Implementing Cisco
Jabber
(DICJ)
V9.0
Student Guide
Student Guide
2 Designing and Implementing Cisco Jabber Table Of Contents
Table of Contents
Introduction to Cisco Unified Collaboration................................................................................ 1-1
Set Up Cisco Jabber On-Premises Deployments with Cisco UCM Version 9.x ....................... 2-117
Provisioning Cisco Jabber for Mobile Cisco Unified Widgets .................................................... 3-53
Lunch
Cisco Jabber For Windows Cisco Jabber For Windows Cisco Jabber For Mobile
www.flane.com.au
Module Outlines
This Module covers the following topics:
Cisco Collaboration Overview
Cisco Jabber Portfolio:
Cisco Jabber for Windows
Cisco Jabber for iPhone
Cisco Jabber IM for iPhone
Cisco Jabber for Android
Cisco Jabber for iPad
Cisco Unified Client Services Framework Architecture
1-2 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Lesson 1
Cisco Collaboration
Overview
POST PC Era
6 www.flane.com.au
The enterprise world faces a fundamental shift with the arrival of the post-PC era. Employees in
organizations exploring the bring-your-own-device (BYOD) movement can now work from
anywhere, on any device. But what kinds of challenges--and opportunities--does BYOD present
to both end-users and IT, and how can companies address them?
1-4 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
The New Collaboration Experience
7 www.flane.com.au
Collaboration is emerging as the next breakthrough source of effectiveness and innovation for
business. Multiple trends are converging to create a profound transition in the way people interact
and do business, including:
But how do you go about embracing these important changes without introducing greater risk and
complexity?
Cisco continued to address this question at the Enterprise Connect conference with a set of new
announcements related to pervasive video, the collaborative workspace, and new value-priced IP
telephony solutions, that further the goal of transforming how people and organizations
collaborate.
Pervasive Video
Video transforms the collaboration experience. It is being adopted everywhere--at work and on
the road--and has gone far beyond 'meetings' to becoming a natural part of everyday activity.
Now everyone can be a video producer and consumer. Learn about new recording and streaming
solutions, video-enabled endpoints, a unified user interface for Cisco TelePresence, and more:
Find out how you can easily create and share video with new Cisco TelePresence Content
Server capabilities and integration with Cisco Show and Share
Experience the new range of video-enabled endpoints, including new video phones and a new
Telepresence endpoint
Make video easy with a new unified Telepresence user interface
Unlock the power of video with new analytics and media transformation capabilities
1-5 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Take advantage of the power of video for face-to-face virtual meetings, events, training, and
organizational communications
The dramatic rise in the popularity of smartphones and tablet devices has marked the start of
a 'post-PC' era, where desktop PC applications are no longer the primary collaboration tool.
The new workspace is inherently mobile, social, visual and virtual, allowing people to work
anywhere, on any device, with any content. A key requirement of this new model is a
consistent user interface that fosters productivity and versatility of communication, no matter
where you are or what you're doing.
Improved responsiveness and streamlined communication are critical for any business no matter
their size. Cisco has drawn on its enterprise-proven IP telephony system to deliver a solution for
midsize businesses that is easy to set up and manage with value pricing to match:
Learn more about the Cisco Unified Communications Manager Business Edition 3000 and
how it can help you to better interact with customers, suppliers, and employees
Gain IT control and savings with Cisco Virtual Desktop Infrastructure, and provide greater
flexibility for your users.
Every day, people express millions of opinions online using social media tools such as Twitter
and Facebook--maybe about your company. Are you listening? Now you can:
Engage with customers in their preferred medium, monitor what they're saying, and respond
quickly and personally
Find new customers, solve problems, and track buying trends quickly with Cisco SocialMiner
Enhance call-center productivity with Cisco Finesse to give representatives all the
information they need
The impact of the growth of mobile devices cannot be overstated. Feature phones capable of
voice and text messaging - and in some cases mobile email - have long been popular, but with the
introduction of the Apple iPhone and the Google Android mobile OS, a new category of devices
designed for accessing the Internet and collaboration appeared almost overnight. The market
penetration statistics are simply amazing:
1-6 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Unlike traditional desk-based personal computers, this new class of mobile devices came
equipped with all of the capabilities necessary to enable people to richly communicate and
collaborate with each other, such as front- and rear-facing cameras, high-quality LED
screens, fourth-generation (4G) and Wi-Fi network connectivity, and software to maximize
battery life.
1-7 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Why Cisco?
Any to Any
Video Everywhere
Cloud Collaboration
8 www.flane.com.au
1-8 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Collaboration Architecture
9 www.flane.com.au
This open, integrated foundation works with new and existing technologies, and positions you to
realize new business opportunities. By aligning this architecture with your strategic goals, the
technologies deployed within this framework allow you to:
The Cisco collaboration architecture offers you significant competitive advantages. It breaks
down the barriers to collaboration that traditionally exist between different content formats, tools,
devices, companies, and people working towards a common goal. As a result, it provides the
architectural flexibility and organizational agility you require to quickly respond to the changing
needs of your business.
1-9 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Summary
1-10 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Lesson 2
Cisco Jabber
Portfolio
Cisco Collaboration Clients
Overview
12 www.flane.com.au
Cisco Collaboration Clients and Applications provide an integrated user experience and extend
the capabilities and operations of the Cisco Unified Communications System. These clients and
applications enable collaboration both inside and outside the company boundaries by bringing
together, in a single easy to use collaboration client, applications such as online meetings,
presence notification, instant messaging, audio, video, voicemail, and many more.
Several Cisco collaboration clients and applications are available. Third-party XMPP clients and
applications are also supported. Cisco clients use the Cisco Unified Client Services Framework to
integrate with underlying Unified Communication services through a common set of interfaces. In
general, each client provides support for a specific operating system or device type. Use this
chapter to determine which collaboration clients and applications are best suited for your
deployment. The client-specific sections of this chapter also provide relevant deployment
considerations, planning, and design guidance around integration into the Cisco Unified
Communications System.
1-12 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Collaboration Clients
Overview (Cont.)
Supported Cisco Collaboration Clients :
Cisco Jabber for Windows and Mac
13 www.flane.com.au
The following collaboration clients and applications are supported by the Cisco Unified
Communications System:
Cisco Jabber for Windows and Mac
Cisco Jabber for Windows and Cisco Jabber for Mac are Unified Communications clients
that provide robust and feature-rich collaboration capabilities including standards-based
IM and presence, audio and video, visual voicemail, desktop sharing, deskphone control,
Microsoft Office integration and directory integration.
Cisco Jabber for Windows and Cisco Jabber for Mac can be deployed to use on-premises
services in which Cisco IM and Presence (formerly Cisco Unified Presence) and Cisco
Unified Communications Manager provide client configuration, instant messaging and
presence, and user and device management. Cisco Jabber for Windows and Cisco Jabber
for Mac can also be deployed to use cloud-based services through integration with Cisco
WebEx Messenger service.
Cisco Jabber forms the basis of the next generation of Cisco collaboration clients, which
will supersede Cisco Unified Personal Communicator and Cisco Unified Integration for
WebEx Connect in future Cisco Unified Communications System releases. Therefore,
only Cisco Jabber for Windows and Cisco Jabber for Mac features and functionality are
discussed in this release of the Cisco Unified Communications System SRND. Cisco
Unified Personal Communicator and Cisco Unified Integration for WebEx Connect
clients are still available and supported, but their features and functionality have not
changed from Cisco Unified Communications System release 8.x. For design guidance on
Unified Personal Communicator and WebEx Connect clients, refer to the clients
information in the Cisco Unified Communications System 8.x SRND, available at
http://www.cisco.com/go/ucsrnd
1-13 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Jabber Web SDK. For more information on Jabber for Everyone, refer to the Jabber for
Everyone Solution Overview, available at
http://www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/jabber_for_everyon
e/CUP0_BK_JE526021_00_jabber-for-everyone-solution-overview.html
1-14 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber Product
Portfolio
15 www.flane.com.au
1-15 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for Windows
Product Overview
Highly productive toolset
User Interface and experience crafted to be highly
intuitive
Flexible deployment
Contact search
Enterprise IM/presence
Audio/video
Softphone & deskphone
Desk phone control Visual voicemail via Cisco Unity
HD quality video (up to 720p) Connection
Advanced call functions Citrix XenDesktop & XenApp support
Hold/resume Desktop sharing via WebEx or BFCP
Forward/Transfer Microsoft Office integration
SRST Escalation to web meeting
B2B inter-domain federation Language localization
17 www.flane.com.au
Cisco Jabber™ is a unified communications application that enables you to be more productive
from anywhere on any device. Find the right people, see if and how they are available, and
collaborate using your preferred method.
Today's global, distributed work environment has resulted in significant challenges for workers,
making it harder to connect with the right people and significantly increasing the quantity and
modes of communications. Organizations of all sizes are striving to improve communications in
order to retain customers, compete for new business, control costs, and grow their business
globally.
Cisco Jabber for Windows streamlines communications and enhances productivity by unifying
presence, instant messaging, video, voice, voice messaging, desktop sharing, and conferencing
capabilities securely into one client on your desktop. Cisco Jabber for Windows delivers highly
secure, clear, and reliable communications. It offers flexible deployment models, is built on open
standards, and integrates with commonly used desktop applications. You can communicate and
collaborate effectively from anywhere you have an Internet connection
The following are the supported presence features to view real-time availability of co-workers
and colleagues within and outside the enterprise network:
Exchange and display presence availability information and instant messages with other
Cisco Jabber users, Cisco Unified Personal Communicator, Cisco WebEx Connect®,
Microsoft Office Communicator and Lync, IBM Lotus Sametime, AOL, GoogleTalk, and
many other XMPP-compatible clients.
Exchange presence information with mobile handsets using Cisco Jabber or third-party
XMPP-compatible clients.
Display customized availability messages.
Your status is updated automatically when you are in a Cisco WebEx meeting or sharing
an application.
Show your availability based on the free and busy status in your Microsoft Outlook
Calendar or Exchange Server2.
1-16 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Use the do-not disturb (DND) availability state to let others know you are unavailable.
The DND status is automatically synchronized between Cisco Jabber and your Cisco
Unified IP Phone to help ensure privacy for both instant messaging and phone
communications.
Cisco Jabber for Windows can be deployed in virtual environments using Citrix XenDesktop and
Citrix XenApp:
In a virtual environment Cisco Jabber for Windows supports presence, instant messaging, and
desk phone control.
1-17 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Instant Message / Group Chat
18 www.flane.com.au
You can choose the right communication tool for your situation to escalate from a chat to an
audio call, video call, desktop share, or web meeting. Also you can access a history of your
instant messaging conversations.
You can exchange and display presence availability information and instant messages with other
Cisco Jabber users, Cisco Unified Personal Communicator, Cisco WebEx Connect®, Microsoft
Office Communicator and Lync, IBM Lotus Sametime, AOL, GoogleTalk, and many other
XMPP-compatible clients.
1-18 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Voice & Video Communication
Exchange ideas face-to-face with coordinated video display on the PC screen and voice
conversation with a soft phone.
Make, receive, and control your phone calls whether you are in or out of the office.
Click-to-call directly from your contact list or Outlook without the need to look up phone
numbers.
Business-quality video communication up to high-definition (720p) and high-fidelity
wideband audio is supported.
Standards-based video means you are not restricted to collaboration with just other
Jabber clients. You can use voice, video, and even desktop share when interacting with
telepresence endpoints and room-based and multipoint videoconferencing systems.
A variety of call-control options are available, including mute, call transfer, call
forwarding, and ad-hoc conferencing.
The enterprise-class IP telephony reliability and failover features of Cisco Unified
Communications Manager are supported.
Group chat and audio conference sessions are as simple as clicking a button, eliminating
the need to use other applications and interfaces to schedule, invite, or join conferences.
Initiate a web meeting session directly from the Cisco Jabber client, using Cisco WebEx
conferencing to share content, such as a presentation, document, or your desktop
1-19 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Status Bar – Device selection
/ Call Forward
Users can select mode of operation using the system tray icon.
Users can be configured to use just desk phone, just soft phone or both.
20 www.flane.com.au
Cisco Jabber delivers business-quality voice and video to your desktop. Powered by the market-
leading Cisco® Unified Communications Manager call-control solution, Cisco Jabber is a soft
phone with wideband and high-fidelity audio, standards-based high-definition video (720p), and
desk phone control features. These features mean that high-quality and high-availability voice
and video telephony is available at all locations and to your desk phones, soft clients, and mobile
devices. Cisco Jabber for Windows makes voice communications simple, clear, and reliable.
1-20 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Desktop Share Options
Communicate ideas quickly by instantly sharing what is on your desktop. With the Jabber
application you can share your desktop with other Jabber users as well as Cisco and other
standards-based video endpoints.
Jabber for Windows supports desktop sharing using either WebEx Desktop Share or Video
Desktop Share (using BFCP).
1-21 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Visual Voice Mail and
Extensible Tab /HTML Apps
Visual Voicemail
Provides access to Unity connection.
Message is played back within the client.
Cisco Unity is not supported with Cisco Jabber
Visual voice message access. Access and manage your voice messages:
View, play back, and delete voice messages from Cisco Unity® Connection.
Secure messaging is provided, with support for private and encrypted voice messages.
Administrators can create additional HTML application tabs within the client.
1-22 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Microsoft Office 2010 Integration
See who is available directly in Microsoft
2007/2010 Office suites
Easily start
Chat
Group Chat
Easily escalate to
Voice
Video
Web Share
Personal contact integration
Initiate calls
Initiate IM
Ribbon Bar Integration
23 www.flane.com.au
You can access the capabilities of the Cisco Jabber application from common desktop
applications such as Microsoft Office (Outlook, Word, Excel, PowerPoint, and SharePoint),
including lighting up presence and click-to-communicate (instant message and audio and video
calling) capabilities. For Microsoft Office 2010, you can use the Microsoft contact card click-to-
communicate icons directly from within the application to save time and streamline workflows
because you can view user availability and initiate communications such as personal and group
voice, video, and chat sessions without having to switch between applications.
1-23 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for iPhone
Place, receive, and manage calls over your corporate
Wi-Fi network handover any Wi-Fi hotspot using a
VPN
Lower Mobility Costs
Mobile Privacy
Enterprise Telephony Features
Voice dialing
The Cisco Jabber for Android and iPhone mobile clients enable Android smartphones and
iPhones and other Apple iOS devices to make and receive enterprise calls using voice over IP.
The Cisco Jabber mobile client application running on the Android or Apple iOS device registers
and communicates with Unified CM using the SIP signaling protocol. The Cisco Jabber mobile
client also enables additional features such as corporate directory access and enterprise visual
voicemail.
Cisco Jabber® for iPhone lets you place, receive, and manage calls over your corporate Wi-Fi
network. Cisco Jabber for iPhone also supports calls over any Wi-Fi hotspot using a VPN,
allowing you to take further advantage of your corporate telephony infrastructure whenever you
have access to a high-quality wireless network connection. You will benefit from the cost savings
from not using your wireless minutes, the capability to use your work phone number when
placing calls from your Apple iPhone, and the stronger in-building network coverage from a
wireless network.
Cisco Jabber for iPhone allows you to place and receive calls over your corporate wireless LAN
(WLAN) and telephony infrastructure, reducing the number of mobile minutes used and saving
on roaming charges. Because Cisco Jabber for iPhone uses your Cisco Unified Communications
Manager call-routing capabilities, you can also avoid toll charges for international calls. You can
place and receive calls when at home, in hotels, or at Wi-Fi hotspots.
Mobile Privacy
Cisco Jabber for iPhone turns your iPhone into an extension on Cisco Unified Communications
Manager. You appear to receive and make calls from your desk phone when using Cisco Jabber
for iPhone. Executives benefit from this feature because they often want to keep their mobile
number private when placing calls.
1-24 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Enterprise Telephony Features
Cisco Jabber for iPhone offers enterprise-class telephony functions including transfer, conference,
hold and resume, and park and recover calls. You can also hand off calls to your mobile
provider’s network as you leave Wi-Fi coverage. Finally, you can move iPhone calls to and from
your Cisco Unified IP Phone to continue a conversation on a different phone
With Cisco Jabber for iPhone, you have many dialing options. You can place a call from your
Contacts list, manually dial a number, or simply hold the phone up and say a name to dial. Cisco
Jabber for iPhone works in conjunction with Speech Connect for Cisco Unity® Connection to
allow you to dial contacts in this way
Apple iOS 5.0 or later running on an Apple iPhone 3GS, 4, or 4S, Apple iPod touch third or
fourth generation, or Apple iPad (1 or 2) is required for Cisco Jabber 8.6.
Apple iPod touch and iPad are not supported through Bluetooth headsets. Apple iPod touch third
generation requires a wired headset; you can use iPod touch fourth generation and iPad in
speakerphone mode or with a wired headset.
Cisco Jabber for iPhone supports multiple audio codecs (G.711a, G.711mu, and G.729) and
automatically selects the best option depending on whom you are calling and the bandwidth
available, providing you with the best audio experience possible.
1-25 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for iPhone (Cont.)
Visual Voicemail
Call preservation
Integration with Cisco Mobile Connect (single-number
reach)
Handoff to GSM
Handoff to and from desk phone
Cisco Jabber supports Survivable Remote Site
Telephony (SRST).
Cisco Jabber allows you to sign in and out of the app
using Extension Mobility.
Users can cross-launch Cisco Jabber IM for iPhone.
26 www.flane.com.au
Visual Voicemail
Cisco Jabber for iPhone gives you visual access to your enterprise voicemail. You can view new
and saved voicemail messages, and play back messages in any order. Actions you take on your
iPhone, such as playing, marking as unheard, or deleting a message, are synchronized with your
corporate voicemail mailbox. Visual Voicemail requires Cisco Unity Connection or Cisco Unity
Express
Call preservation
Call preservation keeps your call connected when you receive a Global System for Mobile
Communications
(GSM) call while on an Internet call. You can retrieve the Internet call by returning to Cisco
Jabber for iPhone.
Cisco Mobile Connect enables you to receive calls placed to your desk phone on your iPhone
(through GSM) whenever Cisco Jabber for iPhone is not running or not connected to Cisco
Unified Communications Manager
Handoff to GSM
You can hand off your Internet call to your mobile operator’s network as you leave buildings, so
you have freedom to move about without interrupting your calls.
1-26 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Handoff to and from desk phone
You can hand off your call from your iPhone to your desk phone and continue your call using
your desk phone. Similarly, you can hand off calls from the desk phone to your iPhone, so you
have freedom to move about.
Failover Cisco Jabber for iPhone supports various failover scenarios, including failover to
another Cisco Unified Communications Manager or the failover features of Cisco Unified
Survivable Remote Site Telephony (SRST).
You can initiate an instant message (IM) chat with a contact in your Cisco Jabber for iPhone
application or you can initiate a voice-over-IP (VoIP) call with a contact in your Cisco Jabber IM
for iPhone application. Each application can cross-launch the other in order to deliver a more
complete collaboration experience on the iPhone.
1-27 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for Android
Always-on and always connected
Intuitive user experience
Lower mobility costs
Mobile privacy
Enterprise telephony features
Handoff to mobile voice network
Handoff to and from desk phone
Cisco Jabber for Android is officially supported on the following devices:
Samsung Galaxy S II (AT&T) running Android Version 2.2
Samsung Galaxy S i9000 (model number GT-I9000) running Android Version
2.2.1 or 2.3
Samsung Galaxy Tab international version (model number GT-P1000) running
Android Version 2.2 or 2.3
27 www.flane.com.au
With Cisco Jabber for Android you can turn your Android device into a full-featured Cisco
Unified IP Phone. You can place, receive, and manage calls whether using your corporate Wi-Fi
network, other Wi-Fi networks, or a mobile data network.
Cisco Jabber for Android features a secure connection capability to your corporate network so
that you remain transparently and automatically connected no matter where you choose to work.
You will also benefit from the cost savings from not using your wireless voice minutes, the
ability to use your work phone number when placing calls from your Android smartphone or
tablet, and the stronger network coverage from a Wi-Fi network.
1-28 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber IM for iPhone
Stay connected while mobile
Presence/IM application on iPhone
View presence states & conducting 1:1
chats
For both on-premises or on-demand
deployment
29
Flexible & secure deployment www.flane.com.au
The Cisco Jabber IM client runs on specific BlackBerry smartphones and on the iPhone and other
Apple iOS devices and communicates via XMPP with on-premises Cisco IM and Presence
services or off-premises cloud-based Cisco WebEx Connect.
Stay connected while mobile: Cisco Jabber® IM for iPhone delivers instant messaging (IM) and
presence to your Apple iPhone.
Access your desktop IM contact list and take action with features such as click to IM,
click to call, click to email, and click to text from a person’s profile.
Start or join an instant Cisco WebEx® meeting from an IM conversation
Search for colleagues in your corporate directory
Maintain security using Secure Sockets Layer (SSL) encryption and by connecting your
IPhone directly to the Cisco IM infrastructure
Cisco Jabber IM for iPhone works with the following Apple devices:
Cisco Jabber IM for iPhone works with the following Apple iOS versions:
4.2
4.3
5.0
1-29 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber IM for BlackBerry
Delivers instant messaging (IM) and
presence to your BlackBerry.
Access your desktop IM contact list
Join an instant Cisco WebEx meeting from
an IM conversation
Maintain security using Secure Sockets
Layer (SSL) encryption and by connecting
your BlackBerry directly to the Cisco IM
infrastructure
Supported BlackBerry Devices:
Bold 9000, 9700, 9780, 9650, and
9900
Curve 8520, 8900, and 9330
Torch 9800, 9810, and 9850
Tour 9630
30 www.flane.com.au
Cisco Jabber IM for BlackBerry lets you reduce communication delays by knowing a person’s
availability with a presence status generated from multiple sources. When you are mobile and
using your BlackBerry device, viewing a person’s presence status lets you immediately know if
that person is available or busy, so you can determine the best way to reach that person. You can
use the application to connect quickly over IM and, if necessary, escalate to a phone call, send an
email, text message, start an instant Web conference, or use Short Message Service (SMS).
Cisco Jabber IM for BlackBerry lets you collaborate securely - even with colleagues outside your
organization.
The application uses the widely accepted Extensible Messaging and Presence Protocol (XMPP)
Internet and presence IM standard that supports communication with networks outside your
organization. You are ensured of communication privacy with user authentication and 128-bit
SSL encryption or 256-bit AES encryption (AES encryption requires Cisco WebEx Connect and
is not available with Cisco Unified Presence).
Cisco Jabber IM for BlackBerry is designed to work with either deployment model - a premises-
based or cloud-based presence solution.
Cisco WebEx Connect (cloud solution) versions 6.5, 6.7, and 7.0
Cisco Unified IM and Presence (on-premise solution) versions 8.0 and 8.5
This application allows users to stay in touch with their contacts any time, any place, on any
device. Users can join instant meetings and place phone calls without leaving Cisco Jabber IM for
BlackBerry. Cisco Jabber IM for Blackberry uses the BlackBerry Enterprise Server (BES) and
existing wireless networks.
1-30 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for iPad
Product Overview
Cisco Jabber™ for iPad is a unified communications client application that provides presence,
instant messaging (IM), voice, voice messaging, and video calling capabilities on the Apple iPad
(Figure 1). Conferencing and screen-sharing capabilities are delivered with an escalation to the
Cisco WebEx® for iPad application. This integrated collaboration experience is designed to take
advantage of the form factor of the iPad; it works with both a premises- and a cloud-based
collaboration architecture.
Integrated voice, high-quality video, IM, presence, and visual voicemail functions
Flexibility of configuration for different communications infrastructure and
combinations of:
Voice and video: Cisco Unified Communications Manager
Video-only: Cisco TelePresence® Video Communication Server (VCS) or Cisco
Jabber Video for TelePresence
Peer-to-peer voice and video: Cisco WebEx Connect® service
Presence and IM: Cisco WebEx Connect service or Cisco Unified Presence
1-31 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber for iPad
Sneak Previews
33 www.flane.com.au
You can place a video call to a colleague using the Cisco WebEx Connect application using an
Internet call option on the Cisco Jabber for iPad client. You can set your presence status so your
contacts know whether or not you are available, helping them decide which method of
communication they use to reach you. You can also set your presence status to show colleagues
that you are "On Mobile" instead of at your computer.
1-32 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Cisco Jabber Video for TelePresence (Movi)
Cisco Jabber Video for TelePresence (Jabber Video) is an application that extends the reach of
telepresence. Jabber Video works with a compatible PC or Mac and a webcam or Cisco
TelePresence PrecisionHD camera to provide high-definition video communications to more
people, on more devices, from more places. Jabber Video can connect to telepresence systems,
resulting in a wider community of colleagues, partners, and business customers.
1-33 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Summary
Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco UC IntegrationTM
for Microsoft Lync all use the Client Services Framework as a base building block
for the client application.
The following collaboration clients and applications are supported by the Cisco
Unified Communications System:
Cisco Jabber for Windows and Mac
1-34 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Lesson 3
Contact management
Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco UC IntegrationTM for Microsoft Lync all
use the Client Services Framework as a base building block for the client application. Cisco Unified
Client Services Framework is a software application that combines a number of services into an
integrated client. An underlying framework is provided for integration of Unified Communications
services, including audio, video, web collaboration, visual voicemail, and so forth, into a presence and
instant messaging application.
These Cisco Jabber client applications reside on top of the Clients Services Framework, which provides
a simplified client interface and an abstraction layer that allows access to the following underlying
communications services:
SIP-based call control for voice and video softphone clients from Unified CM
Deskphone call control and "Click to Dial" services from Unified CM's CTI interface
Voice and video media termination for softphone clients
Instant messaging and presence services using XMPP, from either the Cisco IM and Presence
Service or Cisco WebEx. Cisco WebEx Meeting Center also offers hosted collaboration services
such as online meetings and events
Scheduled audio, video and web conferencing services
Desktop sharing using either, video desktop sharing (BFCP) or WebEx desktop sharing
Visual voicemail services from Cisco Unity Connection using IMAP
Contact management using:
Unified CM User Data Service (UDS) as a contact source (LDAP directory
synchronization supported)
Directory access using Microsoft Active Directory or supported LDAP directories as
a contact source
WebEx Messenger service
Client Services Framework cache and contact list
Microsoft Office Integration, which provides user availability status and messaging capabilities
directly through the user interface of Microsoft Office applications such as Microsoft Outlook.
1-36 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Client Services Framework Services
Cisco Jabber for Windows, Cisco Jabber for Mac, and Cisco UC IntegrationTM
for Microsoft Lync all use the Client Services Framework as a base building block
for the client application.
39 www.flane.com.au
The ability to communicate and abstract services and APIs,, allows the Client Services Framework to
coordinate the management of protocols to these services and APIs, handle event notifications, and
control the low-level connection logic for local system resources.
1-37 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Client Services Framework
Services (Cont.)
Call Control
Softphone Mode
40 www.flane.com.au
Cisco Unified Client Services Framework can operate in one of two modes for call control:
Softphone Mode — Using audio and video on a computer
The Client Services Framework in softphone mode is directly registered to Unified CM as
a SIP endpoint for audio and video call control functionality, and it is configured on
Unified CM as device type Client Services Framework.
Deskphone Control Mode — Using a Cisco IP Phone for audio (and video, if supported)
The Client Services Framework in deskphone control mode does not register with Unified
CM using SIP, but instead uses CTI/JTAPI to initiate, monitor, and terminate calls,
monitor line state, and provide call history, while controlling a Cisco Unified IP Phone.
The Cisco CallManager Cisco IP Phone (CCMCIP) service on Unified CM is used by the
Client Services Framework to retrieve a list of devices associated with each user. This list
of devices is used by a client in deskphone mode to choose which Cisco IP Phone it
wishes to control.
A number of standard audio and video codecs for use in low bandwidth or high fidelity
deployments are supported with the Client Services Framework. Audio codecs include G.729a,
G.711, and G.722.1, while video codecs include H.264 AVC (Advanced Video Coding) with
support for H.264 baseline profile levels 1 through 3.1. Video formats supported include QCIF,
CIF, VGA, and 720p HD at a rate of up to 30 frames per second.
The Client Services Framework always attempts to transmit and receive high definition video;
however, there are a number of throttling factors that need to be considered when deploying
video. These throttling considerations include the capability of the device communicating with,
the local processing capability of the PC, administrative or user settings, local camera
capabilities, and any call admission control policies in place.
There are a number of references the Client Services Framework can use to determine the video
frame rate for a call. The processing power and CPU used by the client play an important role in
determining the video frame rate used. Another decision point is based on the Windows
Experience Index (WEI) for the personal computer being used (see
http://technet.microsoft.com/en-us/library/cc507870.aspx). The minimum values for encoding
1-38 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
and decoding high definition video require a processor WEI encode value of 5.9 and a bandwidth
requirement of 1 Mbps for 720p at 15 frames per second or 2 Mbps for 720p at 30 frames per
second.
1-39 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Client Services Framework
Services (Cont.)
Contact Management:
Cisco UCM User database via the User Data Service (UDS)
41 www.flane.com.au
The Client Services Framework can handle the management of contacts through a number of sources,
including the following:
Cisco Unified CM User database via the User Data Service (UDS)
LDAP directory integration
Contacts can also be stored and retrieved locally using either of the following:
Client Services Framework Cache
Local address books and contact lists
The Client Services Framework uses reverse number lookup to map an incoming telephone number to a
contact, in addition to photo retrieval. The Client Services Framework contact management allows for up
to five search bases to be defined for LDAP queries.
UDS provides clients with a contact search service on Cisco Unified Communications Manager. You can
synchronize contact data into the Cisco Unified CM User database from Microsoft Active Directory or
other LDAP directory sources. Clients can then automatically retrieve that contact data directly from
Unified CM using the UDS REST interface.
The Client Services Framework maintains a local cache of contact information derived from
previous directory queries and contacts already listed, as well as the local address book or contact
list. If a contact for a call already exists in the cache, the Client Services Framework does not
search the directory. If a contact does not exist in the cache, the Client Services Framework
performs a directory search.
1-40 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Dial Plan Considerations
Use the directory for searching, resolving, and adding contacts. The number that
is associated with those contacts must be in a form that the client can recognize,
resolve, and dial.
Dial plan and number normalization considerations must be taken into account when deploying
the Client Services Framework as part of any Unified Communications endpoint strategy. The
Client Services Framework, as part of a Unified Communications collaboration client, will
typically use the directory for searching, resolving, and adding contacts. The number that is
associated with those contacts must be in a form that the client can recognize, resolve, and dial.
Deployments may vary, depending on the configuration of the directory and Unified CM. In the
case where the directory contains E.164 numbering (for example, +18005551212) for business,
mobile, and home telephone numbers and Unified CM also contains an E.164 dial plan, the need
for additional dial rules is minimized because every lookup, resolution, and dialed event results in
an E.164 formatted dial string.
If a deployment of Unified CM has implemented a private dial plan (for example, 5551212), then
translation of the E.164 number to a private directory number needs to occur on Unified CM.
Outbound calls can be translated by Unified CM translation patterns that allow the number being
dialed (for example, +18005551212) to be presented to the endpoint as the private number
(5551212 in this example). Inbound calls can be translated by means of directory lookup rules.
This allows an incoming number of 5551212 to be presented for reverse number lookup caller
identification as +18005551212.
Private numbering plan deployments may arise, where the dial plan used for your company and
the telephone number information stored in the LDAP directory may require the configuration of
translation patterns and directory lookup rules in Cisco Unified Communications Manager to
manage number format differences. Directory lookup rules define how to reformat the inbound
call ID to be used as a directory lookup key. Translation patterns define how to transform a phone
number retrieved from the LDAP directory for outbound dialing.
1-41 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
CSF Dial Plan Components
Translation Patterns
Client Transformation
Translation Patterns
Translation Patterns
Translation patterns are used by Unified CM to manipulate the dialed digits before a call is
routed, and they are strictly handled by Unified CM. Translation patterns are the recommended
method for manipulating dialed numbers. For additional guidelines on translation pattern usage
and dial plan management,
Client Transformation
Before a call is placed through contact information, the client application removes everything
from the phone number to be dialed, except for letters and digits. The application transforms the
letters to digits and applies the dialing rules. The letter-to-digit mapping is locale-specific and
corresponds to the letters found on a standard telephone keypad for that locale. For example, for a
US English locale, 1-800-4UCSRND transforms to 18004827763. Users cannot view or modify
the client transformed numbers before the application places the call.
1-42 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Deploying Client Services
Framework
Use the Bulk Administration Tool for the Client Services Framework deployment.
UDS
46 www.flane.com.au
Cisco Unified Client Services Framework operates as either a SIP endpoint registered to Unified
CM or as a deskphone controller of a Cisco Unified IP Phone using a CTI connection to Unified
CM. When planning a deployment using the Client Services Framework, Cisco partners and
employees can use the Cisco Unified Communications Sizing Tool (available at
http://tools.cisco.com/cucst) to assist in the appropriate sizing of SIP registered endpoints and
CTI controlled devices. The following additional items must be considered for a Client Services
Framework deployment:
TFTP — When configured in softphone mode, a Client Services Framework device
configuration file is downloaded through TFTP to the client for Unified CM call control
configuration information. In addition, any application dial rules or directory lookup rules
are also downloaded through TFTP to Client Services Framework devices.
CTI — When configured in deskphone mode, the Client Services Framework establishes
a CTI connection to Unified CM upon login and registration to allow for control of the IP
phone. Unified CM supports up to 40,000 CTI connections. If you have a large number of
clients operating in deskphone mode, make sure that you evenly distribute those CTI
connections across all Unified CM subscribers running the CTIManager service. This can
be achieved by creating multiple CTI Gateway profiles, each with a different pair of
CTIManager addresses, and distributing the CTI Gateway profile assignments across all
clients using deskphone mode.
CCMCIP — The Client Services Framework uses the Cisco CallManager Cisco IP Phone
(CCMCIP) service to gather information about the devices associated with a user, and it
uses this information to provide a list of IP phones available for control by the client in
deskphone control mode. The Client Services Framework in softphone mode uses the
CCMCIP service to discover its device name for registration with Unified CM.
IMAP — When configured for voicemail, the Client Services Framework updates and
retrieves voicemail through an IMAP connection to the mailstore.
LDAP — Client login and authentication, contact profile information, and incoming
caller identification are all handled through a query to the LDAP directory, unless stored
in the local Client Services Framework cache.
1-43 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
UDS — The UDS service can be used by clients to search for contacts in the Unified CM User
database. Like LDAP directory searches, UDS contact searches take place if the requested contact
cannot be found in the local Client Services Framework cache.
Summary
45 www.flane.com.au
1-44 Designing and Implementing Cisco Jabber Introduction to Cisco Unified Collaboration
Module 2
Module Outlines
This Module covers the following topics:
Deploying Cisco Jabber for Windows
Install and Configure Cisco Jabber for Windows
Designing Cisco IM and Presence
Integrating Cisco Unified CM and Cisco Unified IM and Presence
Set Up Cisco Jabber On-Premises Deployments with Cisco UCM Version
9.x
Cisco Unified IM and Presence Multi-Node deployments
Instant Messaging Compliance ,Logging and Chat Rooms
2-2 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 1
WebEx Meeting
www.flane.com.au
Cisco Jabber for Windows can be deployed on-premises or on-demand, offering IT departments
the flexibility to choose the model that best suits their business. When the application is deployed
on-demand, IT administrators can push client upgrades automatically to users.
2-4 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
On-Premises Deployments
Cisco UCM provides user and device configuration capabilities.
Cisco IM and Presence provides instant messaging and presence services.
Microsoft Active Directory or another supported LDAP directory provides contact
You can deploy the client in the following modes:
Full UC and Cisco Jabber for Everyone (IM Only)
Phone Mode
www.flane.com.au
An on-premises deployment is one in which you set up, manage, and maintain all services on
your corporate network.
Product Modes
You can deploy the client in the following modes:
Full UC and Cisco Jabber for Everyone (IM Only)
The default product mode is one in which the user's primary authentication is to a presence
server. At a minimum, users have instant messaging and presence capabilities.
Both full UC and Cisco Jabber for Everyone deployments use the default product mode. To
deploy full UC, you enable instant messaging and presence capabilities. You then provision users
with devices for audio and video in addition to voicemail and conferencing capabilities. To
deploy Cisco Jabber for Everyone, you enable instant messaging and presence capabilities. You
can optionally provision users with desk phone devices that they can control with the client.
Phone Mode
In phone mode, the user's primary authentication is to Cisco Unified Communications Manager.
To deploy phone mode, you provision users with devices for audio and video capabilities. You
can also provision users with additional services such as voicemail.
Cisco Jabber for Windows does not currently support meetings integration in phone mode. You
cannot provision users with conferencing functionality if you deploy the client in phone mode.
2-5 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for Everyone
(IM Only)
www.flane.com.au
2-6 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for
Everyone (IM Only) (pre 9)
CUCM Node
Client uses on premise services Users, Contacts
Licensing Cisco Unified
Directory Service
Client configuration on CUCM & Cisco Presence
www.flane.com.au
2-7 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for
Everyone (IM Only) (9.x +)
CUCM Node
New Deployment Model Users, Contacts Cisco Unified IM
Licensing and Presence
Client uses on premise services
www.flane.com.au
2-8 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Deployment Summary Matrix
Features Cloud Model On Prem (UC 7/8) On Prem (UC 9)
www.flane.com.au
This table is a quick summary for Cisco Jabber for desktop different deployment options.
2-9 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Phone Mode
www.flane.com.au
2-10 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for Everyone
Deployments – Services Connections
By default, Cisco Jabber for Windows connects to the presence
server to authenticate users and retrieve service profiles.
Bootstrap File.
www.flane.com.au
By default, Cisco Jabber for Windows connects to the presence server to authenticate users and
retrieve service profiles. The client can connect to the presence server in the following ways:
Users enter the presence server address in the Connection Settings window when they
start Cisco Jabber for Windows.
You specify the presence server address during installation. Cisco Jabber for Windows
can then get the presence server address from a bootstrap file when it starts.
The client automatically discovers the presence server.
2-11 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for Everyone
Deployments – Connection Settings
www.flane.com.au
Connection Settings
Users set the presence server address in the Connection Settings window. Cisco Jabber for
Windows can then connect to the presence server to authenticate users and retrieve service
profiles.
Cisco Jabber for Windows retrieves two different configuration files from the TFTP server:
Client configuration files that you create.
Device configuration files that reside on the Cisco Unified Communications Manager
TFTP service when you provision users with devices.
To minimize effort, you should host your client configuration files on the Cisco Unified
Communications Manager TFTP service. You then have only one TFTP server address for all
configuration files and can specify that address as required.
You can, however, host your client configuration on a different TFTP server to the one that
contains the device configuration. In this case, you have two different TFTP server addresses, one
address for the TFTP server that hosts device configuration and another address for the TFTP
server that hosts client configuration files.
Default Deployments
This section describes how you should handle two different TFTP server addresses in
deployments that have a presence server.
You should do the following:
1. Specify the address of the TFTP server that hosts the client configuration on the presence
server.
2. During installation, specify the address of the Cisco Unified Communications Manager
TFTP service with the TFTP argument.
2-12 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
When the client starts for the first time, it:
1. Retrieves the address of the Cisco Unified Communications Manager TFTP service from
the bootstrap file.
2. Gets device configuration from the Cisco Unified Communications Manager TFTP
service.
3. Connects to the presence server.
4. Retrieves the address of the TFTP service that hosts the client configuration from the
presence server.
5. Gets client configuration from the TFTP server
2-13 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for Everyone
Deployments – Bootstrap File
1. Specify the presence server address during
installation with the following argument:
ADDRESS.
www.flane.com.au
Bootstrap File
You can specify the presence server address during installation with the following argument:
ADDRESS.
The installation program then saves the presence server address to a bootstrap file. Cisco Jabber
for Windows gets the presence server address from the bootstrap file when it starts. It can then
connect to the presence server to authenticate users and retrieve service profiles.
2-14 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Full UC and Cisco Jabber for Everyone
Deployments – Presence Server Discovery
Cisco Jabber for Windows can automatically discover either Cisco IM and
Presence or Cisco Unified Communications IM and Presence if you do not
specify the presence server address during installation.
www.flane.com.au
2-15 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
DNS SRV Records
Cisco Jabber for Windows retrieves the _cuplogin._tcp SRV record from the Domain Name
Server (DNS) to lookup either Cisco Unified Presence or Cisco Unified Communications IM
and Presence.
2-16 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for Windows launch
sequence
1. Retrieve the presence server type from jabber-bootstrap.properties in the
installation directory.
4. The client connects to available services after it retrieves the service profiles.
The client connects to available services after it retrieves the service profiles.
If the profile contains conferencing settings, the client connects to the conferencing
service.
If the profile contains voicemail settings, the client connects to the voicemail service.
If the profile contains settings for Cisco Unified Communications Manager, the client
does the following:
Retrieves the device list for the user.
Retrieves the device configuration from the TFTP server.
Registers with Cisco Unified Communications Manager.
2-17 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Phone Deployments – Services
Connections
The client can connect to Cisco Unified Communications Manager in the following
ways:
Connection Settings
Bootstrap Files
If you deploy the client in phone mode, it connects to Cisco Unified Communications Manager
to authenticate users and retrieve configuration from the TFTP service. The client can connect
to Cisco Unified Communications Manager in the following ways:
Users enter the TFTP server address in the Connection Settings window when they
start Cisco Jabber for Windows.
You specify the TFTP server address during installation. Cisco Jabber for Windows can
then get the TFTP server address from a bootstrap file when it starts.
2-18 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cloud-Based Deployment
www.flane.com.au
Instant Messaging
The Cisco WebEx Messenger service lets users send and receive instant messages.
Conferencing
Cisco WebEx Meeting Center provides hosted meeting capabilities.
2-19 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Hybrid Cloud-Based
A hybrid deployment is one in which the cloud-base services hosted on Cisco
WebEx Connect are combined with the following components of an on-
premises deployment :
www.flane.com.au
The Cisco WebEx Messenger service lets users can publish their availability and
subscribe to other users' availability.
Instant Messaging
The Cisco WebEx Messenger service lets users send and receive instant messages.
Conferencing
Cisco WebEx Meeting Center provides hosted meeting capabilities.
Audio Calls
Users place audio calls through desk phone devices or on their computers through Cisco
Unified Communications Manager.
Video
Users share their screens and place video calls through Cisco Unified Communications
Manager.
Voicemail
Users send and receive voice messages through Cisco Unity Connection.
2-20 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cloud-Based Deployment – Services
Connections
• Users set Cisco WebEx as the value of the • Specify WebEx as value of the TYPE
Server type property in the Connection argument during installation.
Settings window. • The installation program then saves that
value to a bootstrap file.
• Cisco Jabber for Windows gets the value
from the bootstrap file when it starts.
www.flane.com.au
Connection Settings
Users set Cisco WebEx as the value of the Server type property in the Connection Settings
window. CiscoJabber for Windows can then connect to the Cisco WebEx Messenger service to
authenticate users and retrieve configuration and services.
Bootstrap File
You specify WebEx as value of the TYPE argument during installation.
The installation program then saves that value to a bootstrap file. Cisco Jabber for Windows
gets the value from the bootstrap file when it starts. It can then connect to the Cisco WebEx
Messenger service to authenticate users and retrieve configuration and services.
2-21 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Directory Integration with On-
Premises Servers
When you set up an on-premises deployment, you should configure Cisco Unified
Communications Manager to do both of the following:
www.flane.com.au
2-22 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Contact Sources
You can use either of the following as the contact source for an
on-premises deployment:
Enhanced Directory Integration
Enhanced Directory Integration (EDI) is an LDAP-based contact source.
www.flane.com.au
Contact Sources
You can use either of the following as the contact source for an on-premises deployment
Enhanced Directory Integration
Enhanced Directory Integration (EDI) is an LDAP-based contact source.
Cisco Unified Communications Manager User Data Service
Cisco Unified Communications Manager User Data Service (UDS) is a contact source on Cisco
Unified Communications Manager.
2-23 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enhanced Directory Integration (EDI)
Cisco Jabber for Windows by default uses auto-discovery for directory access.
Clients connect to a Global Catalog server in the current domain (Windows selects exact
GC); If workstation isn’t domain member, custom configuration can be used.
Active
Directory
DNS 2. Client uses ASDI to
connect to directory
www.flane.com.au
2-24 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enhanced Directory Integration (EDI) (Cont.)
Connection Credentials:
By default, the client uses MS Windows usernames and passwords to connect to the directory
service.
You can pecify a connection username and password to access a directory service other than EDI
or to use a set of common credentials for all users.
After Cisco Jabber for Windows gets the DNS domain, it can locate the Domain Name Server and
retrieve SRV records.
Cisco Jabber for Windows can automatically discover the directory server if:
The workstation on which you install Cisco Jabber for Windows is on the Windows domain.
Cisco Jabber for Windows can retrieve the address of the directory server from a DNS SRV record.
Global Catalog: _gc._msdcs._tcp.domain.com
Domain Controller LDAP-based directory servers: _ldap._msdcs._tcp.domain.com
www.flane.com.au
Connection Credentials
By default, the client uses Microsoft Windows usernames and passwords to connect to the
directory service.
You can specify a connection username and password to access a directory service other than
EDI or to use a set of common credentials for all users.
The UseWindowsCredentials parameter specifies if you use Microsoft Windows credentials to
connect to your directory.
Set credentials with the following parameters:
ConnectionUsername
ConnectionPassword
Domain Name Retrieval
Cisco Jabber for Windows retrieves the fully qualified DNS domain from the
USERDNSDOMAIN environment variable on the client workstation.
After Cisco Jabber for Windows gets the DNS domain, it can locate the Domain Name Server
and retrieve SRV records.
In some instances, the value of the USERDNSDOMAIN environment variable does not resolve
to the DNS domain that corresponds to the domain of the entire forest. For example, when an
organization uses a sub-domain or resource domain. In this case, the USERDNSDOMAIN
environment variable resolves to a child domain, not the parent domain. As a result, Cisco
Jabber for Windows cannot access information for all users in the organization.
Cisco Jabber for Windows can automatically discover and connect to the directory server if:
The workstation on which you install Cisco Jabber for Windows is on the Windows
domain.
2-25 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for Windows can retrieve the address of the directory server from a DNS
SRV record.
2-26 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enhanced Directory Integration (EDI)
(Cont.)
Attributes on the Directory Server
sAMAccountName
telephoneNumber
Additionally, ensure you index the following attributes for secondary number
queries:
otherTelephone
mobile
homePhone
msRTCSIP-PrimaryUserAddress
www.flane.com.au
You must index attributes on your directory server so that Cisco Jabber for Windows can
resolve contacts.
If you use the default attribute mappings, ensure the following attributes are indexed:
sAMAccountName
telephoneNumber
Additionally, ensure you index the following attributes for secondary number queries:
otherTelephone
mobile
homePhone
By default secondary number queries are enabled in Cisco Jabber for Windows. You can disable
secondary number queries with the DisableSecondaryNumberLookups parameter.
msRTCSIP-PrimaryUserAddress
You should index msRTCSIP-PrimaryUserAddress for intradomain federation only.
Because the client connects to a Global Catalog server by default, you must ensure that all
attributes reside on your Global Catalog server. You can replicate attributes to a Global Catalog
server using an appropriate tool such as the Microsoft Active Directory Schema snap-in.
Replicating attributes to your Global Catalog server generates traffic between Active Directory
servers in the domain. For this reason, you should replicate attributes to your Global Catalog
server at a time when network traffic can handle extra load.
If you do not want to replicate attributes to a Global Catalog server, you can configure Cisco
Jabber for Windows to connect to a Domain Controller. However, the client queries single
domains only when it connects to a Domain Controller.
2-27 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
EDI - Contact Photo Retrieval Methods
URI substitution
Cisco Jabber for Windows dynamically builds a URL to contact photos with a directory
attribute and a URL template.
<Directory>
<DirectoryServerType>EDI</DirectoryServerType>
<BusinessPhone>aNonDefaultTelephoneNumberAttribute</BusinessPhone>
<PhotoUriSubstitutionEnabled>true</PhotoUriSubstitutionEnabled>
<PhotoUriSubstitutionToken>sAMAccountName</PhotoUriSubstitutionToken>
<PhotoUriWithToken>http://staffphoto.example.com/sAMAccountName.jpg</PhotoUriWit
hToken>
</Directory>
www.flane.com.au
Cisco Jabber for Windows retrieves and displays contact photos with the following methods:
URI substitution
Cisco Jabber for Windows dynamically builds a URL to contact photos with a directory
attribute and a URL template.
To use this method, set the following values in your configuration file:
1. Specify true as the value of the PhotoUriSubstitutionEnabled parameter.
2. Specify a directory attribute to use as a dynamic token as the value of the
PhotoUriSubstitutionToken parameter; for example,
<PhotoUriSubstitutionToken>sAMAccountName</PhotoUriSu
bstitutionToken>
3. Specify the URL and the dynamic token as the value of the PhotoUriWithToken
parameter; for example,
<PhotoUriWithToken>http://staffphoto.example.com/sAMA
ccountName.jpg</PhotoUriWithToken>
With the example values in the preceding steps, the sAMAccountName attribute might resolve
to msmith in your directory. Cisco Jabber for Windows then takes this value and replaces the
token to build the following URL: http://staffphoto.example.com/msmith.jpg.
2-28 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
EDI - Contact Photo Retrieval Methods (Cont.)
Binary objects
Cisco Jabber for Windows retrieves the binary data for the photo from your
database.
<PhotoSource>jpegPhoto</PhotoSource>
PhotoURL attribute
www.flane.com.au
Binary objects
Cisco Jabber for Windows retrieves the binary data for the photo from your database.
To use this method to retrieve contact photos, specify the attribute that contains the binary data
as the value of the PhotoSource parameter in the configuration; for example,
<PhotoSource>jpegPhoto</PhotoSource>
PhotoURL attribute
Cisco Jabber for Windows retrieves a URL from a directory attribute.
To use this method to retrieve contact photos, specify the attribute that contains the photo URL
as the value of the PhotoSource parameter in the configuration; for example,
<PhotoSource>photoUri</PhotoSource>
2-29 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified Communications Manager User
Data Service
www.flane.com.au
UDS is a REST interface on Cisco Unified Communications Manager that provides contact
resolution. You synchronize contact data into Cisco Unified Communications Manager from a
directory server. Cisco Jabber for Windows then automatically retrieves that contact data directly
from UDS.
A known issue in UDS exists on versions of Cisco Unified Communications Manager lower than
8.6.2.
This known issue prevents successful contact resolution. As a result, Cisco Jabber for Windows
supports UDS on Cisco Unified Communications Manager version 8.6.2 or later.
2-30 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enable Integration with UDS
www.flane.com.au
2-31 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enable Integration with UDS (Cont.)
www.flane.com.au
Step 4 Specify UDS as the value of the DirectoryServerType parameter in your configuration
file.
The following is an example configuration where UDS is the directory server type:
<Directory>
<DirectoryServerType>UDS</DirectoryServerType>
</Directory>
Step 5 Configure the client to retrieve contact photos with UDS.
The following is an example configuration for contact photo retrieval:
<PhotoUriWithToken>http://server_name.domain/%%uid%%.jpg</P
hotoUriWithToken>
2-32 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Authentication Options
User accounts can also be imported/sync from organization directory into Unified CM
or WebEx Connect user database
Cloud
CUCM Local On Premises Authentication
Authentication (CUCM IM & Presence)
Cisco Collaboration
Cloud
www.flane.com.au
2-33 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Cloud Based
UDS
32 www.flane.com.au
2-34 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 2
GPU
Directx 9 on Microsoft Windows XP 32 bit with Service Pack 3
www.flane.com.au
Hardware Requirements
Installed RAM
• 1.87 GB RAM on Microsoft Windows XP 32 bit with Service Pack 3
• 2 GB RAM on Microsoft Windows 7
Free Physical Memory
• 128 MB
Free Disk Space
• 256 MB
CPU Speed and Type
• Mobile AMD Sempron Processor 3600+ 2 GHz
• Intel Core2 CPU T7400 @ 2. 16 GHz
GPU
• Directx 9 on Microsoft Windows XP 32 bit with Service Pack 3
• Directx 11 on Microsoft Windows 7
I/O Ports
• USB 2.0 for USB camera and audio devices.
2-36 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Plan for Installation - Software
Requirements
Operating Systems Microsoft Windows 7 32 bit
Microsoft Windows 7 64 bit
Microsoft Windows Vista 32 bit
Microsoft Windows Vista 64 bit
Microsoft Windows XP 32 bit with Service Pack 3
www.flane.com.au
Operating Systems
You can install Cisco Jabber for Windows on the following operating systems:
Microsoft Windows 7 32 bit
Microsoft Windows 7 64 bit
Microsoft Windows Vista 32 bit
Microsoft Windows Vista 64 bit
Microsoft Windows XP 32 bit with Service Pack 3
On-Premises Servers
Cisco Jabber for Windows supports the following on-premises servers:
Cisco Unified Communications Manager version 7.1(4) or later
Cisco Unified Presence version 8.0.3 or later
Cisco Unity Connection version 8.5 or later
Cisco WebEx Meetings Server version 1.1 or later
Cisco Jabber for Windows supports the following features with Cisco Unified
Survivable Remote Site Telephony version 8.5:
Basic call functionality
Ability to hold and resume calls
Cloud-Based Servers
Cisco Jabber for Windows supports integration with the following hosted servers:
Cisco WebEx Messenger service
2-37 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco WebEx Administration Tool, minimum supported version is 7.5
Cisco WebEx Meeting Center, minimum supported versions are as follows:
Version T26L with Service Pack EP 20
Version T27L with Service Pack 9
Cisco WebEx Meetings (WebEx 11)
2-38 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Plan for Installation - Software
Requirements (Cont.)
Directory Servers Active Directory for Windows Server 2003 R2
Active Directory Domain Services for Windows Server 2008 R2
UDS is supported on Cisco Unified Communications Manager version 8.6.2 or
later.
OpenLDAP
Active Directory Lightweight Directory Service (AD LDS) or Active Directory
Application Mode (ADAM)
Microsoft Internet Microsoft Internet Explorer 7 or later
Explorer
www.flane.com.au
Directory Servers
You can use the following directory servers with Cisco Jabber for Windows:
Active Directory for Windows Server 2003 R2
Active Directory Domain Services for Windows Server 2008 R2
Cisco Unified Communications Manager User Data Service UDS is supported on
Cisco Unified Communications Manager version 8.6.2 or later.
OpenLDAP
Active Directory Lightweight Directory Service (AD LDS) or Active Directory
Application Mode (ADAM)
Restriction:
Directory integration with OpenLDAP, AD LDS, or ADAM requires you to define specific
parameters in a Cisco Jabber for Windows configuration file. See LDAP Directory Servers for
more information.
2-39 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Microsoft Office
Cisco Jabber for Windows supports integration with the following software:
Microsoft Office 2007 32 bit
Microsoft Office 2010 32 bit
Microsoft Office 2010 64 bit
Microsoft Exchange 2007
Microsoft Exchange 2010
2-40 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Plan for Installation - Software
Requirements (Cont.)
Calendar Integration Microsoft Outlook 2007 32 bit
Microsoft Outlook 2010 32 bit
Microsoft Outlook 2010 64 bit
IBM Lotus Notes 8.5.1 32 bit
IBM Lotus Notes 8.5.2 32 bit
Google Calendar
Virtual Environments Citrix XenDesktop 5.0
Citrix XenDesktop 5.5
Citrix XenApp 5.0 Feature Pack 3 Enterprise Edition for Windows Server 2008
Service Pack 2 64 bit, published desktop
Citrix XenApp 6.0 Enterprise Edition for Windows 2008 R2 64 bit, published
desktop
Citrix XenApp 6.5 Enterprise Edition for Windows 2008 R2 64 bit, published
desktop
VMWare View Connection Manager 4.6.1.640196 with
VMWare Agent 5.0
VMWare Client 4.6.1
VMWare View Connection Manager 5.1.0704644 with
VMWare Agent 5.1.0704644
VMWare Client 5.1.0704644
www.flane.com.au
Calendar Integration
You can use the following client applications for calendar integration:
Microsoft Outlook 2007 32 bit
Microsoft Outlook 2010 32 bit
Microsoft Outlook 2010 64 bit
IBM Lotus Notes 8.5.1 32 bit
IBM Lotus Notes 8.5.2 32 bit
Google Calendar
Virtual Environments
You can deploy Cisco Jabber for Windows in virtual environments using the following software:
Citrix XenDesktop 5.0
Citrix XenDesktop 5.5
Citrix XenApp 5.0 Feature Pack 3 Enterprise Edition for Windows Server 2008
Service Pack 2 64 bit, published desktop
Citrix XenApp 6.0 Enterprise Edition for Windows 2008 R2 64 bit, published
desktop
Citrix XenApp 6.5 Enterprise Edition for Windows 2008 R2 64 bit, published
desktop
VMWare View Connection Manager 4.6.1.640196 with
o VMWare Agent 5.0
o VMWare Client 4.6.1
2-41 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
VMWare View Connection Manager 5.1.0704644 with
o VMWare Agent 5.1.0704644
o VMWare Client 5.1.0704644
Supported Functionality
Cisco Jabber for Windows supports the following functionality in virtual environments:
Instant messaging and presence with other Cisco Jabber clients Cisco Jabber for
Windows does not support instant messaging and presence with other applications such
as Microsoft Outlook.
Desk phone control.
2-42 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported Codecs
G.722.1 32k
G.722.1 24k
G.711
G.711 A-law
G.711 u-law
G.729a
www.flane.com.au
Supported Codecs
Supported Audio Codecs
g.722.1
g.722.1 32k
g.722.1 24k
o g.722.1 is supported on Cisco Unified Communications Manager 8.6.1 or
later.
g.711
o g.711 A-law
o g.711 u-law
g.729a
Supported Video Codecs
H.264/AVC
2-43 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Bandwidth Requirements
www.flane.com.au
www.flane.com.au
This table describes bit rates for video with g.711 audio.
2-44 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Bandwidth Requirements (Cont.)
Cisco Jabber for Windows users should expect video calls to begin at lower
resolution and scale upwards to higher resolution over a short period of time
Cisco Jabber for Windows saves history so that subsequent video calls
should begin at the optimal resolution.
www.flane.com.au
2-45 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Install Cisco Jabber for Windows
Installation Options:
Use the Command Line
www.flane.com.au
Installation Options
Cisco Jabber for Windows provides an MSI installation package. You can use this installation
package in the following ways:
Use the Command Line
Specify arguments in a command line window to set installation properties.
Choose this option if you plan to install multiple instances.
Run the MSI Manually
Run the MSI manually on the file system of the client workstation and then specify
connection properties when you start the client.
Choose this option if you plan to install a single instance for testing or evaluation
purposes.
Create a Custom Installer
Open the default installation package, specify the required installation properties, and
then save a custom installation package.
Choose this option if you plan to distribute an installation package with the same
installation properties.
Deploy with Group Policy
Install the client on multiple computers in the same domain.
2-46 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Cisco Jabber for Windows
The client retrieves configuration settings from XML files that reside on your
TFTP server.
www.flane.com.au
Configuration Overview
The client retrieves configuration settings from XML files that reside on your TFTP server.
Understand when you should create a custom configuration and learn about the different types of
configuration files you can create.
When to Configure Cisco Jabber for Windows
In most environments, Cisco Jabber for Windows does not require any configuration to connect to
the contact source or other services. You should create a configuration file for Cisco Jabber for
Windows only if the default configuration does not suit your environment or you require custom
configuration.
You should configure Cisco Jabber for Windows if:
The client workstation is not on the Windows domain.
You connect to one of the following as the contact source:
Domain Controller
LDAP directory server such as OpenLDAP or AD LDS
UDS
You need to configure attribute mappings.
You plan to set up intradomain federation.
You plan to deploy custom content such as:
Custom embedded tabs
Automatic updates
Problem reporting
You plan to set policies for your users.
2-47 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configuration Files
Cisco Jabber for Windows retrieves group configuration files after users sign in to their
phone account in the client for the first time.
Cisco Jabber for Windows then prompts the users to sign out.
During the second login sequence, Cisco Jabber for Windows downloads the group
configuration file from your TFTP server.
www.flane.com.au
2-48 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
If users select the option to use software phones for calls before they sign out, Cisco
Jabber for Windows notifies the users to sign out and then sign in again to load the group
configuration settings.
Group Configuration File Names
You specify the name of the group configuration files in the Cisco Support Field on the CSF
device configuration in Cisco Unified Communications Manager.
If you remove the name of the group configuration file in the CSF device configuration on Cisco
Unified Communications Manager, Cisco Jabber for Windows detects the change, prompts the
users to sign out, and loads the global configuration file. You can remove the name of the group
configuration file in the CSF device configuration by deleting the entire
configurationFile=group_configuration_file_name.xml string or by deleting the group
configuration filename from the string.
If users have desk phone devices only, use the following command line argument to specify
unique names configuration files for different groups:
TFTP_FILE_NAME
2-49 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Create Global Configurations
www.flane.com.au
2-50 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Create Group Configurations
1. Create an XML group configuration file with any text editor. For example,
jabber-groupa-config.xml.
www.flane.com.au
2-51 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Use a semicolon to delimit multiple entries. Do not add more than one group
configuration file. The client uses only the first group configuration in the Cisco
Support Field field.
If you host the group configuration file on your TFTP server in a location other than
the default directory, you must specify the path and the filename; for example,
configurationfile=/customFolder/groupa-config.xml.
f. Select Save.
Step 4 Host the group configuration file on your TFTP server.
2-52 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configuration File Structure
<?xml version="1.0" encoding="utf-8"?>
XML <config version="1.0">
Declaration <Client> Root Element
<parameter_name>value</parameter_name>
</Client>
<Directory>
<parameter_name>value</parameter_name>
</Directory>
<Options>
<parameter_name>value</parameter_name>
</Options>
<Presence>
Group <parameter_name>value</parameter_name>
</Presence>
Elements <Policies>
<parameter_name>value</parameter_name>
</Policies>
<Phone>
<parameter_name>value</parameter_name>
</Phone>
<Voicemail>
<parameter_name>value</parameter_name>
</Voicemail>
</config>
www.flane.com.au
You create Cisco Jabber for Windows configuration files in XML format. The XML
configuration files contain the following elements:
XML Declaration
Your configuration file must conform to XML format standards. The first element in your
configuration file must be a declaration as in the following example:
<?xml version="1.0" encoding="utf-8"?>
Root Element
The root element contains all group elements. The root element must also contain a version
attribute as in the following example:
<?xml version="1.0" encoding="utf-8"?>
<config version="1.0">
</config>
Group Elements
Group elements contain the configuration parameters and values that you specify.
2-53 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Client Configuration Parameters
Parameter Description
ProductMode Specifies the Cisco Jabber for Windows product mode.
PrtLogServerUrl Specifies the custom script for submitting problem reports.
UpdateUrl Specifies the URL to the automatic updates XML definition
file on your HTTP server. Cisco Jabber for Windows uses
this URL to retrieve the update XML file from your HTTP
server.
jabber-plugin-config Contains plug-in configuration elements.
You can define custom embedded tabs to display HTML
content in Cisco Jabber for Windows.
Forgot_Password_URL Specifies the URL of your web page for users to reset or
retrieve forgotten passwords.
In hybrid cloud-based deployments, you should use the Cisco
WebEx Administration Tool to direct users to the web page
to reset or retrieve forgotten passwords.
<Client>
<PrtLogServerUrl>http://server_name.domain.com/prt_script.php</PrtLogServerUrl>
<UpdateUrl>http://server_name.domain.com/update.xml</UpdateUrl>
<Forgot_Password_URL>http://server_name.domain.com/password.html</Forgot_Password_URL>
www.flane.com.au
This table describes the parameters you can specify within the Client element.
2-54 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Directory Configuration Parameters
1. Domain Controller Connection
<Directory>
<DirectoryServerType>EDI</DirectoryServerType>
<ConnectionType>1</ConnectionType>
</Directory>
3. UDS Integration
<Directory>
<DirectoryServerType>UDS</DirectoryServerType>
<PhotoUriWithToken>http://server-name/%%uid%%.jpg</PhotoUriWithToken>
</Directory>
www.flane.com.au
Parameter Value
DirectoryServerType EDI
ConnectionType 1
Parameter Value
DirectoryServerType EDI
PrimaryServerName FQDN
IP address
ServerPort1 Port number
SecondaryServerName FQDN
IP address
ServerPort2 Port number
2-55 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
UDS Integration
To integrate with UDS, set the following parameters:
Parameter Value
DirectoryServerType UDS
PhotoUriWithToken Contact photo URL
2-56 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Options Configuration Parameters
Parameter Description
Set_Status_Away_On_Inactive Specifies if the availability status changes to Away when users are
inactive.
Set_Status_Inactive_Timeout Sets the amount of time, in minutes, before the availability status
changes to Away if users are inactive.
Set_Status_Away_On_Lock_OS Specifies if the availability status changes to Away when users lock
their operating systems.
StartCallWithVideo Specifies how calls start when users place calls. Calls can start with
audio only or audio and video.
Start_Client_On_Start_OS Specifies if the client starts automatically when the operating
system starts.
AllowUserCustomTabs Specifies if users can create their own custom embedded tabs.
ShowContactPictures Specifies if contact pictures display in the contact list.
ShowOfflineContacts Specifies if offline contacts display in the contact list.
DockedWindowVisible Specifies if the docked window displays when the client starts.
DockedWindowPosition Sets the position of the docked window on the user's screen.
www.flane.com.au
Options Parameters
Options parameters let you modify the default values for certain settings in the Options window
in the client.
Users can also specify their own values in the Options window and override the defaults that you
set in your configuration file.
2-57 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Phone Configuration Parameters
Parameter Description
TftpServer1 Specifies the address of the primary Cisco Unified Communications Manager TFTP
service where device configuration files reside.
TftpServer2 Specifies the address of the secondary Cisco Unified Communications Manager
TFTP service.
CtiServer1 Specifies the address of the primary CTI server.
You should specify a CTI server address in the client configuration if users have
desk phone devices.
CtiServer2 Specifies the address of the secondary CTI server.
CcmcipServer1 Specifies the address of the primary CCMCIP server.
This parameter is required only if the address of your CCMCIP server is not the
same as the TFTP server address. If the address of the CCMCIP server is the same
as the TFTP server address, the client can use the TFTP server address to connect
to the CCMCIP server.
CcmcipServer2 Specifies the address of the secondary CCMCIP server.
www.flane.com.au
Phone Parameters
This table describes the parameters you can specify within the Phone element:
2-58 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
On-premises Policies Configuration
Parameters
Parameter Description
Screen_Capture_Enabled Specifies if users can take screen captures.
File_Transfer_Enabled Specifies if users can transfer files to each other.
Disallowed_File_Transfer_Types Restricts users from transferring specific file types.
www.flane.com.au
On-Premises Policies
This table describes the parameters you can specify within the Policies element in on-premises.
Note: You can disable file transfers and screen captures on Cisco Unified Communications IM
and Presence with the Enable file transfer parameter.
If you disable the setting on the server, you must also disable file transfers and screen captures in
the client configuration.deployments.
2-59 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Common Policies Configuration
Parameters
Parameter Description
EnableVideo Enables or disables video capabilities.
InitialPhoneSelection Sets the phone type for users when the client starts for the
first time. Users can change their phone type after the initial start.
The client then saves the user preference and uses it for
subsequent starts.
UserDefinedRemoteDestinations Lets users add, edit, and delete remote destinations through the
client interface.
enableLocalAddressBookSearch Lets users search for and add local Microsoft Outlook contacts to
their contact lists.
EnableAccessoriesManager Enables the accessory manager API in the client. This API lets
accessory vendors create plugins to enable call management
functionality for devices such as headsets.
ForceFontSmoothing Specifies if the client applies anti-aliasing to smooth text.
www.flane.com.au
Common Policies
This table describes the parameters you can specify within the Policies element in both on-
premises deployments and hybrid cloud-based deployments.
2-60 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Service Credentials Parameters
You can specify service credentials parameters in your configuration so that
users do not need to authenticate with certain services.
Parameter Description
VoiceMailService_UseCredentialsFrom Specifies that the client uses the phone service
credentials to access voicemail services.
www.flane.com.au
2-61 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Custom Embedded Tabs
Custom Embedded Tab Definitions
Custom embedded tabs display HTML content in the client interface using the
Microsoft Internet Explorer rendering engine.
<Client>
<jabber-plugin-config>
<browser-plugin>
<page refresh="" preload="">
<tooltip>Cisco WebEx</tooltip>
<icon></icon>
<url>http://www.webex.com/</url>
</page>
</browser-plugin>
</jabber-plugin-config>
</Client>
www.flane.com.au
2-62 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Develop with Cisco Jabber Web SDK
Customers can also build and deploy presence and IM-enabled applications
using the Jabber Web Software Development Kit (SDK).
To integrate IM capabilities in a web application, you use the Cisco AJAX XMPP
Library (CAXL).
CAXL is a client-side JavaScript library that runs in a web browser and sends and
receives XMPP messages as HTTP POSTs.
www.flane.com.au
The Cisco AJAX XMPP Library (CAXL) is an API that provides a jump start for developers
writing Extensible Messaging and Presence Protocol (XMPP)-enabled web applications.
CAXL is ideal for companies that are looking to leverage the Cisco WebEx Collaboration Cloud
and integrate presence and messaging into their own custom web-based applications. With the
CAXL, developers can:
Embed a customer support portal into a company website
Add instant messaging capabilities to a gaming application
Add presence information and messaging capability to custom applications
The Cisco AJAX XMPP Library provides a foundation for developing web-based
applications that use the XMPP protocol. For detailed information on the XMPP standard,
please visit http://xmpp.org The AJAX library is a JavaScript XMPP client library that is
used for instant messaging integration, presence, and roster services from the Cisco WebEx
Collaboration Cloud. CAXL includes the following components:
jQuery: An open-source library for searching, traversing, and manipulating the browser's
Document Object Model (DOM)
CAXL Core: A high-level API for messaging and presence
CAXL UI: HTML UI components built on top of the CAXL Core API click to enlarge
The library can be used purely as an API or as a web UI, or both. The core CAXL API does not
require the CAXL UI. The internals of the library use jQuery for low-level JavaScript tasks, but
on the library does not depend on any JavaScript UI framework for the UI components. The Cisco
AJAX XMPP library is an object-oriented, client-side library that communicates to a BOSH
server component. BOSH (Bidirectional-streams Over Synchronous HTTP) technology is used as
an HTTP binding for XMPP communications and is useful in situations where a device or client
is unable to maintain a long-lived TCP connection to an XMPP server (for example, as in a web
browser).
2-63 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
59 www.flane.com.au
2-64 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 3
Cisco Jabber
Third-party applications
www.flane.com.au
2-66 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Architecture
www.flane.com.au
www.flane.com.au
The Cisco IM and Presence Service use the same underlying appliance model and hardware used
by Unified CM as well as Unified CM on the Cisco Unified Computing System (UCS) platform,
including a similar administration interface.
2-67 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Platforms
Cisco Unified Communications Mode
Deployment Model Platform Model Number of Users
Supported
Multi-Node Cluster (6 nodes) MCS-7816 3000
Multi-Node Cluster (6 nodes) MCS-7825 6000
Multi-Node Cluster (6 nodes) MCS-78351 15000
(or UCS B series / C series equivalent)
Multi-Node Cluster (6 nodes) MCS-7845 45000
(or UCS B series / C series equivalent)
www.flane.com.au
www.flane.com.au
2-68 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified IM and Presence Licensing
The IM and Presence Service does not require a server license or software
version license.
You must assign the IM and Presence Service to each IM and Presence Service
user.
You can assign IM and Presence on a per user basis, regardless of the number
of clients you associate with each user.
IM and Presence capabilities are included within both User Connect Licensing
(UCL) and Cisco Unified Workspace Licensing (CUWL).
www.flane.com.au
The IM and Presence Service does not require a server license or software version license.
However, you must assign the IM and Presence Service to each IM and Presence Service user.
You can assign IM and Presence on a per user basis, regardless of the number of clients you
associate with each user. When you assign IM and Presence to a user, this enables the user to
send and receive IMs and also to send and receive presence updates. If the user is not enabled for
IM and Presence, no presence updates are allowed for that user.
You can enable a user for IM and Presence in the End User Configuration window in Cisco
Unified Communications Manager. See the Cisco Unified Communications Manager
Administration Guide for more information.
IM and Presence capabilities are included within both User Connect Licensing (UCL) and Cisco
Unified Workspace Licensing (CUWL).
2-69 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Cluster
Cisco IM and Presence consists of up to six servers, including one designated as a
publisher.
Utilize the same architectural concepts as the Unified CM publisher and subscriber.
The Cisco IM and Presence publisher utilizes and builds upon the database used by the
Cisco Unified Communications Manager publisher:
All users of Cisco IM and Presence must be defined within the same Cisco Unified
Communications Manager cluster
Within a Cisco IM and Presence cluster, individual servers can be grouped to form a
subcluster, and the subcluster can have at most two servers associated with it.
www.flane.com.au
A Cisco IM and Presence cluster consists of up to six servers, including one designated as a
publisher, which utilize the same architectural concepts as the Unified CM publisher and
subscriber. Within a Cisco IM and Presence cluster, individual servers can be grouped to form a
subcluster, and the subcluster can have at most two servers associated with it.
2-70 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
High Availability Deployment Options
Basic Deployment of Cisco IM and Presence
www.flane.com.au
A highly available Cisco IM and Presence cluster requires two servers per subcluster. This allows
for users to fail-over between the servers within the subcluster; however, the total number of
users supported and the time to failover vary based on which features are enabled, the average
size of contact lists, and the rate of traffic placed on the servers. Once a Cisco IM and Presence
subcluster is configured for two servers, it always operates as highly available. High availability
can be deployed using an Active/Standby model or an Active/Active model, and these modes are
controlled by the Sync Agent service parameter User Assignment Mode. By default all users are
balanced across all servers in the cluster, and Cisco recommends leaving this parameter set to its
default value.Presence cluster.
2-71 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
High Availability Deployment Options (Cont.)
www.flane.com.au
The Cisco IM and Presence cluster can also have mixed subclusters, where one subcluster is
configured with two servers while other subclusters contain a single server.
2-72 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Database
Synchronization with Cisco Unified CM
Intracluster traffic participates at a very low level between Cisco IM and Presence and
Cisco UCM, and between the Cisco IM and Presence publisher and subscriber.
Both clusters share a common hosts file and have a strong trust relationship using
IPTables.
At the level of the database and services, the clusters are separate and distinct, and each
Cisco IM and Presence and Cisco UCM cluster requires separate administration.
Publisher
Sharing
Information
Cisco UCM
Cisco IM and Cluster
Presence
Cluster
The Cisco IM and Presence Service utilizes and builds upon the database used by the Unified CM
publisher by sharing the user and device information. A Cisco IM and Presence cluster supports
only a single Unified CM cluster; therefore, a separate IM and Presence cluster is required for
each Unified CM cluster.
Intracluster traffic participates at a very low level between Cisco IM and Presence and Unified
CM and between the Cisco IM and Presence publisher and subscriber servers. Both clusters share
a common hosts file and have a strong trust relationship using IPTables. At the level of the
database and services, the clusters are separate and distinct, and each Cisco IM and Presence
Service and Unified CM cluster requires separate administration. There is currently no Transport
Layer Security (TLS) or IPSec utilization for intracluster traffic.
The Cisco IM and Presence Service interface with external systems sends SIP and XMPP traffic
over UDP, TCP, or TLS. TLS mutual authentication requires the import and export of certificates
between Cisco IM and Presence Service and the external system. TLS server authentication
(Cisco IM and Presence Service presenting its TLS certificate to the client device for verification)
validates the end user via digest authentication.
2-73 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Publisher
Communication
The Cisco IM and Presence publisher communicates directly with the Cisco UCM publisher
via the AXL API using the SOAP interface.
All Cisco IM and Presence users are configured in the Cisco UCM End User configuration.
During the synchronization, Cisco IM and Presence populates these users in its database
from the Cisco UCM database.
Cisco IM and Presence does not provide end-user configuration from its administration
interface.
www.flane.com.au
The Cisco IM and Presence publisher communicates directly with the Unified CM publisher via
the AVVID XML Layer Application Program Interface (AXL API) using the Simple Object
Access Protocol (SOAP) interface. When first configured, the Cisco IM and Presence publisher
performs an initial synchronization of the entire Unified CM user and device database. All Cisco
IM and Presence users are configured in the Unified CM End User configuration. During the
synchronization, Cisco IM and Presence populates these users in its database from the Unified
CM database and does not provide end-user configuration from its administration interface.
The initial Cisco IM and Presence database synchronization from Unified CM might take a while,
depending on the amount of information in the database as well as the load that is currently on the
system. Subsequent database synchronizations from Unified CM to Cisco IM and Presence are
performed in real time when any new user or device information is added to Unified CM.
2-74 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Redundancy
If one Cisco IM and Presence server fails, the users associated with that failed server will
automatically fail over to the other Cisco IM and Presence server.
Load balancing allows for the processing power to be scaled beyond the capacity of a
single server to support a larger number of users.
The Cisco IM and Presence cluster consists of up to six servers, which can be configured
into multiple subclusters, with a maximum of three subclusters for high availability.
A subcluster contains a maximum of two servers and allows for users associated with one
server of the subcluster to use the other server in the subcluster automatically if a failover
event occurs. Cisco IM and Presence does not provide failover between subclusters.
www.flane.com.au
The Cisco IM and Presence cluster consists of up to six servers, which can be configured into
multiple subclusters, with a maximum of three subclusters for high availability. A subcluster
contains a maximum of two servers and allows for users associated with one server of the
subcluster to use the other server in the subcluster automatically if a failover event occurs. Cisco
IM and Presence does not provide failover between subclusters.
When deploying a Cisco IM and Presence cluster for high availability, you must take into
consideration the maximum number of users per server to avoid oversubscribing any one server
within the subcluster in the event of a failover. When deploying a Cisco IM and Presence cluster,
use equivalent hardware for all servers within the cluster.
2-75 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified Communications Manager
Deployment Options
Applications
Cisco Unified
Communications
Manager
Cisco Unified Applications
Cluster
Communications
Manager
Cluster PSTN
IP WAN Branch
Headquarters
Supported IP telephony deployment models:
Single-site deployment
2-76 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported CUCM Deployment Models
Single-site X
www.flane.com.au
2-77 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Deployment Models
(Cont.)
Cisco IM and Presence is supported with all the Unified CM deployment models.
All Cisco IM and Presence servers should be co-located within the Cisco IM and
Presence cluster, with the following exceptions:
www.flane.com.au
Cisco IM and Presence is supported with all the Unified CM deployment models. However, Cisco
recommends co-locating the Cisco IM and Presence publisher with the Unified CM publisher due
to the initial user database synchronization. All Cisco IM and Presence Services should be co-
located within the Cisco IM and Presence cluster, with the exception of geographic datacenter
redundancy and clustering over the WAN.
2-78 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Deployment
Multi-Cluster
Federated
www.flane.com.au
2-79 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Single-Cluster Deployment
This figure represents the communication protocols between Cisco IM and Presence, the LDAP
server, and Cisco Unified Communications Manager for basic functionality.
For complete information on Cisco IM and Presence administration and configuration, refer to the
Cisco IM and Presence installation, administration, and configuration guides, available at
http://www.cisco.com/en/US/products/ps6837/tsd_products_support_series_home.html
2-80 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco IM and Presence
Components – SIP
The SIP connection between Cisco IM and Presence and Cisco UCM handles all the
presence information exchange.
A Cisco UCM Presence Gateway for presence information exchange with Cisco UCM
Cisco UCM 6.x provides the ability to further streamline communications and reduce
bandwidth utilization:
SIP PUBLISH Trunk, which allows for the PUBLISH method (rather than
SUBSCRIBE/NOTIFY) to be configured
www.flane.com.au
The SIP connection between the Cisco IM and Presence Service and Unified CM handles all the
phone state presence information exchange.
a. Unified CM configuration requires the Cisco IM and Presence Services to be added
as application servers on Unified CM and also requires a SIP trunk pointing to the
Cisco IM and Presence Service. The address configured on the SIP trunk could be a
Domain Name System (DNS) server (SRV) fully qualified domain name (FQDN)
that resolves to the Cisco IM and Presence Services, or it could simply be an IP
address of an individual Cisco IM and Presence Service. The Cisco IM and Presence
Service handles the configuration of the Cisco Unified Communications Manager
application server entry automatically through AXL/SOAP once the administrator
adds a node in the system topology page through Cisco IM and Presence
administration.
b. Configuration of Cisco IM and Presence occurs through the Unified CM Presence
Gateway for presence information exchange with Unified CM. The following
information is configured:
Presence Gateway: server_fqdn:5070
2-81 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco IM and Presence
Components – CTI-BQE
The CTI-QBE connection handles all the CTI communication for users on Cisco
IM and Presence to control phones via Cisco UCM when:
Primary extension assigned to that user must be enabled for CTI control
www.flane.com.au
The Computer Telephony Integration Quick Buffer Encoding (CTI-QBE) connection between
Cisco IM and Presence and Unified CM is the protocol used by presence-enabled users in Cisco
IM and Presence to control their associated phones registered to Unified CM. This CTI
communication occurs when Cisco Jabber is using Desk Phone mode to do Click to Call or when
Microsoft Office Communicator is doing Click to Call through Microsoft Live Communications
Server 2005 or Office Communications Server 2007 or Microsoft Lync.
a. Unified CM configuration requires the user to be associated with a CTI Enabled Group,
and the primary extension assigned to that user must be enabled for CTI control
(checkbox on the Directory Number page). The CTI Manager Service must also be
activated on each of the Unified CM subscribers used for communication with the Cisco
IM and Presence publisher and subscriber. Integration with Microsoft Live
Communications Server 2005 or Office Communications Server 2007 or Microsoft Lync
requires that you configure an Application User, with CTI Enabled Group and Role, on
Unified CM.
b. Cisco IM and Presence CTI configuration (CTI Server and Profile) for use with Cisco
Jabber is automatically created during the database synchronization with Unified CM. All
Cisco Jabber CTI communication occurs directly with Unified CM and not through the
Cisco IM and Presence Service.
Cisco IM and Presence CTI configuration (Desktop Control Gateway) for use with Microsoft
Live Communications Server 2005 or Office Communications Server 2007 or Microsoft Lync
requires you to set the Desktop Control Gateway address (Cisco Unified Communications
Manager Address) and a provider, which is the application user configured previously in Unified
CM. Up to eight Cisco Unified Communications Manager Addresses can be provisioned for
increased scalability. Only IP addresses can be used for Desktop Control Gateway configuration
in the Cisco IM and Presence Service. Administrators should ensure that any configuration and
assignment of Cisco Unified Communications Manager addresses is evenly distributed for the
purpose of load balancing.
2-82 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco IM and Presence
Components – AXL/SOAP and LDAP
The AXL/SOAP interface handles the database synchronization from Cisco UCM to
populate the Cisco IM and Presence database.
The LDAP interface is used for LDAP authentication of Cisco Jabber users during
login.
Cisco UCM is responsible for all synchronization of user information directly from
corporate LDAP server:
Then Cisco IM and Presence synchronizes all the user information from Cisco UCM.
Cisco IM and
LDAP CUCM Presence
LDAP Sync
enabled AXL/SOAP
www.flane.com.au
The AXL/SOAP interface handles the database synchronization from Unified CM to populate the
Cisco IM and Presence database.
a. No additional configuration is required on Unified CM.
b. Cisco IM and Presence security configuration requires you to set a user and password for
the Unified CM AXL account in the AXL configuration.
The Sync Agent Service Parameter, User Assignment, set to balanced by default, will load-
balance all users equally across all servers within the Cisco IM and Presence cluster. The
administrator can also manually assign users to a particular server in the Cisco IM and Presence
cluster by changing the User Assignment service parameter to None.
2-83 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco IM and Presence
Components – AXL/SOAP and LDAP (Cont.)
If a Cisco Jabber user logs into Cisco IM and Presence and LDAP authentication is
enabled:
Cisco IM and Presence will go directly to LDAP for the Cisco Jabber user
authentication using the Bind operation.
After Cisco Jabber is authenticated, Cisco IM and Presence forwards the information to
Cisco Jabber to continue login.
When using Microsoft AD, point to a Domain Controller:
To improve the response time, promote the Domain Controller to a Global Catalog
server.
DC/GC Cisco IM and
LDAP CUCM Presence
Without LDAP
Auth. enabled Login
www.flane.com.au
The LDAP interface is used for LDAP authentication of Cisco Jabber users during login. For
more information regarding LDAP synchronization and authentication.
Unified CM is responsible for all user entries via manual configuration or synchronization
directly from LDAP, and Cisco IM and Presence then synchronizes all the user information from
Unified CM. If a Cisco Jabber user logs into the Cisco IM and Presence Service and LDAP
authentication is enabled on Unified CM, Cisco IM and Presence will go directly to LDAP for the
Cisco Jabber user authentication using the Bind operation. Once Cisco Jabber is authenticated,
Cisco IM and Presence forwards the information to Cisco Jabber to continue login.
When using Microsoft Active Directory, consider the choice of parameters carefully.
Performance of Cisco IM and Presence might be unacceptable when a large Active Directory
implementation exists and the configuration uses a Domain Controller. To improve the response
time of Active Directory, it might be necessary to promote the Domain Controller to a Global
Catalog and configure the LDAP port as 3268.
2-84 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Multi-Cluster Deployment
Extends presence and instant messaging capability and functionality.
Configure peer relationships for communication between clusters within the same
domain.
The address configured in this intercluster peer could be a DNS SRV FQDN
or an IP address.
AXL/SOAP interface
www.flane.com.au
Multi-Cluster Deployment
The deployment topology in previous sections is for a single Cisco IM and Presence cluster
communicating with a single Unified CM cluster. Presence and instant messaging functionality is
limited by having communications within a single cluster only. Therefore, to extend presence and
instant messaging capability and functionality, these standalone clusters can be configured for
peer relationships for communication between clusters within the same domain. This
functionality provides the ability for users in one cluster to communicate and subscribe to the
presence of users in a different cluster within the same domain.
To create a fully meshed presence topology, each Cisco IM and Presence cluster requires a
separate peer relationship for each of the other Cisco IM and Presence clusters within the same
domain. The address configured in this intercluster peer could be a DNS SRV FQDN that
resolves to the remote Cisco IM and Presence cluster servers, or it could also simply be the IP
address of the Cisco IM and Presence cluster servers.
2-85 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Multi-Cluster Deployment (Cont.)
AXL/SOAP interface handles the synchronization of user information for home
cluster association, but it is not a full user synchronization.
SIP or XMPP interface handles the subscription and notification traffic, and it
rewrites the host portion of the URI before forwarding, if the user is detected to be
on a remote Cisco IM and Presence cluster within the same domain.
www.flane.com.au
The interface between each Cisco IM and Presence cluster is two-fold, an AXL/SOAP interface
and a signaling protocol interface (SIP or XMPP). The AXL/SOAP interface handles the
synchronization of user information for home cluster association, but it is not a full user
synchronization. The signalling protocol interface (SIP or XMPP) handles the subscription and
notification traffic, and it rewrites the host portion of the URI before forwarding if the user is
detected to be on a remote Cisco IM and Presence cluster within the same domain.
When Cisco IM and Presence is deployed in a multi-cluster environment, a presence user profile
should be determined. The presence user profile helps determine the scale and performance of a
multi-cluster presence deployment and the number of users that can be supported. The presence
user profile helps establish the number of contacts (or buddies) a typical user has, as well as
whether those contacts are mostly local cluster users or users of remote clusters.
The traffic generated between Cisco IM and Presence clusters is directly proportional to the
characteristics of the presence user profile. For example, assume presence user profile A has 30
contacts with 20% of the users on a local Cisco IM and Presence cluster and 80% of the users on
a remote Cisco IM and Presence cluster, while presence user profile B has 30 contacts with 50%
of the users on a local Cisco IM and Presence cluster and 50% of the users on a remote Cisco IM
and Presence cluster. In this case, presence user profile B will provide for slightly better network
performance and less bandwidth utilization due to a smaller amount of remote cluster traffic.
2-86 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Clustering Over the WAN
This allows for geographic redundancy of a subcluster and high availability for the
users between the nodes across the sites.
A Cisco IM and Presence cluster can be deployed between two sites with a single
subcluster topology, where one server of the subcluster is in one geographic site
and the other server of the subcluster is in another site.
Any remaining subclusters (nodes within those subclusters) must remain co-
located with the Cisco IM and Presence publisher.
www.flane.com.au
2-87 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Clustering Over the WAN (Cont.)
Local Failover : A Cisco IM and Presence cluster deployment between two sites
may also contain a subcluster topology per site (single node or dual node for high
availability).
www.flane.com.au
2-88 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Clustering Over the WAN (Cont.)
With the ability to support multiple database instances on a single server and the
requirement for an external database server to reside on the same side of the
WAN, if a Cisco IM and Presence cluster is split across a WAN, then two external
database servers will be required.
www.flane.com.au
2-89 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WAN Bandwidth requirements
At a minimum, you must dedicate five megabits per second of bandwidth
for each Cisco IM and Presence subcluster, with no more than an eighty
millisecond round-trip latency.
If there are more than 10, 000 users spread across the WAN, 10
megabits of bandwidth is required.
Each Cisco IM and Presence subcluster that you add to your Clustering
over WAN deployment requires an additional (dedicated) five megabits
per second bandwidth.
www.flane.com.au
2-90 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Federation Deployment
Use Case : Inter-Domain federation supports both IM and Presence federation between
different enterprises.
Provides inter-working between Cisco Jabber where Cisco IM and Presence is
deployed in in two DIFFERENT domains
This includes support of users of both clients on a client buddy list, sending/receiving IM,
and sending/receiving status updates
Supports another Cisco IM and Presence Server ,AOL, OCS, Google Talk, IBM Sametime
and Connect, WebEx Connect
www.flane.com.au
2-91 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence XMPP Federation
(Inter-Domain)
www.flane.com.au
The Adaptive Security Appliance (ASA) in the DMZ is used as a demarcation into the enterprise.
XMPP traffic is passed through, whereas SIP traffic is inspected. All federated incoming and
outgoing traffic is routed through the Cisco IM and Presence Service that is enabled as a
federation node, and is routed internally to the appropriate server in the cluster where the user
resides. For multi-cluster deployments, intercluster peers propagate the traffic to the appropriate
home cluster within the domain. Multiple nodes can be enabled as federation nodes within large
enterprise deployments, where each request is routed based on a round-robin implementation of
the data returned from the DNS SRV lookup.
2-92 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence SIP Federation
(Inter-Domain)
www.flane.com.au
Cisco IM and Presence inter-domain federation with Microsoft Lync Server, Office
Communications Server (OCS), and Live Communications Server (LCS) provides basic presence
(available, away, busy, offline) and point-to-point instant messaging.
Rich presence capability (On the Phone, In a Meeting, On Vacation, and so forth), as well as
advanced instant messaging features, are not supported. Cisco IM and Presence inter-domain
federation with AOL allows federation with users of AOL public communities (aim.com,
aol.com), with users of domains hosted by AOL, and with users of a far-end enterprise that
federates with AOL (that is, AOL is being used as a clearing house).
Note A SIP federation (inter-domain to AOL) on Cisco IM and Presence must be configured for
each domain of the AOL network, which can consist of both hosted networks and public
communities. Each unique hosted domain must be configured; however, only a single aol.com
public community needs to be configured because the AOL network allows a user to be addressed
as user@aol.com or user@aim.com
The inter-domain federation configuration also allows for a specific federation between Cisco IM
and Presence and Microsoft Lync Server or Microsoft Office Communications Server (OCS).
Cisco IM and Presence provides inter-domain federation with Microsoft Lync Server, Microsoft
Office Communications Server (OCS), or Live Communications Server (LCS) to provide basic
presence (available, away, busy, offline) and point-to-point instant messaging. Rich presence
capability (On the Phone, In a Meeting, On Vacation, and so forth), as well as advanced instant
messaging features, are not supported.
2-93 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Instant Messaging Only Deployment
Instant messaging only users on Cisco IM and Presence are still provisioned from
Unified CM through the AXL/SOAP interface by means of LDAP synchronization
or manual provisioning.
www.flane.com.au
A Cisco IM and Presence cluster (or clusters) can be deployed to provide enterprise-class
presence and instant messaging in an environment where Unified CM is not deployed for call
control for specific users. A deployment of IM and Presence only is also referred to as Jabber for
Everyone. Unified CM is still required to establish user accounts entered either manually or
through LDAP synchronization. A Cisco IM and Presence instant messaging only deployment
synchronizes user information from Unified CM in the same way as is done with a full Unified
Communications deployment. If Unified CM is not deployed or if the existing deployed Unified
CM will not be used for instant messaging only, a Cisco MCS 7816 Media Convergence Server
with preloaded Unified CM software is provided as an option.
For existing Cisco IM and Presence deployments where a Unified CM cluster is already
deployed, users can also be added for use with the instant messaging only mode. This allows for a
mix of full Unified Communications users in addition to instant messaging only users, in
accordance with the end-user license agreement.
2-94 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Single Cluster
Multi-Cluster
Federated
92 www.flane.com.au
2-95 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
2-96 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 4
Add an application user with the standard AXL access role enabled
www.flane.com.au
2-98 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure the Service Parameters and
Application Server
Set the CUP PUBLISH Trunk parameter
Navigate to the CallManager Service Parameters
www.flane.com.au
You only configure one SIP trunk between a Cisco Unified Communications Manager cluster and
a Cisco Unified IM and Presence cluster. After you configure the SIP trunk, you must assign that
SIP trunk as the CUP PUBLISH trunk on Cisco Unified Communications Manager by selecting
Cisco Unified Communications Manager Administration > System > Service Parameters.
If DNS SRV is an option in your network, and you want availability messaging to be shared
equally among all the servers used for availability information exchange, you must configure the
SIP trunk for the Cisco Unified Presence server with a DNS SRV record of the Cisco Unified
Presence publisher and subscriber servers. You must also configure the Presence Gateway on the
Cisco Unified Presence server with a DNS SRV record of the Cisco Unified Communications
Manager subscriber nodes.
2-99 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure the SIP Trunk Security Profile
www.flane.com.au
Configuring the SIP Trunk Security Profile for Cisco Unified Presence
Procedure
Step 1 Select Cisco Unified Communications Manager Administration > System >
Security > SIP Trunk Security Profile.
Step 4 Verify that the setting for Device Security Mode is Non Secure.
Step 5 Verify that the setting for Incoming Transport Type is TCP+UDP.
Step 6 Verify that the setting for Outgoing Transport Type is TCP.
2-100 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure SIP Trunks for Each Cisco IM and
Presence Server
Navigate to Device > Trunk and add a new SIP trunk
www.flane.com.au
You only configure one SIP trunk between a Cisco Unified Communications Manager cluster and
an IM and Presence cluster. After you configure the SIP trunk, you must assign that SIP trunk as
the IM and Presence Publish Trunk on Cisco Unified Communications Manager by selecting
Cisco Unified Communications Manager Administration > System > Service Parameters.
If DNS SRV is an option in your network, and you want availability messaging to be shared
equally among all the servers used for availability information exchange, you must configure the
SIP trunk for the IM and Presence server with a DNS SRV record of the IM and Presence
publisher and subscriber servers. You must also configure the Presence Gateway on the IM and
Presence server with a DNS SRV record of the Cisco Unified Communications Manager
subscriber nodes.
2-101 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Add an Application User with the Standard
AXL Access Role
If the CCMAdministrator is not used as the AXL user, create a new
application user with AXL access rights
www.flane.com.au
The AXL/SOAP interface handles the database synchronization from Cisco Unified
Communications Manager and populates the Cisco Unified IM and Presence database. To
activate the database synchronization, you must start the Sync Agent service on Cisco Unified IM
and Presence. By default the Sync Agent load balances all users equally across all nodes within
the Cisco Unified IM and Presence cluster. You also have the option to manually assign users to a
particular node in the Cisco Unified IM and Presence cluster. For guidelines on the recommended
synchronization intervals when executing database synchronization with Cisco Unified
Communications Manager, for single and dual-node Cisco Unified IM and Presence, see the
Cisco Unified IM and Presence SRND document.
2-102 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Add an Application User with the Standard
AXL Access Role (Cont.)
Navigate to User Management > User Group
www.flane.com.au
Add an Application User with the Standard AXL Access Role Enabled
Consider this step as optional. During Cisco Unified IM and Presence installation, you must enter
an AXL UserID and AXL User password for an application user who has AXL API access
enabled.
You can use the CCMAdministrator application user, which has the Standard AXL API Access
role enabled by default, or you can follow this step to create a new application user.
2-103 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Verify that the Required Services Are Running
Cisco CallManager
Cisco TFTP (if you are deploying Cisco Unified Personal Communicator
softphone)
www.flane.com.au
2-104 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Navigation and Menus
www.flane.com.au
2-105 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence Configuration
Checklist
Verify Cisco IM and Presence settings and configure a SIP publish trunk
www.flane.com.au
Configuration tasks for Cisco Unified IM and Presence to integrate with Cisco Unified
Communications Manager are:
Add an optional Cisco Unified Presence subscriber
Configure the Presence gateway
Enable Cisco Unified Personal Communicator Release 8.x Mandatory and Optional XCP
Services
Configure an incoming and privacy access control list
Verify Cisco Unified Presence settings and configure a SIP publish trunk
Configure Presence Settings
2-106 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Build a Cisco IM and Presence Cluster
This task has to be completed before the installation of the second Cisco IM
and Presence server.
www.flane.com.au
Step 1 Choose System > Cluster Topology > Add New Node.
The Server Configuration window displays.
Step 2 For Host Name/IP Address, enter the hostname or IP address of the subscrib
2-107 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Presence Gateway
www.flane.com.au
2-108 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
equally across multiple subscriber nodes because the IP address points to a single subscriber
node.
2-109 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure an Incoming Access Control List
www.flane.com.au
In the Incoming Access Control List (ACL), you can configure patterns that control which
incoming hosts and domains can access Cisco Unified Presence without authentication. Cisco
Unified IM and Presence accepts a range of IP address patterns in addition to fully qualified
names of incoming hosts or domains.
2-110 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configuring Cisco IM and Presence Settings
www.flane.com.au
2-111 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Messaging Settings
www.flane.com.au
By default IM and Presence stores (locally) any instant messages that are sent to a user when they
are offline, and IM and Presence delivers these instant messages to the user the next time they
sign in to the client application. You can turn off (suppress) this feature so IM and Presence does
not store offline instant messages.
For example, in large deployments, this feature could require significant message storage, so you
may want to suppress offline instant messages to increase performance.
2-112 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Configure Subcluster
Configuring ACL
108 www.flane.com.au
2-113 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
2-114 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 5
Full UC
Users have instant messaging and presence as their base functionality.
Provision users with devices for audio and video in addition to voicemail and
conferencing capabilities.
www.flane.com.au
www.flane.com.au
2-117 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Product Mode Requirements (Cont.)
Phone Mode
Users have devices for audio and video as their base functionality.
www.flane.com.au
Phone Mode
The primary authentication for users is to Cisco Unified Communications Manager.
Users have devices for audio and video as their base functionality.
To deploy the client in phone mode, complete the following tasks in this lesson:
1. Configure directory integration for Cisco Unified Communications Manager.
2. Set up audio and video capabilities.
3. Provision users with additional capabilities as required.
2-118 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Activate and Start Essential Services
www.flane.com.au
2-119 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Activate and Start Essential Services (Cont.)
www.flane.com.au
Cisco UP XCP Text Conference Manager, for group chat and persistent chat rooms. If
you have a mixture of Cisco Unified Personal Communicator Release 8.x and Release 7.x
users, then the Cisco UP XCP Text Conference Manager service must be running for
them to communicate with one another.
Cisco UP XCP SIP Federation Connection Manager, to support federation services with
third-party applications that use SIP.
Cisco UP XCP XMPP Federation Connection Manager, to support federation services
with third-party applications that use XMPP.
Cisco UP XCP Counter Aggregator, if you want system administrators to be able to view
statistical data on XMPP components.
Cisco UP XCP Message Archiver, for automatic archiving of all instant messages.
Cisco UP XCP Directory Service, if you want to enable third-party XMPP client
applications to do LDAP searches.
2-120 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
User Configuration Architecture
The client can then retrieve settings for available services from the
service profile.
Voicemail
Conferencing
UC Service
User
Profile
Directory
CTI
www.flane.com.au
You create a service profile that contains the configuration settings for the services you add on
Cisco Unified Communications Manager. You add the service profile to the end user
configuration for your users. The client can then retrieve settings for available services from the
service profile.
2-121 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Directory Integration
User authentication: You can authenticate users using the LDAP directory
credentials.
User lookup: You can enable LDAP directory lookups to allow Cisco Unified
Personal Communicator client users, or third-party XMPP clients, to search
for and add contacts from the LDAP directory.
www.flane.com.au
You can configure a corporate LDAP directory in this integration to satisfy a number of different
requirements:
User provisioning:
You can provision users automatically from the LDAP directory into the Cisco Unified
Communications Manager database. Cisco Unified Communications Manager synchronizes
with the LDAP directory content so you avoid having to add, remove, or modify user
information manually each time a change occurs in the LDAP directory.
User authentication:
You can authenticate users using the LDAP directory credentials. Cisco Unified Presence
synchronizes all the user information from Cisco Unified Communications Manager to
provide authentication for users of the Cisco Unified Personal Communicator client and
Cisco Unified Presence user interface.
User lookup:
You can enable LDAP directory lookups to allow Cisco Unified Personal Communicator
client users, or third-party XMPP clients, to search for and add contacts from the LDAP
directory.
2-122 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Directory Integration
www.flane.com.au
As the scope of the LDAP integration is dependent on customer requirements and it can vary
between companies, there are a number of potential LDAP integration scenarios:
1. You integrate Cisco Unified Communications Manager and Cisco Unified Personal
Communicator with an LDAP directory. We strongly recommend this configuration.
2. You integrate Cisco Unified Communications Manager with an LDAP directory, but you
do not integrate Cisco Unified Personal Communicator. We do not recommend this
configuration because it will impact Cisco Unified Personal Communicator functionality
and you will experience performance issues.
3. You integrate Cisco Unified Personal Communicator with an LDAP directory, but you do
not integrate Cisco Unified Communications Manager. We do not recommend this
configuration because you will have to manually configure all your users on Cisco
Unified Communications Manager at initial installation, and each time a change is made
on the LDAP directory.
2-123 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Directory Integration (Cont.)
Enable Synchronization
www.flane.com.au
LDAP synchronization uses the Cisco Directory Synchronization (DirSync) tool on Cisco Unified
Communications Manager to synchronize information (either manually or periodically) from a
corporate LDAP directory.
When you enable the DirSync service, Cisco Unified Communications Manager automatically
provisions users from the corporate directory. Cisco Unified Communications Manager still uses
its local database, but disables its facility to allow you to create user accounts. You use the LDAP
directory interface to create and manage user accounts.
2-124 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Directory Integration (Cont.)
Perform Synchronization
www.flane.com.au
LDAP synchronization does not apply to application users on Cisco Unified Communications
Manager. You must manually provision application users in the Cisco Unified CM
Administration interface.
2-125 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Directory Integration (Cont.)
www.flane.com.au
2-126 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Instant Messaging and Presence
www.flane.com.au
Instant messaging and presence capabilities let users send and receive instant messages as well as
publish and view availability status.
Procedure
Step 1 Open the Cisco Unified CM IM and Presence Administration interface.
Step 2 Select Messaging > Settings.
Step 3 Select the following options:
Enable instant messaging
Allow clients to log instant message history
Step 4 Select other messaging settings as appropriate.
Step 5 Select Save.
2-127 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Voicemail – Voicemail Server
Setting up voicemail enables users to receive voice mail messages and redirect
incoming audio calls to the voicemail service.
www.flane.com.au
Setting up voicemail enables users to receive voice mail messages and redirect incoming audio
calls to the voicemail service. As part of the task of setting up voicemail, you can also configure a
mailstore to enable visual voicemail in the client.
You must complete some specific steps to configure Cisco Unity Connection so that Cisco Jabber
can access voicemail services. You should refer to the Cisco Unity Connection documentation for
instructions on general tasks such as creating users, passwords, and provisioning users with
voicemail access.
2-128 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Voicemail – Mailstore server
www.flane.com.au
2-129 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Conferencing - On-Premises
www.flane.com.au
Conferencing capabilities enable users to create and attend meetings. Review the different types
of conferencing deployments you can configure. Learn how to set up authentication and enable
communication between the conferencing service and the client.
Set Up On-Premises Conferencing
Cisco WebEx Meetings Server provides on-premises meeting and conferencing services for the
client.
Cisco WebEx Meetings Server Installation and Configuration
The first step in setting up integration between Cisco WebEx Meetings Server and the client is to
install and configure Cisco WebEx Meetings Server. You should refer to the Cisco WebEx
Meetings Server product documentation for installation and configuration procedures.
You cannot currently integrate Cisco Jabber with Cisco WebEx Meetings Server sites that you
configure for single sign on (SSO).
Provide Conferencing Credentials
Choose one of the following methods to provide conferencing credentials to the client:
Users individually specify their credentials in the Options window.
You specify a credentials source on Cisco Unified Communications Manager when you
apply the conferencing service to the service profile.
Specify Conferencing Credentials in the Client
Users can specify their credentials in the Meetings tab on the Options window. To open the
Options window, select File > Options.
2-130 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Conferencing - Cloud-Based
Cloud-based integration:
Cisco WebEx Meeting Center provides the following services to the
client:
Data such as participant chat and roster lists.
Audio and video capabilities.
Cisco WebEx Meeting Center provides data such as participant chat and
roster lists.
www.flane.com.au
Cisco WebEx Meeting Center provides cloud-based meeting and conferencing services for the
client.
Integration with Cisco WebEx Meeting Center
As of this release, there are two types of Cisco WebEx Meeting Center integration for on-
premises deployments:
Cloud-based integration
Hybrid cloud-based integration
Cloud-Based Integration
Cloud-based integration refers to an environment in which Cisco WebEx Meeting Center
provides the following
services to the client:
Data such as participant chat and roster lists.
Audio and video capabilities.
Hybrid Cloud-Based Integration
Hybrid cloud-based integration refers to an environment in which:
Cisco WebEx Meeting Center provides data such as participant chat and roster lists.
A conferencing bridge provides audio and video capabilities.
2-131 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Authentication with Cisco WebEx Meeting Center
Cisco Jabber supports the following types of authentication with Cisco WebEx Meeting Center:
Direct Authentication
The client can pass user credentials directly to Cisco WebEx Meeting Center.
To enable direct authentication, complete the following steps:
1. Create user accounts for Cisco WebEx Meeting Center using the Cisco WebEx
Administration Tool.
Cisco WebEx Meeting Center must validate user credentials in a direct authentication
scenario. The user accounts hold the credentials so that Cisco WebEx Meeting Center can
validate them when the client attempts to authenticate.
2. Provide Cisco WebEx Meeting Center user credentials to the client.
2-132 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Conferencing
In Cisco Unified CM Administration > User Management > User Settings >
UC Service.
www.flane.com.au
2-133 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Service Profiles
In Cisco Unified CM Administration > User Management > User Settings >
Service Profile.
Voice Mail
Service
Credential
Source
MailStore
Conferencing
Service
Credential Source
www.flane.com.au
You create a service profile that contains the configuration settings for the services you add on
Cisco Unified Communications Manager. You add the service profile to the end user
configuration for your users. The client can then retrieve settings for available services from the
service profile.
Enable UDS
Cisco IM and
Presence Service
www.flane.com.au
2-134 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Configure Users
www.flane.com.au
To configure users, you enable instant messaging and presence and add a service profile to the
users.
Configure Users Individually
Enable instant messaging and presence and add your service profile to individual users.
Procedure
Step 1 Open the Cisco Unified CM Administration interface.
Step 2 Select User Management > End User.
The Find and List Users window opens.
Step 3 Specify the appropriate filters in the Find User where field and then select Find to
retrieve a list of users.
Step 4 Select the appropriate username from the list.
The End User Configuration window opens.
Step 5 Locate the Service Settings section and do the following:
a) Select Enable User for Unified CU IM and Presence.
b) Select your service profile from the UC Service Profile drop-down list.
Step 6 Select Save.
Configure Users in Bulk
Enable instant messaging and presence and add your service profile to multiple users.
Procedure
Step 1 Open the Cisco Unified CM Administration interface.
Step 2 Select Bulk Administration > Users > Update Users > Query.
2-135 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
The Find and List Users To Update window opens.
Step 3 Specify the appropriate filters in the Find User where field and then select Find to
retrieve a list of users.
Step 4 Select Next.
The Update Users Configuration window opens.
Step 5 Select both of the Enable User for Unified CU IM and Presence check boxes.
There are two check boxes for Enable User for Unified CU IM and Presence. To
disable instant messaging and presence, you select one check box. To enable instant
messaging and presence, you select both check boxes.
Step 6 Select the UC Service Profile check box and then select your service profile from the
drop-down list.
Step 7 In the Job Information section, specify if you want to run the job immediately or at a
later time.
Step 8 Select Submit.
2-136 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Architecture for Voice/Video Calling
Soft phone
Cisco Jabber registers to Cisco Unified CM as
a Client Services Framework device (CSF)
using SIP.
www.flane.com.au
2-137 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
The following design considerations should be taken into account when deploying Cisco Jabber
and other desktop applications that use the Cisco Unified Client Services Framework:
The administrator must determine how to install, deploy, and configure the Unified
Client Services Framework desktop applications in their organization. Cisco recommends
using a well-known installation package such as Altris to install the desktop application,
and use Group Policies to configure the user registry settings for the required components
such as TFTP, CTI Manager, CCMCIP, and LDAP server IP addresses and other
pertinent information.
The user ID and password configuration of the Cisco Unified Client Services Framework
desktop application user must match the user ID and password of the user stored in the
LDAP server to allow for seamless integration of the Unified Communications and back-
end directory components.
The directory number configuration on Cisco Unified CM and the telephoneNumber
attribute in LDAP should be configured with a full E.164 number. A private enterprise
dial plan can be used, but it might involve the need to use application dial rules and
directory lookup rules.
The deskphone mode for control of a Cisco Unified IP Phone uses CTI; therefore, when
sizing a Unified CM deployment, you must also account for other applications that
require CTI usage. For more information on CTI system sizing.
2-138 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Desktop Share Options
Supports Annotation
www.flane.com.au
Jabber for Windows supports desktop sharing using either WebEx Desktop Share or Video
Desktop Share (using BFCP).
Video desktop sharing (BFCP)
Cisco Jabber for Windows provides desktop sharing capabilities for users. You can configure
Cisco Unified Communications Manager 8.6.1 and later to enable video desktop sharing. To
configure Cisco Unified Communications Manager for video desktop sharing, you apply a COP
file to Cisco Unified Communications Manager and enable video desktop sharing on the SIP
profiles of CSF devices.
In a hybrid cloud-based deployment, Cisco WebEx Connect provides instant messaging
capabilities and Cisco Unified Communications Manager provides audio and video
communication capabilities. However, both Cisco WebEx Connect and Cisco Unified
Communications Manager provide desktop sharing functionality.
If you configure video desktop sharing in a hybrid cloud-based deployment, Cisco WebEx
Connect provides desktop sharing functionality if users initiate desktop sharing sessions in instant
messaging conversations. If users initiate desktop sharing sessions during an audio or video
conversation, they use the video desktop sharing capabilities on Cisco Unified Communications
Manager.
Attention
As of this release, Cisco Jabber for Windows supports video desktop sharing in software
phone mode only. Video desktop sharing is not available in desk phone mode.
Migration of your video desktop sharing configuration is not possible. If you configure
video desktop sharing on Cisco Unified Communications Manager 8.6.1 and then
upgrade to Cisco Unified Communications Manager 8.6.2, you must configure video
desktop sharing on 8.6.2.
2-139 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WebEx Ad-hoc Desktop Share
The Cisco Jabber application provides for smooth escalation to desktop sharing or Cisco's
market-leading collaboration solution, Cisco WebEx® conferencing. You can instantly share
documents and expand chats and conversations to multiparty voice, video, and web conferencing.
Supported WebEx Options:
Cisco WebEx Meeting Center T26L SP 20
Cisco WebEx Meeting Center T27L SP 9
2-140 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Desktop Sharing (Cont.)
You can enable video desktop sharing only on software phone devices.
In hybrid cloud-based deployments, both Cisco WebEx and Cisco UCM provide
desktop sharing functionality.
www.flane.com.au
Binary Floor Control Protocol (BFCP) provides video desktop sharing capabilities for CSF
devices. Cisco Unified Communications Manager handles the BFCP packets that users transmit
when using video desktop sharing capabilities. On Cisco Unified Communications Manager
version 9.0(1) and higher, BFCP presentation sharing is automatically enabled. For this reason,
you do not need to perform any steps to enable video desktop sharing on CSF devices.
Restrictions:
Cisco Unified Communications Manager supports BFCP presentation sharing on version
8.6(1) and higher only. You cannot enable BFCP, or provision users with video desktop
sharing capabilities, on versions lower than 8.6(1).
You can enable video desktop sharing only on software phone devices. You cannot
enable video desktop sharing on desk phone devices.
In hybrid cloud-based deployments, both Cisco WebEx and Cisco Unified
Communications Manager provide desktop sharing functionality.
If users initiate desktop sharing sessions during an instant messaging session, Cisco
WebEx provides desktop sharing capabilities.
If users initiate desktop sharing sessions during an audio or video conversation, Cisco
Unified Communications Manager provides desktop sharing capabilities.
2-141 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Desktop Sharing Summary
Video Desktop
UC Manager WebEx Desktop
Deployment Model Share (requires UC
Version Share
manager 8.6+)
< 8.6
Cloud Model
8.6 +
< 8.6
On Premise Model
8.6 +
www.flane.com.au
Software phones let users send and receive audio and video through
their computers.
You should use the CSFusername format for CSF device names.
www.flane.com.au
You should use the CSFusername format for CSF device names. For example, you create a CSF
device for a user named Tanya Adams, whose username is tadams. In this case, you should
specify CSFtadams as the device name.
2-142 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Associate End Users with a Line Appearance
www.flane.com.au
2-143 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Desk Phone
Users can control desk phones on their computers to place audio calls.
www.flane.com.au
Users can control desk phones on their computers to place audio calls.
Procedure
Step 1 Open the Cisco Unified CM Administration interface.
Step 2 Select Device > Phone.
The Find and List Phones window opens.
Step 3 Select Add New.
Step 4 Select the appropriate device from the Phone Type drop-down list and then select Next.
The Phone Configuration window opens.
Step 5 Complete the following steps in the Device Information section:
a) Enter a meaningful description in the Description field.
The client displays device descriptions to users. If users have multiple devices of the
same model, the descriptions help users tell the difference between multiple devices.
b) Select Allow Control of Device from CTI.
If you do not select Allow Control of Device from CTI, users cannot control the desk
phone.
Step 6 Complete the following steps to enable desk phone video capabilities:
a) Locate the Product Specific Configuration Layout section.
b) Select Enabled from the Video Capabilities drop-down list.
If possible, you should enable desk phone video capabilities on the device configuration.
However, certain phone models do not include the Video Capabilities drop-down list at
the device configuration level. In this case, you should open the Common Phone
2-144 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Profile Configuration window and then select Enabled from the Video Calling drop-
down list.
Step 7 Specify all other configuration settings on the Phone Configuration window as
appropriate.
Step 8 Select Save.
An message displays to inform you if the device is added successfully. The Association
Information section becomes available on the Phone Configuration window.
2-145 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Associate End Users with a Line Appearance
www.flane.com.au
2-146 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Desk Phone (Cont.)
Enable Video Rate Adaptation
Negotiate optimum video quality. Video rate adaptation dynamically increases or
decreases video quality based on network conditions.
To use video rate adaptation, you must enable Real-Time Transport Control Protocol
(RTCP) on Cisco Unified Communications Manager.
RTCP is enabled on software phone devices by default. However, you must enable
RTCP on desk phone devices.
www.flane.com.au
2-147 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Desk Phone (Cont.)
Add a CTI Service
www.flane.com.au
2-148 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Apply CTI Service
After you add a CTI service on Cisco Unified Communications Manager, you must apply it to a
service profile so that the client can retrieve the settings.
Procedure
Step 1 Open the Cisco Unified CM Administration interface.
Step 2 Select User Management > User Settings > Service Profile.
The Find and List Service Profiles window opens.
Step 3 Find and select your service profile.
The Service Profile Configuration window opens.
Step 4 In the CTI Profile section, select up to three services from the following drop-down lists:
Primary
Secondary
Tertiary
Step 5 Select Save.
2-149 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect
Users control calls on devices such as public switched telephone network
(PSTN) phones and private branch exchange (PBX) devices.
140 www.flane.com.au
2-150 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Provisioning CTI Remote Devices
Alternative Device you should not add remote destinations. Users can
add, edit, and delete remote destinations through the client interface.
www.flane.com.au
2-151 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Using CTI Remote Devices with the Client
If a user is signed in to the client and sets a remote device as active, that device
rings when the user receives incoming calls. Additionally, the client routes outgoing
calls to the active device when the user is signed in.
If a user is not signed in to the client, and that user receives an incoming call to the
directory number, all devices set as remote destinations ring.
www.flane.com.au
2-152 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Enable User Mobility
www.flane.com.au
2-153 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Create CTI Remote Devices
CTI remote devices are virtual devices that monitor and have call control over
a user's remote destination.
www.flane.com.au
2-154 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Cisco Unified Communications Manager populates the Device Name field with
the user ID and a CTRID prefix; for example, CTRIDusername
The Rerouting Calling Search Space ensures that users can send and
receive calls from the CTI remote device.
www.flane.com.au
Cisco Unified Communications Manager populates the Device Name field with the user ID and a
CTRID prefix; for example, CTRIDusername
Step 6 Edit the default value in the Device Name field, if appropriate.
Step 7 Ensure you select an appropriate option from the Rerouting Calling Search Space drop-
down list in the
Protocol Specific Information section.
The Rerouting Calling Search Space drop-down list defines the calling search space for
re-routing and ensures that users can send and receive calls from the CTI remote device.
Step 8 Specify all other configuration settings on the Phone Configuration window as
appropriate.
Step 9 Select Save.
The fields to associate directory numbers and add remote destinations become available
on the Phone Configuration window.
2-155 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
www.flane.com.au
You must add directory numbers to devices in Cisco Unified Communications Manager. This
topic provides instructions on adding directory numbers using the Device > Phone menu option
after you create your device.
Under this menu option, only the configuration settings that apply to the phone model or CTI
route point display. See the Cisco Unified Communications Manager documentation for more
information about different options to configure directory numbers.
2-156 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Audio and Video Capabilities
Extend and Connect (Cont.)
Add a Remote Destination
Remote destinations represent the CTI controllable devices that are available to
If you plan to provision users with CTI remote devices along with software phone
devices and desk phone devices, you should not add a remote destination
through the Cisco Unified CM Administration interface.
You must specify JabberRD in the Name field. The client uses only the
www.flane.com.au
2-157 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Associate a Device to a User
Navigate to User Management > End User
Add the Primary Extension
Physical Phone
www.flane.com.au
When you associate a user with a device, you provision that device to the user.
Procedure
Step 1 Open the Cisco Unified CM Administration interface.
Step 2 Select User Management > End User.
The Find and List Users window opens.
Step 3 Specify the appropriate filters in the Find User where field and then select Find to
retrieve a list of users.
Step 4 Select the appropriate user from the list.
The End User Configuration window opens.
Step 5 Locate the Device Information section.
Step 6 Select Device Association.
The User Device Association window opens.
Step 7 Select the devices to which you want to associate the user.
Step 8 Select Save Selected/Changes.
2-158 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Assign End Users to User Group
Assign the user to the group Standard CTI Enabled and Standard CCM End User
Group
Select the User group
Standard CTI Enabled.
Step 9 Select User Management > End User and return to the Find and List Users window.
Step 10 Find and select the same user from the list.
The End User Configuration window opens.
Step 11 Locate the Permissions Information section.
Step 12 Select Add to Access Control Group.
The Find and List Access Control Groups dialog box opens.
Step 13 Select the access control groups to which you want to assign the user.
At a minimum you should assign the user to the following access control groups:
Standard CCM End Users
Standard CTI Enabled
If you are provisioning users with secure phone capabilities, do not assign the users to the
Standard CTI Secure Connection group.
Remember
Certain phone models require additional control groups, as follows:
Cisco Unified IP Phone 9900 or 8900 series, select Standard CTI Allow
Control of Phones supporting Connected Xfer and conf.
Cisco Unified IP Phone 6900 series, select Standard CTI Allow Control of
Phones supporting Rollover Mode.
Step 14 Select Add Selected.
The Find and List Access Control Groups window closes.
Step 15 Select Save on the End User Configuration window.
2-159 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Specify Your TFTP Server Address
www.flane.com.au
2-160 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Specify Your TFTP Server Address (Cont.)
Users enter the TFTP server address in the Connection Settings window
when they start the client.
You specify the TFTP server address during installation with the TFTP
argument.
Specify your TFTP server address with the Cisco WebEx Administration Tool.
www.flane.com.au
2-161 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Create a CCMCIP Profile
The client gets device lists for users from the CCMCIP server.
www.flane.com.au
The client gets device lists for users from the CCMCIP server.
2-162 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Application Dialing and Directory Lookup
Rules
Cisco IM and Presence then queries Cisco Unified Communications Manager to
obtain these dialing rules for the Cisco Unified Personal Communicator.
Application dialing rules are used to manipulate numbers that are dialed from
Cisco Jabber.
Directory lookup rules transform caller identification numbers into numbers that
can be looked up in the directory from Cisco Unified Personal Communicator.
www.flane.com.au
You configure dial plan mapping to ensure that dialing rules on Cisco Unified Communications
Manager match dialing rules on your directory.
Application Dial Rules
Application dial rules automatically add or remove digits in phone numbers that users dial.
Application dialing rules manipulate numbers that users dial from the client.
For example, you can configure a dial rule that automatically adds the digit 9 to the start of a 7
digit phone number to provide access to outside lines.
Directory Lookup Dial Rules
Directory lookup dial rules transform caller ID numbers into numbers that the client can lookup
in the directory.
Each directory lookup rule you define specifies which numbers to transform based on the initial
digits and the length of the number.
For example, you can create a directory lookup rule that automatically removes the area code and
two digit prefix digits from 10 digit telephone numbers. An example of this type of rule is to
transform 4089023139 into 23139.
2-163 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Cisco Jabber product modes configuration requriements
Activating Cisco IM and Presence essential services
Configuring Cisco Jabber services
Cisco IM and presence
Directory Integration
CTI
Voice Mail
Conferencing Services
Configuring Cisco Jabber for voice and video calling:
Deskphone mode
Softphone mode
Extend and Connect (Remote CTI Device) mode
Configure Desktop sharing
154 www.flane.com.au
2-164 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 6
Provides the complete flexibility of Jabber's Bring Your Own Device (BYOD)
capabilities for presence and IM.
The full range of Cisco Jabber clients deployable on Windows, MAC, iPad,
iPhone, BlackBerry, Android1, as well as Cisco Cius, are supported.
Customers can also build and deploy presence and IM-enabled applications
using the Jabber Web Software Development Kit (SDK).
Leverage Cisco Jabber clients to control their IP desk phone to initiate and
manage calls.
www.flane.com.au
“Jabber for Everyone” is a new offer which is being made available to Cisco customers from mid-
year 2012 onwards. The offer makes Cisco Jabber presence and instant messaging (IM) available
at zero cost for an end-user license to all employees of Cisco customers who have deployed Cisco
Unified Communications Manager for all or even part of their organization.
The “Jabber for Everyone” offer provides the complete flexibility of Jabber's Bring Your Own
Device (BYOD) capabilities for presence and IM. The full range of Cisco Jabber clients
deployable on Windows, MAC, iPad, iPhone, BlackBerry, and Android1 are supported.
Customers can also build and deploy presence and IM-enabled applications using the Jabber Web
Software Development Kit (SDK).
As part of the offer, employees who are existing Cisco IP Telephony users can leverage Cisco
Jabber clients to control their IP desk phone to initiate and manage calls. In addition, employees
who are existing Cisco Unity Connection users can leverage Cisco Jabber clients for visual
voicemail. Customers who are fully licensed for Cisco Collaboration can easily expand beyond
the “Jabber for Everyone” IM and Presence offer to leverage Jabber's complete Unified
Communications capabilities, including WebEx Meetings, and standards-based voice and HD
video (using Cisco's Precision Video Engine PVE technology) across desktop and mobile
devices.
2-166 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
“Jabber for Everyone” Solution
supported features
Core IM and Presence
Advanced IM
Rich UC Presence
Deskphone Control
Visual Voicemail
You must configure Core IM and Presence as the first step to utilize basic
features of IM and presence and as a prerequisite to further enable Rich UC
Presence, any of the Advanced IM or Deskphone Control features.
www.flane.com.au
The “Jabber for Everyone” offer enables a broad range of Cisco Jabber features as follows:
Core IM and Presence—This is the baseline offering. It provides standard IM features
such as One-to-One and Group Chat IM. It also provides a range of presence states
(“Available,” “Away,” “Offline,” “Do Not Disturb,” and custom status). Core IM and
Presence also enables Multi-Device which allows a user to log in to multiple Cisco
Jabber devices in parallel (such as Cisco Jabber for Windows and Cisco Jabber IM for
iPhone), send and receive IMs to multiple devices simultaneously and set presence state
from any device. See Table 1 for details of supported features.
Advanced IM—If you want to add other advanced IM features such as Federation,
Compliance and High Availability, you can incorporate them into your deployment with
additional configuration.
Rich UC Presence—If you want to integrate additional sources of presence including
the telephony state of Cisco IP phone-enabled users (“On a call”) or meeting status from
Microsoft Exchange (“In a Meeting”) with the presence features that are available with
Core IM and Presence, you can do so with additional configuration. See Table 1 for
details.
Desk Phone Control—Along with IM and presence capabilities, the “Jabber for
Everyone” offer allows users who are configured for Cisco IP Telephony to also use their
Cisco Jabber client to control their Cisco IP phone to make and answer calls (through
Computer Telephony Integration (CTI)).
Visual Voicemail—If you have Cisco Unity Connection deployed, you can add the
ability to view, play, sort and delete voicemail messages from Cisco Jabber with
additional configuration.
You must configure Core IM and Presence as the first step to utilize basic features of IM and
presence and as a prerequisite to further enable Rich UC Presence, any of the Advanced IM,
Desk Phone Control or Visual Voicemail features, if you wish to do so. You can flexibly select
2-167 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
which features of Rich UC Presence and Advanced IM you wish to enable. In general, these
optional features do not have to be configured or enabled in any particular sequence.
2-168 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported Cisco Jabber features
Feature Jabber for Jabber for Jabber for Jabber for Jabber for Jabber
Windows Mac BlackBerry iPhone iPad Web SDK
Core IM and Presence Features
Presence X X X X X X
Instant X X X X X X
messaging
Multi-device X X X X X X
Group chat X X X X X X
File transfer X X
Emoticons X X X X X X
Contact X X X X X
search
www.flane.com.au
This matrix lists the features that the “Jabber for Everyone” offer supports for each client.
www.flane.com.au
2-169 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported Cisco Jabber features (Cont.)
Feature Jabber for Jabber for Jabber for Jabber for Jabber for Jabber
Windows Mac BlackBerry iPhone iPad Web SDK
Advanced IM Features
Interdomain X X X X X X
federation
Partitioned X X X X X X
intradomain
federation
with
Microsoft
(LCS, OCS)
Start/join X X X X X
WebEx
meetings
Visual X X
Voicemail
www.flane.com.au
www.flane.com.au
2-170 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported Cisco Jabber features (Cont.)
Feature Jabber for Jabber for Jabber for Jabber for Jabber for Jabber
Windows Mac BlackBerry iPhone iPad Web SDK
Deskphone Control
Desktop X X
Phone
Control
Visual Voicemail
Visual X X
Voicemail
www.flane.com.au
The following features are not included in the “Jabber for Everyone” offer:
Audio
Video
Desktop sharing
\Options for phone configuration
2-171 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber for Everyone architecture
www.flane.com.au
2-172 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
License requirements
Ordering options are available for existing User Connect Licensing (UCL) and
Cisco Unified Workspace Licensing (CUWL) customers as follows:
Unified CM UCL customers can order “Jabber for Everyone” to provide IM to users that
are not Unified CM users.
CUWL customers can order “Jabber for Everyone” to provide IM to users that are not
Unified CM users.
www.flane.com.au
License Requirements
With the “Jabber for Everyone” offer, Jabber IM client applications and IM and Presence Service
(on-premises) licenses are available to Cisco Unified Communications Manager customers at no
additional license cost.
Ordering options are available for existing User Connect Licensing (UCL) and Cisco Unified
Workspace Licensing (CUWL) customers as follows:
Unified CM UCL customers can order “Jabber for Everyone” to provide IM to users that
are not Unified CM users.
CUWL customers can order “Jabber for Everyone” to provide IM to users that are not
Unified CM users.
From Cisco Unified Communications Manager Release 9.0(1) onwards, IM and Presence is an
integrated service, therefore all Unified CM users have access to IM as part of the core user
licensing.
2-173 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber for Everyone deployment workflow
www.flane.com.au
Core IM and Presence represents the baseline offering for the “Jabber for Everyone” solution.
You can extend your deployment by incorporating any of the following additional, optional
feature sets:
Advanced IM
Rich UC Presence
Desk Phone Control
Visual Voicemail
Each deployment scenario assumes that Unified CM is installed.
2-174 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Core IM and Presence deployment
The following are the high-level tasks that you must complete to enable core IM
and presence features in your network:
1. Set up users on Unified CM.
You can deploy “Jabber for Everyone” in a mixed cluster where you provision
some users with only instant messaging and availability and other users with
instant messaging and availability along with audio capabilities.
www.flane.com.au
The following are the high-level tasks that you must complete to enable core IM and presence
features in your network:
1. Set up users on Unified CM.
2. Install IM and Presence Service.
3. Verify essential services on Unified CM and IM and Presence Service.
4. Specify capabilities assignments for end users on Unified CM.
5. Create an LDAP profile on IM and Presence Service.
6. Install Cisco Jabber.
You can deploy “Jabber for Everyone” in a mixed cluster where you provision some users with
only instant messaging and availability and other users with instant messaging and availability
along with audio capabilities.
You should create separate service profiles for users that have only instant messaging and
availability capabilities. If the service profile contains a CTI or CCMCIP profile, the client
attempts to retrieve device lists for users from Cisco Unified Communications Manager. If no
device lists exist for users, the client continually requests device lists from the server. As a result,
the server consumes additional CPU resources.
2-175 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Advanced IM deployment
“Jabber for Everyone” supports optional advanced IM and presence features that
extend your baseline deployment:
Federation
IM Compliance
High Availability
Intercluster Peering
www.flane.com.au
“Jabber for Everyone” supports optional advanced IM and presence features that extend your
baseline deployment:
Federation
IM Compliance
High Availability
Intercluster Peering
2-176 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Rich UC Presence deployment
The following are the high-level tasks that you must complete if you want to
deploy rich presence for Cisco IP phone users in your network:
www.flane.com.au
2-177 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Cisco Jabber product modes configuration requriements
Activating Cisco IM and Presence essential services
Configuring Cisco Jabber services
Cisco IM and presence
Directory Integration
CTI
Voice Mail
Conferencing Services
Configuring Cisco Jabber for voice and video calling:
Deskphone mode
Softphone mode
Extend and Connect (Remote CTI Device) mode
Configure Desktop sharing
169 www.flane.com.au
2-178 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 7
If the node detects that any critical service is not running for a configurable
outage period (90 seconds is the default value), it instructs the peer node to
initiate a failover.
Instant Message and Availability services from that node can failover to the
second node in the subcluster
In IM and Presence Release 9.0(1) and later, manual recovery is not required.
www.flane.com.au
The IM and Presence Service supports High Availability deployments. Cisco recommends that
you configure your IM and Presence deployments as High Availability deployments.
Although mixed mode deployments are permitted, for example High Availability subclusters and
non High Availability subclusters in a single deployment, we do not recommend this
configuration.
You must manually turn on High Availability in a subcluster. You can achieve a High
Availability deployment by configuring the Balanced Mode (Redundant High Availability) or the
Active/Standby Redundant High Availability deployment models, and turning on High
Availability in your deployment.
2-180 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified IM and Presence Multi-Node
Deployment - Fallback
IM and Presence supports automatic fallback to the primary node after a failover.
Automatic fallback is the process of moving users back to the primary node after
a failover without manual intervention.
You can enable automatic fallback with the Enable Automatic Fallback service
parameter on the Cisco Unified CM IM and Presence Administration interface.
Node A is rebooted
If failover occurs for a reason other than one of the three scenarios listed here,
you must recover the node manually. If you do not want to wait 10 minutes before
the automatic fallback, you can perform a manual fallback to the primary node.
www.flane.com.au
IM and Presence supports automatic fallback to the primary node after a failover. Automatic
fallback is the process of moving users back to the primary node after a failover without manual
intervention. You can enable automatic fallback with the Enable Automatic Fallback service
parameter on the Cisco Unified CM IM and Presence Administration interface.
Automatic fallback occurs in the following scenarios:
A critical service on Node A fails—A critical service (for example, the Presence Engine)
fails on Node A. Automatic failover occurs and all users are moved to Node B. Node A is
in a state called "Failed Over with Critical Services Not Running." When the critical
service recovers, the node state changes to "Failed Over." When this occurs Node B
tracks the health of Node A for 30 minutes. If no heartbeat is missed in this timeframe
and the state of each node remains unchanged, automatic fallback occurs.
Node A is rebooted—Automatic failover occurs and all users are moved to Node B.
When Node A returns to a healthy state and remains in that state for 30 minutes
automatic fallback will occur.
Node A loses communications with Node B—Automatic failover occurs and all users
are moved to Node B. When communications are re-established and remain unchanged
for 30 minutes automatic fallback will occur. If failover occurs for a reason other than
one of the three scenarios listed here, you must recover the node manually. If you do not
want to wait 10 minutes before the automatic fallback, you can perform a manual
fallback to the primary node.
2-181 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
High Availability for Cisco Jabber (XMPP
Failover)
All users in the Cisco IM and Presence cluster must be assigned to a server prior to any exchange
of information. By default, Cisco IM and Presence allows for automatic user assignment that is
equally balanced across all servers in the cluster. If desired, the administrator can control where
users are assigned by setting the User Assignment Mode Sync Agent service parameter to None
instead of the default balanced. If this parameter is set to None, user assignment is done from the
System > Topology menu.
Cisco Jabber clients can be provisioned with a basic deployment, a highly available deployment
for automatic redundancy, and an IM and presence only deployment. In a Cisco IM and Presence
two-server subcluster, users associated with one server are known by the other server in the
subcluster, thus allowing for automatic failover when service communication with the configured
server is interrupted. Cisco Jabber client high availability is supported only within a Cisco IM and
Presence subcluster.
As illustrated in the figure, the server recovery manager monitors the various services on Cisco
IM and Presence to determine if a service has failed and then to initiate an XMPP failover event.
The following sequence of events occurs during an XMPP failover:
1. When the server recovery manager determines that a service is no longer communicating,
a failover user move operation from server 1A to server 1B is initiated. User123 is moved
from home server 1A and is now homed to server 1B.
2. The Cisco Jabber client determines that connectivity with server 1A is lost through time-
out, connection loss, or XMPP protocol update, and it initiates a new connection to server
1B.
2-182 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco UP Server Recovery Manager (SRM)
After you turn on High Availability in a subcluster, the Cisco UP SRM on each node
establishes heartbeat connections with the peer node, and begins to monitor the
critical processes.
The SRM is responsible for the user move operations after it detects that failover has
occurred.
It is the SRM on the peer node, not on the failed node, that performs the user move
operation.
On failover, the SRM will move users that are signed in first, and then move users that
are not signed in. If you initiate a fallback, users that are not signed in are moved first,
and then users that are signed in.
www.flane.com.au
The Cisco Server Recovery Manager (SRM) on IM and Presence manages the failover between
nodes in a subcluster. The Cisco Server Recovery Manager manages all state changes in a node;
state changes are either automatic or initiated by the administrator (manual).
After you turn on High Availability in a subcluster, the Cisco Server Recovery Manager on each
node establishes heartbeat connections with the peer node, and begins to monitor the critical
processes.
The SRM is responsible for the user move operations after it detects that failover has occurred. It
is the SRM on the peer node, not on the failed node, that performs the user move operation. For
example, if node A fails, the SRM on node B performs the user move operation. The SRM
throttles the number of users moved to the peer node, it moves the users in batches or iterations.
You can configure the number of users that the SRM moves per iteration (the default value is 25).
On failover, the SRM will move users that are signed in first, and then move users that are not
signed in. Note that if you initiate a fallback or if an automatic fallback occurs, users that are not
signed in are moved first, and then users that are signed in.
If the SRM is not turned on, it does not monitor any critical processes, nor does it monitor the
heartbeat connections with the peer node.
2-183 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco UP Replication Watcher Service
www.flane.com.au
The Cisco Replication Watcher monitors IDS replication state on the IM and Presence Service.
Other IM and Presence services are dependent on the Cisco Replication Watcher service. These
dependent services use the Cisco Replication Watcher service to delay startup until such time as
IDS replication is in a stable state.
On the subscriber nodes, the Cisco Replication Watcher service delays the startup of feature
services until IDS replication is successfully established. The Cisco Replication Watcher service
only delays the startup of feature services on the problem subscriber node in a cluster, it will not
delay the startup of feature services on all subscriber nodes due to one problem node. For
example, if IDS replication is successfully established on node1 and node2, but not on node3, the
Cisco Replication Watcher service allows feature services to start on node1 and node2, but delays
feature service startup on node3.
The Cisco Replication Watcher service behaves differently on the publisher node. It only delays
the startup of feature services until a timeout expires. When the timeout expires, it allows all
feature services to start on the publisher node even if IDS replication is not successfully
established.
The Cisco Replication Watcher service generates an alarm when it delays feature service startup
on a node. It then generates a notification when IDS replication is successfully established on that
node.
The Cisco Replication Watcher service impacts both a fresh multi-node installation, and a
software upgrade procedure. Both will only complete when the publisher and subscriber nodes
are running the same IM and Presence release, and IDS replication is successfully established on
the subscriber nodes.
2-184 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Subclusters
By default, allows for automatic user assignment that is equally balanced across
all servers in the cluster.
www.flane.com.au
The multi-node feature introduces the concept of a subcluster. A subcluster is a single IM and
Presence server, or a pair of IM and Presence servers, where each node has an independent
database and set of users operating with a shared availability database that is able to support
common users.
In a single-node deployment within a subcluster, there is no High Availability failover protection
for users assigned to the node. In a dual-node deployment within a subcluster, if you turn on High
Availability in the subcluster, users have failover protection; each node acts as a backup for the
other node allowing clients to fail over in case of outages of components or nodes. When you turn
on High Availability in a subcluster, all users in the subcluster have redundancy and full failover
capabilities.
2-185 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
User Assignment Mode
Balanced: Cisco Unified IM and Presencedivides all users equally across all nodes in
all subclusters.
Active/Standby: Cisco Unified IM and Presenceassigns all users only to the first node
of a subcluster. If there is only a single node in the subcluster, Cisco Unified IM and
Presenceuses this node for assignment regardless of the location of the node within
the subcluster.
None: you must manually assign your users to nodes in system topology
management GUI.
www.flane.com.au
To allow users to receive the availability and Instant Messaging (IM) services on IM and
Presence, you must assign users to nodes, and subclusters, in your IM and Presence deployment.
You can manually or automatically assign users in a IM and Presence deployment. You manage
user assignment using the User Assignment Mode parameter on the Sync Agent on IM and
Presence.
Balanced mode (default) assigns users equally to each node in the subcluster and attempts to
balance the total number of users equally across each node. Active-Standby mode assigns all
users to the first node of the subcluster, leaving the secondary server as a backup. None mode
results in no assignment of the users to the nodes in the cluster by the sync agent. The default
mode is Balanced.
If you select manual user assignment, you must manually assign your users to nodes, and
subclusters, using the System Topology interface in the Cisco Unified CM IM and Presence
Administration.
2-186 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Balanced User Assignment Redundant
High Availability Deployment
Supports up to fifteen thousand users per cluster.
Using the balanced mode High Availability deployment option in a redundant mode,
as compared to a non-redundant mode, only half the number of users are assigned to
each node. However, if one node fails, the other node will handle the full load of the
additional 50% of users in the subcluster, even at peak traffic.
In order to support this failover protection, you must turn on High Availability in each of
the subclusters in your deployment.
www.flane.com.au
You can achieve a balanced mode High Availability deployment by evenly balancing users across
all nodes in the subcluster, but only using up to 35% of the CPU of each IM and Presence server.
The balanced mode High Availability deployment option in a redundant mode supports up to
fifteen thousand users per cluster. For example, if you have six IM and Presence nodes in your
deployment, and fifteen thousand users, you assign 2.5 thousand users to each IM and Presence
node.
When you use the balanced mode High Availability deployment option in a redundant mode, as
compared to a non-redundant mode, only half the number of users are assigned to each node.
However, if one node fails, the other node will handle the full load of the additional 50% of users
in the subcluster, even at peak traffic.
In order to support this failover protection, you must turn on High Availability in each of the
subclusters in your deployment.
2-187 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Active/Standby User Assignment
Redundant High Availability Deployment
Assign all your users to the active Cisco Unified IM and Presence node, and none to
the backup node.
When you turn on High Availability in the subcluster, the backup node can handle all
traffic from the active node if the active node fails.
www.flane.com.au
For this deployment model, assign all your users to the primary IM and Presence node, and none
to the backup node. When you turn on High Availability in the subcluster, the backup node can
handle all traffic from the primary node if the primary node fails.
2-188 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Automatic Failover Detection
Peer Heartbeat
These are the list of critical services that the node monitors:
Cisco DB
Cisco UP Presence Engine
Cisco UP XCP Router
Cisco UP Message Archiver
Cisco UP SIP Proxy
Cisco UP XCP SIP Federation Connection Manager
www.flane.com.au
2-189 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
You can view the critical services that IM and Presence monitors for failover on the node details
screen on the Cluster Topology interface. The critical services that IM and Presence monitors are
marked in the “Monitored” column in the services list.
Note
IM and Presence only detects a failover if a critical service is not running for the duration
of the outage period. It does not detect a failover in the case where one or more critical
services are not running during the outage period, but not for the duration of the outage
period, for example, a rolling outage. In this case, IM and Presence generates alarms
indicating that services are starting and stopping, and you can perform a manual failover
on IM and Presence.
If you manually stop a critical service, and the service is stopped for longer than the
permitted outage period, failover will occur.
Prior to Release 8.6, if IM and Presence detects the situation where both nodes in the subcluster
think they own the same user, both nodes go into a failed state, and you need to perform a manual
recovery from the Cluster Topology interface. In IM and Presence Release 9.0(1) and later,
manual recovery is not required.
When the network issue is resolved, auto-recovery occurs without administrator intervention.
If manual recovery is required for another reason, you may experience IDS replication delays.
To check the status of the IDS replication on a node either:
Use this CLI command:
utils dbreplication runtimestate
Use the Cisco Unified IM and Presence Reporting Tool. The “IM and Presence Database
Status” report displays a detailed status of the cluster.
2-190 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Server-side failback
Cisco Unified IM and Presence provides server-side failback, which uses the
same throttle mechanism as server failover.
This feature detects when a failed Cisco Unified IM and Presence server in a
High Availability deployment comes back in service.
It then sends terminating notify messages to Cisco Jabber clients that are failed
over to initiate failback to their home node.
www.flane.com.au
2-191 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Manual Failover and Fallback From the
Cluster Topology interface
You can perform the following procedures:
Initiate a manual failover for a subcluster.
Initiate a manual fallback from the Cluster Topology interface, where the
Cisco UP Server Recovery Manager restarts critical services on the active
node and moves users back to the active node.
www.flane.com.au
You can perform a manual failover to the backup node in the subcluster using the Cluster
Topology interface.
When you initiate a manual failover, the Cisco Server Recovery Manager stops the critical
services on that node, and moves all users to the backup node.
The Cisco Server Recovery Manager stops the following critical services on the node:
Cisco SIP Proxy
Cisco Presence Engine
Cisco XCP Router (this causes all XCP processes to stop)
Cisco Client Profile Agent
The Cisco Server Recovery Manager then move all users to the backup node
Restriction You can only initiate a failover for a node that is in “Normal” state.
2-192 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cluster-Wide Routing Information on Cisco
Unified IM and Presence
To allow the nodes in a cluster to route messages to each other, you must
configure the routing communication type.
MDNS is the default mechanism for establishing the XCP route fabric on Cisco
Unified Presence; the network automatically establishes router-to-router
connections between all Cisco Unified IM and Presencenodes in a cluster.
A requirement for MDNS routing is that all nodes in the cluster are in the same
multicast domain.
When multicast DNS is disabled in the network, you can select router-to-router
communication for your deployment. In this case, Cisco Unified IM and Presence
dynamically configures all router-to-router connections between nodes in a
cluster.
www.flane.com.au
MDNS is the default mechanism for establishing the XCP route fabric on IM and Presence; the
network automatically establishes router-to-router connections between all IM and Presence
nodes in a cluster. A requirement for MDNS routing is that all nodes in the cluster are in the same
multicast domain. We recommend MDNS routing because it can seamlessly support new XCP
routers joining the XCP route fabric.
If you select MDNS as the routing communication, you must have multicast DNS enabled in your
network. In some networks multicast is enabled by default, or enabled in a certain area of the
network, for example, in an area that contains the nodes that form the cluster. In these networks,
you do not need to perform any additional configuration in your network to use MDNS routing.
When multicast DNS is disabled in the network, MDNS packets cannot reach the other nodes in a
cluster. If multicast DNS is disabled in your network, you must perform a configuration change to
your network equipment to use MDNS routing.
Alternatively, you can select router-to-router communication for your deployment. In this case,
IM and Presence dynamically configures all router-to-router connections between nodes in a
cluster. Select this routing configuration type if all the nodes in your cluster are not in the same
multicast domain. Note that when you select router-to-router communication:
Your deployment will incur the additional performance overhead while IM and Presence
establishes the XCP route fabric.
You do not need to restart the Cisco XCP Router on all nodes in your deployment when
you add a new node.
If you delete or remove a node, you must restart the Cisco XCP Router on all nodes in
your deployment.
2-193 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cluster-Wide Routing Information on Cisco
Unified IM and Presence(Cont.)
Multicast DNS (MDNS)- Select Multicast DNS communication if the
nodes in your cluster are in the same multicast domain. Multicast DNS
communication is enabled by default on Cisco Unified Presence.
www.flane.com.au
Multicast DNS (MDNS)- Select Multicast DNS communication if the nodes in your cluster
are in the same multicast domain. Multicast DNS communication is enabled by default on IM
and Presence.
Router to Router - Select Router-to-Router communication if the nodes in your cluster are
not in the same multicast domain.
2-194 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
How To Configure High Availability Cisco
Unified IM and Presence Deployments
Turning On or Off High Availability for a Subcluster
www.flane.com.au
2-195 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Cisco IM and Presence Multi-node deployment overview
Cisco Jabber failover and failback
Cisco UP SRM and Replication watcher services
Cisco IM and Presence User assignment modes:
Balanced
Active/Standby
Automatic Failover detection
186 www.flane.com.au
2-196 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 8
Instant Messaging
Compliance ,
Logging and Chat Rooms
EIM, Persistent Chat and Message
Compliance
Enterprise instant messaging (EIM) features of the Jabber Extensible
Communications Platform (XCP)
www.flane.com.au
Many industries require that instant messages adhere to the same regulatory compliance
guidelines as are all other business records. To comply with these regulations, your system must
log and archive all business records, and the archived records must be retrievable.
The Cisco Unified Communications Manager IM and Presence Service provides support for
instant messaging (IM) compliance by collecting data for the following IM activities in single
cluster, intercluster, or federated network configurations:
Point-to-point messages.
Group chat - This includes ad-hoc, or temporary chat messages, and permanent chat
messages.
Cisco IM and Presence incorporates the supported enterprise instant messaging features of the
Jabber Extensible Communications Platform (XCP), while allowing for some modifications to
enhance support for multi-device user experience. Cisco IM and Presence changes the Jabber
XCP instant messaging routing architecture to allow for initial instant messages to be routed to all
of the user's non-negative priority logged-in devices, rather than routing to the highest priority
device as is done with existing Jabber XCP installations. Backward compatibility support for
point-to-point instant messaging between Cisco IM and Presence SIP clients and XMPP clients is
provided by an IM gateway.
Text conferencing, sometimes referred to as multi-user chat, is defined as ad-hoc group chat and
persistent group chat and is supported as part of the Jabber XCP feature set. In addition, offline
instant messaging (storing instant messages for users who are currently offline) is also supported
as part of the Jabber XCP feature set. Cisco IM and Presence handles storage for each of these
instant messaging features in different locations. Offline instant messaging is stored locally in the
Cisco IM and Presence IDS database. Ad-hoc group chat is stored locally in memory on Cisco IM
and Presence. Persistent group chat requires an external database to store chat rooms and
conversations. The only external database supported is PostgreSQL (see
http://www.postgresql.org/).
2-198 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco IM and Presence uses the basic interfaces of the external database and does not provide any
administration, interface hooks, or configuration of the database. Cisco requires a separate
database instance for each server in the cluster when Cisco IM and Presence is deployed with
persistent group chat.
2-199 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Message Compliance Overview
www.flane.com.au
Instant messaging is very popular in consumer sector. However, it has yet to be used widely in
the commercial sector as e-mail is currently used. The major drawback has been the
vulnerabilities associated with IM technology. These vulnerabilities have created several security
issues. The security issues have made organizations think before exploiting IM technology. This
paper provides an overview of IM technology. It discusses vulnerabilities of IM and related
security issues. This paper also provides an insight in to the considerations an enterprise should
give during the implementation of IM technology and related products.
2-200 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Message Compliance Options
www.flane.com.au
2-201 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
PostgreSQL Database Integration for Message
Compliance
One PostgreSQL database instance is required per Cluster
www.flane.com.au
As part of the Jabber XCP architecture, Cisco IM and Presence contains a Message Archiver
component that allows for logging of text conferencing, federated, and intercluster messages into
an external database as part of a non-blocking native compliance. Cisco IM and Presence native
compliance and message archival requires a PostgreSQL database instance per cluster. The same
database can be shared with multiple clusters; however, a large number of users in a multi-cluster
deployment might require multiple database servers.
2-202 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Packet Flow for Message Compliance with a
PostgreSQL Database
User A wants to send an IM to User B with Cisco Jabber:
Cisco Unified IM and Presence receives the IM (1) forwards the message to User B
(2)
A copy of the IM is forwarded (3) from Cisco Unified IM and Presence to the
PostgreSQL database
If the PostgreSQL database is not available the users can still send IMs bit message
compliances does not work
www.flane.com.au
IM compliance provides logging of all compliance related data to an external database. All IM
traffic passes through the IM and Presence Server (via the Message Archiver component) and is
simultaneously logged to the external database. Each IM log contains the sender and recipient
information, the timestamp, and the message body.
For ad-hoc group chat messages, by default IM and Presence logs multiple copies of the same
message to the external database, one copy for each recipient. This identifies what users in the ad-
hoc group chat received the message.
Depending on the XMPP client you deploy, you may also notice this behavior:
IM and Presence may log an incoming message to the external database twice. This
occurs because some XMPP clients do not support the ability to learn the full JID, or
address, of the other party in the conversation. Consequently the XMPP client forks the
message to all active clients for the user (all clients that the user is currently signed into),
and IM and Presence then logs all forked messages to the external database.
IM and Presence may log the first message in a chat to the external database twice. This
occurs until the XMPP client learns the full JID, or address, of the other party in the
conversation.
If IM and Presence loses its connection to the external database, it continues to send and deliver
IMs to users, and users can still create (ad-hoc) chat rooms. However with no connection to the
external database, IM and Presence does not log any of these IMs so it does not support
permanent group chat. IM and Presence raises an alarm if the connection to the external database
is lost.
2-203 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Third-Party Compliance Server Integration
www.flane.com.au
A blocking third-party compliance solution, which not only allows logging of messages but also
applies policy to message delivery and message content, is provided through a third-party
compliance server solution. Cisco IM and Presence third-party compliance requires a compliance
server for each server in the cluster.
As an alternative to IM compliance, you can integrate IM and Presence with a third-party
compliance server.
With this solution, IM and Presence only delivers messages to users after it successfully logs the
message to a third-party compliance server. If the compliance server is unavailable, IM and
Presence does not deliver the message to the recipient.
Third-party IM compliance requires these components:
IM and Presence Service Release 9.0(1) - IM and Presence uses the Event Broker
component to send messages to the third-party compliance server.
Third-party compliance server - You require a third-party compliance server for each
node in the cluster.
IM Client - Supported clients include Cisco clients such as Cisco Jabber, third-party
XMPP clients, and other third-party clients used in federated networks.
The IM and Presence Service does not provide a secure TLS/SSL connection between IM and
Presence and the third-party compliance server.
To use the third-party compliance solution you must configure a third-party compliance server for
each node in the cluster. IM and Presence passes all messages that are sent to or from any users
associated with a node to the designated third-party compliance server for that node. The third-
party compliance server applies any relevant policy or filtering to the message, and then passes
the message back to IM and Presence. IM and Presence delivers the message to the recipient.
Note that you may potentially experience performance delays in your network because of the
volume of messages that pass between IM and Presence and the third-party compliance server. If
IM and Presence loses its connection to the third-party server, all IM traffic stops.
2-204 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Packet Flow for Message Compliance with a
Third-Party Server
User A wants to send an IM to User B with Cisco Jabber:
Cisco Unified IM and Presence receives the IM (1) and forwards the message to the
third-party compliance server.
The third-party compliance server performs logging , auditing ,policing and other
configured features and sends back the IM (3).
www.flane.com.au
Can be rejoined
www.flane.com.au
2-205 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Checklist for installation of the PostgreSQL
Database
1. Install the database software
Message compliance
Persistent chat
www.flane.com.au
www.flane.com.au
2-206 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 1: Install the PostgreSQL Server
Software (Cont.)
www.flane.com.au
www.flane.com.au
2-207 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2a: Create the Database Instances for
Message Compliance
Open the SQL Shell from the Windows Start menu:
Use UTF8 encoding when non ASCII characters otherwise choose SQL ,
ASCII as the encoding type.
www.flane.com.au
Procedure
Step 1 Enter these commands to sign in to the database server as a Postgres user:
>su - postgres
>psql
Step 2 Create a new database user. The example below creates a new database user called
“tcuser”:
#CREATE ROLE tcuser LOGIN CREATEDB;
Step 3 Create the database.
If your database will contain ASCII characters only, create the database with SQL_ASCII
encoding. If your database will contain non-ASCII characters, create the database with UTF8
encoding.
The example below creates an SQL_ASCII database called “tcmadb”.
#CREATE DATABASE tcmadb WITH OWNER tcuser ENCODING
'SQL_ASCII';
Step 4 Configure user access to the database. Edit the <install_dir>/data/pg_hba.conf file to allow
the Postgres user and the new ‘tcuser’ user to access the database.
Step 5 Enter these commands to define passwords for the Postgres and 'tcuser' users:
#ALTER ROLE postgres WITH PASSWORD 'mypassword';
#ALTER ROLE tcuser WITH PASSWORD 'mypassword';
Note You are required to enter a password for the database user when you configure an external
database entry on IM and Presence.
2-208 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 6 If you are running PostgreSQL version 8.3.7 or a later 8.3.x release, change the permission
of the ‘tcuser’ to superuser to allow this user access to the database. Enter this command:
#ALTER ROLE tcuser WITH SUPERUSER;
Step 7 Configure the connections to the database from remote hosts. Edit the listen_addresses
parameter in the <install_dir>/data/postgresql.conf file. For example:
listen_addresses = '*'
Step 8 If you are running PostgreSQL version 9.1.1, you must set the following values in the
postgresql.conf file:
escape_string_warning = off
standard_conforming_strings = off
Step 9 Stop and restart the PostgreSQL service, for example:
/etc/rc.d/init.d/postgresql-8.3 stop
/etc/rc.d/init.d/postgresql-8.3 start
Note The commands to stop and start the PostgreSQL servicemay vary between PostgreSQL
releases.
Step 10 Enter these commands to sign in to the new database as the Postgres user and enable
PL/pgSQL:
>psql tcmadb -U postgres
#CREATE FUNCTION plpgsql_call_handler () RETURNS
LANGUAGE_HANDLER AS '$libdir/plpgsql'
LANGUAGE C;
#CREATE TRUSTED PROCEDURAL LANGUAGE plpgsql HANDLER
plpgsql_call_handler;
2-209 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2b: Create the Database Instances for
Persistent Group Chat
Create a database instance for every Cisco Unified IM and Presence node in the
cluster:
One database instance is for one node in the Cisoc Unified IM and Presence
cluster
www.flane.com.au
www.flane.com.au
By default, the Postgresql database listens on port 5432. If you want to change this port, you must
edit the PGPORT environment variable in /etc/rc.d/init.d/postgresql with the new port number.
2-210 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Checklist for Database Integration in Cisco
Unified IM and Presence
1. Add the external databases in Cisco Unified IM and Presence
www.flane.com.au
www.flane.com.au
2-211 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2a: Enable Persistent Group Chat
www.flane.com.au
When you configure an external database entry on IM and Presence, you assign the external
database to a node, or nodes, in your cluster as follows:
For the Compliance feature, you require at least one external database per cluster.
Depending on your deployment requirements, you can also configure a separate external
database per node.
For the Permanent Group Chat feature, you require a unique external database per node.
Configure and assign a unique external database for each node in your cluster.
If you deploy both the Permanent Group Chat and Compliance features on an IM and
Presence node, you can assign the same external database to both features.
2-212 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2a: Enable Message Comliance
www.flane.com.au
Procedure
Step 1 Select Cisco Unified CM IM and Presence Administration > Messaging >
Compliance.
Step 2 Select Message Archiver from the Compliance Server Selection.
Step 3 (Optional) Select Enable Outbound Message Logging.
Turning on this option can degrade IM performance. Because all inbound messages are
already logged, do not enable this setting unless you are using IM compliance in
intercluster or federated networks.
Step 4 For each node, assign a database from the External Database option.
If you are using one external database for your cluster, assign all nodes to the same
external database. If you are using more than one external database for your cluster,
assign the nodes to the external databases based on your capacity requirements.
Step 5 Click Save.
Step 6 Start the Cisco Message Archiver service (if this service is not already started).
Step 7 Restart the Cisco XCP Router.
2-213 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 3: Start the necessary services
www.flane.com.au
The Cisco XCP Message Archiver service must be running for the compliance feature to operate
correctly on IM and Presence.
Procedure
Step 1 Select Cisco Unified IM and Presence Serviceability > Tools > Service Activation.
Step 2 Select the server from the Server list box.
Step 3 Click Go.
Step 4 Select the radio button next to the Cisco XCP Message Archiver service in the IM and
Presence Services section.
Step 5 Select Save.
2-214 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 4: Verify Database Connection
Go to Messaging > External Server Setup > External Databases and Select a
database instance:
Both tests of the External Database Troubleshooter for all database instances
should now be successful.
Ensure that all created external database instances are mapped to message
compliance or persistent group chat.
www.flane.com.au
www.flane.com.au
2-215 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 5: Obtain Message Compliance Data
(Cont.)
www.flane.com.au
www.flane.com.au
2-216 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
PostgreSQL Database Tables
TC_ROOMS Table
Information for group chat rooms.
TC_USERS Table
Roles and affiliations, alternate names, and other data associated with
group chat room users.
TC_MESSAGES Table
Messages that are sent in group chat rooms.
TC_TIMELOG Table
The time that users enter and exit specific group chat rooms.
TC_MSGARCHIVE Table
Stores messages and associated information for group chat rooms.
JM Table
Stores conversations and associated information for the Message Archiver
component.
www.flane.com.au
By default, IM and Presence generates 27 tables in the PostgreSQL database but at present it only
uses the tables described in this lesson.
2-217 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
What is Message Compliance ?
PostgreSQL database integration
Third-Party Compliance server integration
Installing PostgreSQL for Message Compliance and Persistent Chat Rooms
213 www.flane.com.au
2-218 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Module 3
Module Outlines
This Module covers the following topics:
Designing Cisco Jabber for Mobile Solution
Provisioning Cisco Jabber for Mobile
3-2 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 1
Uncompromised Experience
www.flane.com.au
The Cisco BYOD Smart Solution provides a comprehensive approach to effectively design,
manage, and control the access of a bring-your-own-device (BYOD) network. Cisco BYOD
enhances user experiences and productivity.
This complete solution starts with Cisco design guides and professional services that lead you
from planning and design to day-to-day operations. This BYOD solution also provides the
necessary infrastructure, including:
• Access points
• Controllers
• Security
• Network management
This infrastructure supports a highly secure, high-performing network that is accessible to a wide
range of devices.
3-4 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Product Portfolio
www.flane.com.au
Collaborate Across Multiple Devices with Cisco Jabber Be more productive wherever you are, on
whatever device you choose, with Cisco Jabber. Find the right people, see how they're available,
and collaborate the way you want to work. Use Cisco Jabber to access presence information,
instant messaging, voice, video, desktop sharing, and conferencing. Even integrate with Cisco
TelePresence from mobile devices.
Cisco Jabber can give your employees the collaboration tools they need to see, hear, or work
together - on any device, at any time.
3-5 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Key Features & Capabilities on Mobile
Devices
Mobile Voice & Video Access Corporate Directory Access
Place voice/video calls through Cisco Quickly find information about
call control platforms: Cisco Unified CM, coworkers or other employees
Cisco VCS, Cisco Jabber Video Service Cisco Mobile Connect (SNR)
Rich Presence & IM Simultaneous ring on all phones &
devices
Know the presence state of contacts to
Desk & Mobile Hand-off
instantly initiate a conversation in most
effective way Seamless transition of ongoing
calls to mobile phone from desk
Escalation to Web Meetings phone/client and vice versa
Quickly find information about
coworkers or other employees
Business Visual Voicemail
Single voice mailbox across multiple
phone numbers
www.flane.com.au
Interoperability:
Cisco Jabber uses the industry-standard Extensible Messaging and Presence Protocol (XMPP) for
presence and IM. With Jabber's interoperability, employees from one company can interact with
employees at other companies using applications from Google, IBM. Microsoft and AOL.
Further increasing user acceptance and adoption, Cisco Jabber provides integration with
Microsoft Office productivity applications so users can see a colleague's availability status, and
quickly escalate communications to an instant message, phone call or conference from within the
application.
Mobility Capabilities
Mobile users will enjoy a variety of communication capabilities including presence, IM, voice
over WiFi, and visual voicemail.
Using Jabber technology, a business user can use a single work line for their desk phone, wireless
device and desktop computer -- and can make and receive enterprise calls on the device over a
Wi-Fi connection. This adds to the existing capability available over a cellular network.
Video Capabilities
Standards-based H.264, high-definition (HD) resolution enables users to interoperate in HD with
Cisco TelePresence and other industry video solutions.
Users also benefit from multiparty, continuous presence video so one can simultaneously see
multiple video users during group or team communications sessions.
These integrated video capabilities are scheduled to be available in the second half of 2011.
Voice Dialing
Allows users to dial a number by speaking a name in the corporate directory. If Voice Dialing is
available on your network, Cisco Jabber users can always dial the Voice Dialing pilot number to
access that feature as they would from any phone.
3-6 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
You can simplify voice dialing by doing either of the following: You can automatically add the
Voice Dialing pilot number to the Favorites list in Cisco Jabber. You can enable gesture-
activated voice dialing.
Features of Cisco Jabber for iPhone allow you to:
Place and receive VoIP calls from a corporate phone number through Unified CM using
your mobile device while Cisco Jabber is running and connected to the network.
Receive calls at the standard mobile phone number when Cisco Jabber is not running or
not connected to the corporate network
Have multiple VoIP calls (call waiting, add new call, swap between active calls)
Use many of the standard in-call features that Unified CM provides, including hold,
transfer, and conference
Connect automatically to the VPN if the corporate Wi-Fi network is not directly available
Transfer an active Cisco Jabber VoIP call from your device to your desk phone and vice
versa
Transfer an active Cisco Jabber VoIP call to your mobile network
Dial numbers by raising the iPhone to the ear and speaking the name of the person to call
Search the corporate directory
Access voicemail through a visual list
Run the application in the background, and automatically register to Unified CM when
available, and remain ready to receive calls to the work phone number
Transfer services from the Unified CM to another Unified CM or a router with Cisco
Unified Survivable Remote Site Telephony (SRST).
Open an IM session with Cisco Jabber contacts
Use a Bluetooth headset on supported iPhone devices
With Cisco Jabber for Android, you can do the following:
Place and receive VoIP calls from your corporate phone number through Cisco Unified
Communications Manager using your mobile device, while Cisco Jabber is running and
connected to the corporate network.
Securely connect to your corporate network from any remote location, using Wi-Fi or
mobile data networks.
Use the native Android phone application to place work calls from the Keypad, Logs,
Favorites, or Contacts tab.
Have up to two VoIP calls (call waiting, add new call, swap between active calls).
Use many of the standard in-call features that Cisco Unified Communications Manager
provides, including hold, transfer, and conference.
Transfer an active Cisco Jabber VoIP call to your mobile network.
Transfer an active Cisco Jabber VoIP call from your device to your desk phone.
Search the corporate directory.
See a message indicator for new voice messages that are left at the office phone number.
Access voicemail from the home screen; or from the status bar if a new message exists.
3-7 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Receive calls to your work phone number while Cisco Jabber for Android runs in the
background. Cisco Jabber for Android automatically registers to Cisco Unified
Communications Manager when available.
3-8 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Network Connectivity:
WLAN and VPN
WLAN Infrastructure
VPN Infrastructure
www.flane.com.au
Cisco mobility clients are typically deployed on dual-mode phones, which contain two physical
interfaces or radios that enable the device to connect to both mobile voice and data carrier
networks by means of traditional cellular or mobile network technologies and to connect to
wireless local area networks (WLANs) using IEEE 802.11 standards. Cisco mobility clients and
devices enable on-premises data and voice connectivity through wireless local area networks
(WLANs) using IEEE 802.11 standards. In addition, these clients and devices provide remote
data and voice connectivity to the enterprise through public or private WLANs or over the mobile
data network. For devices with provider cellular voice radios, voice connectivity may also be
enabled through the mobile voice network and PSTN.
Because Cisco Jabber mobile clients and Cisco Cius are often attached to a WLAN, all of the
WLAN deployment considerations that were mentioned previously for wireless endpoints apply
to mobile clients and devices, including WLAN RF design and verification by site survey,
interference identification and mitigation, security methods for authenticating endpoints and
encrypting traffic, channel cell call capacity, and avoiding Bluetooth when deploying in the 2.4
GHz band.
Mobile client devices can utilize the IP telephony infrastructure for enterprise VoIP calling even
when not connected to the enterprise, provided they have a secure connection back to the
enterprise in order to register the client with Unified CM. Remote secure connectivity for these
devices requires the use of a VPN solution such as Cisco AnyConnect mobile client or the Cisco
Jabber secure connect feature in order to secure the client connection over the Internet.
Voice quality and user experience for remotely attached dual-mode client devices will vary
depending on the nature of the Internet-based network connection. Cisco cannot guarantee
acceptable voice quality nor successful connectivity for these types of client connections. Care
should be taken when relying on these types of connections for business-critical communications.
In the case of unreliable or low-bandwidth Internet connections, users should be advised to make
calls over the mobile voice network if connectivity is available rather than relying on the
enterprise telephony infrastructure.
3-9 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Solution Backend Cisco
UC Components
www.flane.com.au
3-10 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported UC Backend Components
Cisco Unified CM √ √ √ ×
Voice/Video Cisco VCS √ × × ×
Cisco Jabber Video
Service* √ × × ×
Cisco Unified
Presence √ × × √
Presence/IM
Cisco WebEx
Connect Service** √ × × √
* On-demand service
Cisco Jabber™ for iPad is a unified communications client application that provides presence,
instant messaging (IM), voice, voice messaging, and video calling capabilities on the Apple iPad .
Conferencing and screen-sharing capabilities are delivered with an escalation to the Cisco
WebEx® for iPad application. This integrated collaboration experience is designed to take
advantage of the form factor of the iPad; it works with both a premises- and a cloud-based
collaboration architecture. This application supports the following important functions:
Integrated voice, high-quality video, IM, presence, and visual voicemail functions
Flexibility of configuration for different communications infrastructure and
combinations of:
– Voice and video: Cisco Unified Communications Manager
– Video: Cisco TelePresence® Video Communication Server (VCS) or Cisco
Jabber Video for TelePresence
– Peer-to-peer voice and video: Cisco WebEx Connect® service
– Presence and IM: Cisco WebEx Connect service or Cisco Unified Presence.
Cisco Jabber® for iPhone lets you place, receive, and manage calls over your corporate Wi-Fi
network. Cisco Jabber for iPhone also supports calls over any Wi-Fi hotspot using a VPN,
allowing you to take further advantage of your corporate telephony infrastructure whenever you
have access to a high-quality wireless network connection. You will benefit from the cost savings
from not using your wireless minutes, the capability to use your work phone number when
placing calls from your Apple iPhone, and the stronger in-building network coverage from a
wireless network.
Platform Support and Compatibility for Cisco Jabber 8.6 for iPhone:
Telephony integration
Cisco Unified Communications Manager 7.1.5, 8.0.3, 8.5, and 8.6 (refer
to release notes for exact versions)
3-11 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified Communications Manager Express 8.6 and 8.8
Visual voicemail
Cisco Unity Connection 7.0, 7.1, 8.0, 8.5, and 8.6
Cisco Unity Express 8.6
Voice dialing
Cisco Unity Connection 7.0, 7.1, 8.0, 8.5, and 8.6
Cisco Unified SRST
Cisco Unified SRST 8.6
With Cisco Jabber for Android you can turn your Android device into a full-featured Cisco
Unified IP Phone. You can place, receive, and manage calls whether using your corporate Wi-Fi
network, other Wi-Fi networks, or a mobile data network. Cisco Jabber for Android features a
secure connection capability to your corporate network so that you remain transparently and
automatically connected no matter where you choose to work. You will also benefit from the cost
savings from not using your wireless voice minutes, the ability to use your work phone number
when placing calls from your Android smartphone or tablet, and the stronger network coverage
from a Wi-Fi network.
Platform Support and Compatibility for Cisco Jabber for Android:
Telephony integration
Cisco Unified Communications Manager 7.1.5, 8.0.3, 8.5, and 8.6 (refer to
release notes for exact versions)
Voicemail (optional)
Cisco Unity® Connection 7.1, 8.0, 8.5, and 8.6
Lightweight Directory Access Protocol (LDAP) integration (optional)
Microsoft Active Directory
OpenLDAP
2003 and 2008
Secure connect feature (optional)
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 8.0 and above
Cisco ASA 8.4 and above for certificate distribution using Simple Certificate
Enrollment Protocol (SCEP)
Cisco Jabber® IM for iPhone delivers instant messaging (IM) and presence to your Apple iPhone.
Access your desktop IM contact list (Figure 1) and take action with features such as click
to IM, click to call, click to email, and click to text from a person's profile.
Start or join an instant Cisco WebEx® meeting from an IM conversation.
Search for colleagues in your corporate directory .
Maintain security using Secure Sockets Layer (SSL) encryption and by connecting your
IPhone directly to the Cisco IM infrastructure - Cisco Unified Presence or Cisco WebEx
Connect.
3-12 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Supported features
Jabber for Jabber for Jabber for
iPad iPhone Android
VoIP over
3G/4G × × ×
Wi-Fi √ √ √
Video Calling (including TelePresence interoperability)
√ × ×
Hand-off
VoIP to Mobile network N/A √ √
Mobile network to VoIP N/A × ×
Mid-call Control (Hold, Resume, Transfer, Add Calls) √ √ √
Voicemail
Visual Voicemail (Requires Unity Connection)
√ √ ×
Call Voicemail √ √ √
www.flane.com.au
3-13 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Call Park
Cisco Jabber attempts this method only if attempts to use other methods fail . In the Call
Park method, the iPhone makes a mobile-network call to a Call Park number to retrieve
the call. This method requires a DID number.
This method does not work for iPod Touch or iPad devices.
None of the above
Disable this feature if you do not want to make it available to users.
Enterprise Voicemail Services
Many mobile clients and devices are also capable of accessing enterprise voicemail services.
Most clients are capable of receiving enterprise message waiting indication whenever an unread
voicemail is in the user's enterprise voicemail box and the mobile device is attached to the
enterprise network.
Further, mobile clients can be used to retrieve enterprise voicemail messages. Typically enterprise
voicemail messages are retrieved when the user dials the voicemail system number and navigates
to their voicemail box after providing required credentials. However, some mobile clients provide
the ability to retrieve voicemail messages from the voicemail box by downloading and displaying
a list of all messages in the voicemail box and then by selecting individual messages to be
downloaded to the mobile device for listening. This is sometimes referred to as visual voicemail.
Both the mobile client and the enterprise voicemail system must be capable of providing and
receiving message waiting indication (MWI), voicemail message information, and downloads of
the messages over the network. Cisco Unity Connection supports visual voicemail through IMAP,
and it can provide MWI and voicemail lists and downloads, but only if the mobile client also
supports this functionality.
3-14 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Handoff
www.flane.com.au
3-15 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Handoff
Mobility Softkey Method of Hand-Out
1. Existing call between the mobile client
device associated to the enterprise
WLAN and registered to Unified CM,
and a phone on the PSTN network
2. User selects Mobile Network button
from the in-call menu.
3. Unified CM generates a call to the
configured mobility identity number.
4. The user can now move out of the
enterprise and away from WLAN
network coverage.
5. Once the inbound call on the cellular
interface is answered, the RTP stream
that was traversing the WLAN is
redirected to the PSTN gateway.
www.flane.com.au
The operation depicted in the figure is of an active call on an iPhone or Android dual-mode
device within the enterprise being moved manually from the WLAN interface to the mobile voice
network or cellular interface of the device through the enterprise PSTN gateway. As shown, there
is an existing call between the mobile client device associated to the enterprise WLAN and
registered to Unified CM, and a phone on the PSTN network (step 1). Because this is a manual
process, the user must select the Use Mobile Network button from the in-call menu within the
Cisco Jabber client, which signals to Unified CM the intention to hand-out the call (step 2). Next
Unified CM generates a call to the configured mobility identity number corresponding to this
mobile device through the enterprise PSTN gateway (step 3). This call to the mobility identity is
made to the mobile voice network or cellular interface of the iPhone or Android device. The user
can now move out of the enterprise and away from WLAN network coverage (step 4). In the
meantime, the inbound call from Unified CM is received at the mobile voice network interface,
and the user must answer the call manually to complete the hand-out.
Once the inbound call on the cellular interface is answered, the RTP stream that was traversing
the WLAN is redirected to the PSTN gateway, and the call continues uninterrupted between the
mobile client device and the original PSTN phone, with the call anchored in the enterprise
gateway (step 5).
3-16 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Handoff
Handoff Number Method
1. Existing call between the mobile client
device associated to the enterprise
WLAN and registered to Unified CM, and
a phone on the PSTN network
2. user selects the Use Mobile Network
button from the in-call menu.
3. Cisco Jabber client automatically
generates a call through the cellular
interface over the mobile voice network to
the configured Handoff Number within the
Unified CM system
4. User can now move out of the enterprise
and away from WLAN network coverage.
5. The meantime, the inbound call from the
Cisco Jabber client is received by Unified
CM.
www.flane.com.au
3-17 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco Jabber and
Cisco Unified Mobility
Cisco Jabber mobile clients can be integrated with Cisco Unified
Mobility to leverage Cisco Mobile Connect, mid-call DTMF
features, two-stage dialing, and single enterprise voicemail box
mobile voicemail avoidance.
www.flane.com.au
3-18 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Interactions Between Cisco Jabber and
Cisco Unified Mobility (Cont.)
Leveraged so that incoming calls to the user's enterprise number
will be extended to the iPhone or Android dual-mode device
through the mobile voice network as long as the iPhone or Android
dual-mode device is not connected to the enterprise and not
registered to Unified CM.
www.flane.com.au
When not connected to the enterprise and not registered to Unified CM, the iPhone or Android
dual-mode device can invoke mid-call features by means of DTMF and perform desk phone
pickup for any enterprise anchored call. The dual-mode device can also leverage Mobile Voice
Access and Enterprise Feature Access two-stage dialing features when making outbound calls to
route these calls through the enterprise and anchor them in the enterprise PSTN gateway.
In addition to configuring a mobility identity for the iPhone or Android dual-mode device, you
can configure additional mobile phone numbers or off-system phone numbers as remote
destinations and associate them to the Cisco Dual-Mode for iPhone or Cisco Dual-Mode for
Android device within Unified CM. When associating the mobility identity and additional remote
destinations to the dual-mode device, you do not have to configure a remote destination profile.
3-19 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPhone Desk Phone
Integration
Enables the user to move an active or held call from the user's desk phone to the
iPhone device.
Relies on CTI monitoring of the primary line of the user's desk phone as well as
the call park feature.
Whenever an active or held call is sensed by the Cisco Jabber client, it prompts
the user as to whether they want to transfer the call to the dual-mode device.
If the user indicates they wish to transfer the call, the desk phone automatically
parks the call and the mobile client automatically retrieves the call from the park
number.
www.flane.com.au
3-20 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for Android Desk Phone
Integration
enables the user to move an active call from the Android
device to the IP desk phone sharing a line with the mobile client device.
invoked by placing the active call on hold through the Cisco Jabber client.
can be resumed at either the shared-line IP desk phone or on the Cisco Jabber
client
www.flane.com.au
3-21 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WLAN Design Considerations for Cisco
Jabber Mobile Clients
Whenever possible, ensure that Cisco Jabber mobile clients roam on the WLAN
only at Layer 2 so that the same IP address can be used on the WLAN interface
of the device. In Layer 3 roaming scenarios where subnet boundaries are crossed
due to device IP address changes, calls will be dropped.
Deploy Cisco Jabber mobile clients on WLAN networks where the same SSID is
used across all APs. Roaming between APs is much slower if SSIDs are
different.
Whenever possible, deploy Cisco Jabber mobile clients on the 5 GHz WLAN
band (802.11a/n).
www.flane.com.au
3-22 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Layer 2 WLAN UP marking is dependent on the client device and vendor
implementation. For this reason, Layer 2 marking is not consistent across platforms and
as such cannot be relied upon.
Because mobile devices are similar to desktop computers and can generate a large variety
of data and real-time traffic, these devices are typically considered untrusted. For this
reason, the network should be configured to re-mark all traffic from these client devices
based on port number and/or protocol. Likewise, rate limiting and policing on ingress to
the network is recommended.
Cisco recommends using only an enterprise-class voice and video optimized WLAN
network for connecting mobile devices and clients. While most mobile client devices are
capable of attaching to public or private WLAN access points or hot spots for connecting
back to the enterprise through the Internet for call control and other Unified
Communications services, Cisco cannot guarantee voice and video quality for these types
of connections.
When deploying Cisco collaboration mobile clients and devices on a Cisco Bring Your
Own Device (BYOD) infrastructure, administrators should consider a network
attachment method that does not require user intervention and which maximizes
utilization of the IP telephony infrastructure.
Further, for remote connectivity scenarios, all relevant ports must be opened in the
corporate firewall in order for Cisco mobile clients and devices to be able to access
collaboration services.
If corporate policy dictates that the BYOD infrastructure must remotely wipe or factory-
reset lost or stolen mobile devices, employees using personal mobile devices should be
aware of the policy and should regularly back up personal data.
The Unified Mobility Mobile Connect feature will not extend incoming calls to the dual-
mode device's configured mobility identity if the dual-mode device is inside the
enterprise and registered to Unified CM. This is by design in order to reduce utilization of
enterprise PSTN resources.
Because the dual-mode device registers to Unified CM, the system knows whether the
device is reachable inside the enterprise; and if it is, there is no reason to extend the call
to the PSTN in order to ring the dual-mode device's cellular voice radio. Only when the
dual-mode device is unregistered will Mobile Connect extend incoming calls to the user's
enterprise number out to the mobility identity number on the PSTN.
When you deploy mobile devices, Cisco recommends normalizing required dialing
strings so that users are able to maintain their dialing habits, whether the mobile device is
connected to the enterprise or not. Because dialing on the mobile network is typically
done using full E.164 (with or without a preceding '+') and mobile phone contacts are
typically stored with full E.164 numbers, Cisco recommends configuring the enterprise
dial plan to accommodate full E.164 or full E.164 with preceding '+' for mobile client
devices. By configuring the enterprise dial plan in this manner, you can provide the best
possible end-user dialing experience so that users do not have to be aware of whether the
device is registered to Unified CM.
Cisco recommends that dual-mode phone users rely exclusively on the mobile voice
network for making emergency calls and determining device and user location. This is
because mobile provider networks typically provide much more reliable location
indication than WLAN networks. To ensure that dual-mode phones rely exclusively on
the mobile voice network for emergency and location services, configure the Emergency
Numbers field of the dual-mode devices within Unified CM with emergency numbers
such 911, 999, and 112 in order to force these calls over the mobile voice network. Dual-
3-23 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
mode phone users should be advised to make all emergency calls over the mobile voice
network rather than the enterprise network. Although making emergency calls over
corporate WLANs or mobile data networks is not recommended, mobile devices that do
not have cellular voice radios are capable of making calls only through these data
interfaces. Mobile devices that do not have cellular voice radios should not be relied upon
for making emergency calls.
When deploying Cisco Jabber for iPhone with desk phone integration, the end-user
account for the Cisco Jabber user must be enabled for CTI. In addition, call park should
be configured at a system level so that the desk phone can auto-park the call and the
Cisco Jabber client can retrieve it whenever a call is moved from the desk phone to the
Cisco Jabber client. CTI overhead of this feature should be considered when sizing the
overall Unified CM system.
When deploying Cisco Jabber for iPhone or Android mobile clients, configure the
WLAN network to accommodate the following deployment guidelines:
• Minimize roaming of Cisco Jabber for iPhone and Android mobile devices at
Layer 3 on the WLAN. Layer 3 roaming, where a device IP address changes,
will result in longer roam times and dropped voice packets and could even
result in dropped calls.
• Configure the same SSID across all APs utilized by the Cisco Jabber mobile
client devices within the WLAN to ensure the fastest AP-to-AP roaming.
• Configure all enterprise WLAN APs to broadcast their SSIDs in order to
prevent mid-call prompts to join other APs within the WLAN infrastructure,
which could result in interrupted calls.
Provide sufficient wireless voice and video call capacity on the enterprise wireless
network for Cisco mobile clients and devices by deploying the appropriate number of
wireless APs to handle the desired call capacity based on mobility-enabled user BHCA
rates. Each 802.11g/n (2.4 GHz) or 802.11a/n (5 GHz) channel cell can support a
maximum of 27 simultaneous voice-only calls with 24 Mbps or higher data rates. Each
802.11g/n (2.4 GHz) or 802.11a/n (5 GHz) channel cell can support a maximum of 8
simultaneous video calls assuming 720p video resolution at up to 1 Mbps bit rate. For 2.4
GHz WLAN deployments, Bluetooth must be disabled to achieve this capacity. Actual
call capacity could be lower depending on the RF environment, wireless endpoint type,
and WLAN infrastructure.
3-24 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Characteristics of Video on Mobile Devices
Requires low end-to-end latency to prevent users’ perceived disturbing delay in the
realtime interaction
Very sensitive to both delay and jitter due to a small playback buffer
Throughput is not a large issue since data rate is typically low (around1 Mbps)
Product Codec
Cisco Jabber for iPhone Voice: G.711, G729a
Cisco Jabber for Android Voice: G.711µ, G.729a/b
Cisco Jabber for iPad Voice: G.711, G.722.1
Video: H.264
www.flane.com.au
3-25 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad Overview
Cisco Jabber Video for TelePresence (formerly known as the free Jabber
Video service)
www.flane.com.au
Cisco Jabber for iPad is a mobile client for the Apple iPad, and it provides voice and video
calling capabilities as well as enterprise visual voicemail and directory access. The Cisco Jabber
for iPad client also provides XMPP-based IM and presence when integrated to on-premises Cisco
IM and Presence services or cloud-based collaboration services such as Cisco WebEx Messenger.
Once the client application is downloaded from the Apple Application Store and installed on the
iPad device, it can connect to the enterprise network and register to Unified CM or Cisco
TelePresence Video Communication Server (VCS) as a SIP enterprise endpoint. To provide
registration and call control services to the Cisco Jabber iPad client, the device must be
configured within Unified CM or VCS. When registering to Unified CM call control services, the
client device is configured as a Cisco Jabber for Tablet device type. When registering to VCS
call control services, the client device is configured and provisioned using the jabbertablet
provisioning template and Cisco TelePresence Management Suite (TMS).
Next, the client device must be configured to access the enterprise WLAN for connectivity based
on the enterprise WLAN infrastructure and security policies. Alternatively the device can be
connected to the enterprise network through the mobile data network (if the device supports
mobile provider data and if mobile data services are enabled) or over non-enterprise WLANs.
Once the client device has been configured to access the enterprise network, when the Cisco
Jabber for iPad client is launched, it will register the device to Unified CM or VCS for voice and
video call control services.
The Cisco Jabber for iPad client is supported on the Apple iOS iPad 2 or the new iPad (third
generation). WLAN interfaces of Apple iPad devices support 802.11a, 802.11b, 802.11g, and
802.11n.
3-26 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco UC Components Requirements
www.flane.com.au
www.flane.com.au
3-27 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad System
Requirements (Cont.)
Component System Requirements
Cisco Unified Survivable Remote Site 8.6 and 9.0 (voice only)
Telephony (Cisco Unified SRST)
Corporate Directory Microsoft AD 2008 and OpenLDAP v3
(optional) Cisco AnyConnect® 2.5 or later
Cisco Adaptive Security Appliance (ASA) Cisco ASA 8.4 or later
Cisco Adaptive Security Device Manager
(ASDM) 6.4 or later
www.flane.com.au
3-28 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Deployment Models
Cisco WebEx Messenger (also known as WebEx Connect) service for IM and
Presence, and peer-to-peer (P2P) voice and video
www.flane.com.au
Cisco offers a variety of back-end services for voice and video call control and IM and presence
either in the cloud or on-premises, or a combination of both.
On-premises solutions include the following:
Cisco Unified Communications Manager (Cisco UCM) for enterprise voice and video
Cisco TelePresence Video Communication Server (Cisco VCS) for Cisco TelePresence
video.
Cisco Unified Presence for IM and Presence
Cloud solutions include the following:
Cisco WebEx Messenger (also known as WebEx Connect) service for IM and Presence,
and peer-to-peer (P2P) voice and video
Cisco Jabber Video™ for TelePresence
3-29 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad
Backend Services
Many deployment options & combinations to meet customer needs
www.flane.com.au
Cisco Jabber for iPad enables various deployment options for on-premises and cloud back-end
services for unified communications and collaborations, with flexibility to support different
combinations of functions based on your requirements. The Cisco Jabber for iPad Administration
Guide provides details of administration and provisioning steps for the back-end services,
including the following deployment scenarios:
Instant messaging and presence only
Cisco Unified Presence (on-premises)
Cisco WebEx Messenger service (cloud)
Voice and video call control only
Cisco Unified Communications Manager (on-premises)
Cisco TelePresence Video Communication Server (on-premises)
Cisco Jabber Video for TelePresence (cloud)
Instant messaging, presence, voice, and video
Cisco Unified Presence + Cisco Unified Communications Manager
Cisco WebEx Messenger service + Cisco Unified Communications Manager
Cisco WebEx Messenger service + Cisco TelePresence Video Communication
Server
Cisco WebEx Messenger service + Cisco Jabber Video for TelePresence
Corporate Directory
Microsoft Active Directory 2008
Open Lightweight Directory Access Protocol (OpenLDAP) Version 3
Unified messaging
Cisco Unity® Connection
VPN
Cisco Adaptive Security Appliance (ASA)
3-30 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber for iPad Architecture
www.flane.com.au
Not all the services and functions are required for deploying Cisco Jabber for iPad, so during the
design and deployment timeframe you should consider a combination of functions such as IM,
call control, and secure remote. From a user perspective, as a minimum you need to decide to set
up individual accounts or company-provided accounts for IM and voice and video call-control
services for Cisco Jabber for iPad users before the deployment.
3-31 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber VCS/TMS Deployment
Cisco TelePresence
VCS Expressway
Cisco TelePresence
Management Suite
www.flane.com.au
3-32 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber in On-Premises Deployment
www.flane.com.au
www.flane.com.au
3-33 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Wi-Fi Network Connectivity
Even with existing VoWLAN devices already deployed, each Cisco Jabber type
should be tested prior to production rollout
You can use the following tools and applications to verify coverage, quality, and
configuration:
Cisco Prime™ Network Control System (NCS) for Unified Wireless LAN Management
Cisco Wireless Control System (WCS) for Unified Wireless LAN Management
Cisco Wireless LAN Solution Engine (WLSE) for Autonomous Wireless LAN
Management
www.flane.com.au
Apple iPad is a mobile device that requires wireless network connectivity by using Wi-Fi or
mobile wireless data services. Although a mobile wireless network provided by mobile wireless
carriers is capable of delivering IM, presence status, voice, video capabilities, and other
communication capabilities to Cisco Jabber for iPad, this document focuses on important
deployment concepts and expectations for Cisco Jabber for iPad in an enterprise wireless LAN
(WLAN) environment.
Apple iPad Wi-Fi Specifications
Apple iPad 2 and the new iPad (iPad 3) support 2.4- and 5-GHz 802.11a/b/g/n Wi-Fi with Wi-Fi
Multimedia (WMM) capability. Details about WLAN data rates, modulation schemes, RF
characteristics, antenna, and other specifications are available at the Apple website and at the
Federal Communications Commission (FCC) website.
Site Survey
A site survey is strongly recommended before you deploy Cisco Jabber for iPad in a production
environment. Because Cisco Jabber for iPad requires a low end-to-end latency and packet-loss
rate to prevent delay in real-time communications, you must have a well-designed and -planned
wireless network. During the site survey, you must analyze and validate RF spectrum, coverage,
data rates, capacity, signal levels, noise, roaming, interference, and locations of access points to
ensure a high-quality WLAN for real-time communications.
You can use the following tools and applications to verify coverage, quality, and configuration:
Cisco Prime™ Network Control System (NCS) for Unified Wireless LAN Management:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps11682/ps11686/ps11688/
data_sheet_c78-650051.html.
Cisco Wireless Control System (WCS) for Unified Wireless LAN Management:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_dat
a_sheet0900aecd802570d0.html.
3-34 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Wireless LAN Solution Engine (WLSE) for Autonomous Wireless LAN
Management:
http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/ps6839/pr
oduct_data_sheet0900aecd80410b92.html.
Cisco Spectrum Expert® Wi-Fi:
http://www.cisco.com/en/US/prod/collateral/wireless/ps9391/ps9393/product_data_sheet
0900aecd807033c3.html.
Cisco Spectrum Expert AirMagnet (Survey, Wi-Fi Analyzer, VoWi-Fi Analyzer, and
Spectrum Analyzer): http://www.airmagnet.com.
3-35 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WLAN Considerations for Cisco Jabber for
iPad Deployment
Band selection
Apple iPad 2 and the new iPad (iPad 3) support 2.4- and 5-GHz
802.11a/b/g/Wi-Fi with Wi-Fi Multimedia (WMM)
Overlapping channel:
Overlapping channels causes unacceptable and degraded signal quality and
throughput, and users could have a bad overall experience when using real-time
communication applications such as Jabber for iPad.
Coverage area
www.flane.com.au
3-36 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
In 802.11n, two adjacent 20-MHz channels can be bounded into a 40-MHz channel, doubling the
amount of available bandwidth and increased throughput. In the 2.4-GHz frequency band, only
one bounded channel is available, either channels 1 and 6 or 6 and 11. Because only three
nonoverlapping channels in the 2.4-GHz band are available, channel bonding in the 2.4-GHz
band is not recommended. However, because there are more nonoverlapping channels in the 5-
GHz frequency band, you can consider channel bonding configuration and design in the 5-GHz
band.
3-37 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WLAN Considerations for Cisco Jabber for
iPad Deployment (Cont.)
Coverage area
Includes office area, conference rooms, cafeterias, etc. Capacity, data rate, and
transmit power configurations affect the coverage-area design.
In general, faster data rates translate to smaller cells, meaning an access point that
operates in 5-GHz frequency covers less footage than an access point in 2.4-GHz
frequency.
www.flane.com.au
Coverage area:
The coverage area typically includes office area, conference rooms, cafeterias, etc. Capacity, data
rate, and transmit power configurations affect the coverage-area design. In general, faster data
rates translate to smaller cells, meaning an access point that operates in 5-GHz frequency covers
less footage than an access point in 2.4-GHz frequency. Similar to data rates, if the transmit
power settings in an access point are higher, the coverage area of a cell is larger.
The general rule for supporting real-time communications is smaller cells and more cells in a
coverage area. Figure 5 shows a comparison of larger and less cells vs. smaller and more cells in
a coverage area. However, the numbers of access points that are deployed in a coverage area
depend on the numbers of wireless devices in the area, how those devices are used, and other
factors such as budgets (more access points cost more money) and lobbies and conference rooms
(a lobby may need less coverage, whereas a conference room may need more, etc.).
3-38 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WLAN Considerations for Cisco Jabber for
iPad Deployment (Cont.)
Channel cell capacity and density
Cisco Jabber for iPad delivers real-time voice and video. It supports up to 448p at 30
fps, and the suggested bandwidth allocation per call is 768 kbps end-to-end, which
includes the transmission over the air from and to the iPad.
These voice and video call-capacity values are highly dependent upon the RF
environment, the configured or supported video resolution and bit rates, and the
underlying WLAN system features.
www.flane.com.au
3-39 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Assuming a video resolution of 448p and a video bit rate of up to 1 Mbps, a maximum of
eight simultaneous VVoWLAN bidirectional streams per 802.11 g/n (2.4 GHz) with
Bluetooth disabled or 802.11 a/n (5 GHz) channel cell.
3-40 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WLAN Considerations for Cisco Jabber for
iPad Deployment (Cont.)
WLAN QoS support:
Wi-Fi Multimedia (WMM), also known as Wireless Multimedia Extensions (WME), is a
subset of the 2005 IEEE 802.11e specification, which provides basic QoS and a power-
saving mechanism to the IEEE 802.11 network.
Roaming:
The iPad is a mobile device that allows you to move around without losing connectivity
by roaming from one access point to another.
www.flane.com.au
3-41 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
another access point. Therefore, during the roaming process, the client may disconnect until it
completes the authentication process again with a new PMKID. If you are in a call using Jabber
for iPad, your call may be disrupted by a long delay or may even be disconnected during
roaming.
In addition, calls may be dropped or experience long delays during roaming in the following
scenarios:
When an IP address assigned to your iPad changes
When you roam from one WLAN to another
When you roam within a WLAN that does not broadcast SSID
3-42 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Recommended Wi-Fi Deployment Settings
Factor Recommendations
RF bands 5 GHz
Signal level -67 dBm with 20-30% overlap of the cell edge on
nonadjacent channels
Channel usage < 50%
www.flane.com.au
3-43 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Bandwidth Management and QOS
Cisco Jabber for iPad supports G.711 and G.722 for audio and H.264 for video,
and for video calls, up to 448p at 30 fps. We recommend that the minimum
bandwidth allocated per call should be >768 kbps.
Cisco Jabber for iPad uses video rate adaptation to negotiate optimal video
quality based on your network conditions.
When deploying Cisco Jabber for iPad, it is important that the network infrastructure support
necessary QoS classes of service, including priority queuing for voice media and dedicated video
and signaling bandwidth, to ensure the quality of Cisco Jabber voice and video calls. It is critical
to minimize the end-to-end latency to avoid delay, packet loss, and jitter for real-time
communications.
Cisco Jabber for iPad supports G.711 and G.722 for audio and H.264 for video, and for video
calls, up to 448p at 30 fps. We recommend that the minimum bandwidth allocated per call should
be >768 kbps.
Cisco Jabber for iPad uses video rate adaptation to negotiate optimal video quality based on your
network conditions. Video rate adaptation dynamically scales video quality when video
transmission begins.
3-44 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber VPN Requirements
Cisco WebEx Messenger No. You can use it over any Wi-Fi or 3G
connection.
Cisco Unified Presence Yes. Connect on Demand VPN applicable.
www.flane.com.au
Properly configure split tunneling, to ensure only the traffic destined for Cisco UCM
goes into the encrypted tunnel.
www.flane.com.au
3-45 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
AnyConnect VPN Features Overview
VPN on-demand, which is available for iOS and allows the AnyConnect tunnel to
be established whenever a particular destination is contacted (that is, Cisco
UCM).
Split Include, which allows you to configure specific traffic to be sent through the
encrypted tunnel; for example, using Split Include, Cisco UCM voice traffic could
be sent through the encrypted tunnel, and Safari browser data would not.
AnyConnect also has a built-in diagnostics and reporting tool and statistics
reporting to help troubleshoot VPN problems.
www.flane.com.au
The Cisco AnyConnect® Secure Mobility Client is the industry-leading multiservice client that
provides an intelligent and optimized connection while helping ensure a secure session. The
Cisco Jabber™ client enables collaboration across a multitude of devices, including laptops,
smartphones, and tablets. The Jabber client also provides rich unified communications
capabilities such as voice and video, instant messaging (IM), presence, visual voicemail, web
conferencing, desk phone integration, and more. To meet the needs of an increasingly mobile
workforce, the Jabber client requires secure access to the unified communications (UC) servers.
This deployment guide discusses the various AnyConnect features1 used to secure and improve
the user experience with Jabber, offering configuration steps and best practices.
The target audience includes security and collaboration engineers and anyone seeking an
understanding of what it takes to implement the Jabber and AnyConnect solution. Some prior
knowledge of Cisco AnyConnect, ASA, Jabber, and Unified Communications Manager is
helpful, though not required. After reading this document, the reader should have a good
understanding of the components involved in the solution and will be well equipped to review
other detailed collateral.
Cisco ASA 5500 Series SSL/IPsec VPN Edition
The Cisco® ASA 5500 Series SSL/IPsec VPN Edition offers flexible VPN technologies for any
connectivity scenario, with scalability up to 10,000 concurrent users per gateway. It provides
easy-to-manage, full-tunnel network access through SSL, Datagram Transport Layer Security
(DTLS), IP Security (IPsec) VPN client technologies, advanced clientless SSL VPN capabilities,
and network-aware site-to-site VPN connectivity, enabling highly secure connections across
public networks to mobile users, remote sites, contractors, and business partners.
Cisco AnyConnect Secure Mobility Client
The Cisco AnyConnect Secure Mobility Client provides a highly secure connectivity experience
across a broad set of PCs, tablets, and smartphone-based mobile devices, such as the Apple
iPhone and Android. As mobile workers roam to different locations, an always-on intelligent
VPN enables the AnyConnect Secure Mobility Client to automatically select the most optimal
network access point and adapt its tunneling protocol to the most efficient method, including the
3-46 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
DTLS protocol for latency-sensitive traffic such as voice over IP (VoIP) traffic or TCP-based
application access.
Cisco Jabber for iPad contains the Connect on Demand VPN feature. The Connect on Demand
VPN feature enables the Cisco Jabber for iPad application to automatically establish VPN
connections when needed without additional actions by end users. The Connect on Demand VPN
feature requires a user to download and install the Cisco AnyConnect Secure Mobility Client
from the App Store.
Cisco AnyConnect Secure Mobility Client must be configured with certificate authentication to
provide the Connect on Demand VPN feature to Cisco Jabber for iPad.
There is no configuration in Cisco Jabber for iPad other than turning the Connect on Demand
VPN feature on or off. This feature is turned on by default after Cisco Jabber for iPad is installed.
3-47 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco AnyConnect and Jabber
2. The Jabber client triggers the iOS On-Demand VPN feature, and the AnyConnect
client establishes an SSL VPN connection with the ASA VPN gateway, using
certificate-based authentication. www.flane.com.au
3-48 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Secure Connect Feature
Overview
A built-in feature of Cisco Jabber
No separate security application needs to start
www.flane.com.au
Cisco Jabber secure connect enables users who are away from the office Wi-Fi network to easily
remain connected to corporate resources. When deployed together with the Cisco ASA 5500
Series Adaptive Security Appliance, the end user connectivity experience is secure, transparent,
and friendly to today's proliferation of individually purchased mobile devices. When needed, the
Cisco Jabber application - rather than the entire device or platform - initiates a secure Secure
Sockets Layer (SSL) connection and validates the user credentials (whether authentication,
authorization, and accounting [AAA] or digital certificates). Also, when the user returns to the
office network, the Cisco Jabber application detects that the SSL tunnel is no longer required and
breaks the tunnel down. Only application traffic from the Cisco Jabber application will traverse
the enterprise, and other applications will not access corporate networks.
3-49 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber Secure Connect Feature
New Way of Securing with Cisco Jabber
Figure 3-9
www.flane.com.au
When accessing the enterprise from a carrier network or noncorporate Wi-Fi network, the Cisco
Jabber secure connect feature authenticates using either x.509 digital certificates or usernames
and passwords (RADIUS). The Cisco Jabber secure connect feature then establishes a secure SSL
connection to the enterprise and allows access to the resources. When the user returns to the
office and is able to access the corporate Wi-Fi network, the Cisco Jabber secure connect feature
detects this state and automatically disables the SSL tunnel. If, however, a call is in progress, the
application waits until the call is completed, so as not to interrupt the call.
We recommend deploying the Cisco Jabber application with secure connect using certificate-
based authentication. The next preferred method is password-based authentication using AAA on
RADIUS servers.
3-50 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Secure Connect Feature
System Admin Perspective Comparison
Feature Jabber secure connect AnyConnect Secure Mobility Client
Combined Jabber + security app –
Installation and Handled through ASA, separate
easier setup for new hires &
Administration setup from Jabber app
vendors
Client setup and Provisioned with Jabber app (i.e..
Provisioned through ASA
management TFTP)
Comparable security, encryption, Comparable security, encryption,
Common infrastructure
authentication types authentication types
Requires AnyConnect Essentials or Requires AnyConnect Essentials or
Licensing
Premium Premium, and AnyConnect Mobile
Branch access Not yet available on ISR routers ISR routers
D-TLS and SSL for tunneling. D-TLS and SSL for tunneling.
Protocols
Multiple authentication types Multiple authentication types
www.flane.com.au
www.flane.com.au
3-51 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
Cisco Jabber for iPad has flexible deployment options using Cisco Unified CM or
VCS.
Cisco Secure Connect is embedded feature in Cisco Jabber for mobile to secures
the connection to the premises.
Another option is to use Anyconnect client with Cisco Jabber for mobile.
www.flane.com.au
3-52 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Lesson 2
3-54 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
The Cisco WebEx application supports single sign-on systems based on the industry
standard Security Assertion Markup Language (SAML) protocol.
3-55 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Provisioning for Devices in Unified CM
Jabber for iPad Jabber for Jabber for
iPhone Android
Phone Type in Product Type Cisco Jabber for Cisco Dual Mode Cisco Dual Mode
CUCM Tablet for for
(CSF based) iPhone (Dual Android (Dual
Mode Mode
Phone based) Phone based)
Device Protocol SIP SIP SIP
CUCM Version requiring COP File Up to 9.0(1) Up to 8.0(2) Up to 8.6(x)
Devices are not required for Jabber IM for iPhone (cross functional with Jabber
for iPhone)
www.flane.com.au
To make Cisco Jabber available as a device in Unified CM, you must install a device-
specific Cisco Options Package (COP) file on all your Unified CM servers.
Device Name for Cisco Jabber for iPad:
Represents only one device. If a user has Jabber for iPad on multiple devices, set
up each device with a different device name.
Must start with TAB, followed by up to 15 uppercased or numeric characters.
Example: TABJOHND.
Can contain dot (.), dash (–), or underscore (_).
Device Name for Cisco Jabber for iPhone:
Can represent only one device. If a single user has Cisco Jabber on multiple
devices (for example, an iPhone and an iPad), configure separate Cisco Dual
Mode for iPhone devices for each in Unified CM.
Must start with TCT
Must be uppercase
Can contain up to 15 characters total
Can include only A to Z, 0 to 9, dot (.), dash (-), or underscore (_)
Device Name for Cisco Jabber for Android:
Must start with BOT
Must be uppercase
Can contain up to 15 characters
Can include only the following characters: A to Z, 0 to 9, dash (-), or underscore
(_)
3-56 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
We recommend that the device name include the username of the user so it is
easily remembered
3-57 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 1: Create SIP Profile
In Cisco Unified CM Administration. Select Device > Device Settings > SIP
Profile
www.flane.com.au
Create a dedicated SIP Profile that allows Cisco Jabber to stay connected to Unified CM while
Cisco Jabber is running in the background.
Procedure
Step 1 In Unified CM, select Device > Device Settings > SIP Profile.
Step 2 Create a new SIP profile, such as “iPhone SIP profile,”or copy an existing SIP profile.
Step 3 In the new SIP profile, set the following values:
Timer Register Delta to 60
Timer Register Expires to 660
Timer Keep Alive Expires to 660
Timer Subscribe Expires to 660
Timer Subscribe Delta to 15
Step 4 Select Save.
3-58 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2: Add User Device
www.flane.com.au
Procedure
Step 1 Sign in to the Unified CM Administration portal.
Step 2 Select Device > Phone, and click Add New to add a new phone device with Cisco Dual
Mode for iPhone as the Phone Type.
Step 3 Enter the required settings for your devices. If you require additional information about
any option on the device configuration window, see the online help in Unified CM.
Step 4 Select Save.
Step 5 Select Apply Config.
Step 6 Select [Line n] - Add a new DN.
Step 7 Enter the directory number of this device.
This can be a new DN; a desk phone with the same DN is not required.
Step 8 If this device is a standalone device (not sharing a DN with a desk phone), configure these
settings to forward calls when Cisco Jabber is not running and connected to the network, so
callers do not receive an error message:
a) Forward Unregistered Internal
b) Forward Unregistered External
For more information about these settings, see the online help in Unified CM for the Forward All
and other
settings on the same window.
Step 9 Set the No Answer Ring Duration (seconds) to 24 seconds to allow time for Cisco Jabber
to ring before calls go to voicemail.
Note If Cisco Jabber for iPhone users have a PIN on the device, you may need to
increase the No Answer
3-59 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Ring Duration (seconds) setting to ensure that they have enough time to enter the PIN
and answer the call before the call goes to voicemail.
If you increase the No Answer Ring Duration (seconds) setting, see related cautions for this
setting in the
online help in Unified CM.
Step 10 In the Multiple Call/Call Waiting Settings on Device device name section, in the Busy
Trigger field, ensure that the value is set to 2 or greater.
Step 11 Configure other settings as appropriate for your environment. Cisco Jabber does not
require specific values.
Step 12 Select Save.
Step 13 Navigate to the End User window for the user.
Step 14 Associate the Cisco Dual Mode for iPhone device that you just created for this user.
Depending on your release of Unified CM, the device should now appear in the Controlled
Devices box in
the Device Information or Device Associations section.
Step 15 If this user has a desk phone, select the desk phone as the Primary User Device.
Step 16 If the device is a standalone device that runs without an associated desk phone, you may
need to enter other information that is standard for all devices in your system.
3-60 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 2: Add User Device (Cont.)
Configure the Product Specific Configuration Parameters:
www.flane.com.au
3-61 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 3: Prepare Automatic Setup Link
Simplify the setup process for your users by allowing them to automatically enter
settings into Cisco Jabber by tapping a link in an email message.
Transfers the information from the Product Specific Configuration Layout section
on the Phone Configuration page in Unified CM to the settings in the Cisco
Jabber application on the iPhone
Example:
tctprov://connect?tu=jsmith&td=TCTJSMITH&ts=192.0.2.41&tt=192.0.2.42
www.flane.com.au
3-62 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPhone Features Setup
Enable Active Call Transfer Between Cisco Jabber and Desk Phone
www.flane.com.au
3-63 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enable Active Call Transfer Between Cisco
Jabber and Desk Phone
Set up Call Park for the system , Call Routing > Call Park
www.flane.com.au
Make sure the desk phone (Primary DN) for the user is fully set up and can make and receive
internal and external calls and set up Call Park for the system.
3-64 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enable Active Call Transfer Between Cisco
Jabber and Desk Phone (Cont.)
In the End User configuration page
2. Ensure that the Allow Control of Device from CTI check box is checked.
3. Select the primary extension for the desk phone you want to associate with the
mobile device.
4. In the Permissions Information section, add Standard CTI Enabled to the User
Groups list.
www.flane.com.au
Procedure
Step 1 Sign in to the Unified CM Administration portal.
Step 2 Choose User Management > End User.
Step 3 Search for the user you want to associate with a desk phone.
Step 4 Select the user ID to open the User Information page.
a) In the Device Information section, select Device Association and search for the desk
phone you want to associate with the mobile device.
b) Select the device you want to associate with the mobile device, and select Save
Selected/Changes.
c) Navigate back to the End User page.
d) Ensure that the Allow Control of Device from CTI check box is checked.
e) Select the primary extension for the desk phone you want to associate with the mobile
device.
f) In the Permissions Information section, add Standard CTI Enabled to the User
Groups list.
For 8900 and 9900 series phones, also add Standard CTI Allow Control of Phones
supporting Connected Xfer and conf.
g) Note the user ID of this user for use later in this procedure.
h) Select Save.
3-65 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Enable Active Call Transfer Between Cisco
Jabber and Desk Phone (Cont.)
In the Phone configuration page assign Owner User ID to the desk phone and
the Dual mode iPhone
www.flane.com.au
Step 5 Choose Device > Phone and locate the desk phone you want to associate with the mobile
device.
a) Verify that the value for Owner User ID is the correct end user.
b) Ensure that the Allow Control of Device from CTI check box is checked.
If this option does not appear in the Device Information section of the Phone
Configuration window,
the phone does not support this feature.
c) Select Save.
Step 6 Navigate to the Cisco Dual Mode Device for iPhone page.
a) Verify that the value for Owner User ID is the correct end user.
b) In the Product Specific Layout Configuration section, for CTI Control Username,
enter the user ID
from the End User page.
c) Select Save.
Step 7 Navigate to the Directory Number Information page and verify that:
The Allow Control of Device from CTI check box is checked
The Associated Devices box displays the desk phone and the mobile device
Step 8 Restart the mobile device and the desk phone.
3-66 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Add Mobile Connect and Mobile Identity
www.flane.com.au
Mobile Connect, formerly known as Single Number Reach (SNR), allows the native mobile
phone number to ring when someone calls the work number if:
Cisco Jabber is not available.
After Cisco Jabber becomes available again and connects to the corporate network, the
Unified CM returns to placing VoIP calls rather than using Mobile Connect.
The user selects the Always Use DVO Jabber calling option.
The user selects the Automatically select Jabber calling option and the user is outside of
the Wi-Fi network.
To set up Mobile Connect, perform the following procedures:
1. Enable Mobile Connect
2. Specify one or more remote phone numbers to which Mobile Connect connects using one
or both of the following procedures:
(Preferred) To specify the GSM number of the mobile device
(Optional) To specify alternate phone numbers, see Add Remote Destination
(Optional)
Alternate numbers can be any type of phone number, such as home phone numbers, conference
room numbers, desk phone numbers, or a GSM number for a second mobile device.
Add Mobility Identity
Use this procedure to add a Mobility Identity to specify the GSM number of the mobile device as
the destination number. This destination number is used by features such as Dial via Office or
Mobile Connect.
You can specify only one number when you add a mobility identity. If you want to specify an
alternate number such as a second GSM number for a mobile device, you can set up a remote
3-67 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
destination. The Mobility Identity configuration characteristics are identical to those of the
Remote Destination configuration.
Procedure
Step 1 Sign in to the Unified CM Administration portal.
Step 2 Navigate to the device page for the Cisco Dual Mode mobile device settings.
Step 3 In the Associated Mobility Identity section, select Add a New Mobility Identity.
Step 4 Enter the mobile phone number as the Destination Number.
This number must be routable to an outbound gateway. Generally, the number is the full E.164
number.
If you enable the Dial via Office - Reverse feature for a user, you must enter a destination number
for the user's mobility identity.
If you enable Dial via Office - Reverse and leave the destination number empty in the mobility
identity:
Note
The phone service cannot connect if the user selects the Automatically select Jabber
calling
option while using a 3G network and VPN.
The phone service cannot connect if the user selects the Always use DVO Jabber calling
option
on any type of network.
The logs do not indicate why the phone service cannot connect.
When using Dial via Office - Reverse, the system does not automatically push updated
destination
numbers for the user's mobility identity to the client after you already entered a
destination number.
To work around this issue, ask the user to do one of the following:
In the Cisco Jabber for iPhone Settings, manually update the phone number in the
DVO Callback
Number field.
In the Cisco Jabber for iPhone Settings, delete the current number in the DVO
Callback Number
field, and then exit and restart Cisco Jabber for iPhone
Step 5 Enter the initial values for call timers.
These values ensure that calls are not routed to the mobile service provider voicemail before they
ring in the client on the mobile device.
Setting Suggested Initial Value
Answer Too Soon Timer 3000
Answer Too Late Timer 20000
Delay Before Ringing Timer 0
3-68 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 6 Check the Enable Mobile Connect check box.
Step 7 If you are setting up the Dial via Office feature, in the Mobility Profile drop-down list,
select one of the following options.
Leave blank Choose this option if you want users to use the Enterprise Feature
Access
Number (EFAN).
Mobility Profile Choose the Mobility Profile that you just created if you want
users to use a Mobility Profile instead of an EFAN.
Step 8 Set up the schedule for routing calls to the mobile number.
Step 9 Select Save.
3-69 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Add Mobile Connect and Mobile Identity
(Cont.)
You have to enable Mobility in the User Configuration page before
configuring your Dual mode phone for mobility
Select a Rerouting Calling Search Space that includes the partition that
applies to the mobile phone number.
www.flane.com.au
3-70 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
A route to the mobile phone number. The route to the mobile phone number (that
is, the Gateway/Trunk partition) must have a higher preference than the partitions
of the enterprise extension that is associated with the device.
Note that Cisco Jabber allows users to specify a callback number for Dial via Office-Reverse
calls that is different from the mobile phone number of the device, and the Rerouting Calling
Search Space controls which callback numbers are reachable.
If the user sets up the DVO Callback Number with an alternate number, ensure that you set up the
trunk Calling Search Space (CSS) to route to destination of the alternate phone number.
b) Select Save.
3-71 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network
Useful when a user on a call leaves the Wi-Fi network (for example, leaving the
building to walk out to the car), or if there are voice quality issues over the Wi-Fi
network.
Handoff DN :
The iPhone calls Unified CM using the See Set Up Handoff DN mobile
network.
If it fails, the system automatically tries the Mobility Softkey and Call Park
methods, in order.
This method will not work for iPod Touch or iPad devices.
www.flane.com.au
3-72 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network (Cont.)
Mobility Softkey:
Unified CM calls the phone number of the iPhone PSTN mobile service
provider.
Call Park:
Cisco Jabber attempts this method only if attempts to use other methods
fail.
In the Call Park method, the iPhone makes a mobile-network call to a Call
Park number to retrieve the call.
This method does not work for iPod Touch or iPad devices.
www.flane.com.au
Mobility Softkey
Unified CM calls the phone number of the
iPhone PSTN mobile service provider.
Call Park
Cisco Jabber attempts this method only if attempts to use other methods fail.
In the Call Park method, the iPhone makes a mobile-network call to a Call Park number to
retrieve the call.
This method requires a DID number.
This method does not work for iPod Touch or iPad devices.
Set up Call Park for the system. See the Call Park chapter in the Unified CM Features and
Services Guide at
http://www.cisco.com/en/US/products/sw/voicesw/ps556/prod_maintenance_guides_list.html
.
Set the Call Park number in Call Routing > Call Park to be an E.164 (DID) number.
Cisco recommends changing the value in the Park Monitoring Forward No Retrieve Timer to
60 seconds if more immediate ring-back to the parker phone is required.
o Note: Cisco Jabber uses the "Park Monitoring Reversion Timer" in combination with
the " Park Monitoring Forward No Retrieve Timer." This timer is used even if no
forward target is configured. The "Call Park Reversion Timer" is not used for this
product .
The parked call is forwarded to a forwarding number, if one is set up. If no forwarding
number is set up, the call returns to the parker.
3-73 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network - Set Up Handoff DN
Call Routing > Mobility > Handoff Configuration
The service provider must deliver the DID digits exactly as configured.
You cannot use translation patterns or other similar manipulations within Unified
CM to match the inbound DID digits to the configured Handoff DN.
www.flane.com.au
Procedure
Step 1 Sign in to Unified CM Administration portal.
Step 2 Select Call Routing > Mobility > Handoff Configuration.
Step 3 Enter the Handoff Number for the Direct Inward Dial (DID) number that the device uses
to hand off a VoIP call to the mobile network
The service provider must deliver the DID digits exactly as configured. Alternately, for Cisco IOS
gateways with H.323 or SIP communication to Unified CM, you can use Cisco IOS to manipulate
the inbound called-party number at the gateway, presenting the digits to Unified CM exactly as
configured on the handoff number.
Note
You cannot use translation patterns or other similar manipulations within Unified CM to match
the
inbound DID digits to the configured Handoff DN.
Step 4 Select the Route Partition for the handoff DID.
This partition should be present in the Remote Destination inbound Calling Search Space (CSS),
which points to either the Inbound CSS of the Gateway or Trunk, or the Remote Destination CSS.
This feature does not use the remaining options on this page.
Step 5 Select Save.
Match Caller ID with Mobility Identity
To ensure that only authorized phones can initiate outbound calls, calls must originate from a
phone that is set up in the system. To do this, the system attempts to match the caller ID of the
requesting phone number with an existing Mobility Identity. By default, when a device initiates
the Handoff feature, the caller ID that is passed from the gateway to Unified CM must exactly
match the Mobility Identity number that you entered for that device.
3-74 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
However, your system may be set up such that these numbers do not match exactly. For example,
Mobility
Identity numbers may include a country code while caller ID does not. If so, you must set up the
system to recognize a partial match.
Be sure to account for situations in which the same phone number may exist in different area
codes or in different countries. Also, be aware that service providers can identify calls with a
variable number of digits, which may affect partial matching. For example, local calls may be
identified using seven digits (such as 555 0123) while out-of-area calls may be identified using
ten digits (such as 408 555 0199).
3-75 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network - Set Up Handoff DN
In the Cisco Dual Mode for iPhone Device page.
Do not assign this method for iPad and iPod Touch devices. Use the Mobility
Softkey method instead.
www.flane.com.au
Procedure
Step 1 In the Unified CM, select Use Handoff DN Feature for the Transfer to Mobile Network
option on the Cisco Dual Mode for iPhone Device page.
Do not assign this method for iPod Touch devices. Use the Mobility Softkey method instead.
Step 2 On the iOS device, tap Settings > Phone > Show My Caller ID to verify that Caller ID is
on.
Step 3 Test this feature.
3-76 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network – Mobility Softkey
In Device > Device Settings > Softkey Template
www.flane.com.au
3-77 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Transfer Active VoIP Call to the Mobile
Network – Mobility Softkey (Cont.)
For the per-user and per-device settings in Unified CM, ensure that you set up a
device Mobile Identity and Mobile Connect for the mobile device.
In the Product Specific Configuration Layout section, for the Transfer to Mobile
Network option, choose Use Mobility Softkey.
www.flane.com.au
3-78 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Dial Via Office
Allows users to initiate Cisco Jabber outgoing calls with their work number using the voice
plan for the device.
4. Unified CM calls and connects to the number that the user dialed.
6. The user and the called party continue as with an ordinary call.
www.flane.com.au
The Dial via Office (DVO) feature allows users to initiate Cisco Jabber outgoing calls with their
work number using the voice plan for the device.
There are two types of Dial via Office calls: Dial via Office-Reverse (DVO-R) and Dial via
Office-Forward (DVO-F). Cisco Jabber supports Dial via Office-Reverse (DVO-R) calls. DVO-R
works as follows:
1. User initiates a Dial via Office-Reverse call.
2. The client notifies Unified CM to call the mobile phone number.
3. Unified CM calls and connects to the mobile phone number.
4. Unified CM calls and connects to the number that the user dialed.
5. Unified CM connects the two segments.
6. The user and the called party continue as with an ordinary call.
3-79 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Dial Via Office (Cont.)
The DVO-R feature requires:
The following table describes the calling methods used for incoming and outgoing calls. The
calling method (Internet, Mobile Connect, DVO-R, or native cellular call) varies depending
on the selected Jabber Calling Options and the network connection.
www.flane.com.au
3-80 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Dial Via Office (Cont.)
Voicemail avoidance is a feature that prevents calls from being answered by the
mobile service provider voice mail.
The Dial via Office feature is not supported with the Extension Mobility feature.
www.flane.com.au
3-81 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Determine the required format for this number. The exact value you choose depends on the
phone number that the gateway passes (for example, 7 digits or 10 digits). The Enterprise
Feature Access Number must be a routable number.
Procedure
Step 1 Sign in to the Unified CM Administration portal.
Step 2 Choose Call Routing > Mobility > Enterprise Feature Access Number Configuration.
Step 3 Select Add New.
Step 4 In the Number field, enter the Enterprise Feature Access number.
Enter a DID number that is unique in the system.
To support dialing internationally, you can prepend this number with \+.
Step 5 From the Route Partition drop-down list, choose the partition of the DID that is required
for enterprise feature access.
This partition is set under System > Service Parameters, in the Clusterwide Parameters
(System - Mobility) section, in the Inbound Calling Search Space for Remote Destination
setting. This setting points either to the Inbound Calling Search Space of the Gateway or Trunk,
or to the Calling Search Space assigned on the Phone Configuration screen for the device.
If the user sets up the DVO Callback Number with an alternate number, ensure that you set up the
trunk Calling Search Space (CSS) to route to destination of the alternate phone number.
Step 6 In the Description field, enter a description of the Mobility Enterprise Feature Access
number.
Step 7 (Optional) Check the Default Enterprise Feature Access Number check box if you want
to make this Enterprise Feature Access number the default for this system.
Step 8 Select Save.
3-82 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Verify Device COP File Version
Use the following procedure to verify that you are using the correct device COP file for this
release of Cisco Jabber.
Procedure
Step 1 Sign in to the Unified CM Administration portal.
Step 2 Choose Device > Phone.
Step 3 Click Add New.
Step 4 From the Phone Type drop-down list, choose Cisco Dual Mode for iPhone.
Step 5 Click Next.
Step 6 Scroll down to the Product Specific Configuration Layout section, and verify that you can
see the Dial via Office drop-down list.
If you can see the Dial via Office drop-down list, the COP file is already installed on your system.
Set Up Dial Via Office for Each Device
Use the following procedures to set up Dial via Office - Reverse for each Cisco Jabber device.
1. Add a Mobility Identity for each user.
2. Enable Dial via Office on each device.
3. If you enabled Mobile Connect, verify that Mobile Connect works. If you dial the desk
phone extension, the phone number that is specified in the associated Mobile Identity
should ring.
3-83 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
The phone service cannot connect if the user selects the Automatically select Jabber calling
option while using a 3G network and VPN.
The phone service cannot connect if the user selects the Always use DVO Jabber calling
option on any type of network.
The logs do not indicate why the phone service cannot connect.
When using Dial via Office - Reverse, the system does not automatically push updated
destination numbers for the user's mobility identity to the client after you already entered a
destination number.
To work around this issue, ask the user to do one of the following:
In the Cisco Jabber for iPhone Settings, manually update the phone number in the DVO
Callback Number field.
In the Cisco Jabber for iPhone Settings, delete the current number in the DVO Callback
Number field, and then exit and restart Cisco Jabber for iPhone
Step 5 Enter the initial values for call timers.
These values ensure that calls are not routed to the mobile service provider voicemail before they
ring in the client on the mobile device.
Answer Too Soon Timer 3000
Answer Too Late Timer 20000
Delay Before Ringing Timer 0
Step 6 Check the Enable Mobile Connect check box.
Step 7 If you are setting up the Dial via Office feature, in the Mobility Profile drop-down list,
select one of the following options.
Leave blank
Choose this option if you want users to use the Enterprise Feature Access
Number (EFAN).
Mobility Profile
Choose the Mobility Profile that you just created if you want users to use a
Mobility Profile instead of an EFAN.
Step 8 Set up the schedule for routing calls to the mobile number.
Step 9 Select Save.
3-84 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
DVO-R is supported only on Unified CM Release 9.1 and later. Cisco plans to release a service
update (SU) in the near future to support Cisco Jabber with DVO-R on Unified CM 8.6. If you
enable this setting on an unsupported release of Unified CM, the end user sees the DVO calling
options and can attempt to make DVO-R calls, but the calls cannot connect.
Step 5 Select Save.
Step 6 Select Apply Config.
3-85 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Voice Dialing
Voice Dialing allows users to dial a number by speaking a name in the corporate
directory.
If Voice Dialing is available on your network, Cisco Jabber users can always dial
the Voice Dialing pilot number to access that feature as they would from any
phone.
Voice dialing must be set up and working on your network and configured in
Cisco Unity Connection.
www.flane.com.au
Voice Dialing allows users to dial a number by speaking a name in the corporate directory. If
Voice Dialing is available on your network, Cisco Jabber users can always dial the Voice Dialing
pilot number to access that feature as they do from any phone.
You can simplify voice dialing by enabling either of the following settings:
Enable Voice Dialing Motion
Add Voice Dialing to Favorites
3-86 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Visual Voicemail on Unified CM
www.flane.com.au
3-87 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Specify Directory Search Settings
In the Product Specific Configuration Layout section, enter the iPhone country
code.
LDAP field mappings identify the attributes in your directory that hold the
information to be searched and displayed for directory searches.
www.flane.com.au
Cisco Jabber for iPhone determines which type of directory server you use by checking whether
the defaultNamingContext is defined. If the defaultNamingContext is defined, the app determines
that you are using Active Directory. If this value is not defined, the app determines that the
system is using another LDAP server.
3-88 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up SRST Failover
www.flane.com.au
Survivable Remote Site Telephony (SRST) allows you to transfer services from the Unified CM
to another Unified CM, a Unified CM Express (Unified CME), or a router running SRST.
3-89 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Extension Mobility to Allow Users to
Sign In and Out
When using Extension Mobility, choose Disabled for Allow End User
Configuration Editing.
www.flane.com.au
Set up and activate the Cisco Extension Mobility Service to allow users to sign in and out of
Cisco Jabber on devices.
Before You Begin
The Sign In feature using Extension Mobility is disabled by default in Cisco Jabber. To
enable it, select Enabled in the “Sign In Feature” drop-down list. For more information
about setting up Extension Mobility, see
http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/8_6_1/ccmfeat/fsem.htm
l.
Note
External number masks are not displayed while Extension Mobility is enabled if the
mask is not also configured for the Extension Mobility device profile.
Extension Mobility is functional only if a single profile is listed in the Controlled
Profiles field.
If you set up Extension Mobility as an Enterprise Subscription service, all Cisco Jabber
users are required to sign in and out of Cisco Jabber while Extension Mobility is enabled.
When using Extension Mobility, choose Disabled for Allow End User Configuration
Editing.
After Extension Mobility is set up, Cisco Jabber is functional only if the user is signed in.
3-90 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Cisco AnyConnect Secure Mobility Client is a VPN application that allows Cisco Jabber to
securely connect to your corporate network from a remote location using Wi-Fi or mobile data
networks.
To support the Cisco AnyConnect Secure Mobility Client, you must set up your system using the
following procedures.
1. Install and set up the Cisco Adaptive Security Appliance (ASA).
2. Set up the ASA to support Cisco AnyConnect.
Perform the following procedures in order:
a. Provision Application Profiles
b. Automate VPN Connection
c. Set Up Certificate-Based Authentication
d. Set ASA Session Parameters
e. Set Up Tunnel Policies,
3. Set up the Unified CM for AnyConnect
3-91 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Provision Application Profiles
The configuration profile for the Cisco AnyConnect client includes VPN policy
information such as the company ASA VPN gateways, the connection protocol
(IPSec or SSL), and on-demand policies.
VPN profile is automatically downloaded to the Cisco AnyConnect client after the
client establishes the VPN connection for the first time.
On the ASDM, choose Configuration > Remote Access VPN > Network (Client)
Access > AnyConnect Client Profile
www.flane.com.au
3-92 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Provision Application Profiles (Cont.)
Provision iOS Devices Using Apple Configuration Profile and iPCU
Apple configuration profiles are XML files that contain information such as device
security policies, VPN configuration information, and Wi-Fi, mail, and calendar
settings.
www.flane.com.au
3-93 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Automate VPN Connection
Set up the system to allow Cisco AnyConnect Secure Mobility Client to
automatically establish a VPN connection in the background.
When the user is inside the corporate Wi-Fi network, Cisco Jabber can reach
the Cisco UC infrastructure directly.
When the user leaves the corporate Wi-Fi network, Cisco AnyConnect
automatically detects if it is connected to a domain that you specify in the
AnyConnect client profile.
All applications on the device including Cisco Jabber can take advantage of
this feature.
www.flane.com.au
3-94 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Automate VPN Connection (Cont.)
The following options are available with this feature:
Always Connect
Connect If Needed
Never Connect
www.flane.com.au
3-95 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Automate VPN Connection (Cont.)
1. Use the ASDM profile editor, iPCU, or MDM software to open the AnyConnect
client profile.
2. In the AnyConnect client profile, under the Connect if Needed section, enter your
list of on-demand domains.
Cisco recommends using Cisco AnyConnect Secure Mobility Client for Apple iOS
for iPhones running iOS 5.1.1. Requirements for the Cisco AnyConnect VPN
solution are as follows:
Cisco Adaptive Security Appliance Release 8.4 or later
In Unified CM, set up the On-Demand VPN URL field in the Cisco Jabber device
settings.
www.flane.com.au
3-96 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Certificate-Based Authentication
Cisco AnyConnect client supports many authentication methods including
Microsoft Active Directory/LDAP password, RADIUS-based one-time tokens, and
certificates.
CA, Microsoft Windows 2003, Windows 2008 R2, Entrust, VeriSign, and RSA
Keon.
www.flane.com.au
3-97 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Certificate-Based Authentication
(Cont.)
Distribute Client Certificates
You can issue certificates to Cisco Jabber for iPhone devices using one of
the following methods:
SCEP
Mobileconfig file
www.flane.com.au
3-98 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Certificate-Based Authentication
Distribute Client Certificate Using SCEP
1. The first time a remote user opens Cisco AnyConnect, the application
authenticates the user with either Active Directory credentials or a one-time
token password.
2. After the client establishes the VPN, the ASA provides a client profile that
includes the SCEP request.
3. The Cisco AnyConnect client sends a certificate request and the Certificate
Authority (CA) automatically accepts or denies the request.
b. Cisco AnyConnect uses the certificate for authentication, and no longer prompts the
user for a password when establishing subsequent VPN connections.
www.flane.com.au
3-99 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Certificate-Based Authentication
Distribute Client Certificate Using Mobileconfig File
1. Use the iPCU software to create a mobileconfig file and include the certificate
(.pfx) file.
3. Use the Cisco ISE native supplicant provisioning process to distribute user
certificates.
www.flane.com.au
3-100 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Tunnel Policies
Full-Tunnel Policy
This is the default tunnel policy. Use this policy if you want the most secure option for
Cisco Jabber and Cisco AnyConnect deployments.
All the traffic from all the applications on the device is sent over the VPN tunnel to the
ASA gateway.
Optionally, you can enable the Local LAN Access feature to enable local printing and
local network drive mapping.
www.flane.com.au
3-101 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Tunnel Policies (Cont.)
Split-Tunnel Policy
Use this policy if you want to direct only Cisco Jabber-specific traffic from your phone to
the corporate network.
You must include the IP subnets of the Cisco Unified CM Cluster, Directory Server, and
TFTP Server.
Cisco Jabber needs peer-to-peer media connections with any IP phone or computer
phone on the corporate Wi-Fi network. Therefore, Cisco recommends that you include
the corporate network IP address range in the Split-Include policy.
• Limit the traffic that is sent over the VPN tunnel due to bandwidth concerns.
3-102 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Tunnel Policies (Cont.)
Split-Include Policy with Network ACL
Limit the traffic that is sent over the VPN tunnel due to bandwidth concerns.
www.flane.com.au
3-103 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Set Up Cisco AnyConnect
Set Up Tunnel Policies (Cont.)
Split-Exclude Policy
Prevent any known traffic from using the VPN tunnel. For example, an organization
concerned about bandwidth could add the destination subnets for NetFlix, Hulu,
YouTube, and others to their split-exclude list
www.flane.com.au
3-104 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber
Provisioning Cisco
Jabber for iPad
89 www.flane.com.au
3-105 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Client Sign-In and Auto-Discovery
Users enter their email address (username@example.com), the client queries the
DNS SRV records corresponding to the domain portion of the supplied email
address (example.com in this instance).
It expects responses from the DNS server that allow it to complete the
configuration task and provide the user with service.
DNS records consist of a series of entries that match a server name to a single IP
address in a networked environment.
DNS SRV records differ in that they match a service with a server, or set of
servers, in a networked environment.
www.flane.com.au
3-106 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Client Sign-In and Auto-Discovery
(Cont.)
The client queries the network for all possible services corresponding to the
domain portion of the user-supplied email address. It then attempts to connect
based on the services it discovers through the DNS SRV record results. If there is
more than one service found, the client connects to the service in this order:
1. Cisco WebEx Messenger
www.flane.com.au
3-107 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
The following lists the DNS SRV record types for the client.
Cisco WebEx Messenger _xmpp-client._tcp
Cisco Unified Presence _cuplogin._tcp
Cisco Unified Communications Manager CCMCIP _cisco-phone-
http._tcp
Cisco TelePresence Video Communication Server _sip._tcp.internal
(Internal)
Cisco TelePresence Video Communication Server _sip._tcp.external
(External)
Cisco Jabber Video for TelePresence _ciscowtp._tcp
Cisco WebEx TelePresence _ciscowtp._tcp
Set Up Centralized TFTP Server
Set up a centralized TFTP server if there are multiple Cisco Unified Communications Manager
clusters in the same corporate domain. You must also add a DNS SRV record so this server can
be discovered. The following is an example of what such a record might look like. The items in
the record appear in the following order:
SRV Record
Priority
Weight
Port
A Record
cisco-phone-tftp._tcp.example.com 0 0 69 cftp.example.com
Cisco Unified Communications Manager TFTP _cisco-phone-tftp._tcp
3-108 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
New Phone Type for Tablet Devices in Unified
CM
New Phone Type: Cisco Jabber for Tablet
New Device Security Profile: Cisco Jabber for Tablet – Standard SIP Non-Secure
Profile
www.flane.com.au
Application Profiles
Assigned to users
www.flane.com.au
3-109 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Unified Presence (UC9.0 or Later)
Application Profiles will be no longer
configured on Unified Presence but be
migrated to Unified CM
www.flane.com.au
3-110 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
WebEx Connect Org Admin
www.webex.com/go/connectadmin (Common URL for all customers)
Request the following when ordering:
“CUCI” UC integration
Provision users
Set up Federation
The Cisco WebEx Messenger Administration Tool allows you to specify settings for instant
messaging (IM), availability, and integration with Cisco Unified Communications Manager. To
learn how to use this tool, see the Cisco WebEx Messenger Administration Guide at
http://www.webex.com/webexconnect/orgadmin/help/ index.htm.
Cisco recommends that you perform the tasks in this order. This is a list of high-level tasks that
may not include every aspect of your setup.
If a user already has both Cisco WebEx Messenger and Cisco Unified Communications Manager
set up in the desktop application, the settings automatically take effect in Cisco Jabber for iPad.
3-111 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Centralized Administration
www.flane.com.au
Procedure
Step 1 Specify organization information. Go to
http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?17382.htm.
Step 2 Create and provision users. Go to
http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?cs_user.htm .
Step 3 Set up IM and availability.Go to
http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?17169.htm.
Step 4 Set up telephony services.
Go to http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?18648.htm.
Note
Cisco recommends deploying Cisco Unified Communications Manager with a Fully Qualifed
Domain Name (FQDN) when setting up telephony services. If you deploy Cisco Unified
Communications Manager with an IP address when setting up telephony services, extra
configuration is required to enable the Connect on Demand VPN feature. Refer to the appropriate
Cisco Unified Communications Manager documentation for information on using a FQDN.
Step 5 Set up voicemail. Go to
http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?cs_visual_voicemail.ht
m.
Note
If voicemail parameters are configured in both the Cisco WebEx Messenger Administration Tool
and the Product Specific Configuration on Cisco Unified Communications Manager, Cisco Jabber
for iPad will use the configuration in Cisco Unified Communications Manager and ignore the
voicemail settings in Cisco WebEx Messenger Administration Tool.
3-112 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Step 6 Set up meetings.Go to
http://www.webex.com/webexconnect/orgadmin/help/index.htm?toc.htm?17386.htm.
3-113 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco VCS & TMS
Step 1:
Administrator creates new users import, or
sync from Active Directory
Step 2:
Configures policies and assign device
templates
Step 3:
Users receive automated email that
includes username and password
www.flane.com.au
3-114 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Example: If you have multiple VCS clusters (zones) within your organization, you may have to
update the rules that control call routing between the VCS and VCSE zones.
3-115 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco VCS & TMS – Creating Users
www.flane.com.au
3-116 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco VCS & TMS – Creating Device Template
www.flane.com.au
3-117 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Where to find the latest
FCS version ?
Cisco Jabber is a free download
www.flane.com.au
www.flane.com.au
3-118 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber for iPad Client Deployment
After launching the Jabber for iPad application for the first time, you need to
choose to sign in by using the
Individual Accounts
Company-Provided Accounts.
www.flane.com.au
3-119 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber Client Deployment
Individual Account
www.flane.com.au
Individual Accounts
If you select Individual Accounts, Cisco WebEx Messenger or Cisco Jabber Video for
TelePresence account information is required. We recommend that you use a WebEx Messenger
account for IM and presence, and Jabber Video for TelePresence for voice and video calling.
3-120 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber Client Deployment
Company-Provided Account
www.flane.com.au
Similar to setting up Individual Accounts, we recommended that you set up an IM and Presence
account first before a Video and Voice Calling account, unless no IM and Presence account is
available. If you select a Cisco Unified Presence account, then Cisco UCM is your only valid
option for video and voice calling. On the other hand, if a Cisco WebEx Messenger account is
configured, then you can select one of three options, including Cisco UCM, Cisco VCS, and
Cisco Jabber Video for TelePresence, for video and voice calling. See Figure 9 for Company-
Provided Account Settings.
During a deployment, administrators should provide an instruction to end-users on what features
are available and how to configure Jabber for iPad.
3-121 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Jabber Client Deployment
Company-Provided Account (Cont.)
Company-Provided Instructions to Download Cisco Jabber for iPad
Account
Voice and video calling Cisco UCM Username
Password
(TFTP) server address
Cisco Unified
Communications Manager IP
phone server address
(optional)
Cisco VCS Username
Password
Internal server address
External server address
SIP domain address
Jabber Video for TelePresence Username and password
www.flane.com.au
www.flane.com.au
3-122 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad Installation Steps
www.flane.com.au
3-123 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad Installation Steps
(Cont.)
Unified Communications Manager Video Communication Server
3-124 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Cisco Jabber for iPad AnyConnect VPN
Properly configure split tunneling, to ensure only the traffic destined for Cisco
UCM goes into the encrypted tunnel.
www.flane.com.au
AnyConnect VPN
The Cisco Jabber for iPad application requires Cisco Unified Communications back-end services
either in the cloud or on-premises. If one or all back-end services are deployed on-premises, then
an established secure VPN connection is required for the Cisco Jabber for iPad clients that are
outside of corporate network to communicate with those back-end services behind a firewall over
public Wi-Fi or mobile wireless networks. We strongly recommend that you deploy Cisco
AnyConnect Secure Mobility Client alongside Cisco Jabber for iPad2.
Cisco AnyConnect client on iPad provides a full VPN tunnel for Cisco Jabber and other
applications that need secure access to the enterprise network from outside the corporate firewall.
AnyConnect is a VPN client that provides secure connect features, including:
VPN on-demand3, which is available for iOS and allows the AnyConnect tunnel to be
established whenever a particular destination is contacted (that is, Cisco UCM).
Split Include, which allows you to configure specific traffic to be sent through the
encrypted tunnel; for example, using Split Include, Cisco UCM voice traffic could be sent
through the encrypted tunnel, and Safari browser data would not.
AnyConnect also has a built-in diagnostics and reporting tool and statistics reporting to
help troubleshoot VPN problems.
The following services do not require AnyConnect VPN for remote access:
Cisco Jabber Video for TelePresence Service.
Cisco WebEx Messenger Service.
Cisco WebEx Meetings.
Cisco TelePresence Video Communication Server (TelePresence VCS Expressway is
required).
3-125 Designing and Implementing Cisco Jabber Cisco Jabber for Windows
Summary
You can add Cisco Jabber for iPhone to Cisco UCM as Dual mode iPhone
Mobility Features
Voice Dialing
Visual Voicemail
AnyConnect
www.flane.com.au
3-126 Designing and Implementing Cisco Jabber Cisco Jabber for Windows