Professional Documents
Culture Documents
Workspaces For AACCRemote Agent Through ASBCE
Workspaces For AACCRemote Agent Through ASBCE
Workspaces For AACCRemote Agent Through ASBCE
Abstract
This application note applies to Workspaces for AACC 7.1.1 and later releases and it describes a set
of procedures which allow Workspaces for AACC customers to enable remote workspaces agents to
access AACC through and ASBCE reverse proxy. Remote agents with access to the internet will be
able log in to Workspaces for AACC and accept contacts in the same way as an on-premise agent.
Release 7.1.1
Issue 0.2
January 2021
© TERMS OF USE FOR HOSTED SERVICES ARE AVAILABLE
2020, Avaya Inc. All
Rights Reserved. ON THE AVAYA
WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO
Notice UNDER
While reasonable efforts have been made to ensure that the THE LINK “Avaya Terms of Use for Hosted Services” OR SUCH
information in this document is complete and accurate at the time SUCCESSOR SITE AS DESIGNATED BY AVAYA AND ARE
of printing, Avaya assumes no liability for any errors. Avaya APPLICABLE TO ANYONE WHO ACCESSES OR USES THE
reserves the right to make changes and corrections to the HOSTED SERVICE. BY ACCESSING OR USING THE HOSTED
information in this document without the obligation to notify any SERVICE, OR AUTHORIZING OTHERS TO DO SO, YOU, ON
person or organization of such changes. BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU
ARE DOING SO (HEREINAFTER REFERRED TO
Documentation disclaimer
INTERCHANGEABLY AS “YOU” AND “END USER”), AGREE
“Documentation” means information published in varying TO THE TERMS OF USE. IF YOU ARE ACCEPTING THE
mediums which may include product information, operating TERMS OF USE ON BEHALF A COMPANY OR OTHER LEGAL
instructions and performance specifications that are generally ENTITY, YOU REPRESENT THAT YOU HAVE THE
made available to users of products. Documentation does not AUTHORITY TO BIND SUCH ENTITY TO THESE TERMS OF
include marketing materials. Avaya shall not be responsible for USE. IF YOU DO NOT HAVE SUCH AUTHORITY, OR IF YOU
any modifications, additions, or deletions to the original published DO NOT WISH TO ACCEPT THESE TERMS OF USE, YOU
version of Documentation unless such modifications, additions, MUST NOT ACCESS OR USE THE HOSTED SERVICE OR
or deletions were performed by or on the express behalf of AUTHORIZE ANYONE TO ACCESS OR USE THE HOSTED
Avaya. End User agrees to indemnify and hold harmless Avaya, SERVICE.
Avaya’s agents, servants and employees against all claims,
License types
lawsuits, demands and judgments arising out of, or in connection
with, subsequent modifications, additions or deletions to this Designated System(s) License (DS). End User may install and
documentation, to the extent made by End User. use each copy or an Instance of the Software only on a number
of Designated Processors up to the number indicated in the
Link disclaimer
order. Avaya may require the Designated Processor(s) to be
Avaya is not responsible for the contents or reliability of any identified in the order by type, serial number, feature key,
linked websites referenced within this site or Documentation Instance, location or other specific designation, or to be provided
provided by Avaya. Avaya is not responsible for the accuracy of by End User to Avaya through electronic means established by
any information, statement or content provided on these sites Avaya specifically for this purpose.
and does not necessarily endorse the products, services, or
Concurrent User License (CU). End User may install and use the
information described or offered within them. Avaya does not
Software on multiple Designated Processors or one or more
guarantee that these links will work all the time and has no
Servers, so long as only the licensed number of Units are
control over the availability of the linked pages.
accessing and using the Software at any given time. A “Unit”
Warranty means the unit on which Avaya, at its sole discretion, bases the
Avaya provides a limited warranty on Avaya hardware and pricing of its licenses and can be, without limitation, an agent,
software. Refer to your sales agreement to establish the terms of port or user, an e-mail or voice mail account in the name of a
the limited warranty. In addition, Avaya’s standard warranty person or corporate function (e.g., webmaster or helpdesk), or a
language, as well as information regarding support for this directory entry in the administrative database utilized by the
product while under warranty is available to Avaya customers Software that permits one user to interface with the Software.
and other parties through the Avaya Support website: Units may be linked to a specific, identified Server or an Instance
https://support.avaya.com/helpcenter/ of the Software.
getGenericDetails?detailId=C20091120112456651010 under the Licenses
link “Warranty & Product Lifecycle” or such successor site as
THE SOFTWARE LICENSE TERMS AVAILABLE ON THE
designated by Avaya. Please note that if You acquired the
AVAYA
product(s) from an authorized Avaya Channel Partner outside of
WEBSITE, HTTPS://SUPPORT.AVAYA.COM/LICENSEINFO,
the United States and Canada, the warranty is provided to You
by said Avaya Channel Partner and not by Avaya. UNDER THE LINK “AVAYA SOFTWARE LICENSE TERMS
(Avaya Products)” OR SUCH SUCCESSOR SITE AS
“Hosted Service” means an Avaya hosted service subscription DESIGNATED BY AVAYA, ARE APPLICABLE TO ANYONE
that You acquire from either Avaya or an authorized Avaya WHO DOWNLOADS, USES AND/OR INSTALLS AVAYA
Channel Partner (as applicable) and which is described further in SOFTWARE, PURCHASED FROM AVAYA INC., ANY AVAYA
Hosted SAS or other service description documentation AFFILIATE, OR AN AVAYA CHANNEL PARTNER (AS
regarding the applicable hosted service. If You purchase a APPLICABLE) UNDER A COMMERCIAL AGREEMENT WITH
Hosted Service subscription, the foregoing limited warranty may AVAYA OR AN AVAYA CHANNEL PARTNER. UNLESS
not apply but You may be entitled to support services in OTHERWISE AGREED TO BY AVAYA IN WRITING, AVAYA
connection with the Hosted Service as described further in your DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE WAS
service description documents for the applicable Hosted Service. OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA
Contact Avaya or Avaya Channel Partner (as applicable) for AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA
more information. RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST
Hosted Service YOU AND ANYONE ELSE USING OR SELLING THE
SOFTWARE WITHOUT A LICENSE. BY INSTALLING,
THE FOLLOWING APPLIES ONLY IF YOU PURCHASE AN DOWNLOADING OR USING THE SOFTWARE, OR
AVAYA HOSTED SERVICE SUBSCRIPTION FROM AVAYA OR AUTHORIZING OTHERS TO DO SO, YOU, ON BEHALF OF
AN AVAYA CHANNEL PARTNER (AS APPLICABLE), THE YOURSELF AND THE ENTITY FOR WHOM YOU ARE
INSTALLING, DOWNLOADING OR USING THE SOFTWARE install two Instances of the same type of products, then two
(HEREINAFTER REFERRED TO INTERCHANGEABLY AS products of that type must be ordered.
“YOU” AND “END USER”), AGREE TO Third Party Components
THESE TERMS AND CONDITIONS AND CREATE A BINDING
CONTRACT BETWEEN YOU AND AVAYA INC. OR THE “Third Party Components” mean certain software programs or
APPLICABLE AVAYA AFFILIATE (“AVAYA”). portions thereof included in the Software or Hosted Service may
contain software (including open source software) distributed
Avaya grants You a license within the scope of the license types under third party agreements (“Third Party Components”), which
described below, with the exception of Heritage Nortel Software, contain terms regarding the rights to use certain portions of the
for which the scope of the license is detailed below. Where the Software (“Third Party Terms”). As required, information
order documentation does not expressly identify a license type, regarding distributed
the applicable license will be a Designated System License as Linux OS source code (for those products that have distributed
set forth below in the Designated System(s) License (DS) section Linux
as applicable. The applicable number of licenses and units of
OS source code) and identifying the copyright holders of the
capacity for which the license is granted will be one (1), unless a
Third Party Components and the Third Party Terms that apply is
different number of licenses or units of capacity is specified in the
available in the products, Documentation or on Avaya’s website
documentation or other materials available to You. “Software”
at: https:// support.avaya.com/Copyright or such successor site
means computer programs in object code, provided by Avaya or
as designated by Avaya. The open source software license
an Avaya Channel Partner, whether as stand-alone products,
terms provided as Third-Party Terms are consistent with the
pre-installed on hardware products, and any upgrades, updates, license rights granted in these
patches, bug fixes, or modified versions thereto. “Designated
Software License Terms, and may contain additional rights
Processor” means a single stand-alone computing device.
benefiting You, such as modification and distribution of the open
“Server” means a set of Designated Processors that hosts
source software. The Third-Party Terms shall take precedence
(physically or virtually) a software application to be accessed by
over these Software License Terms, solely with respect to the
multiple users. “Instance” means a single copy of the Software
applicable Third-Party Components to the extent that these
executing at a particular time: (i) on one physical machine; or (ii)
Software License Terms impose greater restrictions on You than
on one deployed software virtual machine (“VM”) or similar
the applicable Third-Party Terms.
deployment.
The following applies only if the H.264 (AVC) codec is distributed
Heritage Nortel Software
with the product. THIS PRODUCT IS LICENSED UNDER THE
“Heritage Nortel Software” means the software that was acquired AVC PATENT PORTFOLIO LICENSE FOR THE PERSONAL
by USE OF A CONSUMER OR OTHER USES IN WHICH IT DOES
Avaya as part of its purchase of the Nortel Enterprise Solutions NOT RECEIVE REMUNERATION TO (i) ENCODE VIDEO IN
Business in December 2009. The Heritage Nortel Software is the COMPLIANCE WITH THE AVC STANDARD (“AVC VIDEO”)
software contained within the list of Heritage Nortel Products AND/OR (ii) DECODE AVC VIDEO THAT WAS ENCODED BY A
located at https://support.avaya.com/LicenseInfo under the link CONSUMER ENGAGED IN A
“Heritage Nortel Products” or such successor site as designated PERSONAL ACTIVITY AND/OR WAS OBTAINED FROM A
by Avaya. For VIDEO PROVIDER LICENSED TO PROVIDE AVC VIDEO. NO
Heritage Nortel Software, Avaya grants Customer a license to LICENSE IS GRANTED OR SHALL BE IMPLIED FOR ANY
use Heritage Nortel Software provided hereunder solely to the OTHER USE. ADDITIONAL INFORMATION MAY BE
extent of the authorized activation or authorized usage level, OBTAINED FROM MPEG LA, L.L.C. SEE
solely for the purpose specified in the Documentation, and solely HTTP://WWW.MPEGLA.COM.
as embedded in, for execution on, or for communication with
Service Provider
Avaya equipment. Charges for Heritage Nortel Software may be
based on extent of activation or use authorized as specified in an THE FOLLOWING APPLIES TO AVAYA CHANNEL
order or invoice. PARTNER’S HOSTING OF AVAYA PRODUCTS OR
SERVICES. THE PRODUCT OR HOSTED SERVICE MAY USE
Copyright
THIRD PARTY COMPONENTS SUBJECT TO THIRD PARTY
Except where expressly stated otherwise, no use should be TERMS AND REQUIRE A SERVICE PROVIDER TO BE
made of materials on this site, the Documentation, Software, INDEPENDENTLY LICENSED DIRECTLY FROM THE THIRD
Hosted Service, or hardware provided by Avaya. All content on PARTY SUPPLIER. AN AVAYA CHANNEL PARTNER’S
this site, the documentation, Hosted Service, and the product HOSTING OF AVAYA PRODUCTS MUST BE AUTHORIZED IN
provided by Avaya including the selection, arrangement and WRITING BY AVAYA AND IF THOSE HOSTED PRODUCTS
design of the content is owned either by Avaya or its licensors USE
and is protected by copyright and other intellectual property laws OR EMBED CERTAIN THIRD PARTY SOFTWARE,
including the sui generis rights relating to the protection of INCLUDING BUT NOT LIMITED TO MICROSOFT SOFTWARE
databases. You may not modify, copy, reproduce, republish, OR CODECS, THE AVAYA CHANNEL PARTNER IS
upload, post, transmit or distribute in any way any content, in REQUIRED TO
whole or in part, including any code and software unless INDEPENDENTLY OBTAIN ANY APPLICABLE LICENSE
expressly authorized by Avaya. Unauthorized reproduction, AGREEMENTS, AT THE AVAYA CHANNEL PARTNER’S
transmission, dissemination, storage, and or use without the EXPENSE, DIRECTLY FROM THE APPLICABLE THIRD
express written consent of Avaya can be a criminal, as well as a PARTY SUPPLIER.
civil offense under the applicable law.
WITH RESPECT TO CODECS, IF THE AVAYA CHANNEL
Virtualization PARTNER IS HOSTING ANY PRODUCTS THAT USE OR
The following applies if the product is deployed on a virtual EMBED THE G.729 CODEC, H.264 CODEC, OR H.265
machine. Each product has its own ordering code and license CODEC, THE AVAYA CHANNEL PARTNER ACKNOWLEDGES
types. Note, unless otherwise stated, that each Instance of a AND AGREES THE AVAYA CHANNEL PARTNER IS
product must be separately licensed and ordered. For example, if RESPONSIBLE FOR ANY AND ALL RELATED FEES AND/OR
the end user customer or Avaya Channel Partner would like to ROYALTIES. THE G.729 CODEC IS LICENSED BY SIPRO LAB
TELECOM INC. SEE WWW.SIPRO.COM/CONTACT.HTML.
THE H.264 (AVC) CODEC IS LICENSED UNDER THE AVC the Mark. Nothing contained in this site, the Documentation,
PATENT PORTFOLIO LICENSE FOR THE PERSONAL USE Hosted Service(s) and product(s) should be construed as
OF A CONSUMER OR OTHER USES IN WHICH IT DOES NOT granting, by implication, estoppel, or otherwise, any license or
RECEIVE REMUNERATION TO: (I) ENCODE VIDEO IN right in and to the Marks without the express written permission
COMPLIANCE WITH THE AVC STANDARD (“AVC VIDEO”) of Avaya or the applicable third party.
AND/OR (II) DECODE AVC VIDEO THAT WAS ENCODED BY Avaya is a registered trademark of Avaya Inc.
A CONSUMER ENGAGED IN A PERSONAL ACTIVITY
AND/OR WAS OBTAINED FROM A VIDEO PROVIDER
LICENSED TO PROVIDE AVC VIDEO. NO LICENSE IS
GRANTED OR SHALL BE IMPLIED FOR ANY OTHER USE.
ADDITIONAL INFORMATION FOR H.264 (AVC) AND H.265 All non-Avaya trademarks are the property of their respective
(HEVC) CODECS MAY BE owners. Linux® is the registered trademark of Linus Torvalds in
OBTAINED FROM MPEG LA, L.L.C. SEE HTTP:// the U.S. and other countries.
WWW.MPEGLA.COM. Java is a registered trademark of Oracle and/or its affiliates.
Compliance with Laws
You acknowledge and agree that it is Your responsibility for
complying with any applicable laws and regulations, including,
but not limited to laws and regulations related to call recording,
data privacy, intellectual property, trade secret, fraud, and music
performance rights, in the country or territory where the Avaya
product is used.
Preventing Toll Fraud
“Toll Fraud” is the unauthorized use of your telecommunications
system by an unauthorized party (for example, a person who is
not a corporate employee, agent, subcontractor, or is not working
on your company’s behalf). Be aware that there can be a risk of
Toll Fraud associated with your system and that, if Toll Fraud
occurs, it can result in substantial additional charges for your
telecommunications services.
Avaya Toll Fraud intervention
If You suspect that You are being victimized by Toll Fraud and
You need technical assistance or support, call Technical Service
Center Toll Fraud Intervention Hotline at +1-800-643-2353 for the
United States and Canada. For additional support telephone
numbers, see the Avaya Support website:
https://support.avaya.com or such successor site as designated
by Avaya.
Security Vulnerabilities
Information about Avaya’s security support policies can be found
in the Security Policies and Support section of https://
support.avaya.com/security.
Suspected Avaya product security vulnerabilities are handled per
the Avaya Product Security Support Flow (https://
support.avaya.com/css/P8/documents/100161515).
Downloading Documentation
For the most current versions of Documentation, see the Avaya
Support website: https://support.avaya.com, or such successor
site as designated by Avaya.
Contact Avaya Support
See the Avaya Support website: https://support.avaya.com for
product or Hosted Service notices and articles, or to report a
problem with your Avaya product or Hosted Service. For a list of
support telephone numbers and contact addresses, go to the
Avaya Support website: https://support.avaya.com (or such
successor site as designated by Avaya), scroll to the bottom of
the page, and select Contact Avaya Support.
Trademarks
The trademarks, logos and service marks (“Marks”) displayed in
this site, the Documentation, Hosted Service(s), and product(s)
provided by Avaya are the registered or unregistered Marks of
Avaya, its affiliates, its licensors, its suppliers, or other third
parties. Users are not permitted to use such Marks without prior
written consent from Avaya or such third party which may own
Contents
Table of Contents
Revision History ..................................................................................................................................... 6
Chapter 1 Introduction ........................................................................................................................... 7
Purpose .............................................................................................................................................. 7
Overview ............................................................................................................................................ 7
AACC Mission Critical High Availability support .................................................................................. 9
Supported Contact types .................................................................................................................... 9
Software Versions .............................................................................................................................. 9
Flow Chart for Work Items ................................................................................................................ 10
Chapter 2: Configuration ...................................................................................................................... 11
IP Address information ..................................................................................................................... 11
Publish External FQDNs................................................................................................................... 12
Configure External firewall ................................................................................................................ 12
Configure ASBCE............................................................................................................................. 13
Configure a Reverse Proxy policy with WebSockets enabled ....................................................... 13
Configure TLS Client and Server Profiles ...................................................................................... 13
Configure the Reverse Proxy Relay Services................................................................................ 15
Configure Internal firewall ................................................................................................................. 18
Conclusion ....................................................................................................................................... 18
Appendix .............................................................................................................................................. 19
Support for remote worker phone sets .............................................................................................. 19
Support for Video contacts from the customers ................................................................................ 19
Support for other Reverse Proxies.................................................................................................... 19
Purpose
This document provides information on how to set up reverse proxy relays on an Avaya SBCE to enable
external workspaces agents to log in to Avaya Workspaces for AACC and accept work.
Overview
Currently, Avaya Workspaces for AACC exclusively supports on-premise workspaces Agents. The agents are
required to be on site, behind the enterprise firewalls in order to log on to Workspaces for AACC and accept
contacts.
This guide describes a reference configuration where the reverse proxy feature of the Avaya SBCE can be
configured to allow external agents to access Workspaces for AACC from a remote location with internet access.
ASBCE High Availability feature is not covered in this document.
The following diagram shows the reference architecture that was used:
This application note does not provide a deployment guide for Avaya SBCE or Avaya Workspaces
for AACC. Before continuing, the following pre-requisites must be met:
Avaya Workspaces for AACC is deployed and operational for all desired channels.
Internal (on-premise) agents can log in to Workspaces for AACC and process contacts as required.
Avaya SBCE is deployed and operational
Under TLS Management on the SBC, a certificate for the B1 external interface that will be used for
the reverse proxy has been installed.
Under TLS Management on the SBC, a certificate for the A1 external interface that will be used for
the reverse proxy has been installed.
The networks are configured and an IP is available on both the B1 (external) side and the A1
(internal) side.
Software Versions
Software versions of the components in the reference configuration were as follows:
Component Version
ASBCE 8.0.0.0-19-16991
SMGR 8.1.2.0 Build No. - 8.1.0.0.733078
AES 8.1.2.0.0.9-0
CM 8.1.2.0.0.890.26095
SM 8.1.2.0.0611240
AMS 8.0.0.183
AADS 8.0.1.0.1026
AAWG 3.8.0.0.361
The flowchart below provides an outline of the high level tasks that are required to enable support for remote
AACC agents using Workspaces.
Start
Publish FQDNs
IP Address information
The table below lists all the reverse proxy relays that were used to service the requests from the
remote Workspaces agent in the reference configuration.
Ext FQDN Internal Cluster Int FW WAN SBC-EXT B1 IP URL Used For EXT FW WAN
IP IP IP
/GetNewToken
/proxy
/phonebookquery
/attachment
/services/OCPDataServices
/services/CustomerManagement
/services/CustomerJourneyService
/services/UnifiedAgentController
/services/Broadcast-UnifiedAgentController
Users should compile a similar table for their own implementation, bearing in mind the following
points:
Externally, the FQDNs for all backend servers/clusters were resolved to a single IP on the external
firewall. So, the ‘Ext FW WAN IP’ should be the same for all external server/cluster FQDNs.
The external firewall will listen for incoming requests on ports 443 and NAT these requests through
to the assigned B1 (external) interface on the ASBCE. So, the SBC-EXT B1 IP will be the same for all
servers/clusters.
Based on the URL in the request, the SBC will proxy the request through to an IP on the external
(WAN) side of the internal firewall. So, each backend server/cluster was allocated a unique IP:port
combination on the external (WAN) side of the internal firewall.
The internal firewall will listen for incoming requests on all the allocated external (WAN) side IP:Port
and NAT these through to the corresponding backend Workspaces for AACC server/cluster.
Workspaces for AACC use non-standard ports instead of 443 port so the server profile should use
either HTTP or HTTPS based on the Workspaces for AACC configuration:
the port 31390 and HTTPS if the security is configured on AACC
the port 31380 and HTTP if the security is not configured
Conclusion
The reverse proxy relay services outlined in above have been shown to facilitate external workspaces
agents in the Workspaces for AACC environment.
Using the above reference configuration, it was possible to log in an agent from a remote location and
process webchat, email, voice, video and outbound contacts.
For Workspaces WebRTC customer clients support, split-horizon DNS is required for the AAWG
FQDN. The remote workspaces browser will make requests to AAWG using the AAWG FQDN. The
AAWG FQDN can be resolved to an external IP on the external firewall and the following relay added
to allow requests from the external workspaces agent to reach the internal AAWG server. The relay
should use the reverse proxy policy with websockets enabled.
Ext FQDN Internal Cluster IP Int FW WAN IP SBC-EXT B1 IP URL Used For EXT FW WAN
IP
/notification
Note that on the external firewall, the request will arrive on the default secure port 443. However, when
the request is proxied to the AAWG server internally, it MUST be directed to port 8444 (or which ever
port is enabled on AAWG for remote access). This is required so that AAWG will identify the Customer
as being remote and handle the media accordingly.