Professional Documents
Culture Documents
Implementing Cisco TelePresence Vol2
Implementing Cisco TelePresence Vol2
Implementing Cisco TelePresence Vol2
Implementing Cisco
TelePresence
Solutions
Volume 2
Version 1.1
Student Guide
Student Guide © 2011 Cisco and/or its affiliates. All rights reserved.
Table of Contents
Volume 2
Cisco TelePresence Extended System Features 4-1
Overview 4-1
Module Objectives 4-1
Understanding the Cisco TelePresence Multipoint Switch 4-3
Overview 4-3
Objectives 4-3
Cisco TelePresence Multipoint Switch Overview 4-4
Conference Features 4-10
Bandwidth and Latency Considerations 4-17
Physical Deployment of the Cisco TelePresence Multipoint Switch 4-21
Centralized 4-22
Distributed 4-22
Nonscheduled 4-23
Scheduled 4-23
Combined 4-23
Room-Switching with Cisco TelePresence Systems 4-26
Room-Switching with Multiscreen Cisco TelePresence Systems 4-26
Room-Switching with Cisco TelePresence System 3000 or 3200 and Cisco TelePresence
System 500, 1000, 1100, or 1300 4-28
Speaker-Switching with Cisco TelePresence Systems 4-31
Speaker-Switching with Cisco TelePresence Systems 3000 or 3200 4-32
Speaker-Switching with Cisco TelePresence Systems 3000 or 3200 and Cisco TelePresence
Systems 500, 1000, 1100, or 1300 4-35
Cisco TelePresence Multipoint Switch Meeting Types 4-37
Cisco TelePresence Multipoint Switch Troubleshooting 4-41
Summary 4-45
Understanding Cisco TelePresence Manager 4-47
Overview 4-47
Objectives 4-47
Cisco TelePresence Manager Overview 4-48
Cisco TelePresence Manager System Configuration 4-52
Cisco TelePresence Manager and Cisco Unified Communication Manager Integration 4-56
Cisco TelePresence Manager and Cisco TelePresence System Integration 4-57
Cisco TelePresence Manager LDAP and Exchange Integration 4-58
FBA for Exchange 2003 4-67
Cisco TelePresence Manager Lotus Domino Integration 4-76
Cisco TelePresence Manager Multipoint Switch Support 4-79
Managing and Troubleshooting Cisco TelePresence Scheduled Meetings 4-86
Scheduling Meetings in Outlook 4-88
Troubleshooting Cisco TelePresence Manager 4-90
Summary 4-97
Exploring One-Button-to-Push Without Cisco TelePresence Manager 4-99
Overview 4-99
Objectives 4-99
Reasons to Not Deploy Cisco TelePresence Manager 4-100
Features Lost Without Cisco TelePresence Manager 4-101
Scheduling a Conference Without Cisco TelePresence Manager 4-104
Summary 4-109
Examining Cisco TelePresence Interoperability 4-111
Overview 4-111
Objectives 4-111
Cisco TelePresence Interoperability Overview 4-112
Integrating Interoperability 4-116
Cisco Unified Videoconferencing MCU Dial Plan 4-124
Call Setup 4-127
Initial Setup of Cisco Unified Videoconferencing 4-128
Cisco Unified Videoconferencing Web Administration 4-129
Configure the Cisco Unified Videoconferencing 3500 and 5200 Series MCU 4-130
Summary 4-133
Working with the Cisco TelePresence Recording Server 4-135
Overview 4-135
Objectives 4-135
Cisco TelePresence Recording Server Overview 4-136
Cisco TelePresence Recording Server Specifications 4-140
Integration with LDAP 4-142
Using the Cisco TelePresence Recording Server 4-143
Recording Postproduction 4-144
Summary 4-146
Examining Intercompany Communications 4-147
Overview 4-147
Objectives 4-147
Intercompany Communication Overview 4-148
Enabling Intercompany Communication 4-152
Address Resolution Using ENUM 4-155
Session Border Services 4-156
SIP Signaling Flow Through SBC 4-161
SIP Signaling Flow Through Cisco ASA 5500 Series Adaptive Security Appliances 4-162
RTP Media Flow Through an SBC 4-167
RTP Media Flow Through Cisco ASA 5500 Series Adaptive Security Appliances 4-168
Service Provider Solutions 4-170
Summary 4-171
Examining Cisco TelePresence Security 4-173
Overview 4-173
Objectives 4-173
Cisco Unified Communications Manager Security for Cisco TelePresence 4-174
Configuring the Security Profile for Cisco TelePresence 4-182
Configuring PKI-Based Cisco Unified Communications Manager Security Features 4-185
Enabling Services Required for Security 4-186
Enabling Encryption on the Cisco TelePresence Multipoint Switch 4-187
SIP Trunk Encryption Configuration Procedure 4-195
Summary 4-202
Module Summary 4-203
References 4-204
Module Self-Check 4-207
Module Self-Check Answer Key 4-215
ii Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-1
Overview A1-1
Cisco TelePresence Interoperability Requirement A1-2
Cisco TelePresence Interoperability Solutions A1-3
MXE 5600 and the Cisco Video Conferencing Family A1-4
MXE 5600 Platform A1-5
MXE 5600 Software A1-6
MXE 5600 Flexible Architecture A1-7
MXE 5600 Video Gateway Application A1-8
MXE 5600 Video Quality Enhancements A1-9
The MXE 5600 Compensates for Varying Network Conditions A1-10
Multipoint Interoperability Using the Cisco TelePresence Server A1-11
Point-to-Point and Multipoint Interoperability Using the MXE 5600 A1-12
How CUCM Routes Calls to the MXE 5600 A1-13
MXE 5600 Capacity A1-14
Cisco TelePresence Manager and the MXE 5600 A1-15
MXE 5600 Interop and WebEx A1-16
MXE 5600 and TPS Deployed Together A1-17
Scalability: Multiple MXE 5600 per CUCM A1-18
Multiple CUCMs per MXE 5600 A1-18
Load Balancing and High Availability A1-19
2011 Cisco Systems, Inc. Implementing Cisco TelePresence Solutions (ITS) v1.1 iii
iv Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Module 4
Overview
Cisco TelePresence is a comprehensive solution that consists of room endpoint systems,
collaboration tools, a multipoint switching platform, management software, intercompany
connectivity, and Lifecycle Services. These items enable you to plan, deploy, and maintain the
Cisco TelePresence experience. This module explores some of the extended features of Cisco
TelePresence.
Module Objectives
Upon completing this module, you will be able to describe the extended features of Cisco
TelePresence. This ability includes being able to meet these objectives:
Describe Cisco TelePresence Multipoint Switch solutions
Describe the Cisco TelePresence Manager
Use the One-Button-to-Push feature without Cisco TelePresence System Manager
Describe Cisco TelePresence interoperability with Cisco Unified Videoconferencing
systems
Describe the Cisco TelePresence Recording Server solution
Identify the functions and goals of intercompany Cisco TelePresence
Configure security features for Cisco TelePresence
4-2 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 1
Objectives
Upon completing this lesson, you will be able to describe and deploy Cisco TelePresence
Multipoint Switch solutions. This ability includes being able to meet these objectives:
Provide an overview of the Cisco TelePresence Multipoint Switch
Discuss the conference features available for Cisco TelePresence Multipoint Switch
conferences
Discuss the bandwidth requirements for the Cisco TelePresence Multipoint Switch
Discuss the rationale for centrally deploying the Cisco TelePresence Multipoint Switch
server
Discuss the process for room-switching with Cisco TelePresence systems
Discuss the process for speaker-switching with Cisco TelePresence systems
Discuss the Cisco TelePresence Multipoint Switch meeting types
Troubleshoot different Cisco TelePresence Multipoint Switch meeting types
Cisco TelePresence Multipoint Switch Overview
This topic provides an overview of the Cisco TelePresence Multipoint Switch.
4-4 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Multipoint
Switch Specifications
Capacity from 48 segments (16 Cisco TelePresence Systems 3000
and 3200; 48 Cisco TelePresence Systems 1300, 1100, 1000, and
500, or a mix of systems)
Support for Cisco MCS 7845 Series
Automatic conference down-speeding
Conference features:
– VIP mode
– Administrator-adjustable switching times
– In-meeting user-selectable switching mode (speaker and room)
Management features:
– Enhanced call statistics
– Room testing (loopback, forced switching)
– Both Ethernet NICs enabled, providing network failover
– HTTP proxy
The Cisco TelePresence Multipoint Switch supports connections among 48 single-screen Cisco
TelePresence Systems, 16 triple-screen Cisco TelePresence Systems, or a mix of these systems
in a single meeting. The Cisco TelePresence Multipoint Switch supports multiple simultaneous
meetings to the capacity of the total number of video streams supported. Cisco TelePresence
systems have the ability to negotiate (down-speed) from 1080p to 720p, allowing systems that
are configured for 1080p to join a meeting that is configured for 720p.
The Cisco TelePresence Multipoint Switch is a purpose-built Linux-based appliance that runs
on a Cisco Media Convergence Server (MCS) 7845 Series and supports voice-activated
switching. Embedded smart-switching technology determines when to switch speakers and
eliminates changes because of stray noises. Spatial audio and seating location on screen are
always maintained as switching occurs.
VIP Mode is a feature that enables you to define one endpoint as the VIP, which causes this
endpoint to be displayed to all endpoints. The administrator can also adjust the sensitivity of the
switching time, and users have the in-meeting option of choosing the switching mode (speaker
or room).
Additional features include system status information, alarms, downloadable logs (syslog
messages), and Simple Network Management Protocol (SNMP) support. Call records provide
meeting start and stop data and participant details. You can export records to a third-party
application for manipulation and data sorting.
Cisco TelePresence Multipoint Switch Software Release 1.5 supports an inbound HTTP Proxy.
The external URL provides Cisco TelePresence Multipoint Switch web services for external
third-party web service clients in an intercompany communication environment.
Both Ethernet ports are enabled on the Cisco TelePresence Multipoint Switch, providing
network failover capability.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-5
Cisco TelePresence Multipoint Switch
Specifications (Cont.)
Software-based solution
Cisco Unified Communications Manager communication via SIP trunk
Scheduled and nonscheduled meeting support
Voice-activated switching
H.264 1080p, 720p, and CIF video support
AAC-LD and G.711 audio support
Cisco TelePresence interoperability via Cisco Unified Videoconferencing
Auto Collaborate support
Flow control
Distributed deployment with geographical selection
(requires Cisco TelePresence Manager)
The Cisco TelePresence Multipoint Switch is a software-based solution that supports 1080p
and 720p high-definition standards, with life-size images of far-end participants on 65-inch
plasma screens for both point-to-point and multipoint calls. Multichannel, discrete audio means
that sound comes from the direction of the speaker, allowing voice tracking when audio is
switched between locations. Call signaling is managed via a Session Initiation Protocol (SIP)
trunk with Cisco Unified Communications Manager.
You can link the Cisco TelePresence Multipoint Switch with the Cisco Unified
Videoconferencing MCU 3515 or Cisco Unified Videoconferencing MCU 3545. When you do
this, the Cisco TelePresence Multipoint Switch provides complete interoperability with the
installed base of H.323 and SIP video-conferencing endpoints. The Cisco TelePresence
Multipoint Switch also provides audio support for advanced audio coding with low-delay
(AAC-LD) and G.711.
A multipoint participant at any endpoint can use the auto collaborate feature to share images
with other participants and rooms in the conference using a laptop or in-room document
camera. This behavior is like a point-to-point Cisco TelePresence meeting.
Cisco has implemented a new flow control feature between the Cisco TelePresence Multipoint
Switch and Cisco TelePresence system endpoints to help control bandwidth use during
multipoint meetings. Cisco TelePresence Manager also provides seamless scheduling of
multipoint Cisco TelePresence calls using the Cisco TelePresence Multipoint Switch, with
resource and geographic selection that is based on the time zone of the endpoints in the
meeting.
4-6 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Encrypted Multipoint
Multipoint Encryption (MPE) requires Cisco
TelePresence System Release 1.5 and Cisco
TelePresence Multipoint Switch Release 1.5
Secure media:
– Key distributed to Cisco TelePresence
system with EKT
– SRTP, AES-128
– GSP shared to decrypt EKT
Secure signaling:
– SIP over TLS, AES-128
– Use S-description with Cisco Unified
Communications Manager Release 7.0 and later
Certificate:
– X.509 LSC downloaded from CAPF
If you are using Cisco TelePresence System Release 1.5 and Cisco TelePresence Multipoint
Switch Release 1.5, you can encrypt Cisco TelePresence multipoint sessions. Cisco
TelePresence leverages the authentication and encryption infrastructure of Cisco Unified
Communications Manager (Certificate Authority Proxy Function [CAPF] and Cisco Certificate
Trust List [CTL] Provider). The CAPF client, in the Cisco TelePresence Multipoint Switch and
Cisco TelePresence Manager, downloads the X.509v3 Certificates (locally significant
certificates [LSC]) from the Cisco Unified Communications Manager.
The following protocols are supported:
Secure media
— Key that is distributed to the Cisco TelePresence system with Encrypted Key
Transport (EKT)
— Secure Real-Time Transport Protocol (SRTP), Advanced Encryption Standard-128
(AES-128)
— Group Security Parameters (GSP) shared to decrypt EKT
Secure signaling
— SIP over Transport Layer Security (TLS), AES-128
— Use S-description with Cisco Unified Communications Manager Version 7.0 and
later
Certificate
— X.509 LSC downloaded from CAPF
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-7
Cisco TelePresence Multipoint
Switch Options
Cisco TelePresence Multipoint Switch Cisco TelePresence
Multipoint Switch
Video and audio switching
Nonscheduled meetings
The Cisco TelePresence Multipoint Switch provides both scheduled and nonscheduled meeting
support. During an active meeting, the conference manager can add another party using the
Cisco TelePresence Multipoint Switch Administration software.
Cisco TelePresence interoperability supports third-party video-conferencing solutions, which
are based on the H.323 standard, to take advantage of existing investments while realizing the
benefits of the Cisco TelePresence experience. Customers can bring existing standards-based
video-conferencing sessions into a Cisco TelePresence meeting. The meeting preserves the
experience for Cisco TelePresence users, while allowing standards-based video-conferencing
users to participate.
The Cisco TelePresence Multipoint Switch integration with Cisco TelePresence Manager
allows you to schedule Cisco TelePresence meetings using the enterprise calendar, for example,
Microsoft Outlook. It also enables easy One-Button-to-Push call launch for both point-to-point
and multipoint meetings.
4-8 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Multipoint Switch
Scheduled Meeting Process Flow
Cisco
Cis co Unified Cisco TelePresence TelePresence Exchange or
IP Phone 797xG Codec Multipoint Switch Manager Notes User
Cisco TelePresence Multipoint Switch integration with Cisco TelePresence Manager allows
you to schedule meetings using the enterprise calendar (for example, Microsoft Outlook). The
web-based user interface provides easy administration without a desktop-loaded client. Simple
views allow you to monitor Cisco TelePresence rooms, scheduled meetings, and system-level
information. Cisco TelePresence Manager requires no client software or plug-ins to schedule
and automatically launch calls. Instead, it acts as a room-scheduling proxy and receives and
processes all meeting invitations that are sent and received in Cisco TelePresence rooms.
Cisco TelePresence Manager synchronizes with Microsoft Exchange and Lotus Notes to collect
meeting information, and it automatically schedules the necessary multipoint resources to
support the scheduled request. Cisco TelePresence Manager then searches through all of the
available Cisco TelePresence Multipoint Switches and selects the one that provides the best
experience for the meeting, based on geographical location. Cisco TelePresence Manager
automatically synchronizes all meetings when new Cisco TelePresence rooms come online. It
also automatically resynchronizes with groupware whenever connectivity is lost.
The meeting automatically posts to the display of the Cisco Unified IP Phone 797xG in the
meeting room, minimizing the need for user training and support. Users select their scheduled
call from the meeting room phone’s display to launch calls.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-9
Conference Features
This topic describes the global and per-conference features of the Cisco TelePresence
Multipoint Switch.
You can use the Cisco TelePresence Multipoint Switch Administration software to configure,
maintain, monitor, and troubleshoot multipoint switching. You manage meetings by defining
meeting templates, defining static and ad hoc meetings, and managing active meetings. You
can also observe information about scheduled meetings. Monitoring the system includes
restarting and monitoring various system processes. Finally, you can view system errors and
log files to troubleshoot the system. Scheduled meetings require Cisco TelePresence Manager.
The Cisco TelePresence Multipoint Switch supports scheduled and nonscheduled meetings
during an active meeting. You can add audio-only participants to any multipoint meeting using
the audio add-on feature of Cisco TelePresence system endpoints. Upon joining the meeting,
Cisco TelePresence rooms are shown to all other rooms for two seconds. This feature prevents
a muted room from joining without being noticed. The Auto Collaborate feature supports data
sharing across all of the rooms in a multipoint session.
If Cisco TelePresence Manager is installed, you can have an upcoming meeting notification
message display so that participants can end the current conference on time.
You can automatically terminate a multipoint conference by enabling the Idle Meeting
Termination option. The meeting is terminated if the system does not detect an active speaker
for a predetermined period, which can be from 1 to 59 minutes. You can also force a meeting to
terminate according to the scheduled meeting time. You can even specify how many minutes a
late meeting can continue before it is forced to end.
4-10 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Per-Conference Features
Voice-activated switching (all meetings)
– Speaker—per table segment
– Room—entire site
– User-selectable during the meeting from the
Cisco Unified IP Phone 797xG
Hosted meeting (static)
– Meeting is not started until the host system has
joined the call
Video announce (all meetings)
– As rooms join the meeting, they are displayed
on all systems in the meeting for two seconds.
Lock meeting (all meetings)
– Locks the meeting to active rooms
Auto lecture
– Speakers who talk for a preconfigured amount of
time are the “lecturer.” All other endpoints see the
entire lecturer room, until a different endpoint
talks long enough to become the lecturer.
Boardroom controls
– Enables you to use the Cisco TelePresence
System 3000 for specialized studio environments.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—3-9
The Cisco TelePresence Multipoint Switch uses voice-activated switching for all meetings by
either table segment or entire endpoint site. This option is user-selectable from the IP Phone
797xG during the meeting. A static hosted meeting does not start until the host system has
joined the call. For all meetings, the video announce notifies you as rooms join the meeting.
They are briefly displayed on all systems in the meeting for two seconds. It is possible to lock
meetings to active rooms, however, the meeting administrator must enable this feature.
The Auto Lecture feature causes speakers who talk for a preconfigured amount of time to
become the “lecturer.” All other endpoints see the entire lecturer room, until a different
endpoint talks long enough to become the lecturer.
The Boardroom Controls feature allows you to use a single Cisco TelePresence System 3000
for a single participant that is engaging a large audience. This is a specialized application for
Cisco conference deployments that utilize uniquely configured screen and camera positioning.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-11
Per-Conference Features (Cont.)
VIP mode (all meetings)
– Is configured by the administrator through the
Cisco TelePresence Multipoint Switch web GUI
after the meeting is started. It is supported for
site- or speaker-switching.
– “Soft-lock” VIP video is switched out temporarily
with voice-activated switching; VIP video is
switched back automatically.
– “Hard-lock” VIP video always displays at all sites
and is never switched out.
Maximum quality per display (all meetings)
– Set meeting quality
– Avoid call down-speeding during a meeting
You can use the Cisco TelePresence Multipoint Switch GUI after the meeting starts to set the
VIP mode for all meetings. When you select the VIP mode, Cisco TelePresence Multipoint
Switch defines one endpoint as the VIP and displays it to all endpoints. This feature is
supported for room- or speaker-switching. You can define only one VIP per meeting.
If you choose the VIP mode, you can choose how the VIP displays to all endpoints. If you
choose Room, all segments of a Cisco TelePresence System 3000 or 3200 are displayed. If you
choose Center Segment, then only the center segment of a Cisco TelePresence System 3000 or
3200 is displayed.
Soft-lock VIP video is switched out temporarily with voice-activated switching. The VIP video
is switched back automatically. Hard-lock VIP video is always displayed at all sites and is
never switched out. The endpoint of the VIP continues to switch between endpoints with active
speakers.
The maximum quality per display feature is available for all meetings that allow you to set the
meeting quality. This avoids call down-speeding during a meeting.
4-12 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
TelePresence Auto Lecture Mode
The active lecturer views the
audience on a rotation cycle.
Any active speaking audience
members are immediately displayed.
Lecturers are selected based on talk
duration. b c d i
e h
a
f g
Audience
a
Audience switching times: 5, 10, and
15 seconds
Auto lecturer selection: 30, 60, and
90 seconds
Active speaker-switching times: 0.5,
1.5, and 2.5 seconds
Active Lecturer
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-11
When you enable the Auto Lecture mode, there is no immediate change in the switching of the
Cisco TelePresence Multipoint Switch.
When a person speaks for 60 seconds consecutively, that person becomes the lecturer. No one
else in the meeting will notice a change in switching; only the lecturer notices the feature being
invoked.
The lecturer sees all participants in the meeting “switch in” for 10-second intervals instead of
seeing the last active speakers. This switching occurs as soon as the speaker becomes the
lecturer (the speaker talks for more than 60 seconds).
If another participant interjects and speaks for approximately 2 seconds, the lecturer is reset and
someone must talk for another 60 seconds to become the lecturer.
Any other participant can become the lecturer by interrupting and talking for 60 seconds.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-13
TelePresence Auto Lecture Mode (Cont.)
You can enable Auto Lecture mode only when a meeting is in progress.
To enable Auto Lecture mode, from the Cisco TelePresence Multipoint Switch
administration panel, choose Meeting Management > Active Meetings > Select
Meeting, and click Edit.
You can configure the Auto Lecture mode by choosing an active meeting and enabling Auto
Lecture Mode.
4-14 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Event Controls
You can use Cisco TelePresence in special events to integrate remote
collaboration. Special events include:
– On-stage events
– Remote training
– Executive boardroom integration
– Customized meetings
You can control audio and video switching from any source to destination.
– Example: Pick individual segments to participate in the on-stage conference
while other segments can only listen and watch.
d
b c e
a f
The Event Controls feature enables you to specifically configure the audio and video for a
meeting. Before this feature, every event would require custom hardware changes, such as
unplugging microphones, swapping video cables, or using third-party hardware to get the
required results.
With the Event Controls feature, the administrator can mute any microphone, send any video to
any display, control switch characteristics, and more using the Cisco TelePresence Multipoint
Switch command-line interface (CLI).
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-15
Core Event Controls Commands
admin:
set event control {tx|rx} {audio|video|both} {enable|disable}
{DN[segment]} [meeting_id]
Sets audio and video controls for new participants entering a meeting
admin:
set event control map {source DN/segment} {Destination
DN/segment} [meeting_ID]
Maps source segment to a specific destination endpoint segment
admin:
set event control entry {enable|disable} meeting_id
Example:
admin: set event control rx audio enable 4085551212/r
Use the following command to enable or disable whether new participants to a Cisco
TelePresence Multipoint Switch meeting can receive or transmit audio and video upon entering
the meeting.
set event control {tx|rx} {audio|video|both} {enable|disable}
{DN[segment]} [meeting_id]
Use the following command to map between segments. Mapping between segments causes the
Cisco TelePresence Multipoint Switch to set a source Cisco TelePresence system or segment to
be seen on a destination Cisco TelePresence system or segment when they become the active
speaker.
set event control map {source DN/segment} {Destination
DN/segment} [meeting_ID]
Use the following command to enable or disable whether audio and video streams from this
participant will be transmitted when this endpoint joins a meeting.
set event control entry {enable|disable} meeting_id
Note Segment is identified using the following: l = left, r = right, and c = center.
4-16 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Bandwidth and Latency Considerations
This topic describes bandwidth and latency considerations for multipoint meetings.
Bandwidth Considerations
Multipoint meetings are multiple
point-to-point meetings.
Provision 5.5 Mb/s per device
for a Cisco TelePresence 1300,
66 Mb/s
1100, 1000, or 500
– Example: 48 Cisco Multipoint
Device
TelePresence System
1000s (48 * 5.5 = 264 Mb/s)
Provision 15 Mb/s per device
49.5
for a Cisco TelePresence 3000 Mb/s
or 3200
– Example: 16 Cisco
TelePresence System
3000s (16 * 15 = 240 Mb/s)
In larger deployments, distribute
the multipoint devices to help
distribute network bandwidth.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-17
Bandwidth Requirements—
Point-to-Point Example
14 Mb/s
QoS-Enabled
WAN
With a Cisco TelePresence point-to-point session, each system dials directly into the other.
Jitter and loss thresholds that are specified for point-to-point remain the same, and network
performance relating to these parameters should not be affected with the addition of the
multipoint feature. However, providing acceptable latency for multipoint meetings can be a
challenge for dispersed installations.
Bandwidth and delay are the two primary network performance parameters that you must
carefully consider when deploying multipoint capabilities for Cisco TelePresence. How and
where you deploy the Cisco TelePresence Multipoint Switch on the network directly affects
latency for multipoint meetings and affects bandwidth patterns on the network. Deploying the
Cisco TelePresence Multipoint Switch in the wrong location, physical or geographical, can
cause an undesirable meeting experience and directly affect network performance.
4-18 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Bandwidth Requirements—
Multipoint Example
A Cisco
60 Mb/s TelePresence
Multipoint Switch at
full capacity requires
in excess of 140
Mb/s of network
bandwidth.
14 Mb/s
QoS-Enabled
WAN
14 Mb/s 14 Mb/s
45 14
Mb/s Mb/s
In the multipoint example in the figure, the router WAN in San Jose must be able to support 45
Mb/s of Cisco TelePresence traffic, and the network switch must be able to support 60 Mb/s.
Equipping the network to process this level of traffic ensures no packet loss during times of
maximum network traffic. Installing a Cisco TelePresence Multipoint Switch in a location that
is not capable of managing the bandwidth requirements can result in poor network performance
and an undesirable meeting experience.
It is currently recommended that you connect the Cisco TelePresence Multipoint Switch to one
of the approved Cisco Catalyst Ethernet switch models (with a minimum of 1-MB transmit
buffer memory). It is also important that you place the Cisco TelePresence Multipoint Switch in
a location, such as a data center or comparable facility capable of accommodating its bandwidth
requirements. Distributing Cisco TelePresence Multipoint Switches in a large Cisco
TelePresence network helps distribute telepresence bandwidth and prevents the saturation of a
single site with telepresence traffic.
Cisco has implemented a new flow control feature between the Cisco TelePresence Multipoint
Switch and Cisco TelePresence system endpoints to help control bandwidth use during
multipoint meetings. This feature allows inactive table segments in a multipoint meeting to stop
transmitting video. Flow control lowers overall use of bandwidth during a multipoint meeting.
Under flow control, when the active table segments have been established after the initiation of
the multipoint meeting, the Cisco TelePresence Multipoint Switch uses Real-Time Transport
Control Protocol (RTCP) to instruct Cisco TelePresence system endpoints to stop transmitting
video for table segments that are not currently being displayed. Cisco TelePresence system
endpoints continue sending audio from all table segments and the Cisco TelePresence
Multipoint Switch uses the audio signal to determine when an inactive table segment becomes
active. Upon detecting an audible signal, the Cisco TelePresence Multipoint Switch instructs
the Cisco TelePresence system endpoint to start transmitting video again for the newly active
table segment. The Cisco TelePresence Multipoint Switch continues this process throughout the
meeting, minimizing overall bandwidth consumption for the multipoint meeting.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-19
Latency Considerations
The worst-case
10 ms latency from Tokyo
to London is 148 ms.
53 ms
QoS-Enabled
WAN
31 ms
85 ms
Remember to calculate
round-trip and Cisco
TelePresence Multipoint * Latency numbers are
Switch-induced latency. based on a Cisco deployment.
One of the key distinctions for Cisco TelePresence is its ability to maintain extremely low
latency while providing high-quality 1080p video and spatial audio. Excessive latency in any
Cisco TelePresence meeting degrades the in-person experience. Latency is an even bigger issue
with multipoint meetings because all Cisco TelePresence rooms dial into a Cisco TelePresence
Multipoint Switch that may not be located in the same geographic location.
Cisco TelePresence rooms that provide very low latency in a point-to-point meeting can have
considerably higher latency in a multipoint meeting, such as that shown between Tokyo and
London in the figure. Inserting any multipoint device in the media path of a Cisco TelePresence
call introduces additional latency. However, proper placement of the Cisco TelePresence
Multipoint Switch helps minimize latency and preserve the Cisco TelePresence experience.
You should always design a Cisco TelePresence network to target a one-way network latency
of less than 150 ms end to end. However, in some cases, reaching this low-latency target is not
possible because of long distances between international sites. Therefore, the absolute upper
limit that Cisco TelePresence allows for one-way network latency is 200 ms.
4-20 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Physical Deployment of the Cisco TelePresence
Multipoint Switch
This topic describes the physical deployment options of the Cisco TelePresence Multipoint
Switch.
For Cisco TelePresence deployments with fewer than six Cisco TelePresence rooms, it is
recommended that you centrally locate the Cisco TelePresence Multipoint Switch based on the
geographic location of the Cisco TelePresence rooms.
For deployments with more than six Cisco TelePresence rooms, it is recommended that you
geographically distribute Cisco TelePresence Multipoint Switches to localize multipoint
meetings and minimize latency.
Note The physical placement of the Cisco TelePresence Multipoint Switch is crucial. You should
locate it in a data center or equivalent location.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-21
Deployment Latency Considerations
Centrally locate multipoint resources
for small deployments.
Calculate worst-case latency by
adding the longest two legs plus
116 ms
10 ms for the Cisco TelePresence 37 ms
Multipoint Switch.
Sites with relatively low point-to-
point latency can have much higher
latency in a multipoint configuration.
Regionalize multipoint resources
and manage meetings with Cisco
London to New York :
TelePresence Manager for large Point-to-point—37 ms
deployments. Multipoint—116 ms
Centralized
Centrally locating multipoint resources for small deployments prevents unnecessary latency
that is caused by back-hauling calls to a site at the far edge of the network. Latency for
multipoint meetings is calculated by adding the latency for two legs of the meeting and adding
10-ms latency for the Cisco TelePresence Multipoint Switch. Calculate the worst- case latency
by adding the longest 2 legs plus 10 ms for the Cisco TelePresence Multipoint Switch. The sites
with relatively low point-to-point latency can have much higher multipoint latency.
Distributed
Distributed deployments have an added level of complexity because of Cisco TelePresence
Multipoint Switch distribution functions and the potentially large number of Cisco
TelePresence rooms. Poor selection of meeting location causes excessive latency, which affects
the overall user experience. Distributed deployments require a Cisco TelePresence Manager for
scheduled meetings, as well as for resource and location management, providing a very scalable
distributed multipoint solution. Cisco TelePresence Manager provides an optimal geographical
meeting location selection, allowing meetings to be scheduled on the Cisco TelePresence
Multipoint Switch that provides the lowest amount of latency. Cisco TelePresence Manager
also provides Cisco TelePresence Multipoint Switch resource management, ensuring that
multipoint resources are available at the scheduled time of a meeting. Trying to support a
distributed Cisco TelePresence Multipoint Switch deployment without Cisco TelePresence
Manager is, essentially, an unmanageable task. Without Cisco TelePresence Manager, the
administrator would have to do the following:
Manually manage the distribution of meetings
Calculate latency numbers
Choose the appropriate Cisco TelePresence Multipoint Switch with available resources for
each scheduled meeting
4-22 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Multipoint Switch
Deployment Models
Nonscheduled (no Cisco TelePresence Manager)
– Static and ad hoc meetings
Scheduled (requires Cisco TelePresence
Manager)
– Scheduled meetings
– Resource management for multiple Cisco
TelePresence Multipoint Switch units based on
capacity, geographical location, or both
– One-Button-to-Push dialing
Combined (requires Cisco TelePresence
Manager)
– Static and ad hoc meetings
– Scheduled meetings
– Resource management (scheduled meetings
only)
– One-Button-to-Push dialing (scheduled
meetings only)
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-21
Nonscheduled
The centralized deployment is the only deployment that can support a nonscheduled-only
meeting environment for static and ad hoc meetings. It is not recommended that you attempt to
implement a nonscheduled meeting environment in a large, dispersed network with distributed
Cisco TelePresence Multipoint Switches.
Scheduled
Centralized and distributed deployments support a scheduled-only meeting environment.
Scheduled meetings require Cisco TelePresence Manager for integration with Microsoft
Exchange, the Cisco TelePresence Multipoint Switch resource, and location management.
Cisco TelePresence Manager also provides One-Button-to-Push for point-to-point and
scheduled meetings.
Combined
Centralized deployments and distributed deployments also support a combination of scheduled
and nonscheduled meetings. Cisco TelePresence Manager is required for managing scheduled
meetings.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-23
Nonscheduled—System Placement
Place Cisco TelePresence Multipoint Switch systems centrally to lower latency.
Locate the Cisco TelePresence Multipoint Switch in a high-bandwidth location,
such as a data center.
A recommendation on where to place the Cisco TelePresence Multipoint Switch
will be made during the NPA.
All meetings will be nonscheduled.
= Cisco TelePresence
System
The following are the system placement recommendations for a nonscheduled meeting
deployment:
Locate Cisco TelePresence Multipoint Switch systems centrally to lower latency.
Locate the Cisco TelePresence Multipoint Switch in a high-bandwidth location, such as a
data center.
The network path assessment (NPA) process recommends the placement of the Cisco
TelePresence Multipoint Switch.
All meetings will be nonscheduled.
4-24 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Scheduled—Meeting System Placement
For large deployments, regionally place Cisco TelePresence Multipoint Switch systems to
lower latency and conserve bandwidth. For small deployments, typically place the Cisco
TelePresence Multipoint Switch in a central location.
Locate the Cisco TelePresence Multipoint Switch in high-bandwidth locations, such as data
centers.
A recommendation on where to place the Cisco TelePresence Multipoint Switch is made
during the NPA.
Cisco TelePresence Manager schedules meetings based on available system resources and
location.
= Cisco TelePresence
System
The following are the system placement recommendations for a scheduled meeting
deployment:
For large deployments, locate Cisco TelePresence Multipoint Switch systems regionally to
lower latency and conserve bandwidth. For small deployments, you will typically place the
Cisco TelePresence Multipoint Switch in a central location.
Locate the Cisco TelePresence Multipoint Switch in high-bandwidth locations, such as data
centers.
The NPA process recommends the placement of the Cisco TelePresence Multipoint Switch.
Cisco TelePresence Manager schedules meetings based on available system resources and
location.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-25
Room-Switching with Cisco TelePresence
Systems
This topic describes the process for room-switching with Cisco TelePresence systems.
Room-Switching with
Cisco TelePresence Systems
Site 1
Active Room
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-24
4-26 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1
A Cisco TelePresence Multipoint Switch sends video from all active-site table segments to all
the nonactive speaker sites with table position maintained.
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1
Video from the entire active The current active site views
site is switched to all other video from the last active site.
sites, and table position is
always maintained.
Active Room
© 2011 Cisco Systems, Inc. All rights reserved. ITS v1.1—3-26
A Cisco TelePresence Multipoint Switch displays video from the previously active speaker at
the currently active site.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-27
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1 Site 2 Site 3
Site
Site 44
Note: The Cisco TelePresence System 1300 sends the video from only one table s egment at a time.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-27
Note The Cisco TelePresence 1300 sends the video from only one table segment at a time.
4-28 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1 Site 2 Site 3
Upon entering the session,
each Cisco TelePresence
System 500, 1000, 1100, or
1300 is assigned a position on
the Cisco TelePresence
System 3000 or 3200.
Position assignment starts in
the center segment and is
followed by the left segment,
then the right.
These positions are
maintained until:
– A site leaves the session
or
– A position is vacant and
the system is currently
sharing a position with
another Cisco
TelePresence System 500,
1000, 1100, or 1300 Site 4
The Cisco TelePresence Multipoint Switch assigns video from each Cisco TelePresence System
500, 1000, 1100, or 1300 to an individual table segment on the Cisco TelePresence System
3000 or 3200.
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1 Site 2 Site 3
All sites view the active site
video. In this example, only the
active segment of the Cisco
TelePresence System 3000 is
displayed on the Cisco
TelePresence System 500,
1000, 1100, or 1300 sites.
Site 4 Active
Speaker
A Cisco TelePresence Multipoint Switch switches video from the active table segment to all
other sites. The figure shows that the Cisco TelePresence Multipoint Switch displays the active
Cisco TelePresence System 3000 or 3200 segment on the Cisco TelePresence System 500,
1000, 1100, or 1300 sites.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-29
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1 Site 2 Site 3 Site 5
A Cisco TelePresence
System 500, 1000, 1100,
or 1300 joins the session
and is set in the next
sequential position.
Active
Site 4 Speaker
When video from a fourth Cisco TelePresence System 500, 1000, 1100, or 1300 site joins the
session, the Cisco TelePresence Multipoint Switch places it into the next sequential position on
the Cisco TelePresence System 3000 or 3200 system.
Room-Switching with
Cisco TelePresence Systems (Cont.)
Site 1 Site 2 Site 3 Si te 5
Site 4 Active
Speaker
The Cisco TelePresence Multipoint Switch maintains the position of Site 5 and replaces it with
the image from Site 2 when Site 2 becomes the active segment. When Site 5 again becomes the
active segment, Cisco TelePresence Multipoint Switch will switch the positions of Site 5 and
Site 2.
4-30 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Speaker-Switching with Cisco TelePresence
Systems
This topic describes the process for speaker-switching with Cisco TelePresence Systems.
Speaker-Switching with
Cisco TelePresence Systems
Cisco TelePresence
System 3000 or 3200
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-31
Speaker-Switching with Cisco TelePresence Systems 3000 or
3200
This diagram illustrates a speaker-switching session with three Cisco TelePresence Systems
3000 or 3200. Speaker-switching differs from room-switching; speaker-switching allows each
segment to be switched independently. With speaker-switching, at any given time, participants
in a room may be viewing images from three different rooms. The Cisco TelePresence
Multipoint Switch displays the table segment of the new active speaker in all other rooms on
the corresponding screen.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
Segments are
switched
independently. The
active segment
video is displayed in
its respective
position on all Cisco
TelePresence
Systems 3000 or
3200 in the session. Active
Speaker
© 2011 Cisco Systems, Inc. All rights reserved. ITS v1.1—3-33
The Cisco TelePresence Multipoint Switch sends video from the segment of the active speaker
to the corresponding segment on the other Cisco TelePresence Systems 3000 or 3200.
4-32 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
New Active
Speaker
When the active speaker changes, the Cisco TelePresence Multipoint Switch sends video from
the new active speaker segment to the corresponding segment on the other Cisco TelePresence
Systems 3000 or 3200.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
New Active
Speaker
Segments are
switched
independently. The
active segment video
is displayed in its
respective position on
all Cisco
TelePresence
Systems 3000 or
3200 in the session.
Again, when the active speaker changes, the Cisco TelePresence Multipoint Switch sends video
from the active speaker segment to the corresponding segment on the other Cisco TelePresence
Systems 3000 or 3200.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-33
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
Previously Active
Speaker
Active segments continue to display the video of the previously active speaker.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
Si te 1 Site 2 Site 3
Site 4
Cisco TelePresence
System 3000 or 3200
Note: Switching between table segments on the Cisco TelePresence System 1300
is handled locally by the primary codec using directional microphones.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-37
4-34 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Speaker-Switching with Cisco TelePresence Systems 3000 or
3200 and Cisco TelePresence Systems 500, 1000, 1100, or 1300
This diagram illustrates a speaker-switching session with two Cisco TelePresence Systems
3000 or 3200 and two Cisco TelePresence Systems 500, 1000, 1100, or 1300. Speaker-
switching with a combination of Cisco TelePresence Systems 3000 or 3200 and Cisco
TelePresence Systems 500, 1000, 1100, or 1300 presents a unique challenge.
Note Switching between the table segments on the Cisco TelePresence System 1300 is handled
locally by the primary codec using directional microphones.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
Active Speaker
Segments are
switched
independently. The
active segment video
displays at all remote
sites in its respective Site 4
position. The Cisco
TelePresence
Systems 500, 1000,
1100, or 1300
maintain their initial
position throughout
the session.
The Cisco TelePresence Multipoint Switch sends video from the segment of the active speaker
to all remote sites, slotted in the respective position. The Cisco TelePresence Systems 500,
1000, 1100, and 1300 maintain their initial position throughout the session.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-35
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
When the active speaker changes, the Cisco TelePresence Multipoint Switch sends video from
the new active speaker segment to all the remote sites, displayed in the respective position.
Speaker-Switching with
Cisco TelePresence Systems (Cont.)
Previously Previously Previously
Active Speaker Active Speaker Active Speaker
Site 4
Video segments continue to display the video of the previously active speaker.
4-36 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Multipoint Switch Meeting
Types
This topic describes the different Cisco TelePresence Multipoint Switch meeting types.
Static Meetings
These are nonscheduled meetings.
They are always available.
Users dial meeting number for
access (no One-Button-to-Push
dialing).
The meeting administrator can add
or delete sites at any time during
the meeting.
The meeting security features are:
– Video announce
– Maximum rooms
– Meeting lock (enabled by
meeting administrator once the
conference is started)
You must set the meeting quality
based on the site with the lowest
resolution and bandwidth.
Static meetings are nonscheduled meetings that the administrator configures through the Cisco
TelePresence Multipoint Switch Administration GUI. Static meeting configuration assigns a
meeting number that participants use to access the meeting. Static meetings are always
available. Participants can access a meeting simply by dialing the static meeting number from
any Cisco TelePresence system or by using a speed dial entry on the IP Phone 797xG in the
Cisco TelePresence room. The meeting administrator can add Cisco TelePresence rooms to the
meeting at any time using the Cisco TelePresence Multipoint Switch Administration GUI.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-37
Hosted Static Meeting
These are nonscheduled meetings.
They are always available.
Users dial meeting number for access (no One-Button-to-Push dialing).
Meeting is not started until host system has joined the meeting.
All rooms are placed on hold until the host joins the meeting.
All rooms are disconnected when the host disconnects.
The meeting administrator can add or delete sites at any time during the
meeting.
The meeting security features are:
– Video announce
– Maximum rooms
– Meeting lock (enabled by meeting administrator after call is started)
Set the meeting quality based on the site with the lowest resolution and
bandwidth.
4-38 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Ad Hoc Meeting
These are nonscheduled,
dial-out meetings
(administrator-initiated).
There is no dial-in support.
The meeting administrator
can add or delete sites any
time during the meeting.
They are secure by design
(no dial-in support).
Set meeting quality based on
the site with the lowest
resolution and bandwidth.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-39
Scheduled Meeting
This requires Cisco TelePresence Manager.
Meetings are scheduled using Microsoft Outlook or
Lotus Notes.
Cisco TelePresence Manager provides resource
management for the Cisco TelePresence Multipoint
Switch.
– System
– Geographical
Cisco TelePresence Manager provides One-Button-to-
Push dialing for scheduled meetings.
The meeting security features are:
– The Meeting ID is not provided to users.
– Video announce
– Only scheduled rooms have access to the meeting.
Users can employ any Microsoft Outlook or Lotus Notes client to schedule meetings.
Scheduled meetings provide participants with One-Button-to-Push meeting access, which
requires no administrator interaction. Cisco TelePresence Manager provides the interface
between Exchange and the Cisco TelePresence Multipoint Switch to allow users to schedule
meetings. The meeting administrator can use the Cisco TelePresence Multipoint Switch
Administration GUI to add rooms to an active scheduled meeting at any time during the
meeting.
4-40 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Multipoint Switch
Troubleshooting
This topic describes how to troubleshoot different Cisco TelePresence Multipoint Switch
meeting types.
To troubleshoot ad hoc calls that fail because of a congestion message, start by analyzing the
software compatibility between the Cisco TelePresence system and the Cisco TelePresence
Multipoint Switch.
With Cisco TelePresence Multipoint Switch Release 1.5, calls are supported when they are
placed between Cisco TelePresence endpoints using firmware 1.4.2 or later. If the software is
incompatible, consider upgrading the Cisco TelePresence system firmware for proper
interoperability. It may also be practical to downgrade the Cisco TelePresence Multipoint
Switch to regain support for the affected Cisco TelePresence system endpoints.
If the software is compatible, capture the log files from the affected Cisco TelePresence system
and the Cisco TelePresence Multipoint Switch devices for escalation to Cisco Technical
Assistance Center (TAC).
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-41
Troubleshooting Ad Hoc Cisco TelePresence
Multipoint Switch Calls (Cont.)
Capturing logs from the Cisco TelePresence Multipoint Switch
You can filter log files that are captured from the Cisco TelePresence Multipoint Switch by
process and error level. Follow these steps to configure and download the severity level of
system-level error messages and alarms for specific process areas:
Step 1 Under the Troubleshooting folder in the Navigation Pane, click Log Files to open
the Log Files window.
Step 2 At the top of the Log Files screen, there is a table listing the following Cisco
TelePresence Multipoint Switch processes:
1. CCS
2. Conference Manager
3. Execution Manager
4. Media Processor
5. Switching
Step 3 To the left of each process is a drop-down list box, listing the following severity
levels:
1. OFF
2. CRIT
3. ERROR
4. WARN
5. INFO
6. DEBUG
7. DEBUG2
8. DEBUG3
4-42 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Step 4 Choose a specific severity level for all error messages and alarms that are associated
with a particular Cisco TelePresence Multipoint Switch process.
Step 5 In the Log Files section, click the Process drop-down list box to display a list of
Cisco TelePresence Multipoint Switch process areas. Then choose a specific process
area in which to filter log files.
Step 6 Click the Filter button to display the log files that are associated with the selected
process area in the Log Files table.
Step 7 At the bottom of the Log Files screen is the Log File table, which lists the available
log files. The table is organized as follows:
Field Description
Filename Filename of the log file. Click the arrow to change the order
(descending, ascending based on alphabetical order of the filenames)
in which the log files display.
Process The Cisco TelePresence Multipoint Switch process area. Click the
arrow to change the order (descending, ascending based on
alphabetical order of the processes) in which the log files display.
Last Modified Time (Greenwich Mean Time, Pacific Standard Time) at which the log
file was collected. Click the arrow to change the order (descending,
ascending based on time) in which the log files display.
Step 8 To display a defined number of table rows, click the down arrow next to Rows per
Page. Click to highlight and select predetermined amounts. If there are multiple
pages listing log files, click the First, Previous, Next, or Last button to navigate to
the desired page.
Step 9 Click the filename of a log file to download that file. Click the Download All button
to download all log files that are listed.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-43
Troubleshooting Static Meeting Issues
Symptom:
– Busy or reorder tone when joining a static Cisco TelePresence Multipoint
Switch conference
Diagnosis:
– Not enough call resources on the Cisco TelePresence Multipoint Switch
– The maximum number of rooms defined for the static meeting is insufficient.
– The SIP trunk or DN is incorrectly configured.
Solution:
– Use the Static Meeting number on another Cisco TelePresence Multipoint
Switch with available resources.
– Under Meeting Management, increase the maximum room count for the
affected static meeting.
– Reset the SIP trunk or associated route list.
Verification:
– Test the ad hoc meeting. if the ad hoc meeting is successful but the Static
meeting fails, troubleshoot the DN configuration or meeting resource.
Escalation:
– Gather logs from all units involved in the call, including Cisco TelePresence
Multipoint Switch logs if it was a multipoint call.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 3-47
When troubleshooting multipoint meetings that fail and result in a busy or reorder tone,
consider one of the following possibilities:
The SIP trunk or dial plan may be improperly configured or not correctly reset after a
configuration. Test the ability to place an ad hoc conference. If the ad hoc conference is
successful, then signaling from the Cisco TelePresence Multipoint Switch to the Cisco
Unified Multipoint Switch is operational, and the dial plan may be incorrectly configured.
Resources may be incorrectly configured. Start by examining the static meeting to ensure
that meeting capacity has not been exceeded for the Maximum Rooms configuration.
Examine active meetings and verify that the total resources available for the Cisco
TelePresence Multipoint Switch have not been exceeded. If resources have been exceeded,
use another Cisco TelePresence Multipoint Switch in the network for the static meeting.
Collect log files from the Cisco TelePresence Multipoint Switch and the affected Cisco
TelePresence endpoints if unable to directly resolve the static meeting issues.
4-44 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
The Cisco TelePresence Multipoint Switch allows geographically
dispersed organizations to hold encrypted Cisco TelePresence meetings
across multiple locations, with support for up to 48 segments in a single
meeting across a mix of endpoints. It also provides interoperability with
Cisco Unified Videoconferencing.
The Cisco TelePresence Multipoint Switch administration software allows
you to configure global conference features, and the Cisco Unified IP
Phone 797xG allows you to control options during the meeting.
Multipoint meetings are multiple point-to-point meetings terminated on a
Cisco TelePresence Multipoint Switch. The total bandwidth must be
provisioned for the maximum number of segments supported on the
multipoint device.
You can deploy Cisco TelePresence Multipoint Switches centrally or
distributed based on the number of endpoints. Cisco TelePresence
Multipoint Switch deployment models include nonscheduled, scheduled,
or combined.
Summary (Cont.)
Room-switching sends the video from the room with the active
speaker to all other rooms in a meeting.
With speaker-switching, at any given time, participants in a room
may be viewing images from three different rooms.
Cisco TelePresence supports static, hosted static, ad hoc, and
scheduled meetings.
A code version mismatch between the Cisco TelePresence
Multipoint Switch and the Cisco TelePresence System can cause
a congestion message to appear when starting an ad hoc
conference.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-45
4-46 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 2
Understanding Cisco
TelePresence Manager
Overview
Cisco TelePresence Manager provides the software and application interface that allows you to
schedule meetings—known as telepresence calls—in advance, on the Cisco TelePresence
System. It also enables you to send appropriate status messages to the XML interface of the
Cisco Unified IP Phone 797xG. Additionally, administrators can use Cisco TelePresence
Manager to troubleshoot failed calls and to define concierges to assist users who may need
assistance with Cisco TelePresence call scheduling and dialing.
Objectives
Upon completing this lesson, you will be able to describe and configure the Cisco TelePresence
Manager features. This ability includes being able to meet these objectives:
Provide an overview of the Cisco TelePresence Manager features and specifications
Review the initial server configuration settings for Cisco TelePresence Manager
Describe how Cisco TelePresence Manager integrates with Cisco Unified Communications
Manager
Discuss how Cisco TelePresence Manager integrates with Cisco TelePresence Systems
Discuss how Cisco TelePresence Manager integrates with LDAP and Microsoft Exchange
Discuss the requirements for Microsoft Exchange integrations with forms-based
authentication
Discuss how Cisco TelePresence Manager integrates with Lotus Domino
Discuss and configure the Cisco TelePresence Manager integration with Cisco
TelePresence Multipoint Switch
Discuss the management and troubleshooting of Cisco TelePresence scheduled meetings
Demonstrate the scheduling of a Cisco TelePresence meeting
Troubleshoot Cisco TelePresence Manager
Cisco TelePresence Manager Overview
This topic describes an overview of the Cisco TelePresence Manager.
Cisco TelePresence Manager simplifies the scheduling and management of Cisco TelePresence
virtual meeting room solutions. Cisco TelePresence Manager is a Linux-based appliance
running on a Cisco 7800 Series Media Convergence Server platform. It is the middleware
connection between Cisco Unified Communications Manager, the Cisco TelePresence meeting
rooms, and the groupware calendaring and scheduling application of the customer (such as
Microsoft Exchange and Microsoft Outlook).
Users can launch the Cisco TelePresence call with the push of one button. They simply choose
their meeting from the list of meetings that are shown on the Cisco Unified IP Phone 797xG in
the meeting room.
Cisco TelePresence Manager collects information about Cisco TelePresence Systems from
Cisco Unified Communications Manager. Cisco TelePresence Manager then associates those
systems to their physical location or conference room, as defined in the Microsoft Active
Directory and Exchange Server of the customer.
End users can also obtain video-based assistance, including moderated meetings and adding
meeting participants who are not using Cisco TelePresence endpoints.
Cisco TelePresence Manager leverages the Lightweight Directory Access Protocol (LDAP)
directory capabilities of Active Directory and the mailbox capabilities of Exchange to deliver
the Cisco TelePresence scheduling solution to end users. By synchronizing its local Informix
database with the Exchange Information Store database, Cisco TelePresence Manager tracks
meeting requests that include one or more of the meeting rooms in Exchange and displays the
results on the IP Phone 797xG, as shown in the figure. Administrators and concierges can also
view scheduled meetings in the web-based administration tool.
Cisco TelePresence Manager uses the same One-Button-to-Push integration for point-to-point
or multipoint meetings.
4-48 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager
Server Specifications
Similar in design to Cisco Unified Communications Manager
– Runs on Cisco MCS 7800 Series
– Is based on the Cisco Linux Voice operating system platform
– Is installed via the Platform Configuration DVD or preinstalled from factory
– Has a CLI that is accessible via SSH or local console port
– Has a web-based (HTTPS) interface for administration and monitoring
– Supports SNMP v2c, v3, and Cisco Discovery Protocol
System requirements:
– Cisco MCS 7845 Series
– Microsoft Internet Explorer 6.0
– Server: 2003 (Windows Server 2003 Enterprise Edition) and 2007 (on
Windows 2003 Enterprise Edition SP2 [64-bit])
– Microsoft Outlook Client: 2003 and 2007
– IBM Domino Server: 8.0 and 7.0.0 (Windows Server 2003 Enterprise Edition)
– IBM Notes Client: 8.0, 7.0.0, and 6.5.0
– Cisco Unified Communications Manager 7.0(2) or later
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-3
Cisco TelePresence Manager uses the same platform infrastructure as Cisco Unified
Communications Manager, following its appliance-model principles. It runs on the Cisco
Media Convergence Server (MCS) 7845 Series, which is based on the Cisco Linux voice
operating-system platform. The command-line interface (CLI) is accessible via Secure Shell
(SSH) or local console port. A web-based (HTTPS) interface for administration and monitoring
is also available. Finally, the Cisco TelePresence Manager supports Simple Network Protocol
Version 3 (SNMPv3) and Cisco Discovery Protocol.
The following table describes the system requirements for Cisco TelePresence Manager
Release 1.5:
System Requirements
Specifications Description
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-49
Cisco TelePresence Manager Release 1.5
Calendaring Integration Specifications
Lotus Notes and Microsoft Resend Email
Export Data
Domino Support Exchange Notification
Lotus Domino/Notes 2003 and 2007 Start time Greater flexibility
Server 8.0.x End time for process control
Supports 500 rooms
Lotus Notes clients Meeting status Administrator can
version 6.5.X and 7.0 Microsoft Active control email
Directory 2008 scheduler
confirmations and
Supports 50 rooms Meeting subject notifications
With Cisco TelePresence Manager Release 1.5, it is as easy to schedule and manage Cisco
TelePresence calls as any other meeting. The software facilitates call scheduling and setup from
common enterprise groupware such as Microsoft Exchange and Lotus Notes. Based on email
confirmations that are returned within 15 minutes, Lotus Notes supports 50 scheduled rooms
and Microsoft Exchange supports 500 scheduled rooms. You do not need to install any client
software or plugins to schedule and automatically launch calls. Instead, Cisco TelePresence
Manager acts as a room-scheduling proxy and receives and processes all meeting invitations
that are sent and received in the Cisco TelePresence rooms.
Cisco TelePresence Manager provides a view of scheduled meetings by date, status, room, and
scheduler. It also supports an automated email notification process to get clarification, if any is
needed; to launch the call; or to confirm the Cisco TelePresence meeting. The email provides a
link to log into the Cisco TelePresence Manager web interface to update the meeting
information.
4-50 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager
Protocol Interaction
“Discovers” meeting rooms by Activ e Directory
querying Cisco Unified
Communications Manager via Exchange
AXL/SOAP. LDAP
Logs into Exchange-based
meeting rooms using LDAPv3 Cisco
and WebDAV. TelePres ence
Manager
Monitors mailboxes for each
room and accepts or rejects
meeting requests. AXL/SOAP WebDAV
Codec
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-51
Cisco TelePresence Manager System
Configuration
This topic describes the initial system configuration settings in the Cisco TelePresence
Manager.
IP Settings
NTP Settings
SNMP Settings
Remote Account
Change Password
Restart Host
Note The IP address of the codec is displayed on the center of the Cisco TelePresence screen
after a bootup. If you do not know the IP address, you can connect directly to the camera
Ethernet port, and the codec will assign an IP address to your laptop. The codec is the first
IP address of the subnet that is assigned to your laptop.
4-52 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
SNMP Settings: The SNMP Settings tab enables you to specify an optional SNMP server
along with its associated credentials and the location of the SNMP trap receiver.
Remote Account: The Remote Account tab enables you to configure remote access using
SSH, typically for Cisco technical support personnel. You can currently manage this
account using a Cisco utility available on an internal Cisco website.
Change Password: The Change Password tab enables you to modify the administrative
(admin) password that is used to gain access to the Cisco TelePresence Manager Server.
Restart Host: The Restart Host tab enables you to restart the Cisco TelePresence Manager
Server. You must have already specified the admin password to be able to perform this
function.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-53
Configuring Cisco TelePresence
Manager Application User
CCMAp puser
You must create an application user for Cisco TelePresence Manager to interact with Cisco
Unified Communication Manager. Cisco TelePresence Manager requires proper rights within
Cisco Unified Communications Manager to be able to poll for registration status and mailbox
usernames. Additionally, Cisco TelePresence Manager needs rights to push XML meeting
updates to the TelePresence endpoints.
To create an application user for Cisco TelePresence Manager, go to the System
Configuration > Cisco CallManager window in the Cisco TelePresence System
Administration tool. The following table describes the fields that are accessible from this
window.
Field Description
Certificate Use this field to provide a trust certificate for a new Cisco Unified Communications
server
4-54 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring Cisco TelePresence
Manager Application User (Cont.)
Create Cisco TelePresence
Manager application user Application User
account in Cisco Unified Information
Communications Manager.
Allow Cisco TelePresence
Manager application user
account to have API and
CTI access to Cisco
TelePresence phone and
codecs.
Permissions
Information
To grant Cisco TelePresence Manager proper authority within Cisco Unified Communications
Manager, you must create an application user and assign that user permission to the following
roles:
Standard AXL API Access
Standard CCM Admin Users
Standard CTI Enabled
Standard Serviceability
Finally, you must assign the application user account control over the individual Cisco
TelePresence codecs and IP Unified 797xG phones.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-55
Cisco TelePresence Manager and Cisco Unified
Communication Manager Integration
This topic describes how Cisco TelePresence Manager integrates with Cisco Unified
Communications Manager.
Cisco TelePresence
Manager
Cisco Unified
Cisco Communications Manager
TelePresence
Manager
AXL\SOAP over HTTPS for telepresence room discovery
Cisco TelePresence Manager collects information about Cisco TelePresence Systems from
Cisco Unified Communications Manager and associates those systems to their physical
location. Cisco TelePresence Manager also integrates with Cisco Unified Communications
Manager to provide interoperability with the IP Phones 797xG in the meeting rooms.
The following steps describe the Cisco TelePresence Manager and Cisco Unified
Communications Manager integration:
Step 1 AXL/SOAP over HTTPS is used to discover Cisco TelePresence rooms.
Step 2 AXL/SOAP over HTTPS is used to obtain the Cisco TelePresence System IP
address, domain name, and Simple Mail Transfer Protocol (SMTP) address from the
Cisco Real-Time Information Server (RIS) database.
Step 3 A Computer Telephony Interface Quick Buffer Encoding (CTIQBE) API is used to
monitor the registration status of discovered Cisco TelePresence rooms.
Note Cisco TelePresence Manager can communicate only with a single Cisco Unified
Communications Manager node. Therefore, that node must run both the AXL Web Service
and the Cisco Unified Communications Manager CTI Manager service. There is no support
for Cisco Unified Communications Manager redundancy.
4-56 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager and Cisco
TelePresence System Integration
This topic describes how Cisco TelePresence Manager integrates with Cisco TelePresence
Systems.
Cisco TelePresence
Manager
Application Endpoints
Schedule information
pushed to phone via
XML and XSI
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-10
Cisco TelePresence Manager collects information about Cisco TelePresence Systems from
Cisco Unified Communications Manager and associates those systems to their physical
location, which is defined in Active Directory and enterprise groupware. It also automatically
collects information about multipoint capabilities and allocates those resources when needed,
allowing you to schedule both point-to-point and multipoint Cisco TelePresence meetings from
Microsoft Outlook or Lotus Notes. Calendared meeting information is automatically sent to the
Cisco TelePresence in-room phone.
The following steps describe the Cisco TelePresence Manager and Cisco TelePresence System
integration:
Step 1 Cisco TelePresence Manager pushes schedule information to the Cisco TelePresence
Systems using XML/Simple Object Access Protocol (XML/SOAP).
Step 2 The Cisco TelePresence System pushes the schedule information to the phone via
XML and ax XML Schema instance (XSI).
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-57
Cisco TelePresence Manager LDAP and
Exchange Integration
This topic describes how Cisco TelePresence Manager integrates with LDAP and Microsoft
Exchange.
Cisco TelePresence
Manager
Exchange
Cisco TelePresence Manager LDAP Server
Cisco TelePresence Manager synchronizes with Exchange to collect meeting information. The
Cisco TelePresence Manager uses LDAP to retrieve information that is related to users and
conference rooms from Active Directory deployments. Enterprises typically use specialized
databases called “directories” to store information that is related to users, meeting rooms, and
so on. LDAP is a protocol for accessing those directories.
The following steps describe the Cisco TelePresence Manager LDAP and Exchange
integration:
Step 1 Cisco TelePresence Manager authenticates users and discovers mailboxes using
LDAP or LDAP over Secure Socket Layer (SSL).
Step 2 Cisco TelePresence Manager subscribes to room mailboxes using the SMTP address
that it received from Cisco Unified Communications Manager.
Step 3 Event notification is sent from the Exchange Server when a Cisco TelePresence
meeting is scheduled.
Step 4 Cisco TelePresence Manager retrieves the Cisco TelePresence room calendar
information using WebDAV.
4-58 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
LDAP Overview
LDAP objects: Container objects:
cn – Common name Containers
ou – Organizational unit Organizational units
dc – Domain component Domains
Examples:
LDAP://cn=John Doe,ou=HR,dc=cisco,dc=com
LDAP://cn=Jane Smith,cn=sales,dc=cisco,dc=com
cisco.com
HR sales
An LDAP directory tree is formed through the creation of multiple object containers. An object
in the LDAP directory can be found by using its Distinguished Name, for example “cn=John
Doe,ou=hr,dc=cisco,dc=com.”
The Distinguished Name specifies the object and its location in the Active Directory hierarchy.
The Distinguished Name consists of a series of components that are separated by commas.
Each component consists of a moniker, an equals (=) sign, and the name of the component. For
example, the component “ou=hr” is an organizational unit whose name is “hr.” The moniker
“ou” means organizational unit. The component “cn=sales” is an object whose Common Name
is “sales.” The moniker “cn” means Common Name. Similarly, the moniker “dc” means
domain component. The component “dc=cisco” is a domain component with the name “cisco.”
As an example, the Distinguished Name “cn=John Doe,ou=hr,dc=cisco,dc=com” has four
components. The first (lowest level) component of the Distinguished Name is the Relative
Distinguished Name (RDN) of the object. In this case, the RDN is “cn=John Doe.” The RDN of
an object is the name of the object in its container. The rest of the components are the
Distinguished Name of the container, which is the parent of the object. In this case, the object
“cn=John Doe” is in the container whose Distinguished Name is “ou=hr,dc=cisco,dc=com.” In
this case, the parent container is an organizational unit. The parent of the “ou=hr”
organizational unit is the domain “cisco.com.” This domain has domain components
“dc=cisco” and “dc=com.” The complete DNS name of the domain is “dc=cisco,dc=com.”
Container objects can be containers, organizational units, or domains. Container objects are
objects that can “contain” other objects, such as user objects, group objects, and computer
objects. Group objects are not containers. Groups can have members, but the members are not
children of the group object.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-59
Exchange Protocol Negotiation
Cisco
IP Phone TelePresence Active Directory
Codec Cis co Unified CM
797xG Manager Exchange User
1.
2.
9. Cisco TelePresence
Manager discovers and Cisco TelePresence
User now has monitors Cisco Manager authenticates
One-Button-to-Push TelePresence Systems users and validates
access to meeting. telepresence rooms 3.
in Cisco Unified CM via
AXL/SOAP and JTAPI. in Active Directory. User schedules
4. meeting in
Event notification Microsoft
5. Outlook.
8. Cisco TelePresence
Manager reads
Primary Cisco event in mailbox (via
TelePresence WebDAV). 6.
codec pushes
XML content to 7.
Cisco TelePresence Manager validates
in-room phone. Cisco TelePresence meeting data and sends confirmation to user.
Manager pushes XML
content to primary
codec.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-13
Note For Cisco TelePresence Manager to authenticate users, it must be in an equal or higher
branch of the LDAP container of the user to be authenticated.
4-60 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Supported Exchange Deployments
Multiple Exchange Servers can exist within a single forest and domain.
Cisco TelePresence rooms and the Cisco TelePresence Manager
account should reside in the same forest.
Multiple Exchange Servers can exist in a single forest with multiple
domains (such as parent-child or peer domains). In a multidomain
environment, the Cisco TelePresence Manager must be configured with:
– The LDAP port set to 3268 instead of the default value of 389 or 636.
This is the port that is used by the Active Directory Global Catalog
Server to listen for any LDAP requests.
– LDAP user containers that list the common name attributes of all
domains where room accounts reside
cn=Users (append default context)
cn=Users,dc=trad2,dc=com (where trad2 is the second domain)
Multiple Exchange Servers can exist within a single forest and a single domain. Multiple
Exchange Servers can also exist in a single forest with multiple domains (such as parent-child
or peer domains). In a multidomain environment, you must configure Cisco TelePresence
Manager with the following:
Configure LDAP port 3268 instead of the default 389 or 636 value. The Active Directory
global catalog server uses this port to listen for any LDAP requests.
Configure LDAP User Containers that list the common name attributes of all the domains
where Cisco TelePresence room accounts reside. The following is an example:
— cn=Users (append default context)
— cn=Users,dc=trad2,dc=com (where trad2 is the second domain)
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-61
Configuration for Exchange
The System Configuration > Microsoft Exchange window helps you manage the database
that stores meeting information:
To test the connection between this system and the Exchange Server, click Test
Connection.
To register new or modified settings, click Apply.
To restore the original settings, click Reset.
4-62 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring Cisco TelePresence
Manager Application User in Exchange
Create the
Cisco Active Directory
TelePresence Users
Manager
account in
Exchange Exchange
Set a 1-GB General
mail storage
limit
Log in to
activate the
account Storage
Limits
Follow these steps to deploy the Cisco TelePresence Manager with Microsoft Exchange 2003:
Step 1 Create an account in Microsoft Exchange 2003 for Cisco TelePresence Manager.
Step 2 Provide an adequate mailbox quota for the Cisco TelePresence Manager account. It
is recommended that you provide at least 1 GB of mailbox quota for a deployment
of up to 125 Cisco TelePresence System endpoints. Additional mailbox quota is
recommended if feasible.
Step 3 Log into the Cisco TelePresence Manager account to verify that it is set up correctly.
Step 4 Create an account in Exchange for each Cisco TelePresence System endpoint. You
can use “Active Directory Users and Computers” to create the room accounts or use
a custom script to create the room account.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-63
Cisco TelePresence System Room
Mailbox Rights
Create the Cisco TelePresence Users
node account in Exchange.
Allow the Cisco TelePresence
Manager account to have read
and full mailbox access to the
node account.
Log in to activate the node
account. Exchange
Advanced
Install the Auto Accept Agent.
Microsoft Outlook Direct
Booking is not supported.
Mailbox
Rights
Allow
Read permissions
Full mailbox access
You must create an email account for each Cisco TelePresence room that the Cisco
TelePresence Manager will schedule. This account must have full permissions or read
permissions to the Cisco TelePresence Manager Exchange administrative account. To verify
and configure the Cisco TelePresence room mailbox, follow these steps:
Step 1 Log into the room account one time using Microsoft Outlook Web Access or
Outlook 2003. You must do this step or the Exchange may not properly set up the
room mailbox.
Step 2 The Cisco TelePresence Manager account must have read permission on the
Calendar folder for the mailbox of each room. You can use Outlook 2003 to set
calendar properties (on the Permissions tab), or you can use Active Directory (Full
Mailbox Access permissions).
Step 3 Verify that the Cisco TelePresence Manager account has permissions for all room
accounts.
Step 4 Use a supported browser and log into the room account with Outlook Web Access,
using http://exchange_ip_address/exchange/roomaccountname.
Step 5 Log in using the Cisco TelePresence Manager account username and password.
Step 6 Validate the setup by sending a test email to any user in the same domain. Validate
that the user received the email.
To automatically accept meetings that are scheduled between Cisco TelePresence users and
Cisco TelePresence room accounts, consider installing the optional Exchange 2003 Auto
Accept Agent.
Note Microsoft Outlook with direct booking can automatically schedule the use of resources, such
as conference rooms, vehicles, or AV equipment, if the resource or delegate of the resource
is actively logged on to the Microsoft Exchange Server. This feature automatically sends
confirmations and allows booking via email as opposed to requiring a direct network
connection. The use of Direct Booking is unsupported by Cisco TelePresence Manager.
4-64 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring LDAP in Cisco
TelePresence Manager
Settings
Field Mappings
The following tabs are available on the System Configuration > LDAP Server window:
Settings: You use the Settings tab to view or modify the Active Directory location, user
location context, and security credentials for access to the Active Directory. As with the
Exchange page, the LDAP Server page also provides a field to specify a certificate, if you
want additional security. A Test Connection button troubleshoots the connection from the
Cisco TelePresence Manager to the Active Directory Server.
Field Mappings: The Field Mappings tab is useful when certain attributes needed by Cisco
TelePresence Manager are already in use for other purposes within Active Directory. While
this situation is rare, the Field Mappings tab allows the administrator to customize these
settings.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-65
Exchange 2007 Requirements
The URL to access Outlook Web
Access is http://server_name/owa
(not http://server_name/exchange).
Disable FBA for the Exchange
virtual server on the Client Access
Server website and the Exchange
Server.
Enable FBA for the Outlook Web
Access virtual server.
You must set the room mailbox
calendar settings (DeleteSubject
and AddOrganizerToSubject) to
“false.” (Maintains original meeting
subject in the phone UI and Cisco
TelePresence Manager
Administrator UI)
Enable auto-accept in the room
mailbox setting.
Initializes the room mailbox
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-19
Several configurations are required to integrate Microsoft Exchange 2007 with Cisco
TelePresence Manager. To access Outlook Web Access, use http://server_name/owa (Do not
use http://server_name/exchange).
Form-based authentication (FBA) allows applications to perform credential validation and is
enabled by default in Exchange 2007. In order for Cisco TelePresence Manager to work, you
must disable FBA for the Exchange virtual server on the Client Access Server website and the
Exchange Server. However, keep FBA enabled for the Outlook Web Access virtual server.
You must set the DeleteSubject and AddOrganizerToSubject options for the room mailbox
calendar to false to maintain the original meeting subject in the user interface of the Cisco
TelePresence Phone and the Cisco TelePresence Manager Administrator. You can enable Auto-
Accept in the room mailbox setting. The administrator must initialize the room mailbox.
4-66 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
FBA for Exchange 2003
This topic describes FBA for Exchange 2003.
As with Exchange 2007, you must disable FBA for the Exchange 2003 website in the Exchange
Server that is registered with Cisco TelePresence Manager. However, a majority of customers
implement FBA because of the security that FBA adds with cookies that contain credentials.
The following options are available for implementing Cisco TelePresence Manager in an FBA
environment:
Option 1: Disable FBA on one front-end server and use that server to authenticate Cisco
TelePresence Manager.
Option 2: Configure a second IP address on one front-end server and create a second web
server or site that does not have FBA enabled.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-67
FBA Integration Summary
Exchange 2003 Front-End Server With FBA
Exchange 10.10.10.12
FBA
Cisco 10.10.10.13
TelePresence
Manager
No FBA
4-68 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configure Server with
Second IP Address
Configure the server with a Advanced TCP/IP
secondary IP address under Settings
Network Connections.
The new IP address is used
for Cisco TelePresence
Manager.
Add
Default Web
Site Properties
Assign the
primary IP
address in IIS
Services
Manager to the
web server
supporting
Outlook Web
Access.
Follow these steps to assign the primary IP address in IIS Services Manager to the web server
that supports Outlook Web Access.
Step 1 Open the Internet Services Manager.
Step 2 Choose Default Web Site, right-click, and choose Properties.
Step 3 From the IP Address drop-down list, choose the primary IP address.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-69
Configure Second Virtual Server
General
Go to the Exchange System
Manager.
Choose Servers >Server >
Protocols > HTTP.
Assign secondary IP address to
the new virtual server.
Settings
Follow these steps to configure a second virtual server on the Exchange Server:
Step 1 Go to the Exchange System Manager.
Step 2 Choose Servers > Server > Protocols > HTTP from Exchange System Manager.
Step 3 On the General tab, from the IP Address drop-down list, choose a secondary IP
address for the new virtual server.
Step 4 On the Settings tab, verify that the Enable Forms Based Authentication check box is
not checked.
4-70 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configure Certificate for the
New Virtual Server
Directory
Install the server certificate using the Security
Certificate wizard.
The certificate is used for HTTPS
communication between the Cisco
TelePresence Manager and
the Exchange Server.
Server
Certificate
Follow these steps to configure a certificate for the new virtual server:
Step 1 From IIS Manager, right-click the new virtual server and choose Properties.
Step 2 Click Server Certificate to use the Certificate wizard to install a server certificate.
The Secure Communications window opens.
Note The HTTPS communication between Cisco TelePresence Manager and the Exchange
Server uses this certificate.
Step 3 From the Secure Communications window, check the Require secure Channel
(SSL) and Require 128-bit Encryption check boxes.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-71
Access Restrictions for the
New Virtual Server
Directory
Implement access Security
restrictions to the
new web server.
Click Granted
Access, and add Edit
the IP address of
the Cisco
TelePresence
Manager.
Deny access to all
other devices.
Add
4-72 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configure Cisco TelePresence Manager
Follow these steps to configure the Cisco TelePresence Manager for the new virtual server:
Step 1 Choose System Configuration > Microsoft Exchange.
Step 2 Enter the appropriate information for the new virtual web server.
Step 3 Enter the certificate that was installed in the previous step.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-73
The following table lists the fields on the System Configuration > Microsoft Exchange window:
Host This is the hostname or IP address for the new virtual web server.
Bind Method Click the Secure or Normal radio button to choose the binding
method, as follows:
■ Secure: Cisco TelePresence Manager communicates with
the Exchange Server in secure mode using HTTPS. This
method requires enabling SSL on the Exchange Server.
■ Normal: Cisco TelePresence Manager communicates with
the Exchange Server in cleartext using HTTP.
Domain Name This is the domain name that is provided for the Exchange Server
account, which you can change.
Username Use this name to log into the Exchange Server. The value is
dependent on the Active Directory and Exchange configuration.
For example, it is either “ctsappaccount@mycompany.com” or
“ctsappaccount.”
Certificate Use this field to provide a trust certificate for a new Exchange
Server.
Number of Meetings Per Query This is the maximum number of meetings that Cisco
TelePresence Manager can retrieve from the Exchange Server
for each query.
4-74 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Obtaining a Certificate
Log into Exchange Server (using the
secondary IP address) and click View
Certificate.
View Certificate
Install Certificate
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-75
Cisco TelePresence Manager Lotus Domino
Integration
This topic describes how Cisco TelePresence Manager integrates with Lotus Domino.
Integrating Cisco TelePresence Manager with Lotus Domino enables you to schedule both
point-to-point and multipoint Cisco TelePresence meetings. Calendaring meeting information is
automatically sent to the Cisco TelePresence in-room phone.
The following steps provide an overview of how Cisco TelePresence Manager integrates with
Lotus Domino:
Step 1 Cisco TelePresence Manager authenticates users and discovers mailboxes using
LDAP or LDAP over SSL.
Step 2 Cisco TelePresence Manager uses the email address that was received during the
Cisco Unified Communications Manager discovery process to verify the Cisco
TelePresence room mailbox.
Step 3 Cisco TelePresence Manager polls the Lotus Domino server for scheduled events
using Cobra/IIOP.
4-76 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lotus Domino Integration Example
Cisco Unified Cis co
IP Phone Communications TelePresence LDAP or
797xG Codec Manager Manager Lotus Domino Us er
1.
2.
Cisco TelePresence
Manager discovers Cisco TelePresence 3.
and monitors Manager authenticates
endpoints in Cisco users and verifies Cisco User schedules
Unified TelePresence rooms in meeting using
Communications LDAP. Lotus Notes.
8. 4.
Manager via
User now has AXL/SOAP and Cisco TelePresence
“one touch” JTAPI. Manager receives meeting
access to meeting. information (Cisco
TelePresence Manager
polls Lotus Domino server.)
5.
6.
7. Cisco TelePresence
Cisco TelePresence Manager sends meeting
Primary codec Manager pushes XML confirmation to user.
pushes XML content content to primary
to in-room phone. codec.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-29
The following steps provide an example of the Lotus Domino integration process:
Step 1 Cisco TelePresence Manager discovers and monitors Cisco TelePresence Systems in
Cisco Unified Communications Manager via AXL/SOAP and JTAPI.
Step 2 Cisco TelePresence Manager authenticates users and validates Cisco TelePresence
rooms in LDAP.
Step 3 User schedules meeting in Lotus Notes.
Step 4 Cisco TelePresence Manager receives meeting information by polling the Lotus
Domino server.
Step 5 Cisco TelePresence Manager validates meeting data and sends a confirmation to the
user.
Step 6 Cisco TelePresence Manager pushes the XML content to the primary Cisco
TelePresence codec.
Step 7 The primary Cisco TelePresence codec pushes the XML content to the phone in the
Cisco TelePresence room.
Step 8 User now has “one touch” access to the meeting.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-77
Supported Lotus Domino Deployments
Supported:
– All Cisco TelePresence rooms must be configured in the same
reservation database on one Lotus Domino server that Cisco
TelePresence Manager is configured to use.
Not supported
– Directory assistance—for users located in an external directory
outside of Lotus Domino
– Multiple databases in multiple Lotus Domino clusters
– Fail-over server support
– Authentication based on Lotus Notes
For a supported Lotus Domino deployment, you must configure all Cisco TelePresence rooms
in the same reservation database on the Lotus Domino server that Cisco TelePresence Manager
is configured to use.
The Cisco TelePresence Manager integration does not support the following Lotus Domino
features:
Directory assistance for users who are located in an external directory outside of Lotus
Domino
Multiple databases in multiple Lotus Domino clusters
Fail-over server support
Authentication that is based on Lotus Notes
4-78 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager Multipoint Switch
Support
This topic describes how Cisco TelePresence Manager integrates with Cisco TelePresence
Multipoint Switch.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-79
Cisco TelePresence Manager has the ability to do the following:
View all scheduled meetings
Move scheduled meetings from one Cisco TelePresence Multipoint Switch to another
(migrate)
View active meetings with a link to the Cisco TelePresence Multipoint Switch for meeting
administration
4-80 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager Multipoint
Switch Integration
Cisco Unified LDAP
Communications Control or
Manager Exchange
Cisco
TelePresence
Manager
LDAP Exchange or
Notes
The Cisco TelePresence Multipoint Switch registers with Cisco TelePresence Manager
via XML\SOAP supplying available segments and location.
The Cisco TelePresence Manager schedules multipoint meetings based on capacity and
location, then provides scheduled meeting information to Cisco TelePresence Multipoint
Switch via XML\SOAP.
The following steps provide an overview of how Cisco TelePresence Manager integrates with
the Cisco TelePresence Multipoint Switch:
Step 1 The Cisco TelePresence Multipoint Switch registers with Cisco TelePresence
Manager via XML/SOAP, providing information about available Cisco
TelePresence segments and locations.
Step 2 Cisco TelePresence Manager schedules multipoint meetings based on capacity and
location, then provides scheduled meeting information to the Cisco TelePresence
Multipoint Switch via XML/SOAP.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-81
Cisco TelePresence Manager Multisite
Meeting Example
Cisco
Cisco TelePresence TelePresence Exchange or
IP Phone Codec Multipoint Switch Manager User
797xG Notes
3.
Checks for available Cisco 1.
8. TelePresence Multipoint
User now has Switch resources and
“one touch” geographical location. User schedules
2.
access to meeting. 4. meeting.
Cisco TelePresence
Cisco TelePresence Manager reads
Manager sends event in mailbox.
meeting details to 5.
Cisco TelePresence
Multipoint Switch. Cisco TelePresence
7.
6. Manager sends
meeting
Cisco TelePresence confirmation to user.
Primary codec Manager pushes
pushes XML XML content to
content to in-room primary codec.
phone.
4-82 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring Cisco TelePresence Multipoint
Switch in Cisco TelePresence Manager
Follow these steps to set up permission for Cisco TelePresence Manager to control the Cisco
TelePresence Multipoint Switch:
Step 1 Choose System Configuration > MCU Devices.
Step 2 Click New.
Step 3 From the New MCU Devices window, enter the IP address of Cisco TelePresence
Multipoint Switch or the Domain Name System (DNS) hostname in the MCU
Hostname field.
Step 4 In the Username field, enter the administrative username of the Cisco TelePresence
Multipoint Switch.
Step 5 In the Password field, enter the password of the Cisco TelePresence Multipoint
Switch.
Step 6 Choose a control state (scheduled or non-scheduled).
Step 7 Click Save.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-83
Cisco TelePresence Multipoint Switch
Geographic Selection
Multipoint meeting requested:
San Jose, Seattle, Dallas, and New York
System selection: San Jos e
GMT - 8
– Time zones:
San Jose: GMT -8
Seattle: GMT -8
Dallas: GMT -6 Seattle
GMT - 8
New York: GMT -5
– This results in a mean of GMT -6.75.
– The Cisco TelePresence Multipoint Switch
closest to mean GMT is selected.
Dallas
Available resources within the Cisco GMT - 6
TelePresence Manager checked.
Meeting is scheduled successfully.
Note: If no resources are available in Dallas, the next
closest Cisco TelePresence Multipoint Switch would be
selected (San Jose). New York
GMT - 5
Cisco TelePresence Manager can manage several Cisco TelePresence Multipoint Switch
resources and will select the best resource to service a Cisco TelePresence session. It chooses
the best resource based first on the median time zone and then on the availability of the Cisco
TelePresence Multipoint Switch resource.
The following steps demonstrate the Cisco TelePresence Multipoint Switch geographical
selection:
Step 1 A multipoint meeting is requested between San Jose, Seattle, Dallas, and New York.
Step 2 The sites have the following time zones:
San Jose: Greenwich mean time (GMT) -8
Seattle: GMT -8
Dallas: GMT -6
New York: GMT -5
This configuration results in a median time zone of GMT –6.75.
Step 3 The Cisco TelePresence Multipoint Switch that is closest to the median GMT is
selected. (In the example, that would be the Cisco TelePresence Multipoint Switch
in Dallas.)
Step 4 Cisco TelePresence Manager checks for available resources.
Step 5 The meeting is scheduled successfully.
Note If no resources are available in Dallas, the next closest Cisco TelePresence Multipoint
Switch is selected (San Jose).
4-84 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Managing Cisco TelePresence Multipoint
Switch Meetings
When a Cisco TelePresence meeting is scheduled using Microsoft Outlook or IBM Lotus
Notes, an email is generated to confirm the meeting and to provide a link to the meeting details.
The System Information > Support > Scheduled Meetings window in Cisco TelePresence
Manager provides another way to view the meeting details.
To generate a report about specific scheduled meetings or activity between specific dates,
supply the meeting details and click the Filter button.
Click the Export Data button to export your scheduled meeting data to a tab-separated
values (.tsv) file. The meeting data that is exported includes the meetings that appear in the
Scheduled Meetings window.
To see meeting details, click the radio button next to a scheduled meeting and click Details.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-85
Managing and Troubleshooting Cisco
TelePresence Scheduled Meetings
This topic describes how to manage and troubleshoot Cisco TelePresence scheduled meetings
and connectivity.
Details
After you find and choose the desired meeting from the System Information > Support >
Scheduled Meetings window in Cisco TelePresence Manager, click the Details button for more
specific information about the meeting.
Meetings with the privacy option do not display the meeting subject on the Cisco TelePresence
phone user interface.
4-86 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Troubleshooting Cisco TelePresence
Connectivity
Cisco TelePresence Manager Cisco TelePresence Check of Cisc o Unified
to Cisco TelePresence System System Status Communications
API/CTI acc ess status Manager for configured
node email
Cisco TelePresence Manager combines several pieces of information for the Cisco
TelePresence systems, which can make it difficult to troubleshoot. One of the tools that you can
use to diagnose connectivity problems is the System Information > Support > Room page.
This tool displays the connection status between Cisco TelePresence Manager elements.
The Rooms Support window is divided into three tabbed views.
The Summary view: This view displays the status of all the Cisco TelePresence rooms
that are registered with Cisco TelePresence Manager.
The Status view: This view displays the different error types for Cisco Unified
Communication Manager, each Cisco TelePresence system that is registered with Cisco
TelePresence Manager, and Microsoft Exchange or IBM Domino connection errors.
The Capability view: This view displays the availability of certain Cisco TelePresence
features.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-87
Scheduling Meetings in Outlook
This topic describes how to schedule meetings in Outlook.
4-88 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Interoperability Scheduling
After reserving the
rooms using the
scheduler, the us er 2
receiv es an email from
Cisco TelePresenc e
Manager.
1 33
Send Email
The coordinator
rec eives a confirmation
email with the video-
conferencing access
number and forwards
this email to attendees
joining from video- 5
conferencing endpoints.
Note Only the person who schedules the room can log into the Cisco TelePresence Multipoint
Switch.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-89
Troubleshooting Cisco TelePresence Manager
This topic describes how to troubleshoot Cisco TelePresence Manager.
Problem Description
The meeting organizer does not receive an email to confirm the meeting is scheduled.
Recommend Action
Make sure that the reserved rooms are in auto-accept mode. If a room is in manual-accept
mode, the delegate of the room must accept the meeting invitation using Microsoft Outlook or
Lotus Notes. When you escalate this problem to the Cisco Technical Assistance Center (TAC),
be sure to capture the logs at the DEBUG level.
4-90 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Troubleshooting Cisco TelePresence Manager
Meeting Confirmations (Cont.)
Troubleshooting > Log Files
At the Log Files window, you can set the level for logging system errors from the following
services that contribute messages:
Discovery Service
Calendar Service
Room Phone UI Service
Admin UI Service
Multipoint Conference
TelePresence Engine
Service Providers
Data Access Layer
Interface
You can set the message types from these services to the following levels:
DEBUG: Detailed errors and information messages
ERROR: Errors that are likely to terminate system activity
FATAL: Errors that will automatically terminate system activity
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-91
Troubleshooting Cisco TelePresence
Manager to Exchange Connectivity
Symptom:
– Scheduled meetings in Cisco TelePresence Manager show an
error.
– Newly created meetings are not appearing in the Scheduled
Meetings window.
Diagnosis:
– Network connectivity to the Exchange server has been disrupted,
and Cisco TelePresence Manager has not regained a connection.
Solution:
– Resynchronize the rooms with scheduled meeting errors or
missing meetings. After you resynchronize the room, Exchange
may still display an error status.
– Wait for Cisco TelePresence Manager to renew subscriptions to
the affected rooms (occurs every 55 minutes).
– Restart the Cisco TelePresence Manager server.
Verification:
– View the list of scheduled meetings from the Cisco TelePresence
Manager administration web page for new meetings.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-43
Problem Description
Cisco TelePresence Manager fails to get updates for newly created meetings in Microsoft
Exchange, or meetings that are scheduled in advance display a scheduling error.
Recommend Action
If the network connectivity of the Microsoft Exchange Server is disrupted, the Cisco
TelePresence Manager will use a hold timer of 55 minutes before re-establishing connectivity.
This process can be expedited by selecting the Cisco TelePresence system endpoints from
Cisco TelePresence Manager and manually resynchronizing the updates. Alternatively, you can
also restart the Cisco TelePresence Manager.
4-92 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Troubleshooting Cisco TelePresence Manager
to Exchange Connectivity (Cont.)
System Configuration > Microsoft Exchange
Follow these steps to manually resynchronize Cisco TelePresence Manager with the Exchange
Server:
Step 1 Log into the Cisco TelePresence Manager Administration web page.
Step 2 Choose System Configuration > Microsoft Exchange.
Step 3 Choose the Cisco TelePresence room names to update.
Step 4 Click Re-sync.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-93
Troubleshooting Scheduled Meeting IP
Phone User Interface Issues
Symptom:
– A scheduled meeting does not appear on the Cisco TelePresence phone user interface.
Diagnosis:
– The room name configured in Cisco Unified Communications Manager does not matc h the
actual room name (email alias) configured in the Directory Server.
– Duplicate room names are configured.
– The Cisco TelePresence IP phone associated with participating rooms has not been
added to the Cisco TelePresence Manager Application User Profile.
– The Exchange or Domino user account for Cisco TelePresence Manager does not have
permission to retrieve the calendar data.
– The scheduled meeting is outside the start window.
Solution:
– The room name must exac tly match the name (email alias) provided in the Directory
Server .
– Remove duplicate room names configured in Cisco Unified Communic ations Manager.
– Change the Cisc o TelePres ence Manager user account for Exchange or Domino so it has
permissions to retrieve (read) the room and calendar data.
Verification:
– View the list of scheduled meetings from the Cisco TelePres ence Phone user interfac e.
Problem Description
A meeting that is scheduled for a particular room is not listed on the Cisco TelePresence phone
user interface for that room. The configuration of the room email address between the Cisco
Unified Communications Manager and the Exchange Server must be identical for each end of
the configuration. The email addresses must also be unique for each Cisco TelePresence room.
Recommend Action
These are the actions recommended to solve this problem:
The Cisco TelePresence room email address that is configured in Cisco Unified
Communications Manager for the endpoint must exactly match the name (email alias)
provided in the Directory Server.
An email address may have been configured for multiple Cisco TelePresence rooms.
Remove duplicate room names that are configured in Cisco Unified Communications
Manager.
Change the Cisco TelePresence Manager user account for Exchange or Domino so it has
permissions to retrieve (read) room and calendar data.
4-94 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Troubleshooting Cisco TelePresence
Manager User Interface Login
Symptom:
– Users cannot log into the email link in the Cisco TelePresence
Manager confirmation email or the user interface.
Diagnosis:
– Connectivity is lost between the Cisco TelePresence Manager
and the LDAP servers.
– Users do not belong to the same forest (parent container) as the
Cisco TelePresence Manager user account.
Solution:
– Repair connectivity between Cisco TelePresence Manager and
the LDAP server.
– Move the Cisco TelePresence Manager user account to the same
branch of the LDAP server as the Cisco TelePresence manager
user account.
Verification:
– View the list of scheduled meetings from the Cisco TelePresence
Phone user interface.
Problem Description
Users receiving a confirmation email from Cisco TelePresence Manager are unable to
successfully log into the Cisco TelePresence Manager user interface to view or edit the details
of their meeting.
Recommend Action
LDAP connectivity is not functioning correctly because of a network failure or a lack of rights
by Cisco TelePresence Manager to authenticate the user. For Cisco TelePresence Manager to
authenticate users, it must be in an equal or higher branch of the LDAP container of the user to
be authenticated.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-95
Troubleshooting with Cisco TelePresence
Manager PreQualification Assistant 1.5
The Prequalification Assistant
Release 1.5 is designed to work with
Cisco TelePresence System Manager
LDAP Server
Release 1.5. Calendar Server
It performs a series of tests to Cisco Unified CM
determine if network resources and
services meet the requirements.
It prequalifies these network devices:
– LDAP server
– Calendar server (IBM Domino,
Exchange, or None) configuration
– Cisco Unified Communications
Manager configuration
Once the tests are run, the results
contain the information you need to
change the existing configurations or
to configure Cisco TelePresence
System Manager.
4-96 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
Cisco TelePresence Manager is the middleware glue between the
Cisco Unified Communications Manager, the Cisco TelePresence
Systems, the scheduling application, and the Cisco TelePresence
Multipoint Switch.
You access the Cisco TelePresence Manager administration
software through the browser where an application user must be
configured to interact with Cisco Unified Communications
Manager.
Cisco TelePresence Manager tracks Cisco TelePresence
Systems through Cisco Unified Communications Manager and
automatically collects information about multipoint capabilities.
Cisco TelePresence Manager pushes scheduled information to
the endpoints.
Cisco TelePresence Manager synchronizes with Microsoft
Exchange to collect meeting information and uses LDAP to
validate SMTP.
Summary (Cont.)
Compatibility with FBA for Exchange 2003 requires the
configuration of a second IP address on one front-end server and
the creation of a second web server or site for Cisco
TelePresence Manager with FBA disabled.
Cisco TelePresence Manager integration with Lotus Domino
allows you to schedule both point-to-point and multipoint Cisco
TelePresence meetings.
Cisco TelePresence Manager automatically collects information
about multipoint capabilities and allocates resources when
needed, allowing you to schedule both point-to-point and
multipoint meetings.
The Cisco TelePresence Manager session management features
allow you to manage, monitor, and troubleshoot meetings.
Cisco TelePresence meetings are easily scheduled in Microsoft
Outlook or Lotus Notes with an option to support interoperability.
You can set the message types in the log files to Debug, Error, or
Fatal.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-49
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-97
4-98 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 3
Exploring One-Button-to-Push
Without Cisco TelePresence
Manager
Overview
As an integral part of the Cisco TelePresence experience, Cisco TelePresence Manager
facilitates call scheduling and setup from common enterprise group software such as Microsoft
Exchange and Lotus Notes and Lotus Domino. Cisco TelePresence Manager also integrates
with the Cisco TelePresence Multipoint Switch. However, not all customers use Microsoft
Exchange or Lotus Notes and Lotus Domino. Fortunately, there are other methods for creating
the One-Button-to-Push meeting launch and displaying the locations on the Cisco TelePresence
phone.
Objectives
Upon completing this lesson, you will be able to describe features that you will lose without
Cisco TelePresence Manager and schedule a Cisco TelePresence meeting without using Cisco
TelePresence Manager. This ability includes being able to meet these objectives:
Discuss reasons for not deploying Cisco TelePresence Manager
List the features that you lose without Cisco TelePresence Manager and the options on the
Cisco TelePresence User Interface that you can use instead of One-Button-to-Push
Discuss how to schedule a Cisco TelePresence meeting without Cisco TelePresence
Manager
Reasons to Not Deploy Cisco TelePresence
Manager
This topic describes reasons for not deploying Cisco TelePresence Manager.
One of the notable features of Cisco TelePresence is its ability to integrate with Cisco Unified
Communications Manager. This integration provides One-Button-to-Push ease of use, from the
Cisco Unified IP Phone 797XG, to launch scheduled meetings. However, the One-Button-to-
Push feature requires Cisco TelePresence Manager and Cisco TelePresence Manager requires
Microsoft Exchange 2003, Microsoft Exchange 2007, or Lotus Notes and Lotus Domino.
Customers who do not use Microsoft Exchange or Lotus Notes and Lotus Domino should
deploy Cisco TelePresence without Cisco TelePresence Manager.
4-100 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Features Lost Without Cisco TelePresence
Manager
This topic describes the features that you lose when you do not implement Cisco TelePresence
Manager.
Without Cisco TelePresence Manager, you do not have the One-Button-to-Push feature.
However, you can still use Cisco TelePresence to establish a meeting by either manually
dialing the number or by choosing a Cisco TelePresence room from a list of speed dials. These
methods are generally just as simple as using the One-Button-to-Push feature.
Without Cisco TelePresence Manager, you also lose the ability to use scheduled multipoint
meetings, and there is no automatic geographical selection of multipoint switch resources.
Instead, you can use static or ad hoc multipoint meetings. Finally, without Cisco TelePresence
Manager, you do not have the Live Desk button. Instead, you can program a speed dial to the
Live Desk. While this option is almost as simple as the Live Desk feature that Cisco
TelePresence Manager provides, there is no easy way to use the speed dial to call the Live Desk
during an active Cisco TelePresence meeting.
Without Cisco TelePresence Manager, you do not have a dashboard view of all your rooms and
scheduled meetings. However, you can use your existing scheduling application to get a
dashboard view of all scheduled meetings. For room status, you have to manually monitor the
rooms via the Administrative Interface on each Cisco TelePresence system.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-101
User Experience Without Cisco
TelePresence Manager
To manually dial, you must know the room numbers and how to navigate
multiple screens.
You can choose the default phone screen from the Cisco Unified
Communication Manager device page.
Providing speed dials on the default screen simplifies ease of use.
The IP Phone 797xG user interface is designed with touchscreen items and softkeys to help you
connect to another Cisco TelePresence phone and start a video teleconference. Manually
dialing a meeting requires knowledge of the room numbers and the navigation of multiple IP
phone screens.
Creating speed dials makes starting a Cisco TelePresence meeting as simple as touching the
directory icon and choosing a programmed location. You can choose the default phone screen
on the IP phone user interface. By providing speed dials on the default screen, you can further
simplify the ease of use.
4-102 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Speed Dials—Favorite Softkey
Related Links
– Add/Update Speed Dials
Speed dialing is a standard Cisco Unified Communications Manager function and is supported
on the Cisco TelePresence endpoint. The speed-dial list that is associated with the Cisco
TelePresence endpoint enables you to readily access phone numbers, which enable you to
quickly connect meetings from the manual call user interface.
The Cisco TelePresence endpoint accepts 40 phone numbers (numbered 3 to 42), which you
can manage from the Cisco Unified Communications Manager Speed Dial and Abbreviated
Dial Configuration window.
Step 1 Log into the Cisco Unified Communications Manager Administration application.
Step 2 Choose Device > Phone. The Phone Configuration window appears.
Step 3 Enter your search criteria in the Phone Configuration window and click Find.
Step 4 Choose the phone for which you want to configure speed-dial buttons.
Step 5 Click the Related Links drop-down list box at the top of the window.
Step 6 Choose Add/Update Speed Dials and click Go. The Speed Dial and Abbreviated
Dial Configuration window for this phone appears.
Step 7 Enter the appropriate settings as described in the Adding Speed-Dial Numbers table
and click Save.
Label Enter the text that the speed-dial button should display.
ASCII Label Same information as the label field. (limited to ASCII characters)
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-103
Scheduling a Conference Without Cisco
TelePresence Manager
This topic describes how to schedule a conference without Cisco TelePresence Manager.
Scheduling a Conference
Users may continue to use
their existing email and
calendaring applications for
scheduling meetings and
rooms.
When the users enter the
Cisco TelePresence room to
start their meeting, they
select the site from the
speed-dial list.
Speed Dials
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-6
Users can continue to use their existing email and calendaring applications for scheduling
meetings and rooms. When the users enter the Cisco TelePresence room to start their meeting,
the phone user interface will not display a schedule of meetings because there is no Cisco
TelePresence Manager. Instead, the users simply choose the site from the preprogrammed
speed-dial list in the directory. At the end of the conference, the scheduler should remind all of
the participants to end the call. The scheduler could also log into the Cisco TelePresence
Multipoint Switch and manually end the active meeting.
4-104 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring a Static Meeting on the
Cisco TelePresence Multipoint Switch
For deployments of three to five rooms:
– Configure a single static multipoint number and program it as a
speed-dial entry in Cisco Unified Communications Manager.
For deployments of six or more rooms:
– Configure a static multipoint number for each room. Whichever
room the host of the meeting will be using is the number that
everyone dials for that specific meeting.
Optional
Static multipoint meetings are nonscheduled meetings that the administrator configures through
the Cisco TelePresence Multipoint Switch Administration GUI. Static meeting configuration
assigns a meeting number that participants use to access the meeting. Static meetings are
always available. Participants can access a meeting simply by dialing the static meeting number
from any Cisco TelePresence system or by using a speed-dial entry on the Cisco Unified IP
Phone 797xG within the Cisco TelePresence room.
For deployments of three to five rooms, configure a single static multipoint number on the
Cisco TelePresence Multipoint Switch and program it as a speed-dial entry in Cisco
Unified Communications Manager.
For deployments of six or more rooms, configure a static multipoint number for each room
on the Cisco TelePresence Multipoint Switch. Whichever room the host of the meeting will
be using is the number that everyone dials for that specific meeting.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-105
Geographical Multipoint Resource
Dallas-Cisco London-Cisco Hong Kong-Cisco
TelePresence TelePresence TelePresence
Multipoint Switch Multipoint Switch Multipoint Switch
Deploy multipoint switches geographically just as you normally would if you were using the
Cisco TelePresence Manager. For Cisco TelePresence deployments with fewer than six Cisco
TelePresence rooms, it is recommended that you centrally locate the Cisco TelePresence
Multipoint Switch based on the geographic location of the Cisco TelePresence rooms. For
deployments with more than six Cisco TelePresence rooms, it is recommended that you
geographically distribute Cisco TelePresence Multipoint Switches to localize multipoint
meetings and minimize latency.
Create a static meeting for each room. Create the meeting only on the multipoint switch that is
closest to that room and add the speed dial for the static meeting on the Cisco TelePresence
system.
4-106 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Example of Scheduled Multipoint
Meeting
The scheduling user is physically in Tokyo and will be using the Tokyo Cisco
TelePresence room for a meeting with colleagues in the United States and Europe.
The scheduling user books the meeting using normal tools and procedures. The
scheduling user communicates the meeting details to the other participants and
instructs everyone to use the MPT-Tokyo speed dial.
As participants arrive in the U.S. and European rooms, they select the MPT-Tokyo
speed dial to access the meeting.
When the users in the Tokyo room dial in, the meeting begins.
Multipoint
Device
In the example, the scheduling user is physically in Tokyo and will be using the Tokyo Cisco
TelePresence room for a meeting with colleagues in the United States and Europe. The
scheduling user books the meeting employing whatever tools and procedures are currently in
use. In the process of communicating the meeting details to the other participants, the
scheduling user instructs everyone to use the MPT-Tokyo speed dial. As the participants arrive
in the rooms that are located in the United States and in Europe, they choose the MPT-Tokyo
speed dial to access the meeting. When the users in the room that is located in Tokyo dial in,
the meeting begins.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-107
User Documentation
Recommendation—Create a web page that explains how to use the
Cisco TelePresence system in your environment.
– Include a list of rooms and the assigned static multipoint numbers.
Example of Cisco IT
Internal Web Page
It is recommended that you create a web page that explains how to use the Cisco TelePresence
system in your environment. On this web page, include a list of rooms and the static multipoint
numbers that have been assigned to each room.
4-108 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
Customers without Microsoft Exchange or Lotus Notes and Lotus
Domino cannot benefit from the features of Cisco TelePresence
Manager.
Customers must simulate the One-Button-to-Push feature by
either manually dialing the number or by selecting it from a list of
speed dials.
Customers can use their existing email and calendaring
applications for scheduling meetings and rooms. The phone user
interface will not display a schedule of meetings.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-109
4-110 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 4
Objectives
Upon completing this lesson, you will be able to describe and deploy Cisco TelePresence
Multipoint Switch solutions. This ability includes being able to meet these objectives:
Provide an overview of Cisco TelePresence interoperability, list the features of Cisco
TelePresence interoperability, and identify the benefits and caveats of interoperability with
Cisco TelePresence
Discuss Cisco TelePresence interoperability integrations
Describe the design of a dial plan when you are implementing a Cisco Unified
Conferencing MCU
Discuss call setup during a Cisco TelePresence interoperability call
Connect to the console of the Cisco Unified Videoconferencing 3500 Series MCU
Demonstrate how to access the Cisco Unified Videoconferencing web administration page
Demonstrate how to configure the Cisco Unified Videoconferencing 3500 Series MCU
Cisco TelePresence Interoperability Overview
This topic provides an overview of Cisco TelePresence interoperability.
Cisco TelePresence provides a unique “in-person” visual communications experience. You feel
as if you are in the same room, face-to-face, with the remote participants. However, some
customers have already made a significant investment in existing standard-definition video-
conferencing and video telephony endpoints and need to be able to integrate this equipment
into a Cisco TelePresence solution.
Cisco provides standards-based interoperability with existing standard-definition video-
conferencing and video telephony endpoints (H.320, H.323, Session Initiation Protocol [SIP]
and Skinny Client Control Protocol [SCCP)]. Interoperability provides a transition strategy for
user migration from existing video conferencing to immersive visual communications.
Interoperability works through the Cisco TelePresence Multipoint Switch and Cisco Unified
Videoconferencing MCU, which also supports multipoint for standard video-conferencing
streams.
With Cisco TelePresence interoperability, the meeting preserves the experience for Cisco
TelePresence users, while allowing standards-based video-conferencing users to participate in
the meeting. This interoperability provides seamless interoperation with more than 90 percent
of the existing video-conferencing equipment that is currently installed.
4-112 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Interoperability Features
Cisco TelePresence is based on open standards, including SIP,
H.264, AAC-LD, and G.711.
Interoperability is available between Cisco TelePresence and
standard high-definition video conferencing and video telephony
via the Cisco Unified Videoconferencing MCU.
– Maintains rich, immersive experience between telepresence
participants
– Provides bridge to existing video-conferencing and IP video-
telephony devices
Cisco TelePresence is based on open standards, including SIP, H.264, advanced audio coding
with low delay (AAC-LD), and G.711. Cisco now provides interoperability between Cisco
TelePresence high-definition and standard-definition video conferencing and video telephony
via the Cisco Unified Videoconferencing MCU. The solution maintains the rich, immersive
experience between Cisco TelePresence participants, while providing a bridge to existing
video-conferencing and video telephony devices.
Cisco also offers a competitive trade-in program that allows customers an alternative to
interoperability and provides generous trade-in for your existing video-conferencing
equipment.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-113
Interoperability Benefits and Caveats
Benefits:
– Maintains the rich, immersive experience for Cisco
TelePresence meeting participants.
– Provides standards-based interoperability with minimal
additional hardware requirements.
Customer provides only a Cisco Unified
Videoconferencing 3500 or 5200 Series MCU.
Caveats:
– The Cisco 3500 Series MCU increases the amount of
bandwidth required to and from each Cisco TelePresence
system by an additional 768 kb/s in order to transmit and
receive the CIF and G.711 streams.
– Cisco Unified Videoconferencing participants will not
experience the spatial audio.
– Interoperability conferences cannot be encrypted.
4-114 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Videoconferencing
5200 Series Features
HD flat capacity up to 1080p
Increased capacity for SD/Desktop—up to 360p
Single management and single LAN
New video layouts with layout per participant
No “Self See” option for each participant
In-meeting indications
Enhanced auto-attendant and video IVR
New administrative web interface
Cascades with existing 3500 Series MCU deployments
The Cisco Unified Videoconferencing 5200 Series offers 1080p high-definition (HD)
processing, Cisco TelePresence connectivity, unlimited conferences, personal video layout per
participant and AAC audio, to deliver HD-conferencing. The Cisco Unified Videoconferencing
5200 Series also uses the latest state-of-the-art digital signal processor (DSP) technology to
offer uncompromised HD.
In addition, the Cisco Unified Videoconferencing 5200 Series provides on-screen information
overlays. It also enables easy conference creation and entry through the enhanced video auto-
attendant and interactive voice response (IVR) to make attending conferences simple.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-115
Integrating Interoperability
This topic describes Cisco TelePresence interoperability integrations.
Integrating Interoperability
Telepresence and video conferencing are fundamentally different
experiences and are generally maintained as separate environments.
Cisco TelePresence Multipoint Switches provide multipoint switching for
Cisco TelePresence.
The Cisco Unified Videoconferencing MCU provides multipoint
transcoding for video conferencing.
H.323 or H.320
London Video Conferencing
SIP
Video Telephony
Tokyo
Cisco Cisco
TelePresence Unified
Multipoint Videoconferencing
Switch MCU SCCP
New York Video Telephony
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-6
Note The solution is to bridge the two environments by cascading the Cisco TelePresence
Multipoint Switch and Cisco Unified Videoconferencing together.
4-116 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Videoconferencing 5200
Series Media Plane
Legend
1. Cisco TelePresence systems send unencrypted 1080p. H.264 1080p
2. As the dominant audio segment changes, the Cisco H.264 CIF
TelePresence Multipoint Switch switches the video AAC-LD
stream accordingly to the Cisco Unified G.711
Videoconferencing 5200 Series MCU. Any video format
Cisco UVC supports
3. The Cisco Unified Videoconferencing 5200 Series MCU Any audio format
transcodes the H.264 video and AAC-LD audio to other Cisco UVC supports
video endpoints.
H.323 or H.320
Active Segment Video
Cascade Conferencing
London
SIP
Video
Telephony
Tokyo
Cisco Cisco
TelePresence Unified
Multipoint Videoconferencing
Switch MCU SCCP
New York Video Telephony
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-7
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-117
Cisco Unified Videoconferencing 3500
Series Media Plane
Legend
1. Cisco TelePresence systems send 1080p and G.711.
H.264 1080p
2. The Cisco TelePresence Multipoint Switc h requests a copy of the
CIF video from the system with the most dominant audio. H.264 CIF
3. The Cisco TelePresence Multipoint Switc h mixes G.711 from all AAC-LD
systems into a single audio channel and sends it with the CIF G.711
video to the Cisco Unified Videoconferencing 3500 Series MCU. Any vi deo format
Cisco UVC supports
4. As the dominant audio segment changes, the Cisco TelePresence Any audio format
Multipoint Switch switches the CIF video stream ac cordingly. Cisco UVC supports
H.323 or H.320
Active Segment Video
Cascade Conferencing
London
SIP
Video
Telephony
Tokyo
Cisco Cisco
TelePresence Unified
Multipoint Videoconferencing
Switch MCU SCCP
New York Video Telephony
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-8
Cisco TelePresence integrates with Cisco Unified Videoconferencing systems through the
Cisco TelePresence Multipoint Switch. Essentially any endpoint that can interoperate with a
Cisco Unified Videoconferencing 3500 Series MCU will interoperate with Cisco TelePresence,
including standards-based H.320, H.323, SIP, or SCCP video-conferencing endpoints.
The following steps demonstrate how the media plane works:
Step 1 All Cisco TelePresence systems send a copy of their audio in G.711 format along
with 1080p video to the Cisco TelePresence Multipoint Switch.
Step 2 The Cisco TelePresence Multipoint Switch determines which Cisco TelePresence
system segment is emitting the most dominant audio and requests it to send a copy
of its video in CIF resolution as well.
Step 3 The Cisco TelePresence Multipoint Switch mixes the G.711 channels from all of the
Cisco TelePresence systems into a single G.711 audio channel and sends it with the
CIF video from the dominant segment to the Cisco Unified Videoconferencing 3500
Series MCU.
Step 4 As the dominant audio segment changes throughout the meeting, the Cisco
TelePresence Multipoint Switch switches the source of the CIF video stream
accordingly.
4-118 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Videoconferencing 3500
Series Media Plane (Cont.)
Legend
The Cisco Unified Videoconferencing 3500 Series H.264 1080p
MCU sends audio and video from the Cisco H.264 CIF
TelePresence system with the dominant audio to the AAC-LD
Cisco TelePresence Multipoint Switch. G.711
Any vi deo format
The CIF image is presented on the screen of the Cisco UVC supports
Any audio format
Cisco TelePresence system endpoints surrounded Cisco UVC supports
by black borders.
H.323 or H.320
Active Segment Video
Cascade Conferencing
London
SIP
Video
Telephony
Tokyo
Cisco Cisco
TelePresence Unified
Multipoint Videoconferencing
Switch MCU SCCP
New York Video Telephony
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-9
Step 5 In the opposite direction, the Cisco Unified Videoconferencing 3500 Series MCU
sends audio and video from the system with the most dominant audio to the Cisco
TelePresence Multipoint Switch, which in turn is switched to all Cisco TelePresence
systems.
Step 6 The incoming 352 x 288 CIF image, which originated from the Cisco Unified
Videoconferencing 3500 Series MCU, is stretched to four times CIF resolution
(4CIF) and presented on the screen of each Cisco TelePresence System 500, 1000,
and 1300 surround by black borders. The stretched 4CIF image is also presented on
the left screen of each Cisco TelePresence System 3000 and 3200 and is surrounded
by black borders.
Note If you want to see more than one Cisco Unified Videoconferencing participant displayed
at one time, you can customize the Cisco Unified Videoconferencing 3500 Series MCU
layout configuration to display up to 16 Cisco Unified Videoconferencing participants.
Cisco recommends the 1x1 layout for consistency with the Cisco TelePresence
experience.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-119
Signaling
To support Cisco TelePresence Interoperability on the Cisco Unified
Communications Manager, create a SIP trunk and sec urity profile and add a
new route pattern pointing to the Cisco Unified Videoconferenc ing MCU. SIP
To set up the Cisco Unified Videoconferencing MCU to use Cisco Unified H.323
Communications Manager, enable SCCP and identify the TFTP server. SCCP
GK
Gatekeeper
H.323 or H.320
London Video Conferencing
Tokyo SIP
Cisco Video Telephony
Cisco
TelePres ence Unified
Multipoint Videoconferencing
New York Switch MCU
SCCP
Video Telephony
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-10
Note The figure depicts the best method for customers who want Cisco Unified Communications
Manager to control all of their H.323, SIP, and SCCP video-conferencing calls.
4-120 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence System Bandwidth
with Interoperability
Resolution 1080p 1080p 1080p 720p 720p 720p
Motion handling Best Better Good Best Better Good
Video per screen (k b/s) 4000 3500 3000 2250 1500 1000
Audio per microphone (kb/s) 64 64 64 64 64 64
Auto Collaborate video channel 500 500 500 500 500 500
Auto Collaborate audio channel (kb/s) 64 64 64 64 64 64
Cisco TelePresence System 500 or 1000 Tx 4628 4128 3628 2878 2128 1628
Total audio and video (kb/s) Rx 4756 4256 3756 3006 2256 1756
Cisco TelePresence System 3000 or 3200
12,756 11,256 9756 7506 5256 3756
total audio and video (kb/s)
+ 20% for Layer 2–4 overhead
Cisco TelePresence System 500 or 1000
max bandwidth (kb/s) Tx 5554 4954 4354 3454 2554 1954
includes Layer 2–4 overhead Rx 5707 5107 4507 3607 2707 2107
Cisco TS 3000 or 3200 max bandwidth (kb/s) 15,307 13,507 11,707 9007 6307 4507
Additional Bandwidth
Optional Feature
(Layer 2–4 Overhead Inclusive)
HFR Codec
4.2 Mb/s
(Auto Collaborati on at 30f/s)
Interoperability 922 kb/ s
The actual Layer 2 to Layer 4 overhead that is required varies by the encapsulation method and
whether Generic Routing Encapsulation (GRE), IP Security (IPsec), or both are used. Rather
than leaving it up to the customer to determine how much overhead to provision for, there are
recommendations that include a very conservative 20 percent overhead to account for all
possible encapsulation and encryption overhead.
To allow for a smooth, consistent meeting experience, you must provision the network for the
values in the Bandwidth with Interoperability table. However, the average bandwidth utilization
will be 60 to 80 percent of these numbers.
Note The Cisco TelePresence System 1000 transmits up to 192 kb/s of audio, but can receive up
to 320 kb/s when participating in a meeting with a Cisco TelePresence System 3000 or in a
multipoint meeting with three or more Cisco TelePresence Systems 1000.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-121
The following table shows the bandwidth utilization with Cisco TelePresence Interoperability:
Auto Collaborate
Video channel
500 500 500 500 500 500
(i.e., data projector)
(kb/s)
Auto Collaborate
Audio channel
64 64 64 64 64 64
(i.e., audio add-in)
(kb/s)
Interoperability Video
Channel 704 704 704 704 704 704
(kb/s)
Interoperability Audio
Channel 64 64 64 64 64 64
(kb/s)
Cisco TelePresence
System 500 or 1000 4628 Tx 4128 Tx 3628 Tx 2878 Tx 2128 Tx 1628 Tx
Total Audio and Video 4756 Rx 4256 Rx 3756 Rx 3006 Rx 2256 Rx 1756 Rx
(kb/s)
Cisco TelePresence
System 3000 or 3200
12,756 11,256 9756 7506 5256 3756
Total Audio and Video
(kb/s)
Cisco TelePresence
System 500 or 1000
5554 Tx 4954 Tx 4354 Tx 3454 Tx 2554 Tx 1954 Tx
Total Bandwidth (kb/s)
5707 Rx 5107 Rx 4507 Rx 3607 Rx 2707 Rx 2107 Rx
includes Layer 2–4
overhead
Cisco TelePresence
System 3000 or 3200
Total Bandwidth
15,307 13,507 11,707 9007 6307 4507
(Mb/s)
includes Layer 2–4
overhead
4-122 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Videoconferencing 3500
Series User Experience
1920
704
1080
The final user experience for Cisco TelePresence interoperability is displayed in the figure. The
CIF video that is received from Cisco Unified Videoconferencing is scaled to 4CIF by the
Cisco TelePresence system coder-decoder (codec). The image is then displayed on the Cisco
TelePresence 65- inch 1080p display surrounded by black borders with the following
resolutions:
High definition: 1920 x 1080
4CIF resolution: 704 x 476
Note The picture in the figure was taken with a low-quality digital camera in a lab environment and
is not meant to accurately reflect the quality of the Cisco TelePresence experience.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-123
Cisco Unified Videoconferencing MCU Dial Plan
This topic describes the design of a dial plan when you are implementing a Cisco Unified
Conferencing MCU.
Service prefixes are an important part of the dial plan. Interzone and intrazone calls to a Cisco
Unified Videoconferencing MCU or gateway are routed using the service prefix. In a single-
zone network, Cisco recommends that you reserve a block of numbers for service prefixes,
such as 8* for Cisco Unified Videoconferencing MCUs and 9* for gateways.
Cisco also recommends that you add the local area code to the service prefixes of the Cisco
Unified Videoconferencing MCUs. For example, a Cisco Unified Videoconferencing MCU in
San Jose might have a service prefix of 40855. Gateway prefixes should remain 9* to keep dial
strings consistent with telephony dial plans. This service prefix structure also allows an easy
migration to a multizone dial plan.
E.164 addresses must not overlap with service prefixes. For example, if a Cisco Unified
Videoconferencing MCU registers with a service prefix of 40855* and a video terminal
registers with 4085551212, all calls made to the video terminal would be routed to the Cisco
Unified Videoconferencing MCU instead.
In a multizone network, service prefixes need to route between zones. Therefore, all service
prefixes must be unique across all zones.
4-124 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Call Restrictions
1. The SCCP endpoint dials 9901 on Partition A to reach the gatekeeper.
2. The gatekeeper relays the call to 9901 on Partition B to reach the Cisco Unified
Videoconferencing MCU.
3. The call is completed to the Cisco Unified Videoconferenc ing MCU while using the
gatekeeper to bridge SCCP to SIP signaling.
9901 A-CSS
H.323/SCCP
5 Video Conferencing
5
0 S GK
Endpoint
1 S
C
-
B
1
0
9
9
The dial plan for the Cisco Unified Videoconferencing MCU must also be unique across
gatekeepers. To support access numbers during a scheduled interoperability call, published
dynamic access numbers need to be reachable by all endpoints. In the event of overlapping dial
plans, configure class of service (CoS) restrictions to partition video endpoints to have
reachability to the Cisco Unified Videoconferencing MCU.
In some instances, SCCP video endpoints may be required to bridge call setup through a
gatekeeper to provide proper compatibility on a call to a SIP video endpoint. This can also be
accomplished with CoS restrictions.
In the figure, the SCCP endpoint does not have direct reachability in its calling search space
(CSS) to the Cisco Unified Videoconferencing MCU. When dialing 9901 from the SCCP
endpoint, the partitions and CSS point the signaling to the gatekeeper. In turn, the gatekeeper
will have the prefix for Cisco Unified Videoconferencing MCU in its CSS.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-125
CoS Restrictions with Gatekeeper
Build CoS restrictions to relay signaling through the
gatekeeper when using SCCP endpoints.
When you configure CoS restrictions for the Cisco Unified Videoconferencing MCU, with the
use of a gatekeeper for SCCP support, you must build several calling domains of overlapping
route patterns. In the figure, route pattern “X” is used to dial from the SCCP endpoint to the
gatekeeper and also from all other devices to the Cisco Unified Videoconferencing MCU. A
partition for the SCCP endpoint is configured to support dialing to the gatekeeper. The other
devices will utilize another instance of route pattern X to dial the Cisco Unified
Videoconferencing MCU.
4-126 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Call Setup
This topic describes call setup during a Cisco TelePresence interoperability call.
Call Setup
1. The Cisco TelePresence user dials the static meeting number 5501.
2. The Cisco TelePresence Multipoint Switch dials out to 9901.
3. The meeting is initiated and a cascade link is built.
4. The Cisco TelePresence Multipoint Switch instructs the Cisco
TelePresence system to send CIF video and G.711 audio.
5. H.323 user dials Cisco Unified Videoconferencing 3500 Series MCU
meeting number 9901 and joins the meeting.
1 GK H.323
5 Video conferencing
3 Endpoint
5501
9901 9901
2
4
Any Supported
SIP Video Format
H.323 Cisco TelePresence Cisco Unified Any Supported
Multipoint Switch Videoconferencing MCU Audio Format
9901
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-127
Initial Setup of Cisco Unified Videoconferencing
This topic describes how to connect to the console of the Cisco Unified Videoconferencing
System.
M ain menu
N : Co nfig ure d efault network port values
P : Ch ange the configuration softw are passw ord
EMP Console S : Co nfig ure n etwork securit y mod e
T : Co nfig ure T FTP servers li st
A : Ad vanc ed co nfiguration me nu
Q : Qu it
S elec t:
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-17
You configure the Cisco Unified Videoconferencing 3500 Series MCU and the Cisco IP/VC
3540 Enhanced Media Processor (EMP) separately.
Each device has a serial port for connectivity. A straight-through serial cable is provided with
the Cisco Unified Videoconferencing 3500 Series MCU for connectivity. The serial port
settings for the Cisco Unified Videoconferencing 3500 Series MCU and the EMP are
9600 baud, 8 data bits, no parity, and 1 stop bit.
To enter into configuration mode, press any key within six seconds of the “Press any Key To
start configuration..” prompt.
4-128 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Videoconferencing Web
Administration
This topic describes accessing the Cisco Unified Videoconferencing web administration page.
After you configure Layer 2 and Layer 3 from the consoles of the Cisco Unified
Videoconferencing MCU, you can monitor these devices from a web browser.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-129
Configure the Cisco Unified Videoconferencing
3500 and 5200 Series MCU
This topic describes how to configure the Cisco Unified Videoconferencing 3500 and 5200
Series MCU as an H.323 endpoint.
H.323 Protocols
Enable
H.323
Protocols
Protocol
Advanced
H.323
Settings
To configure the Cisco Unified Videoconferencing 3500 and 5200 Series MCU as an H.323
endpoint, configure the appropriate H.323 ports and IP settings that are used to connect to an
H.323 gatekeeper.
Follow these steps to configure the H.323 ports and IP settings:
Step 1 From the Protocols tab, click H.323.
Step 2 If you are using an H.323 gatekeeper, enter the IP address of the gatekeeper and
enter 1719 in the Gatekeeper Port field.
Step 3 If you are using the Cisco Unified Videoconferencing 3500 Series MCU as an H.323
trunk, click the Advanced H.323 Settings button and record the RAS port number
and Signaling Port parameter values. Use the Signaling Port value for the Unified
Communications H.323 Trunk Port definition.
4-130 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configure SIP Trunk Connectivity
Configure SIP trunk connectivity to Cisco Unified Communications Manager.
Protocols
Protocols
SIP
Enable
SIP
protocol
To connect the Cisco Unified Videoconferencing MCU to the Cisco Unified Communications
Manager, you must establish SIP trunk connectivity to match the SIP parameters that Cisco
Unified Communications Manager requires.
Follow these steps to configure the SIP parameters:
Step 1 From the Protocols tab, click Enable SIP protocol.
Step 2 Enter the address of the Cisco Unified Communications Manager or location where
the SIP trunk will terminate.
Note You must enable SIP on the Cisco Unified Videoconferencing 3500 Series MCU for the
Cisco TelePresence Multipoint Switch to connect. When the Cisco TelePresence Multipoint
Switch dials the Cisco Unified Videoconferencing 3500 Series MCU number, it sends a SIP
INVITE to the Cisco Unified Communications Manager for that number. You must configure
the Cisco Unified Communications Manager to route that number to the Cisco Unified
Videoconferencing MCU using a SIP trunk. The Cisco Unified Videoconferencing MCU can
connect to legacy video-conferencing participants using either SIP or H.323.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-131
Configuring Conference Prefix
Conferences
Services
For each conference of calls from the Cisco TelePresence Multipoint Switch and H.323 clients,
you must configure a conference prefix.
Follow these steps to configure conference prefixes:
Step 1 From the Services or Conferences tab, click either Add or Edit to add or edit a
service.
Step 2 Define the prefix for inbound calls and configure conference bandwidth
requirements.
4-132 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
Cisco provides interoperability between Cisco TelePresence high-
definition and standard-definition video conferencing and video
telephony via Cisco Unified Videoconferencing.
The Cisco TelePresence Multipoint Switch provides multipoint
switching for Cisco TelePresence. Cisco Unified
Videoconferencing provides multipoint mixing for video
conferencing. Interoperability is achieved by bridging the two
environments by cascading the Cisco TelePresence Multipoint
Switch and Cisco Unified Videoconferencing together.
All service prefixes must be unique across all zones and across
all gatekeepers.
To complete a Cisco TelePresence interoperability point-to-point
or multipoint call, all Cisco TelePresence calls should route
through the Cisco TelePresence Multipoint Switch.
Summary (Cont.)
To configure the Cisco Unified Videoconferencing MCU as an
H.323 endpoint, configure the appropriate H.323 ports and IP
settings used to connect to an H.323 gatekeeper.
You can monitor Cisco Unified Videoconferencing MCUs from a
web browser after you use the console to configure Layer 2 and
Layer 3 settings.
To connect the Cisco Unified Videoconferencing MCU to the
Cisco Unified Communications Manager, you must establish SIP
trunk connectivity to match the SIP parameters that Cisco Unified
Communications Manager requires.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-133
4-134 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 5
Objectives
Upon completing this lesson, you will be able to describe, play back, and distribute a recording.
This ability includes being able to meet these objectives:
Provide an overview of the Cisco TelePresence Recording Server and its features
List the Cisco TelePresence Recording Server specifications
Demonstrate the integration of LDAP with the Cisco TelePresence Recording Server
Use the Cisco TelePresence Recording Server to record, review, and distribute content
Discuss the benefits of integrating the Cisco TelePresence Recording Server with the Cisco
MXE 3000 Media Experience Engine for video postproduction
Cisco TelePresence Recording Server Overview
This topic describes an overview of the Cisco TelePresence Recording Server.
Video on demand (VoD) content provides rich messaging that is not real-time, but is a vital part
of the enterprise communications strategy that companies use today. There are two common
challenges when you try to create VoD:
Current webcam technology does not provide the quality that is needed to present a
professional image.
Traditional recording studios are expensive to build and operate.
The Cisco advantage for VoD is to use existing assets and a familiar usage model to create
VoD content. Cisco TelePresence already provides the best experience and compelling
communications platform for immersive meeting experiences. Each room is an optimized and
comfortable environment that you can use for professional video creation. You can combine
video and PC content without any complex software.
The Cisco TelePresence Recording Server solution enables you to create simple and fast video
content that is instant, simple, and enables broad distribution of the final product. You can also
distribute content via a Digital Media System (DMS) for video streaming (to the web or an IP
phone).
The best place to have a meeting is now the best place to create a video. Companies can benefit
from the ability of Cisco TelePresence Recording Server to use existing Cisco TelePresence
rooms as high-quality recording studios. Because Cisco TelePresence systems include superior
lighting, high-quality microphones, and high-definition 1080p cameras, you can create quality
video recordings for any number of VoD applications, such as training, product launches,
executive messaging, and corporate communications.
4-136 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Recording
Server Features
Studio-quality video recordings
Easy to use and as low-cost as a
webcam, but higher quality
Faster to create and distribute
Immediate creation and distribution
of important messages for effective
and timely communications
High-quality recording that is good
for external and internal audiences
Preserves the quality of the Cisco
TelePresence experience when
recordings are played back on
Cisco TelePresence endpoints
Additional application and utility for
existing Cisco TelePresence rooms
Cisco TelePresence Recording Server enables you to create studio-quality video recordings.
The Cisco TelePresence Recording Server is as easy to use as a webcam at the same low cost.
The Cisco TelePresence Recording Server also provides much higher quality and tools that
enable you to quickly create and distribute videos. You can immediately create and distribute
important video messages for effective and timely communications, which are critical in the
current business environment. The high-quality recording is perfect for audiences that are
external or internal to the organization. The high quality that is part of the Cisco TelePresence
experience is preserved when the recordings are played back on Cisco TelePresence endpoints.
The Cisco TelePresence Recording Server creates a new category of experience for Cisco
TelePresence technology that takes the solution beyond meetings. Studio-mode operation
provides onscreen prompting and visual aids that make the recording experience comfortable
and easy to use. Recorded content is ready for immediate playback, enabling you to review the
recorded session upon completion and then distribute that content to the appropriate people.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-137
Cisco TelePresence Recording
Server Workflow
Press Stop
Simple, One-Button-to-Push
High-quality recording at 1080p
Medianet application integration Auto Publish:
Web
Press Record User-driven creation and distribution Digital signs
Any-to-any streaming to the web Cisco
TelePresence
rooms
Sc hedule in
Groupware
The Cisco TelePresence Recording Server workflow makes creating video content as easy as
pushing a button. It provides high-quality recording at 1080p resolution with media net
application integration. A media net is a network that is optimized for rich media. It supports
voice, video, and the mixing of videos and documents, web pages, text, and many other forms
of media. You control the entire process, from creating the video content to distributing the
video.
The Cisco MXE 3000 Media Experience Engine uses market-leading technology to rapidly and
reliably repurpose media assets for different media applications. The Cisco MXE 3000 Media
Experience Engine automatically takes content with unparalleled reliability from any source
file. It preprocesses the content for optimal online viewing quality and experience,
simultaneously encodes it into any number of web formats, and delivers finished files to servers
or content-delivery networks for viewing.
Any user can create video content using simple controls on the Cisco TelePresence Unified IP
Phone 797xG. Then the user can deliver the video on any endpoint or via a web browser.
The following is the workflow for creating a video recording:
Schedule a Cisco TelePresence room using groupware.
Use the Cisco TelePresence IP Phone 797xG to start and stop the recording. The recording
captures synchronized video, audio, and data content.
Distribute the content via an email from the IP Phone 797xG user interface.
Play back the video on any Cisco TelePresence endpoint or a web browser.
Use the Share option to distribute the video to the web, digital signage, and Cisco
TelePresence rooms.
4-138 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Recording Server
Ease-of-Use
Intuitive user interface Easy controls and management
– Touchscreen user interface of – Manage all private and shared
the IP Phone 797xG video content
– Simple VCR-like controls – Set up distribution lists for
– On-screen prompts to easily simplified sharing of recordings
create content – Stream recorder content with
– Distribute recordings via email fully synchronized video, audio,
from IP Phone 797xG and PC data
Fast video creation Flexible and robust security
– Create multiple resolutions – Public or private recordings
instantly and simultaneously— – Authentication required to
HD and CIF video, plus data record, distribute, and play
presentation channel back private recordings
– Play back and proof recordings – User ID and phone PIN code
immediately for the authentication of private
– Immediately distribute messages
recordings globally – Active Directory support via
LDAP
Its ease of use makes the Cisco TelePresence Recording Server the perfect solution for quickly
creating and distributing video content. The intuitive touchscreen user interface of the IP Phone
797xG enables you to use simple VCR-like controls to easily record and play back video with
on-screen prompts. You can also distribute the recordings via email using the IP Phone 797xG
user interface.
Video content can be created quickly; you can create multiple resolutions instantly and
simultaneously (high-definition and Common Intermediate Format [CIF] video plus the data
presentation channel). When you create a recording, you can immediately distribute it globally.
The controls make it easy to manage all of the private and shared video content. You can set up
distribution lists to simplify the sharing of recordings. All recordings are streamed with fully
synchronized video, audio, and PC data.
The Cisco TelePresence Recording Server comes with flexible and robust security built in. You
can choose to make the recordings public or private. All recordings require an authentication in
order to record and distribute. A user employs a user ID and phone PIN to authenticate private
messages. Microsoft Active Directory support via Lightweight Directory Access Protocol
(LDAP) is also supported.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-139
Cisco TelePresence Recording Server
Specifications
This topic describes the Cisco TelePresence Recording Server specifications.
The Cisco TelePresence Recording Server supports 24 simultaneous recording and playback
sessions. It can store more than 300 hours of high-definition 1080p video recording content
along with the data presentation channel and a CIF version for PC-browser playback. The Cisco
TelePresence Recording Server is built on the Cisco Media Convergence Server 7845 Series
platform with a Linux-based operating system.
4-140 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Recording Server
Specifications (Cont.)
MCS 7845 Unified Communications
Manager Appliance Server
Cisco TelePresence System Release
1.6 or higher
Cisco Unified Communications
Manager 7.0(2) or higher
Microsoft Internet Explorer 6.0 or
higher for administrative access
Adobe Flash Version 10.0 or higher
for viewing streamed content via a
web browser
The Cisco MCS 7845 Series server is a high-availability server platform. It is an integral part of
a complete, scalable architecture for a new generation of high-quality IP voice solutions that
run on enterprise data networks. The Cisco MCS 7845 Series server is an innovative, easy-to-
deploy, and cost-effective solution that delivers the high performance and availability that
current enterprise networks demand. Being only two rack units (2RUs) high, the server packs
much performance in a low-profile chassis. A variety of Cisco Unified Communications
applications use the Cisco MCS 7845 Series server.
The following are some of the specifications for the Cisco TelePresence Recording Server:
Cisco TelePresence System Release 1.6 or higher
Cisco MXE 3000 Media Experience Engine v2.0
Cisco Unified Communications Manager Version 7.0(2) or higher
Microsoft Internet Explorer Version 6.0 or higher, for administrative access
Adobe Flash Version 7.0 or higher, for viewing streamed content via web browser
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-141
Integration with LDAP
This topic demonstrates the integration of LDAP with Cisco TelePresence Recording Server.
The use of LDAP is similar to that of Cisco TelePresence Manager. Cisco TelePresence
Recording Server uses LDAP to authenticate users and perform directory lookups. When
providing Cisco TelePresence Recording Server with authentication credentials from LDAP, it
is important that the Cisco TelePresence Recording Server account be in a directory higher or
equal to the users who are to be authenticated.
4-142 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Using the Cisco TelePresence Recording Server
This topic describes how to use the Cisco IP Phone 797xG to use the Cisco TelePresence
Recording Server.
Use the IP Phone 797xG user interface to access the Cisco TelePresence Recording server to do
the following:
Create a recording
— One button on the IP Phone 797xG user interface connects to the Cisco
TelePresence Recording Server.
— Choose the best viewing options for the recording.
— Press Record.
— When finished, press Stop.
Review a recording
— The recording is available for immediate playback.
— You can pause and skip forward or backward during the playback.
— You can view the recording via a web browser.
Distribute a recording
— You can send an email with a URL link to the recorded video from the IP Phone
797xG.
— Distribution lists make sending videos to multiple parties easy and secure.
— A web portal also allows for content distribution.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-143
Recording Postproduction
This topic describes recording postproduction using the Cisco MXE 3000 Media Experience
Engine.
Recording Postproduction
Recordings created using the Cisco TelePresence Recording
Server are fully compatible with the Cisco MXE 3000 Media
Experience Engine.
The Cisco MXE 3000 Media Experience Engine enables you to
create different media experiences and provide postproduction
capabilities such as video composition, authoring, watermarking,
and overlays using text and images.
The Cisco MXE 3000 Media Experience Engine uses market-
leading technology to rapidly and reliably repurpose media assets
for different media applications.
Processed content
is pushed to
mobile streaming
server and DMS
server.
Cisco TelePresence Recording Cisco MXE 3000 pulls
Server records session. recorded files and processes
media content.
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-10
Recordings that you create using the Cisco TelePresence Recording Server are fully compatible
with the Cisco MXE 3000 Media Experience Engine. The Cisco MXE 3000 Media Experience
Engine is a media-processing, network-based appliance that enables you to create different
media experiences and provide postproduction capabilities, such as video composition,
authoring, watermarking, and overlays using text and images. The Cisco MXE 3000 uses
market-leading technology to rapidly and reliably repurpose media assets for different media
applications. You use the Cisco TelePresence Recording Server to record a video content
session. Then you use the Cisco MXE 3000 Media Experience Engine to pull the recorded files
and process the media content. You can then push the processed content to a mobile streaming
server and a DMS server.
4-144 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco MXE 3000 Media Experience
Engine
A media processing platform that
enables users to adapt and
customize content for different
viewing experiences
Media adaptation
– Any-to-any media sharing between
digital signage, desktop video, and
mobile devices
Media enhancement
– Improve your video quality
Real-time postproduction
– Customize your video content
The Cisco MXE 3000 Media Experience Engine provides an easily deployed solution for
extending the reach and relevance of communication within organizations. Media adaptation
functionality enables users to view any media content on any endpoint. You can easily share
media files between digital signage, desktop video, mobile devices, and other applications.
Editing and production capabilities enable you to customize content with company logo
overlays, transitions, file clipping, and color and video quality enhancements.
The Cisco MXE 3000 Media Experience Engine automates the critical workflow components
for producing VoD content and scales in output capacity to provide the first automated,
enterprise-grade VoD production solution. The Cisco MXE 3000 Media Experience Engine
supports premade templates that you can apply to transcoding jobs, which significantly
streamline the operational overhead that is traditionally associated with media processing.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-145
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
The Cisco TelePresence Recording Server enables you to create
studio-quality video recordings, using a Cisco TelePresence
endpoint, and distribute the content.
The Cisco TelePresence Recording Server supports 24
simultaneous recording or playback sessions and stores 300
hours of 1080p HD video, audio, and data content.
Cisco TelePresence Recording Server uses LDAP to authenticate
users and perform directory lookups.
You can use the Cisco Unified IP Phone 797xG user interface to
access the Cisco TelePresence Recording Server for creating,
reviewing, and sharing recordings.
You can integrate the Cisco TelePresence Recording Server with
the Cisco MXE 3000 Media Experience Engine for video
postproduction.
4-146 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 6
Examining Intercompany
Communications
Overview
IP-based unified communications is widely deployed in enterprise networks, both for internal
calling in the campus and for calling between branch offices of the sites comprising the
network. However, access to the public switched telephone network (PSTN) from the
enterprise network is still predominantly based on time-division multiplexing (TDM).
The next stage in advancing business communications is to keep unified communications
traffic that is destined beyond the enterprise within the IP network. This stage utilizes a
Multiprotocol Label Switching (MPLS) infrastructure instead of the PSTN for intercompany
communications.
Intercompany Cisco TelePresence is the ability to call directly from a Cisco TelePresence room
on your network to a Cisco TelePresence room on the network of a different company through
a secure connection from your service provider.
Objectives
Upon completing this lesson, you will be able to identify the functions and goals of
Intercompany Cisco TelePresence. This ability includes being able to meet these objectives:
Provide an overview of intercompany communication
Describe the process that enables intercompany communication
Discuss the use of ENUM as a tool for mapping directory numbers to an IP address and
discuss options for external dial plans
Describe the functionality that the Cisco Unified Border Element provides
Discuss the SIP signaling negation process when using an SBC
Discuss the SIP signaling negation process when using a Cisco ASA 5500 Series Adaptive
Security Appliance
Discuss RTP media flow through an SBC
Discuss the RTP signaling negation process when using a Cisco ASA 5500 Series Adaptive
Security Appliance
Describe how service providers can enable hosted solutions
Intercompany Communication Overview
This topic provides an overview of intercompany communications using Cisco TelePresence.
SIP/SCCP SIP/SCCP
Cisco Unified
Communications
Manager Clusters
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-2
Most of the calls between enterprises today are performed over legacy PSTN circuits because
of the absence of an effective business-to-business VoIP and IP video communications
solution. The rich-media applications of today, such as Cisco TelePresence, which depend on
bandwidth that scales beyond what PSTN can provide, require a solution that takes advantage
of IP WANs.
Access to the PSTN from the enterprise network is, however, still predominantly time-division
multiplexing (TDM)-based. Typically located at each network site, VoIP gateways provide
connectivity from IP endpoints to the traditional PSTN.
4-148 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Intracompany Deployment Model
Multiple locations within the same enterprise use VPN services across multiple
locations of the same division.
Traffic is isolated to the corporate VPN (intranet).
The Cisco Unified Communications Manager, Cisco TelePresence Multipoint
Switch, Cisco TelePresence Manager, and Groupware server typically reside at
the main campus.
The calling community is limited to Cisco TelePresence systems within the
company intranet.
CE PE PE CE
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. IT S v1.1—4-3
Many organizations already use the Cisco TelePresence solution internally to make faster
decisions, improve cross-cultural communications, scale scarce resources, and move products
to market faster. Cisco can deliver fully integrated intracompany Cisco TelePresence meetings
over your network. The Cisco TelePresence intracompany deployment model is based on
multiple locations within the same enterprise using Virtual Private Network (VPN) services
across multiple locations of the same division. The Cisco TelePresence traffic is isolated to
only the corporate VPN (intranet).
Typically, the Cisco Unified Communications Manager, Cisco TelePresence Multipoint
Switch, Cisco TelePresence Manager, and Groupware servers reside at the main campus. The
calling community is limited only to Cisco TelePresence systems within the company intranet.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-149
Intracompany MPLS Model
Service provider equipment list:
MPLS network
Hosted Cisco Unified Communications Manager, Cisco TelePresence Multipoint Switc h, and
Cisco TelePresence Manager
Cisco TelePresence SBC
Centralized Cisco Unified Communications Manager
OAM systems (not shown)
Components vary depending on the deployment model
MPLS VPN
VRF Red VRF
Orange
CE PE PE CE
Intracompany VPNs are the simplest form of MPLS VPNs. They isolate the entire enterprise
into a single virtual routing and forwarding (VRF) instance, providing routing to and from each
member site in the VRF.
MPLS VPN technology divides the overall network into a customer-controlled part (the
customer network [C-network]) and a provider-controlled part (the provider network [P-
network]). Contiguous portions of the C-network are called sites and are linked with the P-
network via customer edge (CE) routers. The CE routers connect to the provider edge (PE)
routers, which serve as the edge devices of the P-network. The core devices in the P-network,
the provider routers (P routers), provide transport across the provider backbone and do not
carry customer routes.
Two companies with identical Cisco TelePresence systems and room setups can have
noticeably different experiences based on their network connections. The optimal Cisco
TelePresence experience requires an intelligent network connection that conforms to strict
standards for quality of service (QoS) and availability, and is managed according to best
practices. Therefore, it is recommended that all Cisco TelePresence customers work with a
service provider that offers a Cisco Certified TelePresence connection. To acquire the
certification, service providers must meet rigorous standards for their MPLS VPN architecture,
service level agreements (SLAs), management systems, and policies and procedures. After
receiving their certification, service providers undergo annual third-party reviews to ensure that
they continue to adhere to these rigorous standards.
4-150 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Intercompany Deployment Model
Enterprise A Enterprise B
VRF Blue
VRF Red
Signaling
Media Service Provider Cisco
TelePresence POP
CE
SBE: 88.88.50.1 SBE: 88.88.50.130
DBE: 88.88.50.2 DBE: 88.88.50.131
Cisco TelePresence SBC
© 2011 Cisco Systems, Inc. All rights reserved. ITS v1.1—4-5
The potential power of intercompany collaboration and business applications for the Cisco
TelePresence solution is significant. The following are some of the benefits that intercompany
“in-person” Cisco TelePresence meetings can offer:
Being able to meet with customers and suppliers face-to-face more frequently
Getting out advertising campaigns faster to affect sales
Working with manufacturers to make changes quickly to lower defects
Improving supply-chain efficiencies
Quickly resolving crises across geographic or organizational boundaries
Speeding mergers
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-151
Enabling Intercompany Communication
This topic describes enabling intercompany communication for Cisco TelePresence.
Service provider-
Avoid peering managed phone Internal QoS plus SLA
between enterprises number to IP from service provider
mapping
The ability to replace the PSTN with an MPLS infrastructure for intercompany
communications requires fulfilling several technical requirements to securely provide end-to-
end signaling:
Off-net signaling: This signaling creates a security challenge of peering all enterprise
contact managers and a scalability challenge to fully mesh signaling points. You should
avoid peering between enterprises.
External number-to-address resolution: This feature resolves phone numbers to IP
addresses. The scalability challenge for this task is to maintain a global list.
End-to-end QoS assurance: This feature is a QoS implementation across separately
managed networks with assurance from all service provider and enterprise segments.
Operation, administration, and maintenance (OAM) capability: This capability must
provide service level reporting, troubleshooting, and billing.
Signaling and media security: This function requires connectivity across enterprise
networks and the service provider cloud. This must be accomplished with the ability to
encrypt signaling and media across networks, and provide VPN awareness and firewall
traversal.
4-152 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Intercompany Solution Requirements
Product Release Notes
Cisc o TelePresence
Manager ASA 5500 Release None
Series 7.2(4)
Cisco ASA 5500
Series Appliance Applianc e
Release 1.5 Release 1.5
ASR or Hardware/software
CUBE upgrade
Cisco Session
Border Controller
XR 12000
Cisco Application-
Specific Router
(ASR) Series Router, Hardware or software upgrade required.
Cisco ISR with CUBE
feature set
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-153
Intercompany—Attributes
Customer A Partner B
RTP RTP
Media Media
CE CE
SIP Trunk RTP (media)
SIP Trunk
PE SIP (si gnaling)
You can implement the Cisco TelePresence intercompany solution with a converged or overlay
IP network. The end-user experience for intercompany meetings is the same as the experience
for any Cisco TelePresence meetings, with both impromptu dialing and One-Button-to-Push
capabilities available. The additional step that is required for the intercompany meeting is the
scheduling between the cooperating enterprises. For One-Button-to-Push dialing, company A
and company B both schedule a meeting at the arranged time using their calendaring software.
Both companies add the respective external room phone numbers to Cisco TelePresence
Manager, which responds with a confirmation email message. At the scheduled time, you use
the One-Button-to-Push feature to place the call.
Intercompany Cisco TelePresence meetings are new services, so service providers may not
provide advanced or add-on services at the time of deployment. Just as you would obtain
telephone directory information from a service provider or carrier today, the same could apply
for Cisco TelePresence. Service providers can implement directory and scheduling services in
many ways, but some of these services require that the service provider should have access to
the enterprise network of the customer.
Cisco is working to help service providers deliver intercompany IP connectivity and services to
connect Cisco TelePresence users. Call Admission Control (CAC) can be managed via Cisco
Unified Communications Manager or a Session Border Controller (SBC).
Intercompany Cisco TelePresence supports multisite (multipoint) meetings that the enterprise
or service provider can host. However, this implementation does not support encryption. For
firewall and Network Address Translation (NAT) traversal, the firewall should support the
Cisco TelePresence bandwidth and the network requirements of QoS. You may want to deploy
a Cisco SBC in your company demilitarized zone (DMZ) to “hide” the Cisco Unified
Communications Manager. In this case, the Cisco Unified Border Element performs the routing
to the service provider network. Management services include network monitoring, fault
detection, and call reporting.
4-154 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Address Resolution Using ENUM
This topic describes address resolution using E.164 number (ENUM).
Address
Resolution
Softswitch
ENUM
Service Provider-
Managed Phone or
Number-to-IP
Mapping
ENUM was developed to allow network elements to find services on the Internet using only a
telephone number. ENUM also allows telephones, which have an input mechanism that is
limited to 12 keys on a keypad, to access Internet services. ENUM, in essence, supports the
convergence of PSTN and IP networks by mapping fully qualified telephone numbers from the
PSTN to fully qualified domain-name addresses using a Domain Name System (DNS) based
architecture.
ENUM links a telephone number to either an Internet host or other Internet resources that can
connect the call, either end-to-end over IP networks or through a designated gateway to the
PSTN. This function is useful for connecting Session Initiation Protocol (SIP)-compatible or
H.323-compatible endpoints that exist across domain boundaries.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-155
Session Border Services
This topic describes the functionality that the Cisco Unified Border Element provides.
The Cisco Unified Border Element is an intelligent unified communications network element
that provides SBC functions that enable end-to-end, IP-based transport of voice, video, and data
between independent unified communications networks. Cisco Unified Border Element was
formerly known as the Cisco Multiservice IP-to-IP Gateway,
SBCs are critical components in enabling you to turn unified communications network "IP
islands" within a single customer network into an end-to-end IP community. One of the most
significant uses of the Cisco Unified Border Element is to allow call control elements, such as
Cisco Unified Communications Manager, to connect to service providers for PSTN access
offerings over SIP trunks. Today, service providers, enterprises, and commercial customers use
the Cisco Unified Border Element as an IP-to-IP gateway to interconnect SIP and H.323 voice
and video networks.
By extending the customer VPN to a logical interface on the Cisco Unified Border Element,
you can bridge interconnections across VPNs. The Cisco Unified Border Element manages
real-time multimedia traffic flows between IP network borders. It manages signaling as well as
media, and it performs native IP interconnection functions that are required for real-time
communications, such as access control, firewall traversal, bandwidth policing, accounting,
internetwork signaling, legal intercept, and QoS management.
The Cisco Unified Border Element enhances the PSTN-to-IP features of a traditional Cisco
gateway by adding the capability to join two VoIP or video communications networks without
the need for transiting through the TDM-based PSTN.
4-156 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
SBC VPN Awareness
VRF-aware
Resides within each VPN
– One routable IP address for each VPN
– Support for overlapping private IP addresses
– Signaling and media connections from multiple MPLS VPNs
Direct communication only with the service provider-owned Cisco
Unified Border Element
– Topology hiding
– Enables inter-VPN media flow
By utilizing SBCs, a company can enable the end user to make Cisco TelePresence calls to an
end user in another company without being concerned about protocols, network reachability, or
the safety of the network.
The SBC must have one routable address per VPN. The addresses can be in overlapping
subnets because of the ability of the SBC to distinguish between routing instances or VRFs.
The VRF of each VPN is still hidden from other VPNs and is accessible only from the SBC.
Direct communication is made only with the service provider-owned SBC, which enables direct
IP-to-IP interconnections between multiple administrative domains. The SBC protects the
network by hiding the network addresses and names for both the access (customer) side and the
backbone (network core) side. The SBC enables inter-VPN flow.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-157
Overall Approach
Cisco TelePresence technology:
Application
Secure signaling and media
Authentication
Platform security
Symmetrical media flow
Auto-answer disabled
Enterprise network:
Enterprise
Topology hiding
Add optional firewall here DoS prevention
NAT and firewall traversal
SIP inspection
Encryption pass-through
PE
Service provider network:
Service Provider
Topology hiding
NAT and firewall traversal
SBC Admission control and policy management
Secure connection
PE Inter-VPN reachability
Infrastructure security
Signaling
Media
4-158 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Intercompany Communication
Architecture
Enterprise A
(VPN Red) Site 1
Cisco Unified
Border Element
Service Provider
Central Service
VRF Red
SBC Softswitch
CE PE PE
VPN Service
Provider
Cisco Unified PE
Border Element CE
VRF Blue
Enterprise B Signaling
(VPN Blue) Site 1
Media
© 2011 Cisco Systems, Inc. All rights reserved. ITS v1.1—4-13
As the figure demonstrates, the goal of the Cisco Unified Border Element is to protect the
individual enterprise from undesired access originating from the service provider.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-159
IP Routing
The enterprise internally advertises the exchange SBC/SBE IP address
to the Cisco TelePresence, Cisco Unified Communications Manager
servers, and Cisco TelePresence system endpoints.
With NAT or PAT on the firewall:
– The exchange provides a subnet for the outside network of the
firewall that is advertised into the MPLS network,
or
– the enterprise provides a “nonprivate” subnet for the outside network
of the firewall that is advertised into the MPLS network.
Without NAT or PAT on the firewall
– The enterprise uses “nonprivate” subnets for the Cisco Unified
Communications Manager cluster and Cisco TelePresence System
endpoints that are advertised into the MPLS network.
– The exchange advertises the Cisco Unified Communications Manager
subnets and the Cisco TelePresence System subnets to the SBC.
4-160 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
SIP Signaling Flow Through SBC
This topic describes SIP signaling flow through the SBC.
RTP
RTP
Demarcation
Point
© 2011 Cis co S ys t em s, I nc. A ll rights res erved. I TS v1. 1— 4-15
When implementing intercompany Cisco TelePresence, the company must be concerned with
the network topology and hiding IP addresses, and with preventing fraud and the theft of
service. The SIP signaling protocol passes too much detail across the borders. Implementing an
SBC provides a configurable mechanism for hiding and altering topology and identity
information. The following is an example of the SIP signaling:
INVITE sip:23198@172.17.207.91:5060 SIP/2.0
Via: SIP/2.0/UDP 10.80.17.134:5060
Via: SIP/2.0/UDP
172.18.192.232:5060;branch=1FV1xhfvxGJOK9rWcKdAKOA
To: <sip:23198@172.18.192.232>;tag=abc
From: <sip:15691@10.80.17.134>;tag=a73kszlfl
Call-ID: c2943000-50405d-6af10a-382e3031@10.80.17.134
CSeq: 100 INVITE
Contact: sip:15691@10.80.17.134:5060
Expires: 180
Content-Type: application/sdp
Content-Length: 219
User-Agent: Cisco IP Phone/ Rev. 1/ SIP enabled
Accept: application/sdp
Record-Route:
<sip:23198@172.18.192.232:5060;maddr=172.18.192.232>
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-161
SIP Signaling Flow Through Cisco ASA 5500
Series Adaptive Security Appliances
This topic describes SIP signaling flow through a Cisco ASA 5500 Series Adaptive Security
Appliance.
2 SA:10.1.1.3
DA: 10.163.61.130
Exchange SA: 10.163.60.116 ASA
DA: 10.163.61.130 Customer
Network
Enterprise
SA: 10.163.61.130
DA: 10.163.60.116 SA: 10.163.61.130
SBE: 10.163.61.130
DBE: 10.163.61.131 DA: 10.1.1.3
3
4
The Cisco ASA 5500 Series Adaptive Security Appliance has robust SIP security capabilities
that provide protection from any attacks through the SIP trunks. The SIP application inspection
and control feature facilitates deep inspection services for SIP traffic for both User Datagram
Protocol (UDP) and TCP-based SIP environments. This feature provides granular control for
protection against unified communications attacks.
The example shows the NAT results as the SIP signaling passes through the Cisco ASA
security appliance:
Firewall outside interface: 10.163.60.113/29
NAT addressing for SIP signaling traffic
— NAT Addresses:
10.1.1.2/24 -> 10.163.60.115/29
10.1.1.3/24 -> 10.163.60.116/29
10.163.61.130 is advertised into the customer enterprise network from firewall and has to
be reachable by the Cisco Unified Communications Manager servers.
4-162 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
SIP Signaling Flow
NAT
– Is implemented for signaling (SIP) packets
– Requires one NAT address from the outside network of the firewall per Cisco
Unified Communications Manager server in the Enterprise cluster
– Each SIP trunk from the Cisco Exchange SBC/SBE points to a different NAT
address
PAT
– Is implemented for Cisco TelePresence System media (RTP) streams
– Requires only one IP address from the outside network of the firewall
– All Cisco TelePresence system endpoints use this single address for sending
and receiving RTP streams through the firewall
SIP inspection
– Is implemented for SIP TCP and SIP UDP
– Provides stateful Inspection of SIP packets (dynamic open and close of ports)
– Performs NAT of SIP payload and SIP header
– Maintains state for SIP sessions and transactions
– Inspects RTP and RTCP traffic on media connections opened by SIP
inspection engine
NAT is implemented for signaling (SIP) packets. One NAT IP address is required from the
outside network of the firewall per Cisco Unified Communications Manager server in the
enterprise cluster. Each SIP trunk from the Cisco Exchange SBC/SBE points to a different
NAT IP address.
PAT is implemented for Cisco TelePresence system media (Real-Time Transport Protocol
[RTP]) streams. Only one IP address is required from the outside network of the firewall. All
Cisco TelePresence system endpoints use this single IP address for sending and receiving RTP
streams through the firewall.
SIP inspection is implemented for SIP TCP and SIP UDP packets. A stateful inspection of SIP
packets occurs for both the dynamic opening and closing of ports. NAT is performed on the SIP
payload and SIP header. A stateful connection is maintained for SIP sessions and transactions,
and the connections are deleted when a session is over. The SIP inspection engine opens
inspections of RTP and Real-Time Transport Control Protocol (RTCP) traffic on the media
connections.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-163
Protocols and Ports for I-CCT Calls
TCP 5060 (SIP) and TCP 5061 (SIP-TLS)
– Outside interface—Permit from Exchange SBC/SBE to each
Cisco Unified Communications Manager server
– Inside interface—Permit from each Cisco Unified
Communications Manager server to Exchange SBC/SBE
UDP 16384 to 32767 (RTP)
– Use SIP inspection to open ports dynamically on the firewall
or
– Open the port range manually (in firewall rules):
To/From the IP address of the Exchange SBC/DBE and the IP
address of the enterprise internal Cisco TelePresence system
endpoints
To/From the IP address of the Exchange SBC/DBE and the
internal networks and subnets of the Cisco TelePresence
endpoints
If using PAT, use PAT IP address instead of the IP addresses
of the enterprise Cisco TelePresence system endpoints
The following protocols and ports are required for I-CCT calls:
TCP 5060 (SIP) and TCP 5061 (SIP-TLS): On the outside interface, permit these ports
from the Exchange SBC/SBE to each Cisco Unified Communications Manager server of
the enterprise cluster. On the inside interface, permit these ports from each Cisco Unified
Communications Manager server of the enterprise cluster to the Exchange SBC/SBE.
UDP 16384 to 32767 (RTP) You can use SIP inspection to open ports dynamically on the
firewall, or you can open the port range manually in the firewall rules.
— To and from the IP address of the exchange SBC/data border element (DBE) and the
IP address of the enterprise internal Cisco TelePresence system endpoints, also to
and from the IP address of the exchange SBC/DBE and the internal networks and
subnets of the Cisco TelePresence system endpoints.
— If you are using PAT, then use the PAT IP address instead of IP addresses of the
enterprise Cisco TelePresence system endpoints.
The following is an example of an access control list (ACL) that would be applied to the
customer CE ingress WAN interface:
10 permit tcp host 10.163.60.130 host CUCM_1_NAT_IPeq 5060
11 permit tcp host 10.163.60.130 eq 5060 host CUCM_1_NAT_IP
12 permit tcp host 10.163.60.130 host CUCM_1_NAT_IPeq 5061
13 permit tcp host 10.163.60.130 eq 5061 host CUCM_1_NAT_IP
20 permit tcp host 10.163.60.130 host CUCM_2_NAT_IPeq 5060
21 permit tcp host 10.163.60.130 eq 5060 host CUCM_2_NAT_IP
22 permit tcp host 10.163.60.130 host CUCM_2_NAT_IPeq 5061
23 permit tcp host 10.163.60.130 eq 5061 CUCM_2_NAT_IP
30 permit udp host 10.163.60.131 host CODEC_PAT_IPgt 16383
100 deny ip any any log
Note You can add other statements that are based on your required security policy, such as
Internet Control Message Protocol (ICMP). This list is only related to Cisco TelePresence
SIP, RTP, and RTCP traffic.
4-164 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Media Encryption
Cisco TelePresence systems support sRTP using HMAC-SHA-1
Auth tags and AES-128-ICM encryption.
The negotiation of sRTP-keyed material between the local codec
to the remote codec uses DTLS.
Once the media path is established between the two systems,
they initiate a DTLS handshake using their MICs to authenticate
each other.
The systems negotiate the sRTP-keying material over the DTLS
encrypted session.
Because the DTLS session is end-to-end between the two Cisco
TelePresence systems, the SBC passes these messages
transparently between the systems.
Cisco TelePresence systems support Secure Real-Time Transport Protocol (SRTP) using
Hashed Message Authentication Code-Secure Hash Algorithm 1 (HMAC-SHA-1) Auth Tags
and Advanced Encryption Standard-128 Integer Counter Mode (AES-128-ICM) encryption.
The negotiation of the SRTP keyed material between the local coder-decoder (codec) and the
remote codec uses Datagram Transport Layer Security (DTLS). When the two systems
establish the media path, they initiate a DTLS handshake using their manufacturing installed
certificates (MICs) to authenticate each other. Then they negotiate the SRTP keying material
over the DTLS encrypted session. Because the DTLS session is end-to-end between the two
Cisco TelePresence systems, the SBC will pass these messages transparently between the
systems.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-165
Disabling Auto-Answer for Intercompany
Use Cisco Unified
Communications Manager to Configured for Auto-Answer
configure the Cisco TelePresence Cluster 1
system auto-answer option. Enterprise - A
By default, the Cisco
TelePresence system is
configured with autoanswer
external disable. To allow auto-
answer, manually change this
setting.
The Alert-Info field in the SIP Cluster 2
message is set differently for on- Enterprise - A
net vs. off-net calls.
The SIP trunk should be SBC
defined as off-net for any routes
coming off-net.
If multiple Cisco Unified
Communications Manager
clusters exist, create two trunks
between the clusters and map the
calls based on on-net vs. off-net. Enterprise - B
You configure the Cisco TelePresence system auto-answer feature in Cisco Unified
Communication Manager. By default, the Cisco TelePresence system is configured with the
Autoanswer External option disabled. To allow this option, you must manually change it.
The Alert-Info field in the SIP message is set differently for on-net and off-net calls. The SIP
trunk should be defined as off-net for any routes coming off-net. If multiple Cisco Unified
Communications Manager clusters exist, create two trunks between the clusters and map calls
based on on-net and off-net.
Follow these steps to configure the auto-answer option in Cisco Unified Communications
Manager:
Step 1 Open a browser window to https://x.x.x.x/ccmadmin, where x.x.x.x is the IP
address of the Cisco Unified Communications Manager.
Step 2 Enter the username admin along with its password.
Step 3 Choose Device > Phone.
Step 4 From this window, you can add or edit Cisco TelePresence system endpoints.
Choose the desired option from the Auto Answer drop-down menu.
Step 5 Click Save.
4-166 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
RTP Media Flow Through an SBC
This topic describes the RTP media flow through an SBC.
1.1.1.10 3.3.3.20
2.2.2.10 5.5.5.10
First Packet
Destination: 2.2.2.10 First Pack et
Port 16384 Des tination: 5.5.5.10
1.1.1.10 2.2.2.10 Port 34567
Payload
Switched
The SBC receives VoIP signaling and VoIP media and directs this traffic to a device behind a
firewall and NAT at the border of an adjacent network, without requiring upgrades to the
device or firewall. The SBC achieves this by modifying the IP addresses and ports in the call-
signaling headers and the Session Description Protocol (SDP) blocks attached to these
messages.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-167
RTP Media Flow Through Cisco ASA 5500 Series
Adaptive Security Appliances
This topic describes the RTP media flow through an ASA 5500 Series Adaptive Security
Appliance.
3 4
SA: 10.163.61.131/16384 ASA SA: 10.163.61.131/16384
DA: 10.163.61.114/17000 ASA DA: 192.168.1.10/16384 Customer
Enterpri se
The RTP inspection service on the ASA 5500 Series Adaptive Security Appliances provides the
ability to inspect RTP traffic on media connections that are opened by a unified
communications inspection engine, such as SIP. This service can help set security policies for
RTP traffic, such as the following:
Validating conformance to RFC 1889
Cross-checking media values between signaling and RTP to validate payload type
Policing version number, payload type integrity, and sequence numbers
The example shows the NAT results as the RTP media flow passes through the Cisco ASA
5500 Series Adaptive Security Appliances:
Firewall outside interface: 10.163.61.113/29
PAT addressing for RTP media traffic
— PAT addresses:
All Cisco TelePresence system endpoints -> 10.163.61.114
10.163.61.131 is advertised into the customer enterprise network from the firewall and has
to be reachable by all Cisco TelePresence system endpoints.
4-168 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
RTP Media Flow through Cisco ASA 5500
Series Adaptive Security Appliances (Cont.)
Firewall traversal
– Uses symmetrical media RTP connections
– Accepts one Rx connection from each endpoint
(UDP port opened on firewall)
– Establishes one Tx connection with each
endpoint using the same UDP port as Rx
Media relay
– Relays arriving media traffic to the destination
– Reconstructs RTP header with new source IP
address
– Does not touch payload
Topology hiding
– Endpoints do not communicate with each other
directly.
– Each RTP connection is terminated on the SBC.
– RTP header reconstruction enables topology
hiding.
All of the audio RTP streams are multiplexed into a single audio UDP stream before being sent
over the network. Likewise, all of the video RTP streams are multiplexed into a single video
UDP stream before being sent over the network. In addition, RTCP control information for
each audio and video stream is multiplexed within each UDP stream. This multiplexing eases
firewall traversal, because only a single UDP audio stream and a single UDP video stream are
sent from a Cisco TelePresence system endpoint. The Cisco ASA 5500 Series Adaptive
Security Appliance accepts one receive (Rx) connection from each Cisco TelePresence system
endpoint. The firewall opens a UDP port and it establishes one transmit (Tx) connection with
each endpoint using the same UDP port as the Rx connection.
The appliance relays the arriving media traffic to the destination after reconstructing the RTP
header with the new source IP address. The payload of the packet is untouched. The topology is
hidden because the endpoints do not communicate with each other directly. Instead, each RTP
connection is terminated on the SBC. The RTP header reconstruction enables topology hiding.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-169
Service Provider Solutions
This topic provides an overview of how service providers can enable hosted solutions.
Cisco TelePresence
Connection Services
Intercompany
TelePres ence
Services
4-170 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
The PSTN is used today to provide intercompany voice and video
communication. Cisco TelePresence deployment models include
intracompany, intracompany MPLS, and intercompany.
The requirements for intercompany solutions include Cisco
TelePresence System Release 1.5, Cisco TelePresence Manager
Release 1.5, and Cisco TelePresence Multipoint Switch Release
1.5.
ENUM was developed to allow network elements to find services
on the Internet using only a telephone number.
The Session Border Service that the Cisco Unified Border
Element provides can demark the service provider from the
customer.
Implementing an SBC provides a configurable mechanism for
hiding and altering topology and identity information.
Summary (Cont.)
The robust SIP security capabilities of the Cisco ASA 5500 Series
Adaptive Security Appliance provide protection from attacks
through the SIP trunks.
The SBC receives VoIP signaling and media traffic and directs it
to a device behind a firewall and Network Address Translator at
the border of an adjacent network, without requiring upgrades to
the device or firewall.
The RTP inspection service on the Cisco ASA 5500 Series
Adaptive Security Appliance provides the ability to inspect RTP
traffic on media connections opened by a unified communications
inspection engine, such as SIP.
Intercompany communications through MPLS enable service
providers to deliver a rich set of hosted solutions.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-171
4-172 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Lesson 7
Overview
Securing network connections for Cisco TelePresence is an important concern. Cisco Unified
Communications Manager already provides support for the transmission of voice, video, and
data over a single, IP-based network, which enables companies to consolidate and simplify
communications. Cisco TelePresence follows the existing Cisco Unified Communications
security architecture with the addition of a unique Datagram Transport Layer Security (DTLS)
key exchange. Cisco TelePresence systems support secure full media and signaling encryption
for multipoint sessions and encrypted audio add-on calls.
Objectives
Upon completing this lesson, you will be able to configure security features for Cisco
TelePresence. This ability includes being able to meet these objectives:
Describe the security features of Cisco TelePresence in Cisco Unified Communications
Manager
Configure the security profile for Cisco TelePresence in Cisco Unified Communications
Manager
Configure PKI-based security features in Cisco Unified Communications Manager
Cisco Unified Communications Manager Security
for Cisco TelePresence
This topic describes Cisco Unified Communications Manager security for Cisco TelePresence.
For voice and video communications, security must protect four critical elements:
Network infrastructure: The switches, routers, and connecting links that comprise the
foundation network that carries all IP data, voice, and video traffic
Call processing systems: Servers and associated equipment for call management, control,
and accounting
Endpoints: IP phones, softphones, video terminals, and other devices that connect to the IP
communications network
Applications: User applications, such as unified messaging, conferencing, customer
contact, and custom tools that extend the capabilities of IP communications systems
Cisco TelePresence follows the Cisco Unified Communications security architecture. This
lesson explains the minimum concepts of Cisco TelePresence security.
Note This lesson does not discuss all of the possible options offered by Cisco Unified
Communications.
4-174 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
PKI Topologies in Cisco Unified
Communications Manager Deployments
Instead of a single CA issuing all of the
certificates, several entities issue certificates.
Cisco Unified Communications Manager services
certificates are self-signed: Cisco Unified
Communications Manager, TFTP, and CAPF
Manufacturing-installed certificates on Cisco Unified
IP Phone 797x, 7961, 7965, 7941, 7945, 7911, and
all Cisco TelePresence system endpoints are signed
by Cisco manufacturing CA.
Locally significant certificates are supported on the
Cisco TelePresence Manager, Cisco TelePresence
Multipoint Switch, and Cisco IP phone models
(including the ones that support MICs) and are
signed by the CAPF or by an external CA.
Unlike classic enterprise public key infrastructure (PKI) deployments, the PKI topology in
Cisco Unified Communications Manager is not a single PKI system. Instead of having a single
certification authority (CA) that issues all of the certificates, several entities issue certificates:
Self-signed certificates: Cisco Unified Communications Manager Services (Cisco Unified
Communications Manager, TFTP, and Certificate Authority Proxy Function [CAPF]) issue
their certificates on their own.
Certificates signed by the Cisco manufacturing CA: Some of the Cisco Unified IP
Phones, including the Cisco Unified IP Phone 797x, 7961, 7962, 7965, 7941,7942, 7945,
and 7911, and all of the Cisco TelePresence system endpoints, have manufacturing
installed certificates (MICs).
Certificates signed by the Cisco Unified Communications Manager CAPF or by an
external CA: Locally significant certificates (LSCs) can be assigned to Cisco Unified IP
Phones that have MICs and to Cisco Unified IP Phones 7940 and 7960. Either the Cisco
Unified Communications Manager CAPF acting as a CA, or an external CA, issues LSCs.
If an external CA issues the LSCs, the CAPF acts as a proxy for the CA toward the IP
phones.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-175
Multipoint Encryption
The Cisco TelePresence Multipoint Switch CAPF client can download a
X.509v3 certificate (LSC) from Cisco Unified Communications Manager.
MPE uses:
– SRTP, AES-128
– SIP over TLS, AES-128
– Encrypted Key Transport for key distribution
between meeting participants
MPE requires Cisco TelePresence
System Release 1.5 and Cisco
TelePresence Multipoint Switch Release 1.5.
Three meeting security settings are available (configurable per meeting):
– Non-secure (no encryption)
– Secure (all endpoints must be encrypted)
– Best effort (encrypt if all endpoints support encryption)
Cisco TelePresence Multipoint Switch Release 1.5 introduces the Multipoint Encryption (MPE)
security feature. This feature supports full media and signaling encryption, with no discernable
latency to the Cisco TelePresence call, for up to 48 segments. The status of the meeting
encryption is indicated on the Cisco TelePresence screen at the start of a call, or when it
changes, and on the Cisco TelePresence phone at all times.
The CAPF client of the Cisco TelePresence Multipoint Switch allows downloading of the
X.509v3 certificates (which are LSCs) from Cisco Unified Communications Manager.
MPE uses the following for primary distribution between meeting participants:
Secure Real-Time Transport Protocol (SRTP)
128-b Advanced Encryption Standard (AES-128)
Session Initiation Protocol (SIP) over Transport Layer Security (TLS)
Encrypted Key Transport
You can configure each meeting with one of three meeting security settings:
Nonsecured (no encryption)
Secured (all endpoints must be encrypted)
Best-effort (encrypt if all endpoints support encryption)
4-176 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Encrypted Audio Add-On Calls
Provides encryption support for
meetings with audio add-on calls
Is supported with any Cisco Unified IP
Phone or Cisco IOS Voice Gateway that
is configured to negotiate SRTP
encryption
Automatically negotiates down to
unencrypted if Audio Add-on destination
is not configured for encryption
Rejects participants attempting an
unencrypted audio add-on if multipoint
meeting is set for “Secure”
Requires Cisco TelePresence Release 1.5
– Before this release, any Cisco
TelePresence call with an audio add-
on was downgraded to nonsecure
Cisco TelePresence Multipoint Switch Release 1.5 added support for the encryption of remote,
audio-only participants who join a meeting by using the conferencing features on the meeting-
room phone or by integrating an audio conferencing bridge into the meeting in both point-to-
point and multipoint calls. Before Cisco TelePresence Multipoint Switch Release 1.5, calls with
an audio add-on were downgraded to a nonsecure session.
The Cisco TelePresence Multipoint Switch supports encrypted audio add-on with any Cisco
Unified IP Phone or Cisco IOS Voice Gateway that is configured to negotiate SRTP
encryption. If the audio add-on destination is not configured for encryption, then the audio add-
on call will automatically negotiate down to an unencrypted session. If the multipoint meeting
is set for “Secured,” the participant attempting an unencrypted audio add-on is rejected.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-177
Encrypted Infrastructure
Communications
All communication between the Cisco TelePresence system,
Cisco TelePresence Multipoint Switch, Cisco TelePresence
Manager, and Cisco Unified Communications Manager can be
encrypted.
The security model leverages the Cisco Unified Communications
Manager Authentication and Encryption infrastructure (CAPF and CTL
Provider).
The CAPF client in Cisco TelePresence Multipoint Switch and Cisco
TelePresence Manager downloads X.509v3 certificates (LSC) from Cisco
Unified Communications Manager.
As of Cisco TelePresence System Release 1.5, all communications between the Cisco
TelePresence system, Cisco TelePresence Multipoint Switch, Cisco TelePresence Manager, and
Cisco Unified Communications Manager can be encrypted.
Cisco TelePresence devices support secure communication between devices using CAPF. You
activate and start the CAPF service in Cisco Unified Communications Manager and use Cisco
Unified Communications Manager as a CAPF server. Next, you configure the Cisco
TelePresence Multipoint Switch and Cisco TelePresence Manager as CAPF clients and create a
common application user ID for each CAPF client. Finally, you create separate instance IDs for
the Cisco TelePresence Multipoint Switch and Cisco TelePresence Manager.
CAPF authenticates information between the Cisco TelePresence devices using an LSC.
4-178 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Encrypted Infrastructure
Communications (Cont.)
The encrypted infrastructure allows the following types of
communications to be secured:
XML/SOAP communications:
– Cisco TelePresence Manager to Cisco TelePresence system XML
for One-Button-to-Push propagation
– Cisco TelePresence Multipoint Switch to Cisco TelePresence
Manager for multipoint resource management
– Cisco TelePresence system to Cisco TelePresence Multipoint
Switch for conference control protocol (i.e., Meeting Lock/Unlock
softkey)
SIP signaling:
– Cisco TelePresence Multipoint Switch to Cisco Unified
Communications Manager for SIP trunk TLS
– Cisco TelePresence system to Cisco Unified Communications
Manager for SIP line-side (supported since Cisco TelePresence
System Release 1.2)
The encryption infrastructure of Cisco TelePresence can secure the following types of
communications:
XML/Simple Object Access Protocol (XML/SOAP) communications
— Cisco TelePresence Manager to Cisco TelePresence system XML for One-Button-
to-Push propagation
— Cisco TelePresence Multipoint Switch to Cisco TelePresence Manager for
multipoint resource management
— Cisco TelePresence system to Cisco TelePresence Multipoint Switch for conference
control protocol (for example, Meeting Lock/Unlock softkey)
SIP signaling
— Cisco TelePresence Multipoint Switch to Cisco Unified Communications Manager
for SIP trunk TLS
— Cisco TelePresence system to Cisco Unified Communications Manager for SIP line-
side (supported since Cisco TelePresence System 1.2)
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-179
Cisco TelePresence Security Summary
Based on Cisco Unified Communications:
X.509v3 digital certificates (MIC/LSC)
CTLs
Signed firmware loads
Signed and encrypted configuration files
SIP over TLS
S-description key exchange in SDP
DTLS key exchange
SRTP
DTLS is a feature that the Cisco TelePresence
implementation adds to the security features of Cisco
Unified Communications. DTLS was added to
exchange SRTP keys over SIP trunk links.
When securing the network, it is important to consider all possible areas of vulnerability. You
must protect the network from internal and external threats by securing internal and remote
connectivity and limiting network access to devices, applications, and users who can be trusted.
You first achieve comprehensive security by securing the network itself and then by extending
that security to endpoints and applications.
The following is a list of security features that are available from Cisco Unified
Communication:
X.509v3 digital certificates (manufacturing installed certificate [MIC] and LSC)
Certificate Trust List (CTL)
Signed firmware loads
Signed and encrypted configuration files
SIP over TLS
S-description key exchange in Session Description Protocol (SDP)
DTLS key exchange
SRTP
Note TLS over UDP (DTLS) is a feature that the Cisco TelePresence implementation adds to the
security features of Cisco Unified Communications. DTLS was added to exchange SRTP
keys over SIP trunk links.
4-180 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Secure Signaling and Media Overview
Hop-by-hop Layer 4 and Layer 5 connection encryption
Required between each Layer 4 hop
No end-to-end security if the chain is broken
Signal encryption, which is the process of converting plaintext data into enciphered data,
provides data integrity and authentication. IP Security (IPsec) is a standards-based set of
security protocols and algorithms that ensures that signaling information that is sent between
the gateway and Cisco Communications Manager is encrypted. Examples of signaling
information that are encrypted include dual-tone multifrequency (DTMF) digits, passwords,
PINs, and encryption keys. Media encryption using standards-based SRTP ensures that media
streams between supported devices are secure.
Cisco TelePresence endpoints use TLS and SRTP to exchange SRTP keys. However, if a call is
going through a SIP trunk, Cisco Unified Communications Manager strips off the SRTP key
field in SDP, and Cisco TelePresence endpoints use an alternative mechanism to exchange
SRTP keys (DTLS/SRTP).
When Cisco TelePresence endpoints use DTLS/SRTP, the endpoints send certificates to each
other and the certificates are verified during the DTLS handshake. Then, the SRTP Master Key
is exchanged. After the handshake, the media is encrypted using the generated session key,
authenticated using the generated authentication key, and sent over the network.
Cisco TelePresence endpoints can use TLS to send and receive SIP signaling messages to and
from Cisco Unified Communications Manager when it is configured as a secure device and the
Cisco Unified Communications Manager is in mixed/secure mode. All SIP signaling messages
between Cisco TelePresence endpoints and Cisco Unified Communications Manager can be
encrypted. To support encryption of media streams, the SIP signaling implements RFC 4568
for interoperability with the Cisco Unified SIP Phone797xG.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-181
Configuring the Security Profile for Cisco
TelePresence
This topic describes how to configure the security profile for Cisco TelePresence in Cisco
Unified Communications Manager.
The Cisco TelePresence Multipoint Switch dials the Cisco Unified Video Conferencing
Manager using the number that is defined in the CUVC Number field of the Cisco
TelePresence Multipoint Switch meeting definition. This appears when the first Cisco
TelePresence participant joins the meeting.
Step 2 Click the Copy button next to the security profile that you want to copy.
4-182 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Phone Security Profile Configuration
Step 3 Configure the Cisco TelePresence phone security profile using the example that is
provided in the following table:
Setting Description
Nonce Validity Time The default value is 600 sec (10 min).
TFTP Encrypted Config Check this check box to encrypt the TFTP configuration.
Exclude Digest Credentials in The exclude option is not available when digest authentication
Configuration File is not enabled.
Key Size (Bits) Set the key size to 2048. (recommended for Cisco
TelePresence)
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-183
Protocol-Specific and CAPF Information
Fill in the rest of the fields like any other phone (e.g.,
assign it a device pool, etc.) and assign it a Directory
Number.
Tell it to download
an LSC (Optional)
Step 4 Fill in the rest of the fields as you would any other phone, using the example that is
provided in the following table:
Setting Description
4-184 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring PKI-Based Cisco Unified
Communications Manager Security Features
This topic describes how to configure PKI-based security features in Cisco Unified
Communications Manager.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-185
Enabling Services Required for Security
This subtopic describes how to enable the required services for secure cluster operation.
When you enable security in a Cisco Unified Communications Manager cluster, you must
activate the following services:
Cisco CTL Provider: You must activate this service on all of the Cisco Unified
Communications Manager servers and Cisco TFTP servers of the cluster.
Cisco CAPF: You must activate this service on the publisher server if you deploy LSCs.
You can activate the Cisco Unified Communications Manager Services from the Cisco Unified
Communications Manager Serviceability Service Activation window.
4-186 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Enabling Encryption on the Cisco TelePresence Multipoint
Switch
This subtopic describes the steps that are required to implement secure multipoint conferences.
The following is a high-level overview of the steps that you must follow to implement a secure
multipoint conference:
Step 3 Upload the CAPF and Cisco Unified Communications Manager root certificates to
the Cisco TelePresence Multipoint Switch.
Step 4 Download the LSC.
Step 5 Map the SIP security profile for encrypted calls and the SIP nonsecure profile for
nonencrypted calls.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-187
Creating the Application User
CAPF Profile
Cisco TelePresence Multipoint Switch and Cisco TelePresence
Manager are CAPF clients.
Clients will use CAPF profile information to be authenticated
(allow it to become secured) by the server.
– Download the LSC to the Cisco Unified IP Phones, Cisco
TelePresence Manager, and the Cisco TelePresence
Multipoint Switch.
A profile cannot be shared.
You can set the certificate issuer (the CAPF itself or an external CA) and the IP address of the
external CA if the Cisco Unified Communications Manager software release that you are using
supports it. You can also modify some of the default values, such as the Rivest, Shamir, and
Adleman (RSA) key size or the certificate lifetime.
You must create an application-user CAPF profile for the Cisco TelePresence Manager and the
Cisco TelePresence Multipoint Switch to allow them to access the CAPF server. This enables
these devices to download the LSC.
4-188 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Unified Communications Manager
User Management > Application User
The Application User Configuration window in the Cisco Unified Communications Manager
Administration tool allows you to issue LSCs to secure application users. After you issue the
certificate and perform other security-related tasks, a TLS connection opens between the
CTIManager service and the application that is activated on the server.
The application user should have the following displayed in the permissions information field:
Standard CTI Enabled
Standard CTI Secure Connection
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-189
Application User CAPF Profile
Configuration
Add a new Application User CAPF Profile from the User
Management Menu in Cisco Unified Communications
Manager
The following table describes the CAPF profile configuration settings in Cisco Unified
Communications Manager:
Setting Description
Application User From the drop-down list, choose the application user for the
CAPF operation. This setting shows configured application
users.
This setting does not display in the End User CAPF Profile
window.
Certificate Operation From the drop-down list, choose one of the following options:
4-190 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Setting Description
Key Size (bits) From the drop-down list, choose the key size for the certificate.
The default setting is 1024. Other options include 512 and
2048.
Operation Completes by This field, which supports all certificate operations, specifies the
date and time by which you must complete the operation.
Certificate Operation Status This field displays the progress of the certificate operation, such
as pending, failed, or successful.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-191
Downloading X.509v3 Certificates
Download the CAPF.der root certificate for the CAPF server.
Download the CallManager.der root certificate for the publisher
and subscribers.
Security > Certificate Management
Follow these steps to download the X.509v3 certificate for the CAPF server:
Step 1 Log into the Cisco Unified Communications Operating System Administration on
the Cisco Unified Presence publisher.
Step 2 Choose Security > Certificate Management.
Step 3 Enter CAPF.der in the text box next to the Find button and then click Find.
Follow these steps to download the X.509v3 certificate for the Cisco Unified Communications
Manager publisher:
Step 1 Log into the Cisco Unified Communications Operating System Administration on
the Cisco Unified Presence publisher.
Step 3 Enter CallManager.der in the text box next to the Find button and then click Find.
Step 5 Rename the CallManager.der to CUCM0.der for the publisher and CUCM1.der for
the subscriber. Increase the number for each successive subscriber.
Step 7 Repeat Steps 1 through 6 until the X.509v3 certificates are collected for all of the
subscribers.
4-192 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Uploading Certificates to the
Cisco TelePresence Multipoint Switch
Upload CAPF root certificate.
Upload Cisco Unified Communications Manager root certificates.
Security Settings
Next, you must upload the X.509v3 certificates that you obtained from Cisco Unified
Communications Manager to the Cisco TelePresence Multipoint Switch. To upload the
CAPF.der file, log into the Cisco TelePresence Multipoint Switch, choose Security Settings,
and follow these steps:
To upload the CUCMx.der files, log into Cisco TelePresence Multipoint Switch and follow
these steps:
Step 1 Click Upload.
Step 2 Leave the Unit field set to CTM-Trust for Unit.
Step 3 Leave the Category field set to Trust.
Step 4 Click Browse.
Step 5 Choose CUCM0.der from your desktop and click Open.
Step 6 Click Upload.
Step 7 Wait for the upload to complete. The file will show in the list as CUCM0.pem.
Step 8 Repeat Steps 1 through 7 for all subscribers.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-193
Downloading the CAPF LSC
Note You will need the Application User, Instance ID, and Authentication String to download the
CAPF LSC.
Note You will see the message “Please wait while the CTMS server downloads the certificate and
restarts.”
Step 4 Wait until the Cisco TelePresence Multipoint Switch logs off as it is restarting with
security available.
4-194 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
SIP Trunk Encryption Configuration Procedure
This subtopic describes the steps that you use to configure SIP trunk encryption.
The following is a high-level overview of the steps that you must follow to configure SIP trunk
encryption:
Step 1 Set the Device Security Mode to Encrypted in a SIP trunk security profile.
Step 2 Set the X.509v3 certificate subject in the SIP trunk security profile.
Step 3 Apply the SIP trunk security profile to the trunk.
Step 4 Add the certificate of the issuer of the certificate of the peer to Cisco Unified
Communications Manager.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-195
Obtaining the Subject Name from the
Cisco TelePresence Multipoint Switch
Choose
CAPF-LSC
Click
View
When building the encrypted SIP trunk from Cisco Unified Communications Manager, you
must link a reference value for the X.509 Subject to allow for proper trunk authorization. To
find the X.509 Subject, view the CAPF-LSC from the Cisco TelePresence Multipoint Switch
and reference the Subject line, as shown in the figure.
4-196 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring an Encrypted SIP Trunk in
Cisco Unified Communications Manager
The following table describes the SIP Trunk Security Profile configuration settings in Cisco
Unified Communications Manager:
Setting Description
Name Enter a name for the security profile. When you save the new
profile, the name displays in the SIP Trunk Security Profile
drop-down list in the Trunk Configuration window.
Description Enter a description for the security profile.
Device Security Mode From the drop-down list, choose one of the following options:
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-197
Setting Description
Enable Digest Authentication Check this check box to enable digest authentication. If you
check this check box, Cisco Unified Communications Manager
challenges all SIP requests from the trunk.
4-198 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Configuring an Encrypted SIP Trunk in
Cisco TelePresence Multipoint Switch
1. Click the SIP Profile Settings tab.
2. For Device Security, choose one of the following:
– Encrypted with SDP Keys for Cisco Unified Communications
Manager Version 7.0
– Encrypted without SDP Keys for Cisco Unified
Communications Manager Version 6.1.3
To configure the Cisco TelePresence Multipoint Switch end of the encrypted SIP trunk, follow
these steps:
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-199
System Configuration > Security
Settings
Setting the Meeting Security Policy
The Meeting Security Policy is configured from the System Configuration > Security Settings
administration screen on the Cisco TelePresence Multipoint Switch. There are three Meeting
Security Policy options, which indicate the meeting security policy for this Cisco TelePresence
Multipoint Switch:
Secured Meeting:
— Only secure Cisco TelePresence systems (and secure audio add-in) can join in this
meeting type.
— If a nonsecure Cisco TelePresence system tries to join the meeting, the call will be
rejected.
— If a nonsecure audio add-in joins (the Conf/Join button pressed), that Cisco
TelePresence System will be dropped from the meeting.
— The Secure icon (Lock icon) appears.
Non-Secured Meeting:
— Any Cisco TelePresence system (secure or nonsecure) can join.
— The nonsecure icon (Unlock icon) appears.
Best-Effort Meeting:
— A best-effort meeting is secure as long as all of the Cisco TelePresence system and
audio add-ins in the meeting are secure.
— A best-effort meeting is downgraded to nonsecure if a nonsecure Cisco TelePresence
system or nonsecure audio add-in joins the meeting.
— During a downgrade, the user sees a remote hold, unlock icon, and then video.
If no security certificates have been downloaded, the Cisco TelePresence Multipoint Switch
automatically selects "Non-Secured."
4-200 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
If the security certificates expire, or you change the Cisco Unified Communications Manager
server with which you are interfacing, you must delete all security certificates and then add new
ones. Until you re-establish new security certificates, you cannot make secure Cisco
TelePresence calls.
Note All Cisco TelePresence systems prior to Release 1.5 are considered legacy endpoints and
will have a meeting security policy of nonsecure. All “Interop” meetings have a meeting
security policy of nonsecure, and all scheduled meetings always have a meeting security
policy of best-effort.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-201
Summary
This topic summarizes the key points that were discussed in this lesson.
Summary
Cisco TelePresence follows the Cisco Unified Communications
security architecture with the addition of DTLS. It supports secure
full-media and signaling encryption for multipoint sessions and
encrypted audio add-on calls.
You add a security profile for Cisco TelePresence using the Cisco
Communications Manager administration in Cisco Unified
Communications Manager.
For a Cisco TelePresence Multipoint Switch to establish an
encrypted SIP trunk, it must download the X.509v3 certificates for
both the CAPF server and Cisco Unified Communications
Manager before it can download the LSC.
4-202 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Module Summary
This topic summarizes the key points that were discussed in this module.
Module Summary
The Cisco TelePresence Multipoint Switch allows geographically
dispersed organizations to hold Cisco TelePresence meetings
across multiple locations reliably and easily.
Cisco TelePresence Manager simplifies the scheduling and
management of Cisco TelePresence virtual meeting room
solutions.
With Cisco TelePresence interoperability, customers can bring
existing standards-based video-conferencing sessions into a
Cisco TelePresence meeting.
One of the notable features of Cisco TelePresence is its ability to
integrate Microsoft Exchange or Lotus Notes with Cisco
TelePresence Manager and Cisco Unified Communications
Manager.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-203
The Cisco TelePresence Multipoint Switch is designed to support multipoint Cisco
TelePresence meetings for up to 48 table segments (48 single-screen systems, 16 three-screen
systems, or a mix of both) in a single meeting. Maintaining a true “in person” experience for a
multipoint meeting requires strict network service level agreements (SLAs) and a well planned
multipoint deployment.
Cisco TelePresence Manager software makes it easy for you to schedule and manage Cisco
TelePresence calls. As an integral part of the Cisco TelePresence experience, Cisco
TelePresence Manager facilitates call scheduling and setup from common enterprise
groupware, such as Microsoft Exchange and Lotus Notes. Cisco TelePresence Manager enables
you to schedule meetings, in advance, and send appropriate status messages to the XML
interface of the Cisco Unified IP Phone 797xG. Because not all customers use Microsoft
Exchange or Lotus Notes and Lotus Domino, Cisco provides other methods to create the One-
Button-to-Push meeting launch and to display the locations on the Cisco TelePresence phone.
The Cisco TelePresence Recording Server transforms a Cisco TelePresence room into a high-
definition recording studio. Using an intuitive user interface, you can create high-quality video
to deliver rich, immersive messages immediately for internal and external communications,
such as training or crisis management. Distributing and viewing video content is easy and you
can replay recordings on Cisco TelePresence endpoints or on the web using standard browser-
based players.
With Cisco TelePresence interoperability, customers can bring existing standards-based video-
conferencing sessions into a Cisco TelePresence meeting by interfacing with virtually all
standards-based video-conferencing systems that are currently installed. This interoperability
provides customers with a strategy to expand their collaborative functionality to a wider
audience as they manage their Cisco TelePresence installations.
Intercompany Cisco TelePresence uses a secure connection from your service provider to call
directly from a Cisco TelePresence room on your network to a Cisco TelePresence room on the
network of a different company.
Cisco TelePresence follows the existing Cisco Unified Communications security architecture
with the addition of unique Datagram Transport Layer Security (DTLS) key exchange. Cisco
TelePresence also supports secure full media and signaling encryption for multipoint sessions
and encrypted audio add-on calls.
References
For additional information, refer to these resources:
Cisco Systems, Inc. Design Zone for Unified Communications.
http://www.cisco.com/en/US/netsol/ns818/networking_solutions_program_home.html.
Cisco Systems, Inc. Design Zone for Video: TelePresence.
http://www.cisco.com/en/US/netsol/ns930/networking_solutions_sub_program_home.html.
Cisco Systems, Inc. Cisco Unified Communications Manager (CallManager): Maintain and
Operate Guides.
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.ht
ml.
4-204 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco Systems, Inc. Configuration Guide for the Cisco Unified Videoconferencing 3545
MCU Release 5.5.
http://www.cisco.com/en/US/docs/video/cuvc/5_5/mcu/3545/configuration/guide/cuvc_354
5config_wrapper.html.
Cisco Systems, Inc. Cisco TelePresence for Intercompany Communications
http://www.cisco.com/en/US/prod/collateral/ps7060/ps8329/ps8330/ps8333/prod_qas0900a
ecd80717c60.html
Cisco Systems, Inc. Cisco TelePresence Multipoint Switch Release 1.5 Command Reference
http://www.cisco.com/en/US/docs/telepresence/multipoint_switch/1_5/cmd_ref/dh_cli_5.ht
ml
Cisco Systems, Inc. Cisco TelePresence Manager Release 1.5 Administration Guide
http://www.cisco.com/en/US/docs/telepresence/cts_manager/1_5/Admin_Guide/CTS-
Man1_5.html
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-205
4-206 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Module Self-Check
Use the questions here to review what you learned in this module. The correct answers and
solutions are found in the Module Self-Check Answer Key.
Q1) Which one of the following statements about the Cisco TelePresence Multipoint Switch
is true? (Source: Understanding the Cisco TelePresence Multipoint Switch)
A) The web-based administration has three role-based profiles: system
administration, conference management, and technical tasks.
B) If the VIP Mode is selected, one endpoint is defined as the "VIP" and is
displayed to all endpoints.
C) The Cisco TelePresence Multipoint Switch is a hardware-based solution that
supports 1080p and 720p high-definition standards.
D) The Cisco TelePresence Multipoint Switch supports motion-activated
switching.
Q2) Cisco has implemented a new flow control feature between the Cisco TelePresence
Multipoint Switch and Cisco TelePresence system endpoints to help control bandwidth
use during multipoint meetings. (Source: Understanding the Cisco TelePresence
Multipoint Switch)
A) true
B) false
Q3) The Cisco TelePresence Multipoint Switch provides both scheduled and nonscheduled
meeting support. However, you cannot add another party when an active meeting has
started. (Source: Understanding the Cisco TelePresence Multipoint Switch)
A) true
B) false
Q4) You must have Cisco TelePresence Multipoint Switch Release 1.5 and Cisco
TelePresence Manager Release 1.5 to support encrypted multipoint. (Source:
Understanding the Cisco TelePresence Multipoint Switch)
A) true
B) false
Q5) Which one of the following statements about the Cisco TelePresence Multipoint Switch
is false? (Source: Understanding the Cisco TelePresence Multipoint Switch)
A) Multipoint meetings are just multiple point-to-point meetings that terminate on
a Cisco TelePresence Multipoint Switch.
B) A single Cisco TelePresence Multipoint Switch is capable of simultaneously
terminating 16 Cisco TelePresence Systems 3000 and 3200 rooms.
C) To calculate the maximum throughput for a multipoint switch, multiply the
maximum number of table segments by 10 Mb/s.
D) Maintaining the required SLAs for Cisco TelePresence can be challenging
when multipoint is added to the network.
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-207
Q6) Match the following Cisco TelePresence Multipoint Switch meeting options with one
or more of the appropriate statements. (Source: Understanding the Cisco TelePresence
Multipoint Switch)
A) Nonscheduled
B) Scheduled
C) Combined
_____ 1. This option is not recommended for an environment in a large dispersed
network with distributed Cisco TelePresence Multipoint Switches.
_____ 2. One-Button-to-Push dialing and resource management is not available for
some meetings.
_____ 3. Cisco TelePresence Manager is required for integration with Microsoft
Exchange and Cisco TelePresence Multipoint Switch resource and location
management.
_____ 4. The ’One-Button-to-Push feature is always available for these meetings.
_____ 5. Cisco TelePresence Manager is not required.
Q7) The Cisco TelePresence Multipoint Switch supports connections among 48 single-
screen Cisco TelePresence Systems 500, 1000, 1100, or 1300. (Source: Understanding
the Cisco TelePresence Multipoint Switch)
A) true
B) false
Q8) Centrally locating multipoint resources for small deployments prevents unnecessary
latency that is caused by back-hauling calls to a site at the far edge of the network.
(Source: Understanding the Cisco TelePresence Multipoint Switch)
A) true
B) false
Q9) Cisco TelePresence System Manager is not required in distributed deployments for
scheduled meetings. (Source: Understanding the Cisco TelePresence Multipoint
Switch)
A) true
B) false
Q10) With room-switching, when the active speaker (loudest speaker for more than three
seconds) changes, all table segments from that room will be displayed simultaneously
in the other rooms. (Source: Understanding the Cisco TelePresence Multipoint Switch)
A) true
B) false
Q11) With speaker-switching, at any given time, participants in a room may be viewing
images from three different rooms. (Source: Understanding the Cisco TelePresence
Multipoint Switch)
A) true
B) false
4-208 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Q12) Which one of the following statements about the Cisco TelePresence Manager is true?
(Source: Understanding the Cisco TelePresence Manager)
A) End users can only obtain audio-only assistance, including moderated meetings
and adding meeting participants who are not using Cisco TelePresence
endpoints.
B) By synchronizing its local Informix database with the Exchange Information
Store database, Cisco TelePresence Manager tracks meeting requests that
include one or more of the meeting rooms in Exchange.
C) Cisco TelePresence Manager uses different One-Button-to-Push integration
steps for point-to-point and multipoint meetings.
D) Cisco TelePresence Manager is a Windows-based appliance running on a
Cisco 7800 Series Media Convergence Server platform.
Q13) Cisco TelePresence Manager integrates with enterprise groupware, including Microsoft
Exchange and Lotus Notes, for easy scheduling through your calendar. (Source:
Understanding the Cisco TelePresence Manager)
A) true
B) false
Q14) You must create an application user for Cisco TelePresence Manager to interact with
Cisco Unified Communication Manager. (Source: Understanding the Cisco
TelePresence Manager)
A) true
B) false
Q15) Multiple Exchange Servers cannot exist within a single forest and domain. (Source:
Understanding the Cisco TelePresence Manager)
A) true
B) false
Q16) Form-based authentication must be disabled for the Exchange virtual server on the
Client Access Server website and Exchange mailbox server. (Source: Understanding
the Cisco TelePresence Manager)
A) true
B) false
Q17) Integration with Domino allows you to schedule both point-to-point and multipoint
Cisco TelePresence meetings, however, calendared meeting information is not
automatically sent to the Cisco TelePresence in-room phone. (Source: Understanding
the Cisco TelePresence Manager)
A) true
B) false
Q18) Cisco TelePresence Manager can manage several Cisco TelePresence Multipoint
Switch resources and will select the best resource to service a Cisco TelePresence
session based on the median time zone and then on Cisco TelePresence Multipoint
Switch resource availability. (Source: Understanding the Cisco TelePresence Manager)
A) true
B) false
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-209
Q19) Which one of the following functions about multipoint meeting management is true?
(Source: Understanding the Cisco TelePresence Manager)
A) It provides a decentralized scheduled-meeting view.
B) It provides the ability to import meeting details.
C) It provides the ability to view the status of scheduled meetings.
D) It provides the ability to migrate (move) nonscheduled meetings from one
multipoint device to another.
Q20) Which one of the following features do you still have if you are not using Cisco
TelePresence Manager? (Source: Exploring One-Button-to-Push without Cisco
TelePresence Manager)
A) One-Button-to-Push feature
B) Concierge button
C) Scheduled multipoint meetings and geographical selection of multipoint switch
resources
D) Ability to select from a list of speed dials
Q21) Users may continue to employ their existing email and calendaring applications for
scheduling meetings and rooms. However, the phone user interface will not display a
schedule of meetings without Cisco TelePresence Manager. (Source: Exploring One-
Button-to-Push without Cisco TelePresence Manager)
A) true
B) false
Q22) For deployments of six or more rooms, configure a static multipoint number for each
room. Whichever room the host of the meeting will be using is the number that
everyone dials for that specific meeting. (Source: Exploring One-Button-to-Push
without Cisco TelePresence Manager)
A) true
B) false
Q23) Interoperability works through the Cisco TelePresence Multipoint Switch and Cisco
Unified Videoconferencing, which also supports multipoint for standard video-
conferencing streams. (Source: Examining Cisco TelePresence Interoperability)
A) true
B) false
Q24) Which one of the following is a benefit of Cisco TelePresence Interoperability?
(Source: Examining Cisco TelePresence Interoperability)
A) It maintains the rich 1080p experience for all Cisco TelePresence meeting
participants.
B) It provides standards-based interoperability with minimal additional hardware
requirements.
C) The customer must purchase software updates to Cisco TelePresence systems
and Cisco TelePresence Multipoint Switch.
D) Cisco provides a Cisco Unified Videoconferencing MCU at no extra charge.
4-210 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Q25) Interoperability will increase the amount of bandwidth that is required to and from each
Cisco TelePresence system by an additional 768 kb/s in order to transmit and receive
the Common Intermediate Format (CIF) and G.711 streams. (Source: Examining Cisco
TelePresence Interoperability)
A) true
B) false
Q26) The CIF video that is received from Cisco Unified Videoconferencing is scaled to 4
times CIF resolution (4CIF) by the Cisco TelePresence system codec. It is then
displayed on the Cisco TelePresence 65-inch 1080p display that is surrounded by gray
borders. (Source: Examining Cisco TelePresence Interoperability)
A) true
B) false
Q27) To connect the Cisco Unified Videoconferencing MCU to Cisco Unified
Communications Manager, you must establish SIP-trunk connectivity to match the SIP
parameters that the Cisco Unified Videoconferencing MCU requires. (Source:
Examining Cisco TelePresence Interoperability)
A) true
B) false
Q28) Which one of the following is false about the Cisco TelePresence Recording Server?
(Source: Working with the Cisco TelePresence Recording Server)
A) It provides an additional application and utility for existing Cisco TelePresence
rooms with minor upgrades.
B) It creates studio-quality video recordings at a fraction of the cost for TV studio
time.
C) The extraordinary quality of the Cisco TelePresence experience is preserved
when recordings are played back on endpoints.
D) It has the ease of use and low cost of a webcam, but it has higher quality and
can create and distribute videos faster.
Q29) With the Cisco TelePresence Recording Server, you can create multiple resolutions
instantly and simultaneously. (HD and CIF video, plus the data presentation channel)
(Source: Working with the Cisco TelePresence Recording Server)
A) true
B) false
Q30) The Cisco TelePresence Recording Server supports 48 simultaneous recording and
playback sessions. It can store more than 300 hours of high-definition 1080p video
recording content along with the data presentation channel and a CIF version for PC
browser playback. (Source: Working with the Cisco TelePresence Recording Server)
A) true
B) false
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-211
Q31) Match the following Cisco TelePresence deployment models with one or more of the
appropriate statements. (Source: Examining Intercompany Communications)
A) intracompany
B) intracompany MPLS
C) intercompany
_____ 1. This model was engineered with an understanding of both enterprise and
service provider requirements.
_____ 2. This model divides the overall network into a customer-controlled part (the
C-network) and a provider-controlled part (the P-network).
_____ 3. This model is based on multiple locations within the same enterprise using
VPN services across multiple locations of the same division.
_____ 4. Software Release 1.5 is required for Cisco TelePresence system, Cisco
TelePresence Manager, and Cisco TelePresence Multipoint Switch.
_____ 5. Isolate the entire enterprise into a single VRF instance, providing routing
to and from each member site in the VRF.
Q32) ENUM links a telephone number to either an Internet host or other Internet resources
that can connect the call, either end-to-end over IP networks or through a designated
gateway to the PSTN. (Source: Examining Intercompany Communications)
A) true
B) false
Q33) Unified Border Element enhances the PSTN-to-IP features of a traditional Cisco
gateway by adding the capability to join two VoIP or video communications networks
requiring the transit through the TDM-based PSTN. (Source: Examining Intercompany
Communications)
A) true
B) false
Q34) The SBC must have one routable address per VPN. The addresses can be in
overlapping subnets because of the ability of the SBC to distinguish between routing
instances or VRFs. The VRF of each VPN is still hidden from other VPNs and is
accessible only from the SBC. (Source: Examining Intercompany Communications)
A) true
B) false
Q35) IP routing can be implemented with or without NAT or PAT on the Firewall. (Source:
Examining Intercompany Communications)
A) true
B) false
Q36) Security concerns, when implementing intercompany Cisco TelePresence, are topology
and address hiding, and preventing fraud and theft of service. The SIP signaling
protocol was designed not to pass details across borders. (Source: Examining
Intercompany Communications)
A) true
B) false
4-212 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Q37) Cisco TelePresence systems will support Secure Real-Time Transport Protocol (SRTP)
using HMAC-SHA-1 Auth Tags and AES-128-ICM encryption. (Source: Examining
Intercompany Communications)
A) true
B) false
Q38) Match the following elements of a managed intercompany solution with the appropriate
feature. (Source: Examining Intercompany Communications)
A) network services
B) session services
C) application services
D) operational services
_____ 1. performance management
_____ 2. scheduling
_____ 3. call control
_____ 4. end-to-end QoS
Q39) Match the following terms with the appropriate description. (Source: Examining Cisco
TelePresence Security)
A) network infrastructure
A) call processing systems
B) endpoints
C) applications
_____ 5. unified messaging, conferencing, customer contact, and custom tools
_____ 6. servers and associated equipment for call management and control
_____ 7. services that connect to the IP communications network
_____ 8. the foundation that carries all IP data, voice, and video traffic
Q40) Starting with Cisco TelePresence Multipoint Switch Release 1.5, MPE supports full
media and signaling encryption with no discernable latency to the Cisco TelePresence
call for up to 48 segments. (Source: Examining Cisco TelePresence Security)
A) true
B) false
Q41) Before Cisco TelePresence Multipoint Switch Release 1.5, calls with an audio add-on
were automatically encrypted for security. (Source: Examining Cisco TelePresence
Security)
A) true
B) false
Q42) Cisco TelePresence security is based on Cisco Unified Communications. The only
unique feature is the addition of DTLS. (Source: Examining Cisco TelePresence
Security)
A) true
B) false
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-213
Q43) To configure Cisco Unified Communications Manager for Cisco TelePresence
interoperability, you must create a SIP trunk security profile and a SIP trunk using the
same configuration parameters as a SIP trunk for a Cisco TelePresence Multipoint
Switch. (Source: Examining Cisco TelePresence Security)
A) true
B) false
4-214 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Module Self-Check Answer Key
Q1) B
Q2) A
Q3) A
Q4) B
Q5) C
Q6) 1-A
2-C
3-B
4-B
5-A
Q7) A
Q8) A
Q9) B
Q10) B
Q11) A
Q12) B
Q13) A
Q14) A
Q15) B
Q16) A
Q17) B
Q18) A
Q19) C
Q20) D
Q21) A
Q22) A
Q23) A
Q24) B
Q25) A
Q26) B
Q27) B
Q28) A
Q29) A
Q30) B
© 2011 Cisco Systems, Inc. Cisco TelePresence Extended System Features 4-215
Q31) 1-C
2-B
3-A
4-C
5-B
Q32) A
Q33) B
Q34) A
Q35) A
Q36) B
Q37) A
Q38) 1-D
2-C
3-B
4-A
Q39) 1-D
2-B
3-C
4-A
Q40) A
Q41) B
Q42) A
Q43) A
4-216 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Appendix 1
Cisco TelePresence
Interoperation using the MXE
5600 Video Gateway
Overview
This appendix covers these important topics:
Cisco TelePresence Interoperability Solutions
Point-to-Point interoperability between a Cisco TP endpoint and a (supported) non-TP
endpoint
Preserve TP experience [one button to push (TP side), positional audio (CTS3000/3200),
720p video (will support 1080p)]
Cisco Unified Communications Manager (CUCM) is the center of the MXE universe. Will
be able to use in conjunction with VCS (instead of IOS Gatekeeper), but CUCM will still
be required to handle call routing to MXE
NOT a direct competitor to CTMS or TelePresence Server, both of which provide bridge
functionality and not point-to-point gateway functionality. MXE can work in cooperation
with either (permit 3rd party VC participation in TP bridge, or p2p direct dialing for TPS)
Flexibility of platform - can have new applications integrated into existing chassis (media
transformation, analytics, high-capacity real-time recording and, streaming), flexible
deployment (one MXE can service multiple CUCMs, multiple MXEs on one CUCM).
Cisco TelePresence Interoperability Requirement
Cisco TelePresence Interoperability
Requirement
Cisco Cisco
TelePresence VC Endpoints
Endpoints
• The Cisco VC family includes a broad
variety of HD and SD endpoints Cisco 99XX
CUCIMOC
CTS 3200 • These devices, along with third party CUCIRTX
CUPC
devices from Polycom and Lifesize,
cannot connect directly with
CTS 3000 TelePresence devices Tandberg
C Series
• Cisco offers several interoperability EX 90/MXP
options which preserve the
CTS 1300 TelePresence HD experience
Tandberg
MOVI
3rd Party
CTS 1000
VC Endpoints
Polycom
CTS 500 Lifesize
A1-2 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Interoperability Solutions
Cisco TelePresence Interoperability
Solutions
Cisco Media
•Transcode, Transcribe, Translate
Experience Engine •Any to Any Interworking
•Network and video layers
MXE •Video gateway application
•Medianet Services Integration
Cisco TelePresence
Server •Traditional MCU Platform
•Broad interop standards support
•Continuous Presence Formats
TPS
TelePresence
Interoperability •Open Standard
Integration •Single and Multistream
TIP
Each of these options can be combined as required for a specific use case
© 2011 Cisco Systems, Inc. All rights reserved. 3
There are several ways that Cisco makes interoperation a reality which are not mutually
exclusive. The MXE 5600 has some differentiating features such as the ability to provide
interworking between both network and video protocols in real time. This capability allows
video endpoints to communicate with each other and with Cisco TelePresence endpoints. For
example, the MXE 5600 can compensate for lesser video quality due to endpoint or network
limitations and preserve the TelePresence experience during each call.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-3
MXE 5600 and the Cisco Video Conferencing
Family
MXE 5600 and the
Cisco Video Conferencing Family
Cisco Cisco
TelePresence VC Endpoints
Endpoints CT
Manager
Cisco 99XX
CUCIMOC
CTS 3200 MXE 5600 SIP CUCIRTX
CUPC
HTTP
Cisco TelePresence
Multipoint Switch VCS
CTS 1300
Tandberg
MOVI
Cisco Unified
Communications Manager
3rd Party
CTS 1000
VC Endpoints
Polycom
CTS 500 Tandberg TelePresence Server Lifesize
Management MCU
Server
© 2011 Cisco Systems, Inc. All rights reserved. 4
The MXE 5600 is a member of the Cisco video conferencing family, along with CTMS and
TelePresence Server. It transparently provides compatibility among all types of video endpoints
while allowing the CTMS and TPS MCUs to provide conference bridging functionality. All of
these components can work together to meet the use case for specific customers.
A1-4 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
MXE 5600 Platform
Fan Fan
Unit Unit
2 (Additional Media Processing 1
Pull Modules 2 and 3 or other single or Push
double height future modules)
The MXE 5600 is 6 RU high and contains 8 slots. The MPM consumes two slots so a total of 3
MPMs can be installed. The chassis is designed for high availability through 1+1 and n+1
redundancy. It includes very high performance DSPs to handle HD video decoding and
encoding with very little delay.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-5
MXE 5600 Software
A1-6 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
MXE 5600 Flexible Architecture
CLI
SP Conference Mgr AP gSOAP
stack Interface
Media processing features and associated applications can be added to this modular
architecture.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-7
MXE 5600 Video Gateway Application
The interop video gateway application is the first MXE 5600 application. This application
Preserves TP features such as spatial audio, video scaling and enhancement, all CTMS
conference controls, OBTP for CTS, dial-in or dial-out (including ad-hoc) from CTMS
A1-8 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
MXE 5600 Video Quality Enhancements
MXE 5600 Video Quality Enhancements
“Preserving the TelePresence Experience”
The interop application assures that the TelePresence experience is preserved for any supported
endpoint by compensating for source video quality.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-9
The MXE 5600 Compensates for Varying Network
Conditions
The MXE 5600 Compensates for
Varying Network Conditions
• Error Concealment
Predicts motion path of objects to result in fluid movement
Reduces / eliminates random pixelation
• Adaptive Jitter Buffer
Responds to changing network delays
• Reduces network burstiness
Supports Telepresence GDR and LTRP
• Bandwidth compensation
Makes endpoints on relatively low bandwidth links “appear” as
close to HD as possible
A1-10 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Multipoint Interoperability Using the Cisco
TelePresence Server
Multipoint Interoperability Using
the Cisco TelePresence Server
Active Segment
Cascade
London SIP, H.323 or H.320
Videoconferencing
Phone and
New York Desktop
Single Screen HD
H.264 720p
AAC-LD
G.722
Any video format TPS supports
Any audio format TPS supports
The Cisco TelePresence Server is an MCU
© 2011 Cisco Systems, Inc. All rights reserved. 11
Let’s start with an example of interoperability provided by the TPS. Non-Telepresence devices
call into the TPS MCU and then a call is made from CTMS to the TPS which bridges the two
conferences. Participants all see the currently active segment.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-11
Point-to-Point and Multipoint Interoperability
Using the MXE 5600
Point-to-Point and Multipoint
Interoperability Using the MXE 5600
Cisco
VC Endpoints
Cisco
TelePresence Endpoints
Cisco 99XX
CUCM
H.323 H.323 CUCIMOC
H.323 Gatekeeper Signaling
Trunk CUCIRTX
CUPC
SIP Signaling
SIP
Trunk
VCS Control
Tandberg
C Series
EX 90/MXP
SIP
CTMS Trunk Tandberg
MOVI
RTP Transport
Video and Audio 3rd Party
RTP Transport
VC Endpoints
Calls are initiated via either SIP or H323 and routed to the MXE 5600 via SIP. The MXE 5600
answers the inbound call and then “hairpins” the call to the destination endpoint. During the
call it sits in the middle performing all of the necessary interop functions such as transcoding
and stream protocol conversions, effectively emulating a CTS-1000 on the Telepresence side.
A1-12 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
How CUCM Routes Calls to the MXE 5600
How CUCM Routes Calls to the MXE 5600
Cisco
TelePresence Non-Telepresence
Endpoint DN=10XX CUCM H.323 IOS/VCS Endpoint DN = 20XX
SIP - Directly Registered Trunk Gatekeeper H.323
Transcoded call from 2001
2001 places call to 1001
SIP
Route to MXE
“Hairpin” call to 1001
Trunk
SIP
Trunk
CTMS
MXE 5600
• The CUCM is responsible for deciding which calls are routed to the
MXE 5600
• Calls are routed from the CUCM to the MXE 5600 via a SIP trunk
• The MXE 5600 detects endpoint types using the SIP from/to patterns
Calls between similar endpoint types and not requiring interop are rejected
• Two separate call legs are formed – one to each endpoint
© 2011 Cisco Systems, Inc. All rights reserved. 13
The CUCM uses calling search spaces and route partitions to decide which calls should be
routed to the MXE 5600 for interop. The MXE 5600 determines endpoint types and therefore
which protocols to use from the SIP from/to DNs. After the first leg of a call is answered, the
MXE 5600 makes a separate outbound “hairpin” call over the same SIP trunk to the destination
endpoint.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-13
MXE 5600 Capacity
MXE 5600 Capacity
• A single media processing blade supports up to 30 ports
• Each call leg requires one bi-directional media processing port
Up to 15 CTS Up to 15 VC
endpoints endpoints
One port
per call leg
Up to 15 (=30/2) point-to-point 720p HD calls between CTS and VC endpoints per blade
Up to 48-15 = 33 Up to 15 VC
CTMS “segments” endpoints
CTMS
A1-14 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Cisco TelePresence Manager and the MXE 5600
Cisco TelePresence Manager and the
MXE 5600
Control
CUCM LDAP/Exchange
CTS-Manager
MXE 5600
MXE 5600
Multipoint
Application
Endpoints
The MXE 5600 can be controlled by the CTS Manager to set aside interoperability resources
for scheduled meetings. One button to push is preserved on the TelePresence phones and non-
Telepresence VC endpoints appear in an associated WebEx meeting if included by the
organizer.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-15
MXE 5600 Interop and WebEx
MXE 5600 Interop and Webex
Cisco Cisco
TelePresence VC Endpoints
Endpoints CTS VC endpoints dial a
Manager meeting access code
connecting them to
the CTMS
Cisco 99XX
CUCIMOC
CTS 3200 MXE 5600 SIP CUCIRTX
CUPC
HTTP
Cisco TelePresence
Multipoint Switch VCS
CTS 1300
Tandberg
MOVI
Cisco Unified
Communications Manager
3rd Party
CTS 1000
VC Endpoints
*Only signaling paths are shown in this diagram– media flows via RTP
© 2011 Cisco Systems, Inc. All rights reserved. 16
CTSMAN has an option to allow WebEx participants to join a scheduled meeting among both
TelePresence and non-TelePresence VC endpoints. The VC endpoints transcoded by the MXE
5600 appear in the meeting just like Telepresence endpoints.
A1-16 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
MXE 5600 and TPS Deployed Together
MXE 5600 and TPS Deployed Together
Cisco Cisco
TelePresence VC Endpoints
Endpoints CTS
Manager
Cisco 99XX
CUCIMOC
CTS 3200 MXE 5600 SIP CUCIRTX
CUPC
HTTP
Cisco TelePresence
Multipoint Switch VCS
CTS 1300
Tandberg
MOVI
Cisco Unified
Communications Manager
3rd Party
CTS 1000
VC Endpoints
Tandberg
Management
Server
Polycom
CTS 500 TelePresence Server Lifesize
MCU
*Only signaling paths are shown in this diagram– media flows via RTP
© 2011 Cisco Systems, Inc. All rights reserved. 17
Deployed together, the complete solution allows any-to-any video communication – PTP, MTP
through CTMS, and MTP through TPS. An existing customer can add the MXE 5600 to a TPS
deployment at any time to allow any-to-any PTP communication.
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-17
Scalability: Multiple MXE 5600 per CUCM
Scalability: Multiple MXE 5600s per CUCM
Cisco
VC Endpoints
Cisco
TelePresence Endpoints
Cisco 99XX
CUCM
H.323 H.323 CUCIMOC
H.323 Gatekeeper Signaling
Trunk CUCIRTX
CUPC
SIP Signaling
SIP
Trunk
VCS Control
Tandberg
C Series
EX 90/MXP
SIP
Trunks
CTMS
Tandberg
MOVI
RTP Transport
Video and Audio 3rd Party
RTP Transport
VC Endpoints
VCS Control
Tandberg
C Series
EX 90/MXP
Multiple SIP
Trunks
CTMS
Tandberg
MOVI
RTP Transport
Video and Audio 3rd Party
RTP Transport
VC Endpoints
Each CUCM cluster points to the same MXE 5600 IP address and SIP TCP port number. Each
MXE 5600 will respond to the IP address of the CUCM originating the SIP invite, including the
outbound hairpin call.
A1-18 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.
Load Balancing and High Availability
© 2011 Cisco Systems, Inc. Cisco TelePresence Interoperation using the MXE 5600 Video Gateway A1-19
A1-20 Implementing Cisco TelePresence Solutions (ITS) v1.1 © 2011 Cisco Systems, Inc.