more information about encryption and Cisco WebEx policies, see the About Encryption Levels topic in the Cisco WebEx documentation.
If you enable local chat history, Cisco Jabber for Mac does not archive instant messages in an encrypted format. In order to restrict access to chat history, Cisco Jabber saves archives to the following directory: ~/Library/Application Support/Cisco/Unified Communications/Jabber/CSF/History/uri.db.
For on-premises deployment, if you select the Save chat archives to: option in the Chat Preferences window of Cisco Jabber for Mac, chat history is stored locally in the Mac file system and can be searched using Spotlight.
Tip | Cisco recommends deploying with Cisco Media Services Interface (MSI). This method effectively improves the quality of experience and reduces cost of deployment and operations. MSI also enables the client to become network aware so it can dynamically adapt to network conditions and integrate more tightly with the network. |
Cisco Media Services Interface provides a Mac daemon that works with Cisco Prime Collaboration Manager and Cisco Medianet-enabled routers to ensure that Cisco Jabber can send audio media and video media on your network with minimum latency or packet loss.
If the service exists on the computer, Cisco Jabber provides flow information to Cisco Media Services Interface.
The service then signals the network so that routers classify the flow and provide priority to the Cisco Jabber traffic.
If the service does not exist, Cisco Jabber does not use it and sends audio media and video media as normal.
Note | Cisco Jabber checks for Cisco Media Services Interface for each audio call or video call. |
You must install Cisco Media Services Interface separately and ensure your network is enabled for Cisco Medianet. You must also install Cisco Prime Collaboration Manager and routers enabled for Cisco Medianet.
Set Differentiated Services Code Point (DSCP) values in RTP media packet headers to prioritize Cisco Jabber traffic as it traverses the network.
You define the port range that the client uses on the SIP profile in Cisco Unified Communications Manager. The client then uses this port range to send RTP traffic across the network.
To specify a port range for the client to use for RTP traffic, do the following:
As a result of splitting the port range for audio media and video media, the client creates identifiable media streams. You can then classify and prioritize those media streams by setting DSCP values in the IP packet headers.
You can set DSCP values for audio media and video media on Cisco Unified Communications Manager. Cisco Jabber can then retrieve the DSCP values from the device configuration and apply them directly to the IP headers of RTP media packets.
For some configurations there is an option to enable differentiated services for calls in the Cisco Jabber for Mac client.
You can hear or see other parties, but you cannot be heard or seen
You are experiencing unexpected Wi-Fi disconnection issues
Disabling differentiated service for calls may degrade voice and video quality.
You can configure switches and routers to mark DSCP values in the IP headers of RTP media.
You can identify signaling between the client and servers based on the various ports required for SIP, CTI QBE, and XMPP. For example, SIP signaling between Cisco Jabber and Cisco Unified Communications Manager occurs through port 5060.
You should mark signaling packets as AF31.
Cisco Jabber registers protocol handlers with the OSX launch services database to enable click-to-call or click-to-IM functionality from web browsers or other applications.
The following data is based on testing in a lab environment. This data is intended to provide an idea of what you can expect in terms of bandwidth usage. The content in this topic is not intended to be exhaustive or to reflect all media scenarios that might affect bandwidth usage.
Codec | RTP payload in kilobits (kbits) per second | Actual bitrate (kbits per second) | Notes |
---|---|---|---|
g.722.1 | 24/32 | 54/62 | High quality compressed |
g.711 | 64 | 80 | Standard uncompressed |
g.729a | 8 | 38 | Low quality compressed |
Resolution | Pixels | Measured bit rate (kbits per second) with g.711 audio |
---|---|---|
w144p | 256 x 144 | 156 |
w288p
This is the default size of the video rendering window for Cisco Jabber. |
512 x 288 | 320 |
w448p | 768 x 448 | 570 |
w576p | 1024 x 576 | 890 |
720p | 1280 x 720 | 1300 |
You specify the maximum payload bit rate in Cisco Unified Communications Manager in the Region Configuration window. This maximum payload bit rate does not include packet overhead, so the actual bit rate used is higher than the maximum payload bit rate you specify.
Audio | Interactive video (Main video) |
---|---|
Cisco Jabber uses the maximum audio bit rate | Cisco Jabber allocates the remaining bit rate as
follows:
The maximum video call bit rate minus the audio bit rate. |
Upload speed | Audio | Audio + Interactive video (Main video) |
---|---|---|
125 kbps under VPN | At bandwidth threshold for g.711. Sufficient bandwidth for g.729a and g.722.1. | Insufficient bandwidth for video. |
384 kbps under VPN | Sufficient bandwidth for any audio codec. | w288p (512 x 288) at 30 fps |
384 kbps in an enterprise network | Sufficient bandwidth for any audio codec. | w288p (512 x 288) at 30 fps |
1000 kbps | Sufficient bandwidth for any audio codec. | w576p (1024 x 576) at 30 fps |
2000 kbps | Sufficient bandwidth for any audio codec. | w720p30 (1280 x 720) at 30 fps |
Note that VPN increases the size of the payload, which increases the bandwidth consumption.
Cisco Jabber uses video rate adaptation to negotiate optimum video quality. Video rate adaptation dynamically increases or decreases video bit rate throughput to handle real-time variations on available IP path bandwidth.
Cisco Jabber users should expect video calls to begin at lower resolution and scale upwards to higher resolution over a short period of time. Cisco Jabber saves history so that subsequent video calls should begin at the optimal resolution.