Presentation is loading. Please wait.

Presentation is loading. Please wait.

Senior Consultant Been with Microsoft for 3 years Focused on Lync and specifically voice In computers and MS technology for 18+ years Started in Higher.

Published byMadlyn Johnston Modified over 9 years ago

Similar presentations

Presentation on theme: "Senior Consultant Been with Microsoft for 3 years Focused on Lync and specifically voice In computers and MS technology for 18+ years Started in Higher."— Presentation transcript:

1

2 Senior Consultant Been with Microsoft for 3 years Focused on Lync and specifically voice In computers and MS technology for 18+ years Started in Higher Education Wife and two kids, lives in Chicago, IL Meet Aaron Steele | @steeleaaron

3 Lead Architect, BriComp Computers Unified communications architect Microsoft Certified Solutions Master Microsoft MVP since 2006 Enterprise Microsoft collaboration solution design, development, configuration, administration and maintenance More than 20 years experience in IT industry Network Infrastructure Corp., Resolute, Phelps, Dodge Independent since 2009 Meet Brian Ricks | @bricomp

4 Target Audience IT and telecommunications professionals who design, plan, deploy, and maintain solutions for unified communications (UC) Experienced professionals that are looking to better understand the new features and capabilities of Lync 2013 introduced since RTM Setting Expectations

5 Course 20336, Core Solutions of Microsoft Lync Server 2013 — http://aka.ms/CoreLync2013http://aka.ms/CoreLync2013 Course 20337, Enterprise Voice and Online Services with Microsoft Lync Server 2013 — http://aka.ms/VoiceOnlineLync2013http://aka.ms/VoiceOnlineLync2013 Suggested Resources 5

6 Microsoft Certified Solutions Expert (MCSE) – http://aka.ms/MCSE-Lync Exam 70-336: Core Solutions of Microsoft Lync Server 2013 – http://aka.ms/MCSEcoreLync http://aka.ms/MCSEcoreLync Exam 70-337: Enterprise Voice and Online Services with Microsoft Lync Server 2013 – http://aka.ms/MCSEentvoiceLync http://aka.ms/MCSEentvoiceLync Microsoft Learning Partners—Learn from the Pros! – http://aka.ms/CPLS – Find a Class: http://aka.ms/ClassLocatorhttp://aka.ms/ClassLocator Know Your Stuff? Get Certified

7 Course Topics Lync Top Support Topics and Troubleshooting Tools 01 | Lync Performance Monitoring04 | Lync Call Generators 02 | Centralized Logging Service05 | Troubleshooting Tools 03 | Lync Media in Wi-Fi

8 Lync Performance Monitoring

9 System Center Operations Manager (SCOM): SCOM is an alerting system providing data on server status Performance Counters: Feed into SCOM and for general server performance monitoring. Includes active connections, processing of messages, failures raised by server, latency Event Logs: Used to report to SCOM, configuration state on server, security policy update, service availability Synthetic Transactions: Automated tests to detect outages in service features (e.g., Instant Messaging [IM], registration, presence) Call Detail Records (CDR): CDR provides telemetry on usage patterns (e.g., call volume), call establishment (e.g., conference join) QoE Metrics: Media, network, endpoint and connection metrics collected on endpoint UFD: Actionable notifications displayed to user Network Bars: Indicator providing users with information when network performance is causing media quality issues QoE Metrics: media, network, endpoint and connection metrics collected on endpoint QoE Metrics: Media, network, endpoint and connection metrics collected on endpoint UFD: Actionable notifications displayed to user. Network Bars: Indicator providing users with information when network performance is causing media quality issues CDR/QoE SQL Database

10 QoE Data Collection Front End Server Lync Storage Service Unified Contacts Replication for HA Data Collection Archival Processing (IM, WebConf) Monitoring Processing (CDR/QoE) SQL DB Queue DB

11 What Factors Reduce Media Quality?

12 Lync 2010 Metrics

13 QoE Metrics Added in Lync 2013

14 Summary Troubleshooting In Lync 2013, improved video metrics are aligned to the new video feature set Reports will have both audio and video media performance analysis New QoE will enable administrators to better identify problems with both audio and video Planning QoE provides information on Network performance and problem identification Audio performance issues Video usage and performance issues QoE data assists in Network planning (e.g., wired and wireless access requirements) Server and general infrastructure procurement decisions QoE provides metrics for:

15 Centralized Logging Service

16 Centralized Logging Service (CLS)

17 CLS Architecture

18 Logging is based on scenarios Built-in scenarios specify a group of components and log levels to be started and stopped together Scenarios

19 Components Logged by Scenarios Scenario details can be discovered with the Get-CsClsScenario cmdlet Get-CsClsScenario global/ | Select -ExpandProperty Provider | Format-Table Name,Level,Flags -a For scenario: IncomingAndOutgoingCall Component NameLevel MediationServerInfo S4Info SipstackInfo TranslationApplicationInfo OutboundRoutingInfo InboundRoutingInfo UserServicesInfo

20 .\ClsController (COMMAND) [(OPTIONS)] [(SCOPE)] Using ClsController COMMANDDescription -startStarts trace session for given scenario. Mandatory option: scenario. Other valid option: duration -stopStops trace session for given scenario. Mandatory and only valid option: scenario -queryQuery list of scenarios being traced. Valid options: None -flushFlush logs and make them available for searching immediately. Valid options: None -update Update the duration active (nondefault) scenario needs to be traced for. Mandatory and only valid option: duration -search Search logs. Results are returned in a text file. Valid options: starttime, endtime, components, uri, callid, phone, ip, loglevel, matchany, matchall, keepcache, correlationids -?Will display command line usage along with scenario names

21 ClsController Options OPTIONDescription -scenarioScenario name (Valid scenario names were given earlier) -durationDuration (in minutes) to trace the given scenario for. Default duration: 24 hours -matchallSpecify this to require the search to match all criteria specified -matchanySpecify this to require the search to match any criteria specified. This is the default. -starttime(timestamp) timestamp to search the log entries from -endtime(timestamp) timestamp to search the log entries to -loglevel (fatal | error | warn | info | verbose | noise) This is the least severe log level to search on. For example, if 'warn' is specified search will be limited to 'warn', 'error' and 'fatal' -componentsList of comma separated component names to restrict the search scope -phonePhone number scope for search command. This needs to be exact match -uriURI scope for search command. This needs to be exact match -callidCall id scope for search command. This needs to be exact match -ipIP address scope for search command. This needs to be exact match

22 The special scenario “AlwaysOn” can be on all the time. It logs INFO level for many common components When an issue occurs there may be enough info in the AlwaysOn component logs to debug the issue This avoids having to turn on logging and repro the issue, which was always required in Lync Server 2010 If the logs from AlwaysOn are not sufficient, turn on the specific scenario relevant to your issue, repro the issue, and get a higher level of logging At any given time, you can have one extra scenario enabled along with AlwaysOn The “AlwaysOn” Scenario

23 Sample Commands

24 Lync Media on Wi-Fi

25 Lync 2013 Wi-Fi support Goal is to provide general deployment guidance and recommendations for Wi-Fi deployment Working with Wireless Local Area Network (WLAN) infrastructure vendors using Lync in their deployments Lync Media over Wi-Fi

26 Wi-Fi Problem Areas

27 Wi-Fi Deployment Recommendations for Lync 2013

28 Enterprise Wi-Fi Considerations High-density AP deployments Fast inter-AP handover support Select WLAN infrastructure vendors with voice over Wi- Fi experience

29 Lync 2013 Wi-Fi Deployment Guidance

30

31 Lync Call Generators

32 Sign-in and authentication Public Key Infrastructure (PKI) / TLS Certificates Signaling and media establishment High availability / disaster recovery (HA / DR) Lync address book

33 Lync Call Generators

34 Lync clients have different requirements because they are limited by the platform capabilities. Changes from the legacy client platform have necessitated a “fallback” approach to client DNS lookup. Secure connectivity required for passing authentication. Certificate-based authentication requires obtaining a certificate via the web services. Seldom will you see two deployments with the identical network/infrastructure requirements. Sign-in and Authentication Challenges

35 So what causes it to break?

36 Other things to be aware of…

37 Consider all possible client scenarios even when they don’t fit into the initial deployment plans. Diagram all network access points and document what DNS records point to where so future modality expansion can be achieved. Educate local administrators on how mobility differs from external desktop clients, from federation, Public IM Connectivity (PIC), and so on. Document test scenarios and results so customers have a baseline to work from. Customers who generate support incidents rarely have anything documented and proclaim they have no test plan or results to compare to. Fully test all modalities before completing a deployment. Sign-in and Authentication – Actions!

38 Lync Call Generators

39 PKI is everywhere in the product. Correct use of certificates for internal roles, public certs from well known CAs for external users, PIC, federation, Office 365, mobility, and reverse proxy. Certificates used for antivirus encryption and authentication are NON-public. Internal namespaces on external facing certificates are increasingly under scrutiny because of new PKI standards. Oauth is a new way to ensure intra-role communication is simplified. Server to server; prevents trust issues between Lync and other trusted roles. PKI and Certificate Challenges

40 All connections in Lync use TLS or MTLS with the exception of antivirus Avoid wildcards in certificate names Supported as Subject Alternative Name (SAN) on Web Services (RP) Many public CAs won’t allow a direct import of a certificate request; names are often added or certs recycled from other modalities because of the cost factor. Only external services need public CA-issued certs. No internal namespace on public certificates. DNS must succeed for proper trust. Edge DNS pointers to internal split domain namespace. Scaled Edge servers share identical certificates (private) Be Aware Of…

41 Trust Model Transport Layer Security (TLS) is used not only to secure traffic but also to establish a trusted relationship between SIP proxies. Secure Real-time Transport Protocol-User Datagram Protocol (SRTP-UDP) cannot provide TLS with the certificates. However, it can still scramble a packet payload. Oauth provides a framework for authorizing components to interoperate and reduces the trust model management through certificate replication.

42 Use wizards for certificate requests Primary SIP domain = public namespace No wildcard certificates Use internal CAs for internal roles and access points Avoid all-in-one certificates PKI / TLS Certificates – Actions!

43 Lync Call Generators

44 Signaling and Media Establishment Challenges Media Relay Authentication Service (MRAS), Interactive Connectivity Establishment (ICE), Session Description Protocol (SDP) candidates Edge server as a functional firewall device Media bypass, hair pinning, mediation Bandwidth management / Call Admission Control (CAC) / Quality of service (QoS) Monitoring / Quality of experience (QOE)

45 External registrar SIP proxy users and federation External conference proxy (SIP signaling still traverses Access) All audio, video, and media sharing using Real-time Transport Protocol (RTP) Uses ICE (Session Traversal Utilities for Network Address Translation (STUN) / Traversal Using Relay NAT (TURN) – secure using MRAS (is not TLS) No user services (that’s the reverse proxy role) HTTPS connection for mobility clients, ABS, Meeting Lobby, etc. Signaling and Media Establishment (cont.)

46 Media Relay Authentication Service (MRAS) - (5062) Internal via SIP proxy Allocate (3478) and ‘Are you there ping’ to ensure connectivity? Open ports on NAT host | Reflective | Relay Deep packet inspection – XOR UDP and TCP open port ranges are largely overrated as a security threat DNS Load Balancing vs. Hardware Load Balancers Signaling and Media Establishment (cont.)

47 Certificates TLS everywhere but media exchange. Internal / external namespace depends on DNS pointing the right direction. Networks No logical sub-netting to prevent physical isolation. Routing to Internet and internal networks should never overlap and will require manual management of the networks in most cases Other things to be aware of…

48 Define static routing DNS to public, host to internal Test port ranges for TCP and UDP 50k, 443, 5061, 3478, 5062, 8057 Network isolation Public-facing IPs for A/V! DNS load balancing preferred Signaling and Media Negotiation - Actions!

49 Lync Call Generators

50 Don’t confuse High Availability and Disaster Recovery Scenarios No limited functionality Pool pairing RPO/RTO - Recovery point objective / Recovery time objective High Availability and Disaster Recovery

51 Windows Server 2012 with Lync 2013 - known issues with Windows fabric All servers hung in “starting” state Reset -CsPoolRegistrarState -ResetType QuorumLossRecovery -PoolFQDN Reset-CsPoolRegistrarState -ResetType FullReset -PoolFQDN Windows Fabric – Known Issue!

52 No Legacy design! No cross network deployments HA solution improves with each server you add to the pool Don’t mix HA and DR features Define and adhere to Recovery time objectives / Recovery point objectives HA/DR – Actions!

53 Lync Call Generators

54 Changes in Active Directory Properties Pushed to the Lync Back End servers every 60 seconds Default Setting for Address Book Service = WebSearchandFileDownload Get-CsClientPolicy … -AddressBookAvailability FileDownload in Lync has all the same caveats as R2. Delay in updating, differential files, 24-hour updates, and so on. Address Book Service Challenges

55 Personal Information Manager (PIM) Relies on Exchange web services (EWS) to obtain Outlook contacts and also synchronize Outlook calendar entries with presence state in the database; this is a client-side process Unified contact store (UCS) Introduces a host of potential caveats with contact loss. but relies on FE process to proxy contact storage to the users mailbox. This is not PIM, but gets access to Exchange using the same process. Managing Contacts

56 Configuring Presence Subscribe to presence HA/DR real-time presence across all Front End servers and backup registrars Lync Federation Privacy relationship Trust with Office 365 Presence and Federation

57 Deploy reverse proxy Enable EWS Turn on WebSearchOnly Migrate to UCS Prep for federation ABS and Presence – Actions!

58 Troubleshooting Tools

59 Lync Debug tools Lync Network Monitor with Lync Parsers Snooper Remote connectivity analyzer TRIPP (Transport Reliability IP Probe) Lync 2013 BPA Telnet Event logging (Capi2) HLB isolation

60 60

61

62

Download ppt "Senior Consultant Been with Microsoft for 3 years Focused on Lync and specifically voice In computers and MS technology for 18+ years Started in Higher."

Similar presentations

The leader in session border control for trusted, first class interactive communications.

The leader in session border control for trusted, first class interactive communications.
Lync 2014 4/11/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Lync /11/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Voice over IP Fundamentals

Voice over IP Fundamentals
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Lync 2014 4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Lync /19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Lync 2014 4/19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Lync /19/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.
Secure Remote Access & Lync Ilse Van Criekinge

Secure Remote Access & Lync Ilse Van Criekinge
Authentication Administration Storage Compliance Authentication Administration Storage Compliance Audio Conferencing E-mail and Calendaring E-mail.

Authentication Administration Storage Compliance Authentication Administration Storage Compliance Audio Conferencing and Calendaring .
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.

11 NETWORK PROTOCOLS AND SERVICES Chapter 10. Chapter 10: Network Protocols and Services2 NETWORK PROTOCOLS AND SERVICES  Identify how computers on TCP/IP.

Similar presentations

Ads by Google