Cisco Jabber - Session Presentation
-
Upload
khangminh22 -
Category
Documents
-
view
0 -
download
0
Transcript of Cisco Jabber - Session Presentation
#CLUS
Shane LongTechnical Marketing EngineerBRKCOL-2221
Have you heard about the latest functionality?
Cisco Jabber
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Agenda
• Recent Highlights
• Configuration
• Security
• Media Enhancements
• Meeting Experience
• Jabber in VDI
• Jabber team messaging mode
• Looking ahead
• Summary
BRKCOL-2221 3
Questions? Use Cisco Webex Teams to chat with the speaker after the session
Find this session in the Cisco Live Mobile App
Click “Join the Discussion”
Install Webex Teams or go directly to the team space
Enter messages/questions in the team space
How
Webex Teams will be moderated by the speaker until June 16, 2019.
1
2
3
4
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Cisco Webex Teams
cs.co/ciscolivebot#
4
BRKCOL-2221
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Some highlights of recent Jabber releases
Jabber 12.0 Jabber 12.1 Jabber 12.5 Jabber 12.6
IM&P Persistent Chat
for Mobile
Chromebook support
Multiline
Phone Mode with Contacts
`
Active Control (CMS)
SIP OAuth
Team messaging
modeComing Soon
Jabber 12.7
Jabber config tool
Jabber VDI Update
`
Meeting Controls (Webex)
and much more…2018
MARCH
2019
AUGUST
BRKCOL-2221 5
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
A Brief History of Cisco UC Client Configuration
IP Communicator• Manual• Virtual MAC Address
Unified Personal Communicator• Registry Keys• Unified Presence Server
Jabber 9.x-12.1• DNS SRV• jabber-config.xml (manual XML)• Service Profiles
Jabber + UC Manager12.5• DNS SRV• Service Profiles (including jabber
configuration)
New!
BRKCOL-2221 7
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Premise Pre- UC 12.5 Configuration Architecture
End User
Group
CTI
Group
IM&P UC Service
CTI UC Service
VoicemailUC Service
ConferenceUC Service
Directory UC Service
Default
jabber-config.xml
FileIM&P
enabled
Devices
User
Service Profile
Group Membership
assigned
membership of group
membership of group
Mobile Device
CSF Device
Desk Phone
Home
Cluster“Desktop config”
XML File
“Mobile config”
XML File User
association to devices
• Can be complex to manage• User needs a device to have a
non default configuration
BRKCOL-2221 8
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber On Premise 12.5 Configuration Architecture
End User
Group
CTI
Group
IM&P UC Service
CTI UC Service
VoicemailUC Service
ConferenceUC Service
Directory UC Service
IM&P
enabled
Devices
User
Service Profile
Group Membership
User
association to devices
assigned
membership of group
membership of group
Mobile Device
CSF Device
Desk Phone
Home
ClusterJabber Client
Configuration New
in UCM 12.5
BRKCOL-2221 9
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
UC Manager Jabber Configuration Tool
• UC Manager based Jabber configuration tool
• No more error prone XML file editing
• Specify key and value
• User/Group based configuration using service profile
• Desktop and mobile specific configurations
• Cluster wide
BRKCOL-2221 10
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
UC Manager Jabber Configuration ToolCommon Settings
Desktop Specific Settings
Mobile Specific Settings
Service Profile User
Jabber desktop (CSF) will apply <Common> and <Desktop> specific configurations
Jabber mobile (TAB, TCT, BOT) will apply <Common> and <Mobile> specific configurations
1. UC Service for Commonand optionally for Desktopand Mobile
2. Apply each UC Service type to specific section in Jabber Client Configuration profile
3. Apply Configuration to the Service Profile
BRKCOL-2221 11
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Configuration RetrievalJabber config
download begin
Jabber Client Configuration
Profile configured???
Jabber device specific configconfigured???
Use default jabber-config.xml
no
no
yes
yes
https://{cucm}:6972/JABXXX.cnf.xml
https://{cucm}:6972/userDefind.xml
https://{cucm}:6972/jabber-config.xml
Build Config URLDownload
config
• Jabber will download NEW Jabber Configuration Profile if available
• If Jabber Configuration is NOT available, Jabber will download
a) Device specific config (Cisco Support Field)
b) Default jabber-config.xml
• Jabber 12.5+ is backward compatible with default jabber-config.xml.
• UC Manager upgrade will not break existing config!
Generated by username, such as:6972/amckenzie.cnf.xml
BRKCOL-2221 12
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Fast Login• After initial login, Jabber will read local config
cache and login to services in parallel
• Allows for faster login
• Allows for login even if some critical services are offline (offline login)
Cached
Settings
on device
Config
Refresh
BRKCOL-2221 13
• Background config refresh• ~0-5 mins of Jabber launch
• ~7-9 hours of active Jabber session
• All Jabber cache is encrypted! (config,
chat/call history, tokens etc)read
connect
• For testing/debugging purposes use
“Refresh configuration”
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Security FAQ Question 1
Q) What data does Jabber store on a device?
BRKCOL-2221 15
A) Jabber configuration, call/chat history, contact lists, cached user credentials/OAuth token
All files are ENCRYPTED before being written to disk(AES-256-CBC)
Windows: Domain Login/Windows APIMac/iOS: KeyChainAndroid: Keystore
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Refresh Tokens
• UC Manager 11.5SU3+ provides support for OAuth Refresh tokens
• Once authenticated, Jabber is issued with
• Access Token
• Refresh Token
• The Access Token has a short lifetime (60 mins). The Access token is used to gain access to a service. e.g. Cisco UDS.
• The Refresh Token has a long life (60 days default). The Refresh Token is used to retrieve a new Access Token either before the current Access Token expires or at Jabber start up. The Refresh Token is stored on disk (encrypted) and is available across sessions (including non persistent VDI desktops)
UDS
XCP
UC Manager OAuth Service
OAuth Refresh Tokens can be deployed
independently of SSO (SSO is recommended!)
BRKCOL-2221 16
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
1. On a first time login, Jabber connects to UC Manager authorization service and is redirected to the configured authentication service (Jabber does not have an access token yet)CUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
BRKCOL-2221 17
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
2. Jabber connects to authentication service. Authentication is performed – e.g. username/password, SSO auth etc. Jabber receives authentication assertionCUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
authentication
BRKCOL-2221 18
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
3. Jabber uses assertion to request Access token and Refresh token from UC Manager authorisation service
CUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
Refresh token
Access token
BRKCOL-2221 19
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
4. Jabber uses the Access token to gain access to configured services. Jabber can now use these services e.g. UDS, IM&P, voicemail
CUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
Refresh token
Access token
BRKCOL-2221 20
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
5. The access token has a lifetime of 60 minutes. Jabber will use the Refresh token to request a new Access token at 0.75 times the Access token life (45 minutes)
CUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
Refresh token
Access token
BRKCOL-2221 21
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
6. Jabber uses the renewed Access token to maintain access to configured services. The new Access tokens timer starts again (60 mins)
CUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
Refresh token
Access token
BRKCOL-2221 22
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
UC Manager
Authorisation
7. The Refresh token expires after 60 days. The user will need to re authenticate once the Refresh token expires. One authentication has taken place, a new Refresh token and Access token will be grantedCUCM
Auth
LDAP
Auth
SSO/IDP
Authentication
Authorised
Users Only
(Token required)
UC Manager
UDS Service
IM&P
Chat Service
Unity Connection
Voicemail
authentication
BRKCOL-2221 23
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Flow (On Prem)
• As the Refresh token is about to expire, the user will be prompted to refreshtheir session (Jabber will use its active Refresh token to retrieve a new Refresh token)
• The user is prompted once per day from 3 days out of expiry (for 60 day lifetime)
• If the Refresh token expires, the user will be prompted to renew their session. This will require a re-authentication
BRKCOL-2221 24
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
OAuth Refresh Tokens• OAuth Refresh tokens can be enabled from System > Enterprise
Parameters
• Observe the default timers!!
• For MRA, OAuth Refresh tokens can be enabled on Expressway
• OAuth tokens can be revoked (per user) from UC Manager
• OAuth will GREATLY ENHANCE the APNS experience
BRKCOL-2221 25
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
MRA Access Policy
• OAuth Access tokens define a scope of capabilities
• Ability to configure Users MRA capabilities using OAuth scope.
• Configurable on a per user basis
• MRA enablement
• Desktop MRA enablement
• Mobile MRA enablement
• IM&P, voice and video enablement
• UC Manager 12.5 and Expressway X8.10 required
BRKCOL-2221 26
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Security FAQ Question 2
27BRKCOL-2221
Q) Does Jabber support Multi Factor Authentication (MFA)?
A) Jabber can be deployed with MFA by enabling SSO and configuring the Identity Provider (IDP) to require 2 or more types of authentication. e.g. certificate and pincode.
Jabber offloads SSO authentication to the local OS (e.g. IE on Windows, Safari on Mac/iOS, OpenSSL on Android)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Security FAQ Question 3
28BRKCOL-2221
Q) Can Jabber be locked down to corporate managed devices?
A) A device needs something unique to identify securely itself to a system. E.g. MAC address, certificate etc.SSO can be deployed with certificate based authentication. Certificates can be deployed to corporate devices only.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber On Premise Interfaces – pre UCM 12.5
Expressway - MRA
UC Manager - UDS
IM&P – message, presence, contacts
Unity Cxn – visual voicemail
UC Manager – Softphone (Secure SIP)
Oauth Access token
CTL file (certificate)
BRKCOL-2221 29
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Securing the SIP Interface
• UC Manager SIP interface is not secure by default (out of the box)
• When Jabber registers in softphone mode, SIP is sent over a TCP session (TCP 5060)
• Jabber will send voice, video and video desktop share over an unencrypted UDP stream
• In UC Manager pre 12.5, UC Manager would be need to be deployed in “Mixed Mode” to enable SIP and media over TLS (secure SIP and media)
• This is a cumbersome process for Jabber as the device needs to be CAPF enrolled by the user.
• May require an authentication string on first time login
• CAPF enrolment over MRA is not supported
• UC Manager 12.5 adds support for OAuth Access token based auth on the SIP interface
• This allows Jabber to send/receive SIP and media over TLS without CAPF enrolment
BRKCOL-2221 30
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
To Enable SIP OAuth (UC Manager 12.5 or later)
• OAuth Refresh Tokens must be enabled!
• From the UC Manager CLI run the following command
utils sipOAuth-mode enable
• System > Security > Phone Security Profile
• Set the Device Security Profile on each device (CSF, TAB, TCT, BOT)
BRKCOL-2221 31
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
SIP Oauth - Signalling
• Jabber will default to connecting to UC Manager (SIP interface) on TCP 5090/5091 when SIP OAuth is enabled (System>Cisco Unified CM)
• No more SIP in plaintext!
• Ensure TCP 5090/5091 is open on UC Manager
show open ports regexp 5090
TCP(cucm.domain.com:5090)
BRKCOL-2221 32
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
SIP OAuth - Media
• Jabber clients that establish a secure SIP session with UC Manager are capable of secure voice, video and video desktop share (sRTP)
• CAPF enrolled
• SIP OAuth
• Both endpoints in the call need to be sRTP enabled
• Look out for the lock icon!
• Media port range is still defined in the SIP Profile
BRKCOL-2221 33
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Security FAQ Question 4
34BRKCOL-2221
Q) What is the a security best practice for Jabber deployment while maintaining a great user experience
A) Enable SSO.Enable OAuth refresh tokens.Enable SIP Oauth.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Media Flow over MRA
• Jabber MRA user calls a Jabber user on corporate network
Exp-EExp-C
Corporate Network
Internet
DMZ
Media Path
UC Manager
BRKCOL-2221 36
• Media will be routed via Expressway pair
Remote User
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Remote User
Remote User
Jabber Media Flow over MRA – Pre UCM 12.5
Exp-EExp-C
Corporate Network
Internet
DMZ
Media Path
UC Manager
• Both Jabber clients are now registered via MRA
BRKCOL-2221 37
• Media will be hairpinnedvia the Expressway-C
• Added latency
• Bandwidth consumption at Edge
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Remote User
Remote User
ICE Media Optimization – UCM 12.5
Exp-EExp-C
Corporate Network
Internet
DMZ
Media Path
UC Manager
• UC Manager 12.5 offers support for ICE media
• Both Jabber clients are registered via MRA
BRKCOL-2221 38
• By enabling ICE Support Media will be sent point to point – media does not traverse Expressway
• Typically less latency• Reduced bandwidth
requirements at the edge
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
ICE Media Requirements
• Both endpoints need to be running in secure SIP/RTP mode
CAPF enrolled device
OR
SIP OAuth device profile
• Server Requirements
• UC Manager 12.5+
• Expressway X8.12+
• Jabber 12.6+
• Jabber 12.6 now supports up to 1080p video!
BRKCOL-2221 39
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Desktop Share Enhancements
• Improved Desktop Sharing Experience
• Single window mode
• Video Desktop Share Quality – Jabber now has frame rate adaption for desktop share
• Wireless Sharing (Proximity)
• Wireless screen share to premise registered endpoints
• Cisco MX, SX, DX and IX Series, and Room Series devices supported
BRKCOL-2221 40
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
New Meetings Experience for CMS and Webex
Jabber has added rich meeting controls for softphone
• Active Control for CMS
• Meeting Controls for Webex
Layout Controls
Meeting Roster
Participant controls
Recording controls
42BRKCOL-2221
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Meetings Experience– Layout Controls
• Users can choose their meeting experience with multiple layout options
• Automatic
• Equal
• Prominent
• Single
• Overlay
Equal
OverlaySingle
Prominent
BRKCOL-2221 43
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Meeting Experience - Participant List
• Joined participants and invited participants shown
• Participant Controls
• Mute
• Lock
• Drop
BRKCOL-2221 44
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Active Controls – Jabber & CMS
FunctionJabber
Desktop
Jabber
Mobile
Show participant List Yes Yes
Change the Layout Yes Yes
Show the active Speakers Yes Yes
Show presenter Yes Yes
Add a participant Yes Yes
Mute/Unmute a participant Yes Yes
Drop a participant Yes Yes
Lock/Unlock conference Yes Yes
Start/Stop recording Yes Yes
Mobile Remote Access Yes Yes
BRKCOL-2221 45
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Active Control DeploymentSIPMediaIX Protocol (Active Control)
CMS
Ensure iX is enabled on the SIP Profile of device and SIP Trunk to CMS
BRKCOL-2221 46
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Configuring Jabber with CMS Space Address
• Administrator can pre-configure users CMS space SIP URI/DN in Jabber (so they can escalate to it)
• So your users do not have to do it!
• Example, create your CMS spaces with the schema of uid@domain
• Alice Holland (aholland) has a personal CMS space ([email protected])
• Add the following jabber config
Alice Hollands Space
BRKCOL-2221 47
<EnableBridgeConferencing>true<EnableBridgeConferencing><UserBridgeUriAdmin>%%uid%%@cms.example.com<UserBridgeUriAdmin>
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Webex Meeting Controls
BRKCOL-2221 48
FunctionJabber
Desktop
Jabber
Mobile
Show participant List Yes Yes
Change the Layout Yes Yes
Show the active Speakers Yes Yes
Mute/Unmute a participant Yes Yes
Drop a participant Yes Yes
Lock/Unlock conference Yes Yes
Start/Stop recording Yes Yes
PIN meeting Yes Yes
Lobby Admit Yes No
Assign Host Yes No
Leave and assign host Yes No
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Webex Meetings Controls Architecture
49BRKCOL-2221
SIP
Media
HTTPS (Meeting Controls)
Firewall Requirements (all outward)
*.wbx2.com TCP 443
*.webex.com TCP 443
*.ciscospark.com TCP 443
*.clouddrive.com TCP 443
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
How Jabber Populates its Calendar1. Service Profile details
Jabber Conference Service (Webex site)
2. Jabber retrieves calendar from Outlook (Google calendar and Lotus Notes also supported)
3. Jabber adds Webex dial into details from Webexschedule
4. User can join meeting using Jabber (voice/video or cross launch of WebexMeetings app)
Service Profile
1 3
2
4
BRKCOL-2221 50
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber Meeting Experience
• Did you know Jabber has One Button to Push (OBTP) capabilities?
• User presented with Meeting reminder 5 minutes before scheduled meeting
Add one to your jabber-config
<ConfMediaType>BridgeOnly<ConfMediaType>
<ConfMediaType>WebExOnly<ConfMediaType>
BRKCOL-2221 51
Q) Does 2 meeting join options
confuse your endusers?
Join via SIP
Cross launch Webex
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Problem: Softphone in VDI
53BRKCOL-2221
Virtual Desktop
Virtual Desktop
Cisco Unified
CM
Thin
Client
Display Protocol
Thin
Client
Media Flow
Data Center
Signalling
Signalling
Display Protocol
Media Flow
53
• Media Hairpinning• Decoded media
embedded inside display protocol
• Bandwidth Explosion• Latency• Jitter• Bad UX• QoS is impossible
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Solution: Jabber VDI
54BRKCOL-2221
Virtual Desktop
Virtual Desktop
Cisco Unified
CM
Thin
Client
Display Protocol
Thin
Client
Media
Flow
Data Center
Signalling
Signalling
Display Protocol
JVDI
JVDI
• Media offloaded to the endpoint/thinclient
• Point to point media• No processing cost to
VDI architecture• No bandwidth
explosion• No media
processing on VDI
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber VDI – Deployment Topology
55BRKCOL-2221
Virtual Desktops
Infrastructure
Endpoints
Datacenter
Users
1. Infrastructure – CUCM, Expressway etc.
2. Virtual Desktops – VDI Agent, Jabber for Windows, JVDI Agent
3. Endpoints - VDI Client, JVDI Client
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber VDI Architecture Update
• VXME is now call JVDI
• JVDI 12.6 has undergone a re-architecture
• Faster to market with features
• User experience alignment
• Current available features include
• Mobile Remote Access
• Video Desktop Share (BFCP)
• Active Control/Webex Meeting Controls
• 64 bit Windows support
• SIP OAuth
• N-2 upgrade path
• More features coming soon!
BRKCOL-2221 56
Jabber VDI
Update
Supported with Citrix and VMware
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber VDI - Registration
57BRKCOL-2221
Endpoint(Thin Client or PC)
VDI
Cisco Jabber
VDI Agent
VDI Client
SIP Signaling
Display Protocol API / Virtual Channel RTP Media (Voice, Video)
Data Centre
CTI ManagerSIP Line
CTI Signalling
Virtual Channel Broker
Jabber VDI Client
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber VDI – Making a Call
58BRKCOL-2221 58BRKCOL-2221
Endpoint(Thin Client or PC)
Jabber VDI Client
VDI
Cisco Jabber
VDI Agent
VDI Client
SIP Signaling
Display Protocol API / Virtual Channel RTP Media (Voice, Video)
Data Centre
CTI ManagerSIP Line
CTI Signalling
Virtual Channel Broker
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber VDI - MRA
59BRKCOL-2221 59BRKCOL-2221 59BRKCOL-2221
VDI
Cisco Jabber
VDI Agent
SIP Signaling
Display Protocol API / Virtual Channel RTP Media (Voice, Video)
Data Centre
CTI ManagerSIP Line
CTI Signalling
Virtual Channel Broker
Endpoint
Jabber VDI Client
VDI Client
VDI Access
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Cisco Headsets
520 Series 530 Series 560 Series Standard Base
560 Series Multibase
Models in Series 521/522 531/532 561/562 561/562
Planned GA Now Shipping! Now Shipping! Now Shipping! Now Shipping!
Type Wired Wired with Quick Disconnect Wireless (DECT 6.0) Wireless (DECT 6.0)
Designed for Office Contact Center Office / Contact Center Office / Contact Center
Simultaneous connections 1 1 1 3
Connectors (included) 3.5mm and USB Adapter QD to RJ9 (for phones)or QD to USB Adapter
USB-A and RJ9/RJ11(Y cable)
2 USB-A and RJ9/RJ11(Y cable)
Firmware Update via UC
Manager & Jabber
BRKCOL-2221 61
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber is Modular
Multiple Communication functions
Multiple Device Platforms
• Cisco Jabber is a flexible communications client
• Flexible operating modes means an organisation can configure the Jabber experience they need…
• Phone only mode• IM only mode• Full UC mode
• Jabber provides a new operating mode optimized for “team messaging”……
• Desktop and Mobile coming in Jabber 12.6
BRKCOL-2221 63
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber team messaging mode• Jabber uses Webex Teams platform for messaging (1:1 and spaces)
• Jabber uses on prem/hosted services for calling, voicemail, directory
• This is NOT the same as Jabber to Teams Interop (Hybrid Messaging)
Messaging Service
Presence Service
Contacts Service
UC Manager/HCS
Unity Connection
Corporate Directory
Mobile Remote AccessCisco Jabber
BRKCOL-2221 64
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Today
UC Manager
Webex Meetings
IM&P Messaging
UC Manager
Webex Meetings
IM&P Messaging
UC Manager
Webex Messaging
Webex Meetings
Webex Calling
Webex Messaging
Webex Meetings
UC Manager
Webex messaging
Webex Meetings
BRKCOL-2221 65
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Webex
DirectoryCallingMessaging Voicemail
UC Manager Unity Cxn LDAP/UDS
Jabber
Premise
MessagingContacts/Directory
Contacts
Meetings
Meetings
BRKCOL-2221 66
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Chats
• Recognizable Jabber conversation window experience
• Persistent 1:1 conversations
• Persistent Space conversations
• List of members can be toggled on/off
BRKCOL-2221 67
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Search
• New search capabilities
• Search for contacts
• Search for messages
• Search for files
BRKCOL-2221 68
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Contacts
• Personal Contact List
• Search Corporate, Outlook contacts
• Add/Delete contacts
• Contact card
• Migration of contacts from IM&P/Messenger to Jabber team messaging mode
• Contacts must be Webex Teams Users – exist in CI database
BRKCOL-2221 69
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Presence
• Webex Teams platform provides the Jabber client with presence
• Supports both
• Time based presence
• Active based presence(Phone presence is reported by Jabber Client)
Active
On a call
In a meeting
Do not disturb
Out of Office
Including Webex meeting
UC Manager based
UC Manager based
Active x minutes ago
BRKCOL-2221 70
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Files
• Persistent file sharing
• Post/download files
• Inline file preview
• New files tab
• List / Preview views
• Control Hub Policy
BRKCOL-2221 71
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features – Calling• Jabber will still use UC Manager/HCS
for calling capabilities• The calling feature set is not impacted
by moving messaging to team messaging
• Mode: Softphone, Deskphone, Extend & Connect
• Platforms: Desktop, Mobile, VDI• Features: Multiline, Hunt Groups,
Pickup, Far End Camera Control, Built in Bridge, Active Control etc
BRKCOL-2221 72
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Features - Calling
• Leverage Jabber’s rich telephone features
Answer Decline Mute
History
Hold Call Forward
Headset Voicemail
Call Transfer Conference
Far EndCameraScreen ShareCall Pickup Hunt Group
CallRecord
CallMonitor
CTI ControllableSoft Phone
Mobile Remote Access Multi-Line
Many more feature provided by UC Manager
VDI
BRKCOL-2221 73
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Configuration1. Services>Message
Enable Jttm in Control Hub (admin.webex.com)
2. Wizard to configure UC Manager integration opens.
Is your Webex Teams domain the same as your UC Manager domain?
(voice service domain)
If Yes:
Check the box.
You are done!
If No:
Do not check the box.
The wizard will continue
DNS_cisco-uds._tcp.example.com_collab-edge._tls.example.com
Voice Services Domain=example.com
BRKCOL-2221 74
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Configuration – Voice Services Domain
• If your Voice Services Domain is NOT the same as the Webex Teams domain
• Create a profile and specify the Voice Services Domain
• Jabber will perform SRV queries for UDS and COLLAB-EDGE using this domain
DNS_cisco-uds._tcp.barcelona.example.com_collab-edge._tls.barcelona.example.com
Voice Services Domain=barcelona.example.com
BRKCOL-2221 75
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Configuration – User Enablement
• Team messaging mode enabled at a user level
• Users>Services>Messaging
Contact Migration Required
• Only enable if users XMPP contacts need to be migrated to team messaging mode (discussed later in this presentation)
Enable Jabber calling
• Required to enable calling in Jabber when in team messaging mode
• Bulk user provision for Jabber team messaging mode can be done via CSV file
BRKCOL-2221 76
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture - Service Discovery
1
IDP2
3IDP
4
1. Jabber queries Webex Teams Service for domain tmedemo.com and user jvalluri
2. Webex Teams service redirects Jabber to IDP
3. User authenticates and receives IDP cookie.
4. IDP cookie sent to WebexTeams service. Jabber logs into team messaging mode
TMEdemo.com WebexTeams org is SSO enabled (recommended)
Webex
TeamsWebex
Teams
BRKCOL-2221 77
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture - Service Discovery
DNS5
5. Jabber performs DNS SRV queries based on Voice Services Domain and discovers cisco-uds
6. Jabber connects to UC Manager and uses IDP cookie to gain access (and retrieve OAuth tokens).
7. Jabber downloads Service Profile from UC Manager. Jabber performs a SIP registration/CTI connection with UC Manager – telephony will become available at this stage. (Telephony requires “Enable Jabber calling” setting in Control Hub)
8. Jabber then connects to configured services e.g. Directory, Voicemail, Meetings, CTI Server. (Recommended to SSO enable Voicemail and Meetings for the best experience).
HIGHLY RECOMMENDED SSO enable Webex Teams and UCM – with the same IDP!
_cisco-uds._tcp.tmedemo.com_collab-edge._tls.tmedemo.com
6
Webex
Meetings
LDAP
8
7
8
8
BRKCOL-2221 78
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture - Service Discovery
• If SSO is not enabled on Webex Teams and UC Manager
• Your enduser will need to perform a manual sign in to UC Manager to enable phone services.
• OAuth tokens will not be available in this mode
• No Refresh Token login flow
• No SIP OAuth capabilities
• Enable SSO on all platforms for the best experience
BRKCOL-2221 79
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture- Directory Integration
LDAP or
UDS
• Jabber will connect to Webex Teams contact source
AND on-premise contact source
• Comprehensive detail in the contact card
• Webex Teams service providesDisplay NameEmailAvatar
• Jabber will then perform additional query against on prem contact source (LDAP or UDS)
• On Prem directory service will provide JabberPhone NumbersJob TitleCompany Name
Webex
Teams
LDAP
BRKCOL-2221 80
1 2
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture- Directory Integration
LDAP or
UDS
1. Search for contact against Webex Teams contact service
2. Contact Service returns Email, Display Name and Avatar
3. Jabber queries premise contact source via email address.
4. Premise contact service returns Job Title, Phone Numbers etc.
5. Jabber combines the information to provide inside the contact card
Webex Teams
12
3
4
5
+12345678
BRKCOL-2221 81
“chuck robb…”
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Architecture- Directory Integration
• By default Jabber will perform directory queries against Webex Teams and then on premise
• ContactSearchSource
Specifies which service Jabber will perform predictive search on
• ContactProfileSource
Specifies the service Jabber will resolve contacts against
82BRKCOL-2221
<ContactSearchSource>CI-UDS-LDAP</ContactSearchSource>
<ContactProfileSource>CI-UDS-LDAP</ContactProfileSource>
Example:
<ContactSearchSource>CI<ContactSearchSource><ContactProfileSource>CI-UDS-LDAP<ContactProfileSource>
Jabber will only search for contacts in CI. Jabber will only find contacts that are synced to WebexTeams platform.Jabber will resolve the contact list using CI and UDS/LDAP. This will provide the most comprehensive contact card
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber team messaging mode - checklist
To do Status
Teams org and UC Manager enabled for SSO
User account created in Control Hub and UC Manager
Jabber toggles enabled in Control Hub
SRV Records deployed for UC Manager and MRA
UC Manager Service Profiles created for Meetings, CTI, Voicemail and Directory
WE CANNOT DO A FLASH CUT. WHAT ABOUT INTEROP?
BRKCOL-2221 83
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Interop – IM&P to Webex Teams
• Hybrid Messaging Service is deployed as a connector on Expressway C
• AXL used to access User DB on IM&P
• XMPP used for IM&P Messaging
• HTTPS/TLS used for Teams
Webex Teams
Expressway
UC Manager
IM&Presence
XMPP
AXLMessage
Calendar
BRKCOL-2221 84
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Interop – IM&P to Webex Teams
1:1 Messaging between Jabber and Webex Teams
Presence Mapping: Teams Presence will be mapped into Jabber presence
Notifications: Message, Message Read, “is Typing”, Missed Messages (in Teams), Message deleted
File transfer: Not supported. (Teams user can post file, Jabber will receive notification to get file in teams web client)
BRKCOL-2221 85
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Interop – Webex Messenger
To use Messenger-Teams Interop…
1. Must be Webex Messenger Org*
2. Webex Messenger Org must be enabled for Common Identity (CI)
3. All users must be enabled for WebexTeams & Jabber (free or licensed)
4. Machine account must be provisioned for Jabber access to Webex Teams Spaces (contact your Cisco Team)
Webex Teams
BRKCOL-2221 86
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber team messaging mode - checklist
To do Status
Teams org and UC Manager enabled for SSO
User account created in Control Hub and UC Manager
Jabber toggles enabled in Control Hub
SRV Records deployed for UC Manager and MRA
UC Manager Service Profiles created for Meetings, CTI, Voicemail and Directory
Interop is turned on
WHAT ABOUT CONTACT LISTS?
BRKCOL-2221 87
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Contact List Migration
Friday Monday
Webex Teams
Contacts
Migrated to Teams
0-5 mins after Jabber start up7-9 hours if Jabber is active
BRKCOL-2221 88
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Basic trial of Jabber team messaging mode
• You can trial Jabber team messaging mode without enabling the toggle in Control Hub
• If you do not have access to Control Hub
• Webex Messenger is used in production
1. Reset Jabber
2. Select Advanced settings. (On Windows, you will need to reinstall Jabber and disable UPN Discovery to see Advanced settings)
3. Select Team Messaging and Save. Sign in.
NOTE: Calling will not be available in this mode
msiexec /i CiscoJabberSetup.msi UPN_DISCOVERY_ENABLED=false CLEAR=1 /quiet
BRKCOL-2221 89
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Upgrade Management
• Control Hub provides Jabber upgrade management
• Mobile clients still manged from App Stores
90BRKCOL-2221
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Considerations to Migrate to team messaging modeConsideration Notes
Management Control Hub & UC Manager
Authentication SSO Enablement recommended
Directory Integration Teams and Prem Directory
Presence Activity Based
Desktop Share Video Desktop Share
Compliance Enterprise Compliance
Federation Federation with Teams Orgs.
Analytics Rich Analytics in Control Hub
Platform APIs Modern REST API service
Software Upgrades Cloud Infrastructure
Security Teams End to End security
BRKCOL-2221 91
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
CIPC EOL Important Dates
https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/ip-communicator/eol-notice-c51-740383.html
BRKCOL-2221 93
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
What’s next for Jabber?
BRKCOL-2221 94
• Application Share• Send Voicemail• Team Messaging Mode Enhancements• Multiline for JVDI• CTI Monitoring on Mobile• UX Alignment• And much more…
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber UX Alignment – 12.7
95BRKCOL-2221
Dark Mode, Classic View
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber UX Alignment – 12.7
96BRKCOL-2221
Dark Mode, Modern View
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Jabber UX Alignment – 12.7
97BRKCOL-2221
Default Mode, Modern View
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Summary
• Jabber 12.5 has delivered many on premise feature enhancements
• SIP OAuth provides the best security/user experience
• Jabber is the default CMS application now. Active Controls enhance the meeting experience.
• Jabber config tool makes the administrators life easier!
• Jabber will continue to deliver features for on premise deployments
• 12.6 will see a large investment in Jabber VDI
• Alignment to JCF architecture
• Jabber team messaging mode provides a mechanism for Jabber customers to migrate their messaging workload to the Webex Teams platform. Endusers will maintain the consistent Jabber user experience and UC Manager telephony set.
BRKCOL-2221 98
Complete your online session evaluation
• Please complete your session survey after each session. Your feedback is very important.
• Complete a minimum of 4 session surveys and the Overall Conference survey (starting on Thursday) to receive your Cisco Live water bottle.
• All surveys can be taken in the Cisco Live Mobile App or by logging in to the Session Catalog on ciscolive.cisco.com/us.
Cisco Live sessions will be available for viewing on demand after the event at ciscolive.cisco.com.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS BRKCOL-2221 99
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public#CLUS
Continue your education
100BRKCOL-2221
Related sessions
Walk-in labsDemos in the Cisco campus
Meet the engineer 1:1 meetings