Access for Cisco Jabber without VPN

This topic describes how Cisco Jabber can access corporate resources from any location.

  • Cisco Jabber provides access without a VPN via Cisco Collaboration Edge.
  • Cisco Jabber uses service discovery to detect Cisco Expressway and connects to the corporate network.

Cisco Collaboration Systems mobile and remote access is a core part of the Cisco Collaboration Edge architecture. It allows endpoints such as Cisco Jabber to have their registration, call control, provisioning, messaging, and presence services provided by Cisco Unified Communications Manager when the endpoint is not within the enterprise network. The Cisco Expressway provides secure firewall traversal and line-side support for Cisco Unified Communications Manager registrations.

The overall solution provides the following:

  • Off-premises access: The Cisco Collaboration Systems solution offers a consistent experience outside the network for Cisco Jabber and Cisco EX, MX, and SX Series clients
  • Security: The Cisco Collaboration Systems solution provides secure business-to-business communications.
  • Cloud services: The Cisco Collaboration Systems solution provides enterprise-grade flexibility and scalable solutions providing rich WebEx integration and service provider offerings.
  • Gateway and interoperability services: The Cisco Collaboration Systems solution provides media and signaling normalization, and support for nonstandard endpoints.

Signaling traverses the Cisco Expressway solution between the mobile endpoint and Cisco Unified Communications Manager. Media traverses the Cisco Expressway solution and is relayed between endpoints directly; all media is encrypted between Cisco Expressway-C and the mobile endpoint.

Advertisements

Cisco Jabber Login Flow

This topic shows the login flow of Cisco Jabber registering with Cisco Unified Communications Manager.

Registering process of Cisco Jabber with Cisco Unified Communications Manager:

First, Cisco Jabber queries the DNS server for the service records, which is not shown in the figure. If Cisco Jabber is on the corporate network, the local DNS should reply with the _cisco-uds server record to provide the location of Cisco Unified Communications Manager (version 9.0 or higher) or with the _cuplogin server record to provide the location of Cisco Unified Communications IM and Presence Service.

Cisco Jabber uses the Cisco Unified Communications Manager IP Phone (CCMCIP) profile to receive a list of available devices that are bound to the user that is logging into Cisco Jabber. After receiving the device list, the user can select a device if more devices are configured.

Then, the configuration file is requested from the TFTP server. After reading out the configuration file, the device registers using SIP messages, as shown in the figure.

Cisco Unified Communications IM and Presence Service Cluster

This topic describes the communication between Cisco Unified Communications Manager and the Cisco Unified Communications IM and Presence Service cluster.

  • Both clusters have a trust relationship using IP tables.
  • At the level of the database and services, the clusters are separate and distinct, and each Cisco Unified Communications IM and Presence Service and Cisco Unified Communications Manager cluster requires separate administration.

Starting with version 10.x, the Cisco Unified Communications IM and Presence Service node is a subscriber server in the Cisco Unified Communications Manager cluster. However, the Cisco Unified Communications IM and Presence Service cluster still has its own publisher and subscriber servers within the subcluster concept for high availability. Both clusters require configuration so that Cisco Jabber can register and work properly.

The Cisco Unified Communications IM and Presence Service publisher node utilizes and builds on the database that is used by the Cisco Unified Communications Manager publisher by sharing the end-user and device information. A Cisco Unified Communications IM and Presence Service cluster supports only a single Cisco Unified Communications Manager cluster. Therefore, all presence users of the Cisco Unified Communications IM and Presence Service cluster must be defined within the same Cisco Unified Communications Manager cluster.

Intracluster traffic participates at a very low level between Cisco Unified Communications IM and Presence Service and Cisco Unified Communications Manager and between the Cisco Unified Communications IM and Presence Service publisher and subscriber nodes. Both clusters share a common host file and have a strong trust relationship using IP tables.

The Cisco Unified Communications IM and Presence Service publisher node communicates directly with the Cisco Unified Communications Manager publisher via the AXL API using the SOAP interface.

Cisco Unified Communications IM and Presence Service Architecture

This topic describes the architecture of Cisco Unified Communications IM and Presence Service and the protocols and interfaces that are used to connect to other applications.

Cisco Unified Communications IM and Presence Service consists of many components that enhance the value of a Cisco Unified Communications solution. Cisco Unified Communications IM and Presence Service incorporates the Cisco Jabber Extensible Communications Platform (XCP) and supports SIP, SIMPLE, and XMPP for collecting information about the availability status and communications capabilities of the user. The availability status of the user indicates whether the user is actively using a particular communications device, such as a phone. The communications capabilities indicate the types of communications that the user is capable of using, such as video conferencing, web collaboration, IM, and others.

Cisco Unified Communications IM and Presence Service encompasses the components that are presented in the figure. Cisco Unified Communications IM and Presence Service uses standards-based SIP, SIMPLE, and XMPP to provide a common demarcation point for integrating clients and applications into Cisco Collaboration Systems. Cisco Unified Communications IM and Presence service also provides an HTTP interface that has a configuration interface through SOAP and a presence interface through REST. The Cisco Unified Communications IM and Presence Service node collects, aggregates, and distributes user capabilities and attributes using these standards-based SIP, SIMPLE, XMPP, and HTTP interfaces.

Cisco or third-party applications can integrate with presence and provide services that improve the end-user experience and efficiency. The core components of the Cisco Unified Communications IM and Presence Service node consist of the following:

  • Jabber XCP, which manages presence, IM, roster, routing, policy, and federation management
  • Rich Presence Service, which manages presence state gathering, network-based rich presence composition, and presence-enabled routing functionality
  • Support for ad hoc group chat storage with persistent chat and message archiving that is handled by an external database

Applications (either Cisco or third party) can integrate presence and provide services that improve the end-user experience and efficiency. The Cisco Unified Communications IM and Presence Service node also contains support for interoperability with Microsoft Lync Server, including the clients for any phone that is connected to a Cisco Unified Communications Manager.

Cisco Unified Communications IM and Presence Service, Active Directory, and Exchange

This topic describes the integration of Microsoft Active Directory and Exchange.

Integrate Microsoft Active Directory and Exchange to improve the user experience:

Cisco Unified Communications Manager and Cisco Unified Communications IM and Presence Service can be integrated with the enterprise LDAP directory and Microsoft Exchange. This integration allows users to sign in with their LDAP user credentials and synchronize their presence status with Microsoft Outlook calendar entries.

An LDAP directory lookup allows Cisco Jabber client users, or third-party XMPP clients, to search for and to add contacts from the LDAP directory. The search results are displayed in the search window from Cisco Jabber.

Cisco Unified Communications IM and Presence Service communicates with the Microsoft Exchange Server using OWA, a WebDAV interface that is available on Microsoft Exchange Server 2003. For Microsoft Exchange 2007 and later, EWS is used.

Integration with LDAP for Cisco Jabber

This topic describes how LDAP integration enables end users to search and add contacts from the corporate directory.

Integrate LDAP directory servers for Cisco Jabber:

  • Cisco Unified Communications Manager can use synchronization and authentication of end users.
  • LDAP profile allows users to search and add contacts from the LDAP directory into Cisco Jabber.
  • Use photo retrieval to show user pictures in Cisco Jabber for contacts.
  • The optimum dimensions for contact photos are 128 pixels by 128 pixels with an aspect ratio of 1:1.
  • Instead of an LDAP server, you may use the Cisco Unified CM User Data Service.

Administrators can provision users automatically from the LDAP directory into the Cisco Unified Communications Manager database. Cisco Unified Communications Manager synchronizes with the LDAP directory so that the administrator does not have to add, remove, or modify user information manually each time that a change occurs in the corporate directory. LDAP integration also provides authentication for Cisco Jabber client users.

To enhance the user experience, you can display user photos in Cisco Jabber. To achieve the best result with Cisco Jabber, your contact photos should have specific formats and dimensions. Cisco Jabber supports the following formats for contact photos in your directory: JPG, PNG, and BMP. Cisco Jabber does not apply any modifications to enhance rendering for contact photos in GIF format. As a result, contact photos in GIF format might render incorrectly or with less than optimal quality. To obtain the best quality, you should use the PNG format for your contact photos. The optimum dimensions for contact photos are 128 pixels by 128 pixels with an aspect ratio of 1:1.

If contact photos in your directory are smaller or larger than 128 pixels by 128 pixels, the client automatically resizes the photos. For example, if contact photos in your directory are 64 pixels by 64 pixels, Cisco Jabber resizes the photos to 128 pixels by 128 pixels when the photo is retrieved.

Cisco Jabber and Conferencing

This topic describes how conference servers allow Cisco Jabber users to start conferences.

Integrate conferencing systems for Cisco Jabber:

  • Cisco Unified MeetingPlace and Cisco WebEx are supported.
  • Cisco Jabber communicates with the conference servers using HTTP or HTTPS.
  • Conferencing servers are configured on Cisco Unified Communications Manager in a UC service.
  • Video conference scheduling portals can be added as well.

Cisco Jabber uses Cisco WebEx for its web conferencing capability. The web conferencing features of Cisco WebEx use HTTP or HTTPS as the transport protocol. You can also add the Cisco TelePresence Management Suite as a video conference scheduling portal.