BRKCOL-2610

Cisco Interoperability with

Microsoft
Part 1 - Collaboration

Tobias Neumann
Agenda • Introduction
• Architectural Considerations for Interoperability
• Lync & Skype for Business Server
• Skype for Business Online
• Microsoft Teams

• Legacy Telephony Interoperability Lync & Skype for

Business
• Legacy Chat & Presence Interoperability Lync & Skype for
Business
• Cloud Collaboration
• Microsoft Teams
• Cisco Webex Teams

• Conclusion
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Architectural
Considerations for
Interoperability
Architectural Considerations
• What technical options do exist in each solution to achieve
interoperability?
• What is the user experience?
• What are the operational aspects of a chosen scenario?

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Technical Options for Interoperability
Audio Telephony

Lync & Skype for Business Server (On-Premise)

• Enterprise Voice (Mediation Server) – Microsoft Client as a softphone
with telephony functionality
• Remote Call Control* – Control existing 3rd party PBX or Microsoft
certified device
“… In Skype for Business Server, this feature has been replaced with Call Via Work. In the
client versions for Skype for Business Server 2015 and going forward, remote call control is
no longer available to configure in the client and has been removed for use.“
*Microsoft Skype for Business RCC Reference:
https://technet.microsoft.com/en-us/library/gg558658.aspx

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Technical Options for Interoperability
Audio Telephony

Lync & Skype for Business Online (O365)

• Cloud Connector – Cloud registered Microsoft Client as a softphone with
telephony functionality
Not tested or verified by Cisco. No future
plans with Microsoft’s shift towards Teams.
Starting October 1, 2018, new Office 365 customers with 500
seats or less will be onboarded to Teams and will not have access
to Skype for Business Online. Tenants that are already using
Skype for Business Online will be able to continue doing so
(including provisioning new users) until they complete their
transition to Teams. To learn more, see Microsoft Teams now the
Set of preconfigured primary client for meetings and calling in Office 365.
HyperV Virtual Machines https://docs.microsoft.com/en-us/microsoftteams/faq-journey

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Technical Options for Interoperability
Audio Telephony

Microsoft Teams (O365)

• Direct Routing – Cloud communication with Microsoft certified SBC for
integration with PSTN (gateway/SIP-Trunk) or existing PBX

SBC Certification requires support of

proprietary Microsoft Features (MS-SIP,
Codecs, Media Bypass).
Dial plan configuration in Microsoft Cloud
PBX, SBC and 3rd party PBX/SBC
Not supported with CUBE

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Technical Options for Interoperability
Messaging & Presence

Lync & Skype for Business Server (On-Premise)

• SIP Routing (MS-SIP) for intra & inter domain federation
• XMPP only tested and supported for federation with Google Talk
(discontinued)
https://docs.microsoft.com/en-us/lyncserver/lync-server-2013-configuring-sip-federation-xmpp-federation-and-public-instant-messaging

Skype for Business Online (O365)

• SIP Routing (MS-SIP) inter domain federation only
“…Federation in Office 365 is only supported between other Skype for Business environments, with
appropriately configured Access Proxy or Edge servers. ...“
https://docs.microsoft.com/en-us/office365/servicedescriptions/skype-for-business-online-service-description/skype-for-business-online-features

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Technical Options for Interoperability
Messaging & Presence

Microsoft Teams (O365)

• Communication with Teams users in other organization
• Federation with Skype for Business Online
• Skype for Business Server must be in O365 hybrid mode
no federation for pure on-premises Skype for Business deployments.
https://docs.microsoft.com/en-us/microsoftteams/teams-and-skypeforbusiness-coexistence-and-interoperability

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Technical Options for Interoperability
Video & Meeting

Lync & Skype for Business Server, Skype for Business Online
• Microsoft supports point to point and multipoint video
• A variety of video integrations and interoperability scenarios is available
(supported by Cisco Meeting Server or Webex) to enable Microsoft MS-
SIP and Microsoft Video codecs to interact with standards based SIP and
h.264 AVC
Microsoft Teams
• Limited scope 3rd party transcoding solution available.
Cisco intents to offer interoperability utilizing customers existing
investments. (Forward looking statement subject to change)

BRKCOL-2611, Microsoft Interoperability Part 2 (Video & Meetings)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
User Experience
Operational Aspects
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
 “How do I connect my existing
Many options… Cisco Voice Infrastructure to my
Microsoft real estate?”
“Which way can I provide a
compelling user experience?”
“How can I communicate with
my business partners, who are
… I am not going to tell using Microsoft, from my Cisco
Collaboration Solution?”
you the answer…
“What options do I have to
integrate collaboration
capabilities in my Microsoft
Application Suite?”

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Choice is yours…

This sessions tells you what to choose from...

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Do yourself a favor ….
We’re all engineers…
but not everything that
can be engineered on
a lab bench makes
sense in production…

Keep things simple!

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Telephony
Enterprise Voice Call Routing
User has multiple options to initiate a call
• Depending on dialing habit
• Called party
• License purchased

Different results
• When dialing either SIP URI or phone number of Lync/SFB user (reverse number lookup), a “Lync to
Lync” call is initiated
• If a number is called and the called party is NOT a Lync/SFB user - call routed via mediation server
(Enterprise Voice Routing)
• If an Audio/Video call is initiated and the called SIP URI is not another Lync/SFB user – call routed
via SIP routing logic (SIP static route)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Enterprise Voice Interoperability
A users view of the world…
Skype for Business only Skype for Business and
Cisco IP phone

• Reach corporate extensions In addition to previous use case

• Reach PSTN number • Available via corporate extension on
• Available via corporate both devices simultaneously
extension • Access to users on both platforms
• Available via PSTN number from all user associated devices
• Telephony feature set • Telephony feature transparency
Possible with Direct SIP Integration Difficult to impossible to achieve
• Integration with existing Cisco UCM system • Simultaneous reachability on both devices
for access to corporate extensions and on different call control platforms (MSFT
PSTN “Sim Ring” & CSCO “SNR”) high risk → call
• Telephony features only available within the routing loops
Skype for Business Domain • Telephony feature interoperability protocols
SIP/QSIG not available with Mediation
Server
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
 Enterprise Voice Call Routing
SIP Trunk / Direct SIP Options 1/2
OCS 2007 / Lync 2010 & 2013 / Skype for Business (no media bypass)
S4B Client S4B Front End S4B Med. Server Cisco UCM

RTaudio G.711

OCS 2007 / Lync 2010 & 2013 / Skype for Business (no media bypass), none G.711 on IP-PBX
S4B Client S4B Front End S4B Med. Server Cisco UCM IOS Transcoder

RTaudio G.711 G.729/iLBC

Flows show the SIP signaling and media paths in a SIP-trunk (Direct SIP) interoperability scenario
Lync Mediation Server only supports G.711, requires additional transcoding resources if any other codec is
used by devices connected through SIP-trunk
Scenarios shown do not require the usage of a Media Termination Point (MTP)
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
 Enterprise Voice Call Routing
SIP Trunk / Direct SIP Options 2/2
Lync 2010, Lync 2013, Skype for Business (with Media Bypass)
S4B Client S4B Front End S4B Med. Server Cisco UCM

G.711 G.711
With the introduction of Media Bypass in Lync 2010 the Lync client can initiate direct G.711 media streams.
Media paths is not hair pinned through the Lync Mediation Server, no transcoding. Signaling via the
Mediation Server.
Review Microsoft guidance regarding Media Bypass http://technet.microsoft.com/en-us/library/gg412740.aspx
Straight forward in a centralized (single site) topology without WAN links.
More complicated in a distributed topology with one or more branch - check the following:
Media Bypass shall only be utilized between WAN sites without bandwidth constrains
Media Bypass and Call Admission Control (CAC) are mutually exclusive

Media Bypass mandatorily requires all media to be represented by a single IP address – the reason why
in the above example a Media Termination Point (MTP) has to be inserted.
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
“To Bypass or not to Bypass that is the question”
Media Bypass pros and cons
Single Site Deployment Complex WAN Deployment

….
Remote locations
• More scalable – no Mediation Server • Highly complex to configure and troubleshoot
transcoding required • Mutually exclusive to CAC, required in some
• LAN bandwidth CAC not required WAN topologies
• Simple redundancy configuration with Cisco • Remote site MTPs required to keep media
UCM cluster and Microsoft Mediation Server local
Pool • Further complicated when redundancy is
required
• With roaming devices (i.e. PCs) certain call
scenarios will still result in hair pinning and
suboptimal media routing
See hidden reference slides for further details
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Supported Feature Enterprise Voice (Direct SIP)
with Cisco Unified Communications Manager
CLIP—calling line (number) identification presentation • CONP—connected Name identification presentation
CLIR—calling line (number) identification restriction • CONR—connected Name identification restriction
CNIP—calling Name identification presentation • Hold and resume
CNIR—calling Name identification restriction
• Conference call
Alerting Name
• Audio Codec Preference List
Attended call transfer
• Call Park/Pickup(see limitation section)
Early attended call transfer
CFU—call forwarding unconditional • Extend and Connect

CFB—call forwarding busy • Shared Line on Cisco Endpoints

CFNA—call forwarding no answer
COLP—connected line (number) identification
presentation
COLR—connected line (number) identification restriction

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Required Configuration for Enterprise Voice
(Direct SIP) with Cisco Communications Manager
Skype for Business: Cisco Unified Communications Manager:
Add Cisco UCM to Skype for Business Topology • SIP trunk security profile
Trunk Configuration • SIP profile
Route Configuration • Media resource group and media resource group list
Voice Policy and PSTN Usage Configuration • Assign media resource group list (MRGL) in the default
device pool
Dial Plan Configuration
• Region configuration
Call Park range Configuration
• Normalization script
Media Bypass Configuration
• SIP trunk to Skype for Business
User Configuration
• SIP and SCCP phones device configuration
Client Configuration
• Route Group, Route List and SIP Route Pattern
Voice Mail
• Route pattern to Skype for Business and Skype for
Business call park range

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Required Configuration for Enterprise Voice
(Direct SIP) with Cisco Communications Manager

https://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/interoperability-portal/cucm-skype-business-tls-appnote.pdf

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Chat & Presence
Chat & Presence Interoperability
A blast from the past…
Business to Business Federation Within a Business Federation
Inter Domain Federation Intra Domain Federation
Direct SIP SIMPLE Federation Direct SIP SIMPLE Partitioned Intra Domain Federation

Cisco ASA TLS Proxy SIP SIMPLE Federation Chat & Calling (A/V) Federation VCS CPL

Direct XMPP Federation Chat & Calling (A/V) Federation VCS/Expressway Broker

Direct XMPP Federation with Cloud

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
 Chat & Presence Interoperability
You told us…
• “Why is interoperability so complicated?”
• “Why do I need so many different boxes doing different things to achieve my goal?”
• “Why does it have to be so expensive to do interoperability?”
• “How can I seamless communicate with my business partners independent if they use
Cisco, Microsoft or some other standards based solution?”
• “How can I do a phased migration after an acquisition to a unified Cisco solution?”

Things have changed..

• Microsoft deprecated support for XMPP
Microsoft tested and supported only for Google Talk https://technet.microsoft.com/en-
us/library/jj205134(v=ocs.15).aspx
• New vulnerabilities require new levels of security, TLS 1.0 no longer a viable option
… we did listen!

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
Chat & Presence Interoperability
A single architecture for Inter- and Intra Domain Federation
Business to Business Federation Within a Business Federation
Inter Domain Federation Intra Domain Federation
Cisco Expressway SIP SIMPLE Federation with Cisco Expressway Partitioned Intra Domain Federation
Microsoft

Cisco Expressway becomes the unified edge for all Cisco Expressway as centralized routing instance for
B2B communications Microsoft Interoperability
• Utilizing existing resources (B2B Video, Jabber MRA) • Streamlined configuration
• Adds SIP SIMPLE capabilities on top of the already • Single point of contact for all Microsoft based
existing XMPP federation services communications
• Single routing instance for all B2B traffic • Removes requirement for 3rd party components (load
• Provides chat & calling B2B capabilities to Microsoft balancers)
Skype for Business on premise and Skype for • Integrates chat & calling federation inside the
Business online enterprise (coexistence or migration)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Cisco Expressway Chat & Calling Interoperability
How does it work?
• Microsoft uses a vendor specific dialect of SIP
• Cisco Expressway has been enhanced to allow Search Rules to be based on SIP “dialect”
and the type of traffic (chat/presence or audio/video)

Cisco Expressway SIP SIMPLE Federation with Microsoft

Complex Routing (chat & calling)

Expressway

MSFT SIP IM&P

MSFT SIP IM&P

AV & Share
Cisco Expressway SIP SIMPLE Federation with Microsoft MSFT AV & Share UCM IM/P
S4B Front End
Basic Routing (chat & presence)

Standard SIP
CMS AV & Share UCM
Expressway
S4B Front End UCM IM/P

• Symmetric routing
• No certificate change required on Skype for Business Server
• Multiple neighbour zones supported with up to 6 neighbours
• Support Cisco UCM Multi Cluster deployment

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
 Cisco Expressway Chat & Calling Interoperability
The whole deal

Expressway-E Expressway-C UCM IM&P

CMS UCM
Expressway-E

Single SIP based routing architecture provides: In addition:

• Intra Domain Federation for Chat and Calling • Jabber and Cisco IP phone mobile remote access
• B2B Federation with Microsoft Skype for Business premise • B2B Federation with Cisco UCM solution
• B2B Federation with Microsoft Skype for Business online • B2B Federation with 3rd party standard SIP
endpoints

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Cisco Expressway Chat & Calling Interoperability
Features and use cases supported
• Presence and Chat between Cisco and Microsoft users (internal or B2B)
• Instant Messaging Presence
• Point-to-point Message Exchange (IM) CUCM IM/P maps the two different set of user’s states
following the rules reported in the next slides
• Plain text IM format
• Typing indication
• Basic emoticons
• Note: Due to the proprietary nature of Microsoft server group chat functionality, partitioned intradomain federation
does not support group chat between Jabber clients and Microsoft Lync/SfB clients
With Cisco UCM IM&P 11.5.1 SU4 temporary presence subscriptions fixed for Cisco Jabber clients’

• Voice/Video calling between Cisco and Microsoft users, including bidirectional desktop
sharing
• Smooth migration available to Cisco solution. Chat & Calling available during migration.
Cisco provided tools allow buddy list migration
BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Talking about Domains
Recommended Deployment – Flexible Jabber ID (JID)
Make the email address the multimodal communication address
Most Microsoft deployment user email address for SIP communication
Mapped to msRTCSIP-primaryuseraddress attribute in Active Directory
Required for deployments utilizing multiple distinct email/SIP domains in a single
Cisco UCM IM&P cluster or multi-cluster environment
Available in Cisco UCM IM&P with version 10.x or higher
Cisco UCM Directory synchronization allows to select attribute email or
msRTCSIP-primaryuseraddress. Recommendation for migration scenarios is the to
user the later.

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
 Talking about Domains
Configuration steps for Flexible Jabber ID
• Cisco UCM Directory LDAP Sync Statement, configure directory URI mapping

• Cisco UCM IM & Presence, configure

Advanced Presence Settings
IM Address Schema – Directory URI <Directory>
<UseSIPURIToResolveContacts>
Systems will automatically import all true
</UseSIPURIToResolveContacts>
domains configured in Active Directory <SipUri>
mail
Existing buddy lists will be migrated to </SipUri>
new flexible JID format </Directory>
<user>@<domain>
• Configure Cisco Jabber to use Flexible JID

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
A word on Contact Search
Source for contacts
• Cisco Jabber contact sources
• Active Directory/LDAP
• Cisco UDS (service provided by Cisco UCM)
• Outlook personal contacts
Cisco UCM UDS data source required for clients outside the corporate network using Mobile
Remote Access (MRA), Active Directory source not available when outside Corp. network and
not on VPN. New UDS Proxy service on Cisco UCM allows enhanced scalability beyond
160.000 directory items. Requires Cisco Jabber 11.7 or higher.

• Microsoft Skype for Business/Lync

• Clients have local address book, created by nightly synchronization with AD by AddressBook
service of Microsoft server (Lync or S4B)
• Only includes users that are enabled for Lync/S4B, aka that have msRTCSIP-
primaryuseraddress attribute set (we get to that in a second)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
A word on Contact Search
Microsoft Address Book service in the context of migration
• The Microsoft AddressBook service will
only sync contacts that have attribute
msRTCSIP-primaryuseraddress set
• For migration scenarios the attribute is
set for all existing Microsoft users
• During migration when net new users are
added to Cisco UCM (never enabled
before for Microsoft Lync or S4B)
msRTCSIP-primaryuseraddress must be
set manually in Active Directory so these
users are included into the AddressBook
file that is downloaded to Microsoft
clients

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
A word on Contact Search
Temporary Presence Subscription
When a users search for contacts (either contact source in Cisco Jabber or AddressBook for
Microsoft the search results are displayed including a snapshot of the users presence.
Since this is a temporary display of information, clients do not establish a full “subscription” for each
of the users in the result list. This is called a temporary presence subscription.

Up until now this issue prevented Jabber or Microsoft users to see presence in the search results.

With Cisco UCM IM&P 11.5.1 SU4 this issue has been addressed for Cisco Jabber clients
Cisco is actively investigating to provide a feature enhancement that will also solve this for Microsoft
Lync and S4B clients – not yet committed to a specific release

This issue does not affect contacts that have been added to the buddy list of either clients. Full
presence is displayed in that scenario.

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
Configuring
Chat & Presence
Collaboration Infrastructure considerations

Using basic (default) SIP routing – Cisco IM&P will route all requests to Microsoft that match any the
configured domains
Using advanced SIP routing – Cisco IM&P will verify that the destination user exist as a Microsoft
(Lync or Skype for Business) user. Improves routing of mistyped/wrong SIP URIs

Advantages of the Expressway classification approach • Single TLS per subject UCM
Expressway SIP broker Expressway traffic classification IM&P
• Single TLS configuration S4B
FE
• Modification of S4B FE
Inbound and Outbound requests routed certification optional
via same paths
Inbound and Outbound requests take (client/server role)
different paths, makes configuration and
troubleshooting more complicated

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
Configuration steps for Cisco Expressway
classification
Required Configuration Steps … (1/2)
• Configure certificates on Lync and Cisco UCM

Highly recommended to use CA based certificates on both systems (Enterprise CA)

• Configure security parameters on Cisco UCM IM&P (ACL, TLS peer, TLS context)
Single neighbor, either single Cisco Expressway or Expressway Cluster

• Turn on Partitioned Intra Domain Federation & Configure SIP static route(s) on
Cisco UCM IM&P
Single route per domain pointing to Cisco Expressway next hop
• Configure security parameters on Microsoft Lync (Trusted Application, Computer, etc.)
Single destination, Cisco Expressway

• Configure SIP static route(s) on Microsoft Lync

Single route per domain pointing to Cisco Expressway next hop

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Configuration steps for Cisco Expressway
classification
Required Configuration Steps … (2/2)
• Configure neighbor zones on Cisco Expressway
One neighbor zone for UCM IM&P and Microsoft S4B

• Configure search rules for specific traffic types

Route IM&P traffic from source zone S4B to Cisco UCM IM&P neighbor zone
Route IM&P traffic from source zone Cisco UCM IM&P to neighbor zone S4B

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Configuration steps for Cisco Expressway
classification
CUCM IM&P Configuration (1/2) TLS Peer Subject
Security Incoming ACL

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
Configuration steps for Cisco Expressway
classification Enable Partitioned Intra Domain Federation
CUCM IM&P Configuration (2/2)
TLS Context Configuration

SIP Route

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuration steps for Cisco Expressway
classification
Microsoft Skype for Business / Lync Server
Skype for Business (Lync) PowerShell commands

Create Route
$TLSrouteno1 = New-CsStaticRoute -TLSRoute -destination <expressway fqdn> -port 5061 –usedefaultcertificate $true
-MatchUri <domain>
Set-CsStaticRouteConfiguration –Route @{Add=$TLSrouteno1}

Create Application Pool

New-CsTrustedAppicationPool –Identity <expressway fqdn> -Registrar <S4B FE fqdn> -Site 1 –TreatAsAuthenticated $true –
ThrottleAsServer $true –RequiresReplication $false –OutboundOnly –false

Create Application
New-CsTrustedApplication –ApplicationID expressway.<domain> -ApplicationPoolFQDN <expressway fqdn> -port 5061

Publish and enable the topology in Microsoft Skype for Business

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
Configuration steps for Cisco Expressway
classification
Cisco Expressway configuration
Cisco IM&P neighbor zone

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Configuration steps for Cisco Expressway
classification
Cisco Expressway configuration
S4B neighbor zone

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Configuration steps for Cisco Expressway
classification
Cisco Expressway configuration
Search Rule From IM&P to S4B

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Configuration steps for Cisco Expressway
classification
Cisco Expressway configuration
Search Rule From S4B to IM&P

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
Instant Messaging and Presence
Partitioned Intra Domain Federation – User Experience

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
Adding Calling
(Audio/Video)
with Expressway
Classification and Cisco
Meeting Server
Configuration for Cisco Expressway classification
Required Configuration Steps add calling…
• Cisco UCM
Configure Secure SIP Trunk Profile
Configure Secure SIP Trunk to Expressway
Configure SIP Route Pattern for URI Routing
Configure UCM Cluster Mixed Mode for End to End Encrypted Calls (SRTP) (not covered in the
reference material)
• Configure additional neighbor zones on Expressway for Cisco UCM and CMS
• Configure search rules for routing of media (A/V) traffic
• No additional configuration required on Microsoft Skype for Business/Lync

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
Configuration for Cisco Expressway
classification
Cisco UCM
Configure Secure SIP Trunk Profile Configure Secure SIP Trunk to Expressway

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Configuration for Cisco Expressway
classification
Cisco UCM
Configure SIP Route Pattern

In a multi domain environment this step

needs to be repeated for each SIP domain.

<domain>

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
Configuration for Cisco Expressway
classification
Cisco Expressway
CUCM Neighbor Zone

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
Configuration steps for Cisco Expressway
classification
Cisco Expressway
CMS Neighbor Zone

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62
Configuration steps for Cisco Expressway
classification
Cisco Expressway
Search Rules A/V S4B - CMS

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
Configuration steps for Cisco Expressway
classification
Cisco Expressway
Search Rules A/V CMS - UCM

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
Configuration steps for Cisco Expressway
classification
Cisco Expressway
Search Rules A/V UCM - CMS

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
Configuration steps for Cisco Expressway
classification
Cisco Expressway
Search Rules A/V CMS – S4B

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Instant Messaging and Presence
Partitioned Intra Domain Federation – Expressway classification
User Experience
Chat & Calling

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
What about External
Federation?
Configuring for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
Both Solutions Cisco and Microsoft do support external Business to Business
Federation via SIP SIMPLE
SIP Federation is based on DNS SRV records. DNS SRV for a particular SIP domain
can only be represented by one of the two solution – Highlander: “There can be
only one!“ Domain company.com

S4B Edge Expwy-E

Who handles
Standards based A/V external
DNS SRV Records federation for DNS SRV Records
federation for _sip. and _sips as
_sipfederationtls._tcp.
company.com?
_sipfederationtls._tcp.
well as XMPP federation can still
be terminated to Cisco
Internet Expressway for B2B federation
john@example.com

This scenario has not been officially certified by Cisco & Microsoft, use at own risk 

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
Configuring for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
S4B S4B Cisco Expressway Cisco UCM
Client Front End Cisco Jabber
IM&Presence

alice@atlanta.com

Alice on S4B initiates or

Cisco UCM receives
communication with
DNS SRV Records Bob S4B@ external
_sipfederationtls._tcp.atlanta.com
domain
Internet

bob@biloxi.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
Configuration for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
S4B Cisco Expressway Cisco UCM Cisco Jabber
Front End IM&Presence

Traffic
Classification
alice@atlanta.com

Alice migrated to Jabber

Cisco UCM
initiates communication
Audio/Video call with Bob
S4B@ external domain
DNS SRV Records
_sipfederationtls._tcp.atlanta.com

Internet

bob@biloxi.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
Configuration for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
S4B Cisco Expressway Cisco UCM
Front End Cisco Jabber
IM&Presence

Traffic
Classification
alice@atlanta.com

Alice migrated to
Cisco UCM Jabber initiates chat
communication with
DNS SRV Records
_sipfederationtls._tcp.atlanta.com
Bob S4B@ external
domain
Internet

bob@biloxi.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
Configuration for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
S4B Cisco Expressway Cisco UCM
Front End Cisco Jabber
IM&Presence

Traffic
Classification
alice@atlanta.com

Bob S4B@ external

Cisco UCM domain initiates chat
communication with
DNS SRV Records Alice migrated to Jabber
_sipfederationtls._tcp.atlanta.com

Internet

bob@biloxi.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
Configuration for Cisco Expressway
classification
Partitioned Intra Domain Federation – with existing external B2B Federation
Lync 2013 Cisco Expressway X8.8 Cisco UCM
Front End Cisco Jabber
IM&Presence

Traffic
Classification
alice@atlanta.com

Bob S4B @ external

Cisco UCM domain initiates
DNS SRV Records
Audio/Video
_sipfederationtls._tcp.atlanta.com communication with
Alice migrated to
Internet Jabber
bob@biloxi.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
Configuration for Cisco Expressway
classification
Required Configuration steps Partitioned Intra Domain Federation with existing
external B2B Federation with Skype for Business Edge …
• Cisco UCM
Configure SIP Route Pattern for URI Routing
• Cisco UCM IM&P
Configure SIP direct Inter-Domain Federation Route Pattern for URI Routing
• Configure search rules for routing Inter-Domain Federation traffic to S4B FE
Search rule to route A/V traffic from Cisco UCM to CMS (transcoding)
Search rule to route A/V traffic from CMS to Skype for Business
Search rule to route IM&P traffic from Cisco UCM IM&P to Skype for Business
• Utilizes existing Microsoft Skype for Business Edge configuration

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
Configuration for Cisco Expressway
classification
Partitioned Inter Domain B2B Federation during Migration – Configuration
Cisco UCM Cisco UCM IM&P

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
Configuration steps for Cisco Expressway
classification
Partitioned Inter Domain B2B Federation during Migration – Configuration

Cisco Expressway Search Rules

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
Configuration steps for Cisco Expressway
classification
Partitioned Intra Domain B2B Federation during Migration - Configuration
Microsoft Lync Server

SIP Federation Next Hop

FQDN discovered through
_sipfederationtls DNS SRV
record

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
Migration
from Microsoft to Cisco
Instant Messaging and Presence
Partitioned Intra Domain Federation – Migration...
Remember the Command Line Migration Tools ?
ExportContacts.EXE, DisableAccount.EXE, DeleteAccount.EXE

Cisco UCM IM & Presence 11.5 Provides New GUI Based Migration Tool
• Replaced 3 tools with one easy to use Windows application
• Old tools had to be run on EVERY server in the deployment with multiple command line arguments
• New application is run on the Front-End server. Will connect remotely to all of the other servers in
the deployment .
• Added progress bars/counters for each stage of the migration
• Error handling / reporting has been greatly improved
• Added support for validating user accounts, before they get migrated:
• Validates that accounts exist and are enabled in Active Directory
• Validates that accounts exist and are enabled on the LCS/OCS/Lync server

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Instant Messaging and Presence
Partitioned Intra Domain Federation – Migration...
• Added validation at every step of the process
• Does not let the admin continue without validating previous stages
• Contextual tool tip help guides the admin through the process

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
External B2B
Inter Domain Federation
Configuration steps for Cisco Expressway
classification
Full Business to Business / Inter Domain Federation using Cisco Expressway
It is possible to utilize an existing Microsoft Federation environment, during migration
After successful migration it is recommended to transfer the federation functionality
completely to Cisco Expressway for all modalities and use cases
• SIP B2B Federation with Microsoft cloud O365/Skype for Business online
• SIP B2B Federation with Microsoft Skype for Business or Lync on premise
• Standard XMPP Federation (Cisco or 3 rd party)
• Standard SIP Audio/Video (Cisco or 3 rd party)
Full Open Federation is not supported at this point – under investigation for future release

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
Configuration steps for Cisco Expressway
classification
Required Configuration steps Inter Domain Federation with Cisco Expressway …
The following steps assume that during migration the previous example has been implemented
• Configure search rules for routing Inter-Domain Federation traffic B2B
Search rule to route A/V traffic from Cisco UCM to CMS (transcoding)
Modify search rule to route A/V traffic from CMS to Expressway-E traversal zone
Modify search rule to route IM&P traffic from Cisco UCM IM&P to Expressway-E traversal zone
• Utilizes existing Expressway-C, Expressway-E traversal zone and DNS neighbor zone

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
Cloud Collaboration
Webex Meetings
Microsoft Teams
Integration
Webex Meetings Integration in Microsoft Teams
User Experience Integration covered in
detail in BRKCOL-2611
Cisco Webex Meeting Tab

Form Microsoft Teams chat or

tab launch Webex Meeting

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
Webex Teams
Microsoft Office
Integration
Cisco Webex Teams – Microsoft Office
Presence and Click-X
Cisco Webex Teams provides integration into Microsoft Office Suite
for Windows and Mac

Office Contact Card

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
Cisco Webex Teams – Microsoft Office
Presence and Click-X
Example, respond all with IM (Chat)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
Cisco Webex Teams – Microsoft Office
Configuration steps
Webex Teams Microsoft Office integration for Windows offers two modes
of operation:
Webex Teams Consumer Organization (Free of Charge)
• Teams user is part of consumer organization
• User has local administrative privileges on Windows machine

Webex Teams Enterprise Organization (Licensed)

• Teams user is part of enterprise organization
• User does/doesn’t have local administrative privileges on Windows machine
Why the difference? Webex Teams can be installed without local administrative rights. The
Microsoft integration necessitates registration of a DLL. Registration requires the user to have
administrative privileges.
“… there can be only one Conner MacLeod…” - not to disrupt existing enterprise applications

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
Cisco Webex Teams – Microsoft Office
Webex Teams Consumer Account Webex Teams Consumer or Enterprise
Account
User with local administrative rights, Webex Teams Webex Teams Microsoft Office integration for Mac
Microsoft Office integration for Windows available from available from settings:
settings:

User can chose to enable integration

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
Cisco Webex Teams – Microsoft Office
Webex Teams Enterprise Account
User without local administrative rights, Webex Teams Microsoft Office integration for Windows

Deploy Webex Teams

• Default user mode installation C:\Users\<userid>\AppData\Local\Programs\Cisco Spark
• Alternative deploy Webex Teams via software distribution
• Admin controlled installation directory i.e. C:\Program Files\Cisco Spark
• Allows for GPO control of QOS and Windows Firewall
Example: msiexec /i c:\work\WebexTeams.msi INSTALLFOLDER="C:\Program Files" ALLUSERS=1

Active Directory Group Policy QOS

Microsoft SCCM

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
Cisco Webex Teams – Microsoft Office
Webex Teams Enterprise Account
User without local administrative rights, Webex Teams Microsoft Office integration for Windows

Register Office integration for Webex Teams

• Required DLL located in <install path from previous step>\Cisco Spark\dependencies
• Execute with administrative privileges: regsvr32.exe /s spark-windows-office-integration.dll
Can be automated via startup script/GPO

Make sure the proxyaddress attribute is properly configured for the integration to
work, must match Webex UserID
Can be set via Exchange Management Shell/Admin or via Windows PowerShell
Example (user at own risk):

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Webex Teams
Microsoft Office 365
SharePoint Online
OneDrive for Business
Integration
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
Architecture Enterprise Content Solution to Webex Teams

Content posted to Webex

Team space is uploaded
directly from the client to
ECM or a reference
between existing content
in ECM and Webex teams
space is created.
Content never passes
through Cisco Webex
cloud

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
User experience
Share from
Personal OneDrive

Share from
Webex Teams SharePoint Online
native content store

Microsoft
content store

Selected file to share

Select permissions
ECM controlled

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 97
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
User experience
Webex Teams Space view

Joint editing of documents directly from Webex Teams

Webex Teams File activity view

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
Adding existing Enterprise Content Solution to Webex Teams
Webex Control Hub Administration
Service - Messaging Manual enable user

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
Adding existing Enterprise Content Solution to Webex Teams
Office 365 Administration
Administrators can chose to restrict certain functionalities in Office 365 which can cause the
Webex Teams integration not to function properly
• Restricted access outside corporate network
Requires users to be connected either to corporate or via VPN. With this policy in place users will get the error
message: “Your sign in was successful but does not meet the criteria to access this resource.“
• Permissions for 3rd party applications
By default, Azure AD tenants are configured to provide consent to third-party applications. When restricted by
the administrator, an end user can’t sign in with Azure AD account in Webex Teams.

For details on how to administer the required permissions on Azure AD please

check the following link
https://collaborationhelp.cisco.com/article/en-us/7501oi

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Webex Teams – Enterprise Content Management
SharePoint Online/OneDrive for Business
Adding existing Enterprise Content Solution to Webex Teams
Webex Teams Client

New Cloud Settings

Login to Microsoft Office 365

Authorization for app integration
(can be pre-authorized for all users by Azure AD
administrator, see reference on previous slide)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Additional Integrations
Microsoft Azure AD
Microsoft Exchange
Server & Online
Additional Integrations
• Webex Teams Azure AD / SCIM Integration
SCIM is a standards based protocol IETF RFC 7643 and 7644 that allows provisioning,
deprovisioning, share user attributes.
Cisco has implemented SCIM to interface with Azure AD for directory synchronization between
Webex Teams and Azure AD
Please refer to session BRKUCC-3444 for further details

• Webex Teams Directory Sync Active Directory on premise

Hybrid Directory Connector is a component provided by Cisco that runs on a Domain member
server and allows administrators to synchronize Users, Groups and Room Endpoints from their
existing directory to the Cisco Webex Cloud.
Please refer to session BRKCOL-2607 for further details

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
Additional Integrations
• Webex Teams Calendar Integration Microsoft Exchange Server & Online
Webex Teams Hybrid Calendar integration provides users with an easy, no plugin required
solution to schedule meetings.
Hybrid Calendar deployed on Cisco Expressway can interface with an on premise Microsoft
Exchange Server
For Microsoft Exchange Online deployments a direct Hybrid Calendar solution is available the
links Webex Teams and Microsoft Exchange Online cloud resources
Please refer to session BRKCOL-2607 for further details

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
Messaging Interop
Webex Teams to
Microsoft Teams
3rd Party Solution by Mio
Full Synchronization
Users and channels are synchronized between
Webex Teams and Microsoft Teams
Users

Spaces / Channels

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
3rd Party Solution by Mio
Cross-Platform Direct Messaging

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
3rd Party Solution by Mio
Interoperability provided via SaaS Solution

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 108
Conclusion
Cisco Interoperability with Microsoft
Many options to interoperate
• Identify your requirements and select the right scenario for your environment
 User experience
 Technical feasibility
 Complexity
 Operational implications
• Understand the pros and cons of the selected scenario
• “Mileage” of certain functionalities might vary when applied to a real life environment
…Media Bypass in multi site deployment
• Thoroughly evaluate (PoC)
• Cisco remains committed to support interoperability scenarios

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
How to get hands on experience?

Cisco UCM 11.5, Jabber 11.9+ and Expressway X8.10+

Traffic Classification hands on lab available via Cisco
dCloud
Go to http://dcloud.cisco.com (CCO login required)

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
 Cisco Webex Teams

Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session

How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space

cs.co/ciscolivebot#BRKCOL-2610

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations

Don’t forget: Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
Continue Your Education

Demos in Meet the Related

Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings

BRKCOL-2610 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
Thank you