Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Chapter 12. Office Communications Server 2007 Deployment Example

In Chapter 11 a detailed planning process for an Office Communications Server 2007 deployment of a fictitious global company named Contoso was presented. It's been demonstrated how to use the Office Communications Server 2007 Planning Guide and the Office Communications Server 2007 Enterprise Voice Planning and Deployment Guide to design a multi-pool Office Communications Server 2007 deployment with several different scenarios enabled. The aim of the example in this chapter is to develop a deployment path for the entire Contoso architecture. The focus of this chapter will therefore be on the demonstration of all preparation steps that have to be taken before Contoso can be deployed, as well as on the deployment sequence. How to install every individual Office Communications Server 2007 Server role is explained in the various Office Communications Server 2007 deployment guides.

Understanding Contoso's Deployment Process for Office Communications Server 2007

Contoso's deployment of Office Communications Server 2007 is a complex example of an Office Communications Server 2007 deployment created to show the possible difficulties administrators might face when designing the right deployment path for such architecture. In particular, when several scenarios are enabled at one time for such a deployment, the time required can be lowered by first doing all preparation steps—such as developing a server naming convention, preparing Domain Name System (DNS) entries, creating certificates, installing and configuring network interface cards (NICs)—and then proceeding with the actual deployment. This approach saves you from having to come back to the preparation of the environment after each step. The advantage in doing all the server preparation up front is that when you deploy server roles later in your deployment path (for example, when deploying the Edge Server after you have set up the pool), you don't have to ask DNS administrators to do further entries for the Edge Server deployment because you already spoke with them a few days earlier when you deployed the pool. In particular, in large customer environments where multiple administrators are involved, the deployment process will become much smoother. There might be several answers to the questions "Where should I start?" and "What should I do next?" However, in this chapter a deployment path for Contoso is shown that can be seen as the Best Practice guidance for similar Office Communications Server 2007 deployments.

Establishing a Server Naming Convention

At first, it is important to define the naming convention for all servers Contoso wants to deploy. To choose a naming convention that is easily understandable to all organizations involved in the deployment is essential because it decreases the possibility of miscommunication. As Table 12-1 shows, Contoso chooses a naming convention for its servers that easily identifies each of the Office Communications Server 2007 roles and their locations.

Table 12-1. Contoso's Server Naming Convention

Attribute	Naming Convention
Server name	XXXYYYZZ
Server-FQDN (fully qualified domain name)	xxxyyyzz.contoso.com
XXX	Server roles are abbreviated as follows: FRE = Front End Server of an Office Communications Server 2007 Enterprise Edition pool SQL = SQL Database BAE = Back End Server of an Office Communications Server 2007 Enterprise Edition pool IIS = Internet Information Service WCS = Web Conferencing Server in a pool AVC = Audio/Video Conferencing Server DIR = Director (Office Communications Server 2007 Standard Edition) CAW = Co-located Access Edge and Web Conferencing Edge Server AVE = Audio/Video Edge Server MED = Mediation Server HTT = Hypertext Transfer Protocol (HTTP) Reverse Proxy WCE = Web Conferencing Edge Server EXU = Exchange Unified Messaging Server ARC = Archiving Server
YYY	Server locations are abbreviated as follows: CHI = Chicago PAR = Paris MAD = Madrid SPO = Singapore
ZZ	Role number (if this is missing, the server is a Load Balancer)

Note that some exceptions to this naming convention exist for non–Office Communications Server 2007 roles, such as Load Balancers.

Table 12-2 through Table 12-5 show the Server names, IP addresses, and FQDNs for the servers for the four Contoso sites.

Table 12-2. Contoso Server Names for Chicago

Server Role	Server Name	IP Address	Server FQDN
Pool Name	CHIPOOL01	10.18.10.1	chipool01.contoso.com
Load Balancer virtual IP (VIP) for Office Communications Server 2007 Enterprise Edition (EE) Front End Servers	FRECHI	10.18.10.1	frechi.contoso.com
EE expanded Front End Server	FRECHI01	10.18.10.2	frechi01.contoso.com
EE expanded Front End Server	FRECHI02	10.18.10.3	frechi02.contoso.com
EE expanded Front End Server	FRECHI03	10.18.10.4	frechi03.contoso.com
EE expanded Front End Server	FRECHI04	10.18.10.5	frechi04.contoso.com
EE expanded Front End Server	FRECHI05	10.18.10.6	frechi05.contoso.com
EE expanded Front End Server	FRECHI06	10.18.10.7	frechi06.contoso.com
Back End SQL cluster name	SQLCHI01	10.18.10.10	sqlchi01.contoso.com
Back End Nodes	BAECHI01	10.18.10.11	baechi01.contoso.com
Back End Nodes	BAECHI02	10.18.10.12	baechi02.contoso.com
Load Balancer VIP for Internet Information Services (IIS)	IISCHI	10.18.10.15	iischi.contoso.com
IIS	IISCHI01	10.18.10.16	iischi01.contoso.com
IIS	IISCHI02	10.18.10.17	iischi02.contoso.com
Web Conferencing Server	WCSCHI01	10.18.10.20	wcschi01.contoso.com
Web Conferencing Server	WCSCHI02	10.18.10.21	wcschi02.contoso.com
Web Conferencing Server	WCSCHI03	10.18.10.22	wcschi03.contoso.com
Web Conferencing Server	WCSCHI04	10.18.10.23	wcschi04.contoso.com
A/V Conferencing Server	AVCCHI01	10.18.10.24	avcchi01.contoso.com
A/V Conferencing Server	AVCCHI02	10.18.10.25	avcchi02.contoso.com
A/V Conferencing Server	AVCCHI03	10.18.10.26	avcchi03.contoso.com
A/V Conferencing Server	AVCCHI04	10.18.10.27	avcchi04.contoso.com
Director Pool Name	CHIDIRPOOL	10.18.10.32	chidirpool.contoso.com
Load Balancer VIP for Directors (internal-facing pool)	DIRCHI	10.18.10.32	dirchi.contoso.com
Director (internal NIC)	DIRCHI01	10.18.10.30	dirchi01.contoso.com
Director (external NIC)	—	10.18.10.130	—
Director (internal NIC)	DIRCHI02	10.18.10.31	dirchi02.contoso.com
Director (external NIC)	—	10.18.10.131	—
Load Balancer VIP for Directors (external-facing Edge Server)	—	10.18.10.33	dirchiext.contoso.com
Load Balancer VIP for Edge Access Server (internal)	CAWCHI	192.168.10.40	access.contoso.com
Co-located Access Edge Server and Web Conferencing Edge Server (internal NIC)	CAWCHI01	192.168.10.41	cawchi01.contoso.com
Co-located Access Edge Server and Web Conferencing Edge Server (external NIC)	—	64.65.66.3	—
Co-located Access Edge Server and Web Conferencing Edge Server (internal NIC)	CAWCHI02	192.168.10.42	cawchi02.contoso.com
Co-located Access Edge Server and Web Conferencing Edge Server (external NIC)	—	64.65.66.4	—
Load Balancer VIP for Edge Access Server (external)	—	64.65.66.1	sip.contoso.com
Load Balancer VIP for Edge Web Conferencing Server (external)	—	64.65.66.2	wcechi.contoso.com
Load Balancer VIP for A/V Edge Server (internal)	AVECHI	192.168.10.45	avechi.contoso.com
A/V Edge Server (internal NIC)	AVECHI01	192.168.10.46	avechi01.contoso.com
A/V Edge Server (external NIC)	—	64.65.66.16	—
A/V Edge Server (internal NIC)	AVECHI02	192.168.10.47	avechi02.contoso.com
A/V Edge Server (external NIC)	—	64.65.66.17	—
Load Balancer VIP for A/V Edge Server (external)	—	64.65.66.15	avechi.contoso.com
Mediation Server (internal NIC)	MEDCHI01	10.18.10.50	medchi01.contoso.com
SIP/PSTN Gateway (external to Mediation Server)	—	10.18.10.51	gwychi01.contoso.com
HTTP Reverse Proxy Server (internal NIC)	HTTCHI01	192.168.10.60	httchi01.contoso.com
HTTP Reverse Proxy Server (external NIC)	—	64.65.66.30	httchi01.contoso.com

Table 12-3. Contoso Server Names for Paris

Server Role	Server Name	IP Address	Server FQDN
Pool Name	PARPOOL01	10.17.10.1	parpool01.contoso.com
Load Balancer VIP for EE Front End Servers	FREPAR	10.17.10.1	frepar.contoso.com
EE expanded Front End Server	FREPAR01	10.17.10.2	frepar01.contoso.com
EE expanded Front End Server	FREPAR02	10.17.10.3	frepar02.contoso.com
EE expanded Front End Server	FREPAR03	10.17.10.4	frepar03.contoso.com
EE expanded Front End Server	FREPAR04	10.17.10.5	frepar04.contoso.com
Back End SQL cluster name	SQLPAR01	10.17.10.10	sqlpar01.contoso.com
Back End Nodes	BAEPAR01	10.17.10.11	baepar01.contoso.com
Back End Nodes	BAEPAR02	10.17.10.12	baepar02.contoso.com
Load Balancer VIP for IIS	IISPAR	10.17.10.15	iispar.contoso.com
IIS	IISPAR01	10.17.10.16	iispar01.contoso.com
IIS	IISPAR02	10.17.10.17	iispar02.contoso.com
Web Conferencing Server	WCSPAR01	10.17.10.20	wcspar01.contoso.com
Web Conferencing Server	WCSPAR02	10.17.10.21	wcspar02.contoso.com
A/V Conferencing Server	AVCPAR01	10.17.10.24	avcpar01.contoso.com
A/V Conferencing Server	AVCPAR02	10.17.10.25	avcpar02.contoso.com
Load Balancer VIP for Web Conferencing Server (internal)	WCEPAR	192.167.10.40	wcepar.contoso.com
Web Conferencing Edge Server (internal NIC)	WCEPAR01	192.167.10.41	wcepar01.contoso.com
Web Conferencing Edge Server (external NIC)	—	64.64.66.11	—
Web Conferencing Edge Server (internal NIC)	WCEPAR02	192.167.10.42	wcepar02.contoso.com
Web Conferencing Edge Server (external NIC)	—	64.64.66.12	—
Load Balancer VIP for Web Conferencing Server (external)	—	64.64.66.10	wcepar.contoso.com
Load Balancer VIP for A/V Edge Server (internal)	AVEPAR	192.167.10.45	avepar.contoso.com
A/V Edge Server (internal NIC)	AVEPAR01	192.167.10.46	avepar01.contoso.com
A/V Edge Server (external NIC)	—	64.64.66.16	—
A/V Edge Server (internal NIC)	AVEPAR02	192.167.10.47	avepar02.contoso.com
A/V Edge Server (external NIC)	—	64.64.66.17	—
Load Balancer VIP for A/V Edge Server (external)	—	64.64.66.15	avepar.contoso.com
HTTP Reverse Proxy Server (internal NIC)	HTTPAR01	192.167.10.60	httpar01.contoso.com
HTTP Reverse Proxy Server (external NIC)	—	64.64.66.30	httpar01.contoso.com

Table 12-4. Contoso Server Names for Madrid

Server Role	Server Name	IP Address	Server FQDN
Pool Name	MADPOOL01	10.16.10.1	madpool01.contoso.com
Load Balancer VIP for EE Front End Servers	FREMAD	10.16.10.1	fremad.contoso.com
EE consolidated Front End Server	FECMAD01	10.16.10.2	fecmad01.contoso.com
EE consolidated Front End Server	FECMAD02	10.16.10.3	fecmad02.contoso.com
Back End Nodes	BAEMAD01	10.16.10.11	baemad01.contoso.com
Mediation Server (internal NIC)	MEDMAD01	10.16.10.50	medmad01.contoso.com
SIP/PSTN Gateway (external to Mediation Server)	—	10.16.10.51	gwymad01.contoso.com
Exchange Unified Messaging (UM) Server	EXUMAD01	10.16.10.70	exumad01.contoso.com
Archiving Server	ARCMAD01	10.16.10.80	arcmad01.contoso.com

Note

It is possible to install only one SQL database in Madrid and store Back End database data as well as the archiving data in the same database.

Table 12-5. Contoso Server Names for Singapore

Server Role	Server Name	IP Address	Server FQDN
Pool Name	SPOPOOL01	10.15.10.1	spopool01.contoso.com
Load Balancer VIP for EE Front End Servers	FRESPO	10.15.10.1	frespo.contoso.com
EE consolidated Front End Server	FECSPO01	10.15.10.2	fecspo01.contoso.com
EE consolidated Front End Server	FECSPO02	10.15.10.3	fecspo02.contoso.com
EE consolidated Front End Server	FECSPO03	10.15.10.4	fecspo03.contoso.com
EE consolidated Front End Server	FECSPO04	10.15.10.5	fecspo04.contoso.com
Back End Nodes	BAESPO01	10.15.10.11	baespo01.contoso.com
Load Balancer VIP for Web Conferencing Server (internal)	WCESPO	192.165.10.41	wcespo.contoso.com
Web Conferencing Edge Server (internal NIC)	WCESPO01	192.165.10.41	wcespo01.contoso.com
Web Conferencing Edge Server (external NIC)	—	64.62.66.11	wcespo01.contoso.com
Load Balancer VIP for A/V Edge Server (internal)	AVESPO	192.165.10.46	avespo.contoso.com
A/V Edge Server (internal NIC)	AVESPO01	192.165.10.46	avespo01.contoso.com
A/V Edge Server (external NIC)	—	64.62.66.16	avespo01.contoso.com

Note

The external IP addresses for the Web Conferencing Edge Server and the A/V Edge Server also need an FQDN assigned. This is because there are no external Load Balancers in Singapore, and therefore the external IP addresses have to be in the external DNS.

Preparing the Server Hardware

Each Contoso Server role requires dedicated server hardware, as described in the Office Communications Server 2007 Planning Guide. From a performance perspective, none of the server roles handling media should be installed on virtual machines. When preparing server hardware for an Office Communications Server 2007 deployment, the required number of NICs in each server should be checked. Table 12-6 through Table 12-23, found later in this chapter, show where Contoso needs multiple NICs, as required by the server roles.

Contoso's Deployment Path

Contoso decided to enable several scenarios with a high level of redundancy for its users. This resulted in a high number of individual servers and server roles needing to be deployed. Figure 12-1 through Figure 12-4 provide a graphical view of the target deployment for each of the Contoso sites.

Figure 12-1. Contoso's target architecture in Chicago

Figure 12-2. Contoso's target architecture in Paris

Figure 12-3. Contoso's target architecture in Madrid

Figure 12-4. Contoso's target architecture in Singapore

Contoso will perform the Active Directory schema update as the initial step for its Office Communications Server 2007 deployment.

Preparing Active Directory

Contoso decided to install the entire Office Communications Server 2007 deployment in a single domain (Contoso.com) because domain controllers are available in each of the sites. The "Office Communications Server 2007 Active Directory Guide" explains in detail the steps that have to be taken to prepare Active Directory for an Office Communications Server 2007 deployment.

Important

Active Directory schema updates need to be well-controlled events by the Active Directory administrators because they can affect the entire enterprise's directory infrastructure. Therefore, it is understandable that the Active Directory preparation in an Office Communications Server 2007 deployment has to be coordinated with the Active Directory administrators. Depending on the enterprise and its business, there can be periods where an Active Directory schema update is not allowed by company policy and therefore the Office Communications Server 2007 deployment can be significantly delayed. The effects of such policies on the deployment schedule have to be incorporated into the deployment plan.

Overview of Preparing Firewall Ports, Certificates, NICs, and DNS

In large enterprises, the configurations of DNS, certificates, and firewalls are sometimes organizationally separated from the Office Communications Server 2007administrators who install and configure Office Communications Server 2007 and collaborate with other administrators in the company. Even the setup of servers can be performed by people other than the Office Communications Server 2007 administrators, so clear requirements have to be communicated to each organization within the enterprise to avoid interruptions of the deployment process because of missing prerequisites.

As part of Contoso's Office Communications Server 2007 planning process, the number of individual server roles has been identified as shown in Chapter 11. This allows Contoso to summarize all DNS and Firewall port requirements so that the preparation of the surrounding infrastructure can be done at one time before the actual deployment takes place. Table 12-6 through Table 12-23 summarize all preparations that need to be done for Contoso's Office Communications Server 2007 deployment. In addition to the summary views of the infrastructure requirements for each site, a detailed view with all the infrastructure requirements—including certificate requirements for Chicago—will be shown later in the chapter.

Preparing DNS, Firewall Ports, and Certificates for Chicago Deployment

Table 12-6 provides a summary of Contoso's infrastructure requirements for Chicago.

Table 12-6. Summary of Chicago Infrastructure Requirements

Server Role	Name	External DNS Name (IP Address)	Internal DNS Name (IP Address)	External Firewall Port (Direction)	Internal Firewall Port (Direction)
Edge Server—Access Edge Server (Load Balancer)	CAWCHI	sip.contoso.com VIP = (64.65.66.1) _sip._tls.domain (SRV) 443 sip.contoso.com _sipfederationtls._tcp.domain (SRV) 5061 sip.contoso.com	access.contoso.com VIP = (192.168.10.40)	443 TCP (Inbound) (Internet → Access Edge Server for Remote User Access) 5061 TCP (Both) (Internet ↔ Access Edge Server for Federation)	5061 TCP (Both) (Office Communications Server 2007 Pool ↔ Access Edge Server)
Edge Server—Web Conferencing Edge Server	CAWCHI	wcechi.contoso.com VIP = (64.65.66.2)	cawchi01.contoso.com (192.168.10.41) cawchi02.contoso.com (192.168.10.42)	443 TCP (Inbound) (Internet → Web Conferencing Edge Server)	8057 TCP (Outbound) (Office Communications Server 2007 Pool → Web Conferencing Edge Server)
Nodes (Access Edge Server/Web Conferencing Edge Server)
Node1	CAWCHI01	N/A (Not applicable) (64.65.66.3)	cawchi01.contoso.com (192.168.10.41)	N/A	N/A
Node2	CAWCHI02	N/A (64.65.66.4)	cawchi02.contoso.com (192.168.10.42)	N/A	N/A
Edge Server—A/V Edge Server (Load Balancer)	AVECHI	avechi.contoso.com VIP = (64.65.66.15)	avechi.contoso.com VIP = (192.168.10.45)	443 TCP (Inbound) (Internet → A/V Edge Server) 3478 UDP (Inbound) (Internet → A/V Edge Server) 50,000–59,999 TCP & UDP (Both) (Internet ↔ A/V Edge Server)	443 TCP (Outbound) (Internal Net [all IPs] → A/V Edge Server) 3478 UDP (Outbound) (Internal Net [all IPs] → A/V Edge) 5062 TCP (Outbound) (Internal Net [all IPs] → A/V Edge Server)
Nodes (A/V Edge Server)
Node1	AVECHI01	N/A (64.65.66.16)	avechi01.contoso.com (192.168.10.46)	N/A	N/A
Node2	AVECHI02	N/A (64.65.66.17)	avechi02.contoso.com (192.168.10.47)	N/A	N/A
HTTP Reverse Proxy Server	HTTCHI01	httchi01.contoso.com (64.65.66.30)	httchi01.contoso.com (192.168.10.60)	443 TCP (Inbound) Internet → HTTP Reverse Proxy Server	443 TCP (Inbound) HTTP Reverse Proxy Server → Office Communications Server 2007 Pool
Director (Pool)	CHIDIRPOOL	N/A	chidirpool.contoso.com (10.18.10.32)	N/A	5061 TCP (Both)
Director (Load Balancer)	DIRCHI01	dirchiext.contoso.com VIP = (10.18.10.33)	dirchi.contoso.com VIP = (10.18.10.32)		(Access Edge [internal Load Balancer VIP] ↔ Director [external Load Balancer VIP])
Director Nodes
Node1	DIRCHI01	N/A	dirchi01.contoso.com (10.18.10.30)	N/A	N/A
Node2	DIRCHI02	N/A	dirchi02.contoso.com (10.18.10.31)	N/A	N/A
EE Expanded Pool	CHIPOOL01	N/A	chipool01.contoso.com (10.18.10.1)	N/A	N/A
EE (Load Balancer)	FRECHI	N/A	frechi.contoso.com VIP = (10.18.10.1) _sipinternal._tcp.domain (SRV) 5061 chipool01.contoso.com _sipinternaltls._tcp.domain (SRV) 5061 chipool01.contoso.com	N/A	N/A
EE Front Ends
Node1	FRECHI01	N/A	frechi01.contoso.com (10.18.10.2)	N/A	N/A
Node2	FRECHI02	N/A	frechi02.contoso.com (10.18.10.3)	N/A	N/A
Node3	FRECHI03	N/A	frechi03.contoso.com (10.18.10.4)	N/A	N/A
Node4	FRECHI04	N/A	frechi04.contoso.com (10.18.10.5)	N/A	N/A
Node5	FRECHI05	N/A	frechi05.contoso.com (10.18.10.6)	N/A	N/A
Node6	FRECHI06	N/A	frechi06.contoso.com (10.18.10.7)	N/A	N/A
Mediation Server	MEDCHI01	Session Initiation Protocol (SIP)/Public Switched Telephone Network (PSTN) Gateway (GW) (not in DNS) (10.18.10.51)	medchi01.contoso.com (10.18.10.50)	N/A	N/A
SQL Server 2005 (cluster name)	SQLCHI01	N/A	sqlchi01.contoso.com VIP = (10.18.10.10)	N/A	N/A
SQL Nodes
Node 1	BAECHI01	N/A	baechi01.contoso.com (10.18.10.11)	N/A	N/A
Node 2	BAECHI02	N/A	baechi02.contoso.com (10.18.10.12)	N/A	N/A
IIS Server (Load Balancer)	IISCHI	N/A	iischi.contoso.com VIP = (10.18.10.15)	N/A	N/A
IIS Nodes
Node1	IISCHI01	N/A	iischi01.contoso.com (10.18.10.16)	N/A	N/A
Node2	IISCHI02	N/A	iischi02.contoso.com (10.18.10.17)	N/A	N/A
Web Conferencing Array
Node1	WCSCHI01	N/A	wcschi01.contoso.com (10.18.10.20)	N/A	N/A
Node2	WCSCHI02	N/A	wcschi02.contoso.com (10.18.10.21)	N/A	N/A
Node3	WCSCHI03	N/A	wcschi03.contoso.com (10.18.10.22)	N/A	N/A
Node4	WCSCHI04	N/A	wcschi04.contoso.com (10.18.10.23)	N/A	N/A
A/V Conferencing Array
Node1	AVCCHI01	N/A	avcchio01.contoso.com (10.18.10.24)	N/A	N/A
Node2	AVCCHI02	N/A	avcchio02.contoso.com (10.18.10.25)	N/A	N/A
Node3	AVCCHI03	N/A	avcchio03.contoso.com (10.18.10.26)	N/A	N/A
Node4	AVCCHI04	N/A	avcchio04.contoso.com (10.18.10.27)	N/A	N/A

Note that in Table 12-6, a total of seven IP addresses are used that point to the same two physical servers (the Access Edge Server and the Web Conferencing Edge Server). Here is a summary to further clarify the addressing scheme for these servers:

One IP address for the Access Edge VIP (externally) = 64.65.66.1
One IP address for the Access Edge VIP (internally) = 192.168.10.40
One IP address for the Web Conferencing Edge VIP (externally) = 64.65.66.2
Two IP addresses for the Web Conferencing Edge (externally) = 64.65.66.3 and 64.65.66.4 (these addresses are the node addresses and the VIPs point to them)
Two IP addresses for the Web Conferencing Edge (internally) = 192.168.10.41 and 192.168.10.42 (since no Load Balancing of the Web Conferencing Edge roles is allowed internally)

Table 12-7 through Table 12-9 provide detailed views of the infrastructure requirements for the Access Edge Server and Web Conferencing Edge Server arrays in the Chicago perimeter network. An array is a set of servers running the same server roles.

Table 12-7. Details for Chicago—External Load Balancer for Co-located Access Edge Servers and Web Conferencing Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
Access Edge Server	sip.contoso.com	Perimeter Network	Externally facing hardware Load Balancer with 2 VIPs.
Web Conferencing Edge Server	wcechi.contoso.com
VIPs
Access Edge Server VIP (external)	(1) 64.65.66.1	100-Mb Full	Virtual IP Address on the external Load Balancer for array of Access Edge Servers.
Web Conferencing Edge Server VIP (external)	(1) 64.65.66.2	100-Mb Full	Virtual IP Address on the external Load Balancer for array of Web Conferencing Edge Servers.
Ports
Firewall (external)	443 TCP 5061 TCP	Inbound Bi-directional	Traffic from Internet → Access Edge Server external Load Balancer VIP (sip.contoso.com) and Web Conferencing Edge Server external Load Balancer VIP (wcechi.contoso.com).
			Traffic to/from Internet ↔ Access Edge Server external Load Balancer VIP (sip.contoso.com).
Certificates
Certificate Name (CN)/Subject Name (SN)	N/A	N/A	N/A
DNS (Internal)
(A)	N/A	N/A	N/A
DNS (External)
(A)	sip.contoso.com	64.65.66.1
(A)	wcechi.contoso.com	64.65.66.2

Table 12-8. Details for Chicago—Internal Load Balancer for Co-located Access Edge Servers and Web Conferencing Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
Note: The internal edges of the Web Conferencing Edge Servers are not load balanced.
Access Edge	access.contoso.com	Perimeter Network	Internally facing hardware Load Balancer with 1 VIP.
VIPs
Access Edge VIP (internal)	(1) 192.168.10.40	100-Mb Full	Virtual IP Address on the internal Load Balancer for array of Access Edge Servers.
Ports
Firewall (internal)	8057 TCP 5061 TCP	Outbound Bi-directional	Traffic from Director external Load Balancer VIP (dirchiext.contoso.com) → Web Conferencing Edge Server Node1 (cawchi01.contoso.com) and Node2 (cawchi02.contoso.com).
			Traffic to/from Access Edge Server internal Load Balancer VIP (access.contoso.com) → Director external Load Balancer VIP (dirchiext.contoso.com).
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	access.contoso.com	192.168.10.40
DNS (External)
(A)	N/A	N/A	N/A

Table 12-9. Details for Chicago—Access Edge Servers and Web Conferencing Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Edge Server (Access Edge Server/Web Conferencing Edge Server)
Node1	CAWCHI01	Perimeter Network	Workgroup Servers in the Perimeter Network. Each node is running both the Access Edge Server and Web Conferencing Edge Server roles.
Node2	CAWCHI02	Perimeter Network
NICs
Node1 (internal-facing)	(1) 192.168.10.41	100-Mb Full
Node2 (internal-facing)	(1) 192.168.10.42	100-Mb Full
Node1 (external-facing)	(1) 64.65.66.3	100-Mb Full	Both the Access Edge Server and Web Conferencing Edge Server roles can be behind a Network Address Translation (NAT) or port-forwarding firewall.
Node2 (external-facing)	(1) 64.65.66.4	100-Mb Full
Ports
Firewall (internal)	N/A	N/A	Access Edge Server/Web Conferencing Edge Server array will use ports opened for Access Edge Server internal Load Balancer VIP (access.contoso.com).
Firewall (external)	N/A	N/A	Access Edge Server/Web Conferencing Edge Server array will use ports opened for Access Edge Server external Load Balancer VIP (sip.contoso.com) and Web Conferencing Edge Server external Load Balancer VIP (wcechi.contoso.com).
Certificates
CN/SN	access.contoso.com	Enhanced Key Usage (EKU): Server/Client	Exportable Machine certificate: Used for Client/Server Transport Layer Security (TLS)/Mutual Transport Layer Security (MTLS).
Subject Alternative Name (SAN)	access.contoso.com sip.contoso.com sip.additionalSIPDomainName.com		First entry in the SAN must match the CN/SN of the certificate.
CN/SN	sip.contoso.com	EKU: Server/Client	Exportable Machine certificate: Used for Client/Server TLS/MTLS.
DNS (Internal)
(A)	cawchi01.contoso.com	192.168.10.41	This is the internal FQDN of Access Edge Server/Web Conferencing Edge Server (Node1).
(A)	cawchi02.contoso.com	192.168.10.42	This is the internal FQDN of Access Edge Server/Web Conferencing Edge Server (Node2).
DNS (External)
Note: Access Edge Server/Web Conferencing Edge Server Node1 and Node2 are not directly accessible externally. Use internal IP addresses for managing each node.
(SRV)	_sip._tls.domain _sipfederationtls._tcp.domain	_tls for port 443 _tcp for port 5061	Example: _sip Service Location (SRV)[0][0][443]sip.contoso.com
			Example: _sipfederationtls Service Location (SRV)[0][0][5061]sip.contoso.com

Table 12-10 through Table 12-12 provide detailed views of the infrastructure requirements for the A/V Edge Server arrays in the Chicago perimeter network.

Table 12-10. Details for Chicago—External Load Balancer for A/V Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
A/V Edge Server	avechi.contoso.com	Perimeter Network	Externally facing hardware Load Balancer with 1 VIP.
VIPs
A/V Edge Server VIP (external)	(1) 64.65.66.15	100-Mb Full	Virtual IP Address on the external Load Balancer for array of A/V Edge Servers.
Ports
Firewall (external)	443 TCP 3478 UDP 50,000–59,999 TCP and UDP	Inbound Inbound Bi-directional	Traffic from Internet → A/V Edge Server external Load Balancer VIP (avechi.contoso.com).
			Traffic from Internet → A/V Edge Server external Load Balancer VIP (avechi.contoso.com).
			Traffic to/from Internet ↔ A/V Edge Server external Load Balancer VIP (avechi.contoso.com).
			If you don't want to open the entire range of ports from 50,000 to 59,999, allow 6 ports for each concurrent external user.
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	N/A	N/A	N/A
DNS (External)
(A)	avechi.contoso.com	64.65.66.15

Table 12-11. Details for Chicago—Internal Load Balancer for A/V Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
A/V Edge Server	avechi.contoso.com	Perimeter Network	Internally facing hardware Load Balancer with 1 VIP.
VIPs
A/V Edge Server VIP (internal)	(1) 192.168.10.45	100-Mb Full	Virtual IP Address on the internal Load Balancer for array of Access Edge Servers.
Ports
Firewall (internal)	443 TCP	Outbound	Traffic from Internal Network (all) → A/V Edge Server internal Load Balancer VIP (avechi.contoso.com).
	3478 UDP	Outbound	Traffic from Internal Network (all) → A/V Edge Server internal Load Balancer VIP (avechi.contoso.com).
	5062 TCP	Outbound	Traffic from Internal Network (all) → A/V Edge Server internal Load Balancer VIP (avechi.contoso.com).
			The internal firewall rule must allow traffic from any computer on the internal network that will be involved in audio/video calls or A/V conferencing to reach the A/V Edge Server internal Load Balancer VIP over all 3 ports.
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	avechi.contoso.com	192.168.10.45
DNS (External)
(A)	N/A	N/A	N/A

Table 12-12. Details for Chicago—A/V Edge Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Edge Server (A/V Edge Server)
Node1	AVECHI01	Perimeter Network	Workgroup servers in the Perimeter Network. Each node is running the A/V Edge Server role.
Node2	AVECHI02	Perimeter Network
NICs
Node1 (internal facing)	(1) 192.168.10.46	100-Mb Full	Set a persistent static route for the internal 10.0.0.0 network.
Node2 (internal facing)	(1) 192.168.10.47	100-Mb Full	Route add –p 10.0.0.0 mask 255.255.0.0 10.0.10.1
Node1 (external facing) Node2 (external facing)	(1) 64.65.66.16 (1) 64.65.66.17	100-Mb Full 100-Mb Full	Must be a publicly addressable IP address. Can be behind a port-forwarding firewall but not translated with NAT.
			Note: Default Gateway should be on the external NIC in each node and point to the Internet or you might not get audio on remote Office Communicator 2007/Office Communicator Phone Edition calls.
Ports
Firewall (internal)	N/A	N/A	A/V Edge Server array will use ports opened for A/V Edge Server internal Load Balancer VIP (avechi.contoso.com).
Firewall (external)	N/A	N/A	A/V Edge Server array will use ports opened for A/V Edge Server external Load Balancer VIP (avechi.contoso.com).
Certificates
CN/SN	avechi.contoso.com	EKU: Server	Exportable Machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	avechiauth.contoso.com	EKU: Server	Exportable Authorization certificate: Used by the A/V Conferencing Edge Server to create Media Relay Access Server (MRAS) (which is part of the A/V Edge Server) access tokens. Not exposed to the client.
DNS (Internal)
(A)	avechi01.contoso.com	192.168.10.46	This is the internal FQDN of A/V Edge Server (Node1).
(A)	avechi02.contoso.com	192.168.10.47	This is the internal FQDN of A/V Edge Server (Node2).
DNS (External) Note: External NICs in Node1 and Node2 are externally accessible only via the A/V Edge Server (external) Load Balancer VIP; use internal IP addresses for managing each node.
(A)	N/A	N/A	N/A

Table 12-13 provides a detailed view of the infrastructure requirements for the HTTP Reverse Proxy Server in the Chicago perimeter network.

Table 12-13. Details for Chicago—HTTP Reverse Proxy Server

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
HTTP Reverse Proxy Server	HTTCHI01	Perimeter Network	Workgroup server running ISA 2006 standard edition in the Perimeter Network.
NICs
Internal	(1) 192.168.10.60	100-Mb Full
External	(1) 64.65.66.30	100-Mb Full	The HTTP Reverse Proxy Server role can be behind a NAT or port-forwarding firewall.
Ports Note: If internal and external facing Internet Security and Acceleration (ISA) Server NICs reside in the perimeter network, port 443 needs to be open inbound from the ISA Server to the Office Communications Server 2007 Enterprise Edition Load Balancer VIP.
Firewall (internal)	443 TCP	Inbound	Traffic from HTTP Reverse Proxy Server (httchi01.contoso.com) → Office Communications Server 2007 Enterprise Edition Load Balancer VIP (frechi.contoso.com).
Firewall (external)	443 TCP	Inbound	Traffic from Internet → HTTP Reverse Proxy Server (httchi01.contoso.com).
Certificates
CN/SN	httchi01.contoso.com	EKU: Server	Exportable Machine certificate: Used for Client/Server TLS/MTLS.
SAN	N/A		First entry in the SAN must match the CN/SN of the certificate.
DNS (Internal)
(A)	httchi01.contoso.com	192.168.10.60	This is the internal FQDN of the HTTP Reverse Proxy Server.
DNS (External)
(A)	httchi01.contoso.com	64.65.66.30	This is the external FQDN of the HTTP Reverse Proxy Server.

Table 12-14 through Table 12-16 provide detailed views of the infrastructure requirements for the Director Servers in Chicago.

Table 12-14. Details for Chicago—External Load Balancer for Director Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
Director	dirchiext.contoso.com	Internal Network	Externally facing hardware Load Balancer with 1 VIP.
VIPs
Director VIP (external)	(1) 10.18.10.33	100-Mb Full	Virtual IP Address on the external-facing Load Balancer for array of Director Servers.
Ports
Firewall (internal)	5061 TCP	Bi-directional	Traffic to/from Access Edge Server internal Load Balancer VIP (access.contoso.com) ↔ Director Server internal Load Balancer VIP (dirchiext.contoso.com).
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	N/A	N/A	N/A
DNS (External)
(A)	dirchiext.contoso.com	10.18.10.33

Table 12-15. Details for Chicago—Internal Load Balancer for Director Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
Director	dirchi.contoso.com	Internal network	Internally facing hardware Load Balancer with 1 VIP.
VIPs
Director VIP (internal)	(1) 10.18.10.32	100-Mb Full	Virtual IP Address on the internal-facing Load Balancer for array of Director Servers.
Ports
Firewall (internal)	N/A	N/A	N/A
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	dirchi.contoso.com	10.18.10.32
DNS (External)
(A)	N/A	N/A	N/A

Table 12-16. Details for Chicago—Director Server Array

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Director Node1 Director Node2	DIRCHI01 DIRCHI02	Internal network Internal network	Domain members on the internal network. Each node is running a copy of Office Communications Server 2007 Standard Edition.
NICs
Node1 (internal facing)	(1) 10.18.10.30	100-Mb Full
Node2 (internal facing)	(1) 10.18.10.31	100-Mb Full
Node1 (external facing)	(1) 10.18.10.130	100-Mb Full
Node2 (external facing)	(1) 10.18.10.131	100-Mb Full
Ports
Internal	N/A
Certificates
CN/SN	dirchi.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
			Note: Certficate should be issued for the FQDN of the Director Server internal Load Balancer VIP, not one of the Director Server nodes. Install the same certificate on both nodes.
SAN	N/A		First entry in the SAN must match the CN/SN of the certificate.
DNS (Internal)
(A)	dirchi01.contoso.com	10.18.10.30	This is the internal FQDN of the Director Server (Node1).
(A)	dirchi02.contoso.com	10.18.10.30	This is the internal FQDN of the Director Server (Node2).
DNS (External) Note: Use the Internal NICs for accessing the Director nodes individually.
(A)	N/A

Table 12-17 and Table 12-18 provide detailed views of the infrastructure requirements for the expanded Office Communications Server 2007 Enterprise Edition pool in Chicago.

Table 12-17. Details for Chicago—Internal Load Balancer for Office Communications Server 2007 Enterprise Edition Front End Server Pool

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
Office Communications Server 2007 Enterprise Edition Pool	frechi.contoso.com	Internal network	Hardware Load Balancer with 1 VIP; accessed by way of the Director.
VIPs
EE Pool VIP (internal)	(1) 10.18.10.1	100-Mb Full	Virtual IP Address on the Load Balancer for the Office Communications Server 2007 Enterprise Edition Front End Servers.
Ports
Firewall (internal)	N/A	N/A	N/A
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	frechi.contoso.com	10.18.10.1
DNS (External)
(A)	N/A	N/A	N/A

Table 12-18. Details for Chicago—Office Communications Server 2007 Enterprise Edition Front End Servers

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
EE Front End Server
Node1	frechi01.contoso.com	Internal network	Domain member Office Communications Server 2007 Enterprise Edition Expanded Pool. Each Front End Server in the pool is configured exactly the same way. The pool name is CHIPOOL01.
Node2	frechi02.contoso.com	Internal network
Node3	frechi03.contoso.com	Internal network
Node4	frechi04.contoso.com	Internal network
Node5	frechi05.contoso.com	Internal network
Node6	frechi06.contoso.com	Internal network
NICs
Node1 (internal)	(1) 10.18.10.2	100Mb Full
Node2 (internal)	(1) 10.18.10.3	100Mb Full
Node3 (internal)	(1) 10.18.10.4	100Mb Full
Node4 (internal)	(1) 10.18.10.5	100Mb Full
Node5 (internal)	(1) 10.18.10.6	100Mb Full
Node6 (internal)	(1) 10.18.10.7	100Mb Full
Ports
Firewall (internal)	N/A	N/A	Office Communications Server 2007 Standard Edition (SE) and EE pool Servers never talk directly to the Access Edge Server when a Director is in place.
Firewall (external)	N/A	N/A	N/A
Certificates
CN/SN	frechi.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
SAN	frechi.contoso.com sip.contoso.com sip.additionalSIPDomainName.com		First entry in the SAN must match the CN/SN of the certificate.
DNS (Internal)
(A) (A) (A) (A) (A) (A)	frechi01.contoso.com frechi02.contoso.com frechi03.contoso.com frechi04.contoso.com frechi05.contoso.com frechi06.contoso.com	10.18.10.2 10.18.10.3 10.18.10.4 10.18.10.5 10.18.10.6 10.18.10.7	This is the internal FQDN of each EE Front End Server in the pool.
(SRV)	_sipinternal._tcp.domain _sipinternaltls._tcp.domain	_tcp for port 5061 _tcp for port 5061	Example: _sipinternal Service Location (SRV)[0][0][5061] frechi.contoso.com
			Example: _sipinternaltls Service Location (SRV)[0][0][5061] frechi.contoso.com
DNS (External)
(A)	N/A		The Office Communications Server 2007EE Pool is not addressable externally accept via the Access Edge Server/Director Servers

Table 12-19 provides a detailed view of the infrastructure requirements for the Back End SQL cluster in the Chicago pool.

Table 12-19. Details for Chicago—Back End SQL Cluster

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
SQL Server 2005 Cluster	sqlchi01.contoso.com	Internal network	This is the virtual name for the SQL Server 2005 cluster.
Node1	BAECHI01	Internal network	Domain member SQL Server (EE Pool back end).
Node2	BAECHI02	Internal network	Domain member SQL Server (EE Pool back end).
NICs
Node1 (internal) Node2 (internal)	(1) 10.18.10.11 (1) 10.18.10.12	100-Mb Full 100-Mb Full
Ports
Internal	N/A
Certificates
CN/SN	N/A
DNS (Internal)
(A)	sqlchi01.contoso.com	10.18.10.10	This is the internal FQDN of the SQL Server 2005 cluster.
(A)	baechi01.contoso.com	10.18.10.11	This is the internal FQDN of the SQL Server 2005 Node1.
(A)	baechi01.contoso.com	10.18.10.12	This is the internal FQDN of the SQL Server 2005 Node2.
DNS (External)
(A)	N/A		The SQL Server 2005 server is not addressable externally.

Table 12-20 and Table 12-21 provide detailed views of the infrastructure requirements for the IIS Web Content Server array in Chicago.

Table 12-20. Details for Chicago—Internal Load Balancer for IIS Web Content Server Array

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Load Balancer
IIS Web Content Server	iischi.contoso.com	Internal network	Hardware Load Balancer with 1 VIP.
VIPs
EE Pool VIP (internal)	(1) 10.18.10.15	100-Mb Full	Virtual IP Address on the Load Balancer for the IIS Web content servers.
Ports
Firewall (internal)	N/A	N/A	N/A
Certificates
CN/SN	N/A	N/A	N/A
DNS (Internal)
(A)	iischi.contoso.com	10.18.10.15
DNS (External)
(A)	N/A	N/A	N/A

Table 12-21. Details for Chicago—IIS Web Content Server Array

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
IIS Web Content Server
Node1	IISCHI01	Internal network	Domain member IIS Server (Web Content).
Node2	IISCHI02	Internal network	Domain member IIS Server (Web Content).
NICs
Node1 (internal)	(1) 10.18.10.16	100-Mb Full
Node2 (internal)	(1) 10.18.10.17	100-Mb Full
Ports
Internal	N/A
Certificates
CN/SN	N/A
DNS (Internal)
(A)	iischi01.contoso.com	10.18.10.16	This is the internal FQDN of IIS Web Content Server Node1.
(A)	iischi01.contoso.com	10.18.10.17	This is the internal FQDN of IIS Web Content Server Node2.
DNS (External)
(A)	N/A		The IIS Web Content Server is not addressable externally.

Table 12-22 provides a detailed view of the infrastructure requirements for the Web Conferencing Server array in the Chicago pool.

Table 12-22. Details for Chicago—Web Conferencing Server Array

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Web Conferencing Server			Each node is a Domain member Web Conferencing Server, and they are all configured identically.
Node1	WCSCHI01	Internal network
Node2	WCSCHI02	Internal network
Node3	WCSCHI03	Internal network
Node4	WCSCHI04	Internal network
NICs
Node1 (internal)	(1) 10.18.10.20	100-Mb Full
Node2 (internal)	(1) 10.18.10.21	100-Mb Full
Node3 (internal)	(1) 10.18.10.22	100-Mb Full
Node4 (internal)	(1) 10.18.10.23	100-Mb Full
Ports
Internal	N/A	N/A
Certificates
CN/SN	wcschi01.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	wcschi02.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	wcschi03.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	wcschi04.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
SAN	N/A	N/A
DNS (Internal)
(A)	wcschi01.contoso.com	10.18.10.20	This is the internal FQDN of Web Conferencing Server Node1.
(A)	wcschi02.contoso.com	10.18.10.21	This is the internal FQDN of Web Conferencing Server Node2.
(A)	wcschi03.contoso.com	10.18.10.22	This is the internal FQDN of Web Conferencing Server Node3.
(A)	wcschi04.contoso.com	10.18.10.23	This is the internal FQDN of Web Conferencing Server Node4.
DNS (External)
(A)	N/A	N/A	The Web Conferencing Server Array servers are not addressable externally.

Table 12-23 provides a detailed view of the infrastructure requirements for the A/V Conferencing Server array in the Chicago pool.

Table 12-23. Details for Chicago—A/V Conferencing Server Array

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Web Conferencing Server			Each node is a Domain member A/V Conferencing Server, and they are all configured identically.
Node1	AVCCHI01	Internal network
Node2	AVCCHI02	Internal network
Node3	AVCCHI03	Internal network
Node4	AVCCHI04	Internal network
NICs
Node1 (internal)	(1) 10.18.10.24	100-Mb Full
Node2 (internal)	(1) 10.18.10.25	100-Mb Full
Node3 (internal)	(1) 10.18.10.26	100-Mb Full
Node4 (internal)	(1) 10.18.10.27	100-Mb Full
Ports
Internal	N/A	N/A
Certificates
CN/SN	avcchi01.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	avcchi02.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	avcchi03.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
CN/SN	avcchi04.contoso.com	EKU: Server	Exportable machine certificate: Used for Client/Server TLS/MTLS.
SAN	N/A	N/A
DNS (Internal)
(A)	avcchi01.contoso.com	10.18.10.24	This is the internal FQDN of A/V Conferencing Server Node1.
(A)	avcchi02.contoso.com	10.18.10.25	This is the internal FQDN of A/V Conferencing Server Node2.
(A)	avcchi03.contoso.com	10.18.10.26	This is the internal FQDN of A/V Conferencing Server Node3.
(A)	avcchi04.contoso.com	10.18.10.27	This is the internal FQDN of A/V Conferencing Server Node4.
DNS (External)
(A)	N/A	N/A	The A/V Conferencing Server Array servers are not addressable externally.

Table 12-24 provides a detailed view of the infrastructure requirements for the Mediation Server in Chicago.

Table 12-24. Details for Chicago—Mediation Server

Role/Feature	Quantity/Value(s)	Location/Setting	Note/Example
Server
Mediation	medchi01.contoso.com	Internal network	Domain member running Office Communications Server 2007 Mediation Server role
NICs
Internal	(1) 10.18.10.50	100-Mb Full
External	(1) 10.18.10.51	100-Mb Full	Carries unsecured PSTN traffic; allows 64 Kbps per concurrent PSTN call.
Ports
Internal Network	N/A
Gateway Network	N/A
Certificates
CN/SN	medchi01.contoso.com	EKU: Server	Exportable machine certificate: Used for Server MTLS/SRTP.
SAN	medchi01.contoso.com sip.additionalSIPDomainName.com		First entry in the SAN must match the CN/SN of the certificate.
DNS (Internal)
(A)	medchi01.contoso.com	10.18.10.50	This is the internal FQDN of the Mediation Server. (Ping resolves to this IP address.)
N/A	Not in DNS, but on internal network	10.18.10.51	This is the IP address used for Mediation Server ↔ SIP/PSTN GW communication.
			Considered an external interface by the Mediation Server.
DNS (External)
(A)	N/A

Important

Contoso also installs the Edge Server certificates on the Office Communicator 2007 and Live Meeting 2007 client machines, as they need to have the certificates locally installed for all Remote User Access Scenarios.

Important

Mediation Server does not need a certificate for communications with the Media Gateway, as this communication is not encrypted. However, a certificate has to be installed for the secure communication with Office Communications Server 2007.

Preparing DNS and Firewall Ports for the Paris Deployment

Table 12-25 contains the summary view of all infrastructure requirements for the deployment in Paris.

Table 12-25. Summary of Paris Infrastructure Requirements

Server Role	Name	External DNS Name (IP Address)	Internal DNS Name (IP Address)	External Firewall Port (Direction)	Internal Firewall Port (Direction)
Edge Server—Web Conferencing Edge Server	WCEPAR	wcepar.contoso.com	wcepar.contoso.com	443 TCP (Inbound)	8057 TCP (Outbound)
		Virtual IP Address (VIP) = (64.64.66.10)	Virtual IP Address (VIP) = (192.167.10.40)	(Internet → Web Conferencing Edge Server)	(Office Communications Server 2007 Pool → Web Conferencing Edge Server)
Nodes (Access Edge Server/Web Conferencing Edge Server)
Node1	WCEPAR01	N/A (64.64.66.11)	cawpar01.contoso.com (192.167.10.41)	N/A	N/A
Node2	WCEPAR02	N/A (64.64.66.12)	cawpar02.contoso.com (192.167.10.42)	N/A	N/A
Edge Server—A/V Edge Server (Load Balancer)	AVEPAR	avepar.contoso.com VIP = (64.64.66.15)	avepar.contoso.com VIP = (192.167.10.45)	443 TCP (Inbound)	443 TCP (Outbound)
				(Internet → A/V Edge Server)	(Internal Net [all IPs] → A/V Edge Server)
				3478 UDP (Inbound)	3478 UDP (Outbound)
				(Internet → A/V Edge Server)	(Internal Net [all IPs] → A/V Edge Server)
				50,000–59,999 TCP and UDP (Both)	5062 TCP (Outbound)
				(Internet ↔ A/V Edge Server)	(Internal Net [all IPs] → A/V Edge Server)
Nodes (A/V Edge Server)
Node1	AVEPAR01	N/A (64.64.66.16)	avepar01.contoso.com (192.167.10.46)	N/A	N/A
Node2	AVEPAR02	N/A (64.64.66.17)	avepar02.contoso.com (192.167.10.47)	N/A	N/A
HTTP Reverse Proxy Server	HTTPAR01	httpar01.contoso.com (64.64.66.30)	httpar01.contoso.com (192.167.10.60)	443 TCP (Inbound) Internet → HTTP Reverse Proxy Server	443 TCP (Inbound) HTTP Reverse Proxy Server → Office Communications Server 2007 Pool
EE Expanded Pool	PARPOOL01	N/A	parpool01.contoso.com (10.17.10.1)	N/A	N/A
EE (Load Balancer)	FREPAR	N/A	frepar.contoso.com VIP = (10.17.10.1)	N/A	N/A
			_sipinternal._tcp.domain (SRV) 5061 parpool01.contoso.com
			_sipinternaltls._tcp.domain (SRV) 5061 parpool01.contoso.com
EE Front End Servers
Node1	FREPAR01	N/A	frepar01.contoso.com (10.17.10.2)	N/A	N/A
Node2	FREPAR02	N/A	frepar02.contoso.com (10.17.10.3)	N/A	N/A
Node3	FREPAR03	N/A	frepar03.contoso.com (10.17.10.4)	N/A	N/A
Node4	FREPAR04	N/A	frepar04.contoso.com (10.17.10.5)	N/A	N/A
SQL Server 2005 (cluster name)	SQLPAR01	N/A	sqlpar01.contoso.com VIP = (10.17.10.10)	N/A	N/A
SQL Nodes
Node1	BAEPAR01	N/A	baepar01.contoso.com (10.17.10.11)	N/A	N/A
Node2	BAEPAR02	N/A	baepar02.contoso.com (10.17.10.12)	N/A	N/A
IIS Server (Load Balancer)	IISPAR	N/A	iispar.contoso.com VIP = (10.17.10.15)	N/A	N/A
IIS Nodes
Node1	IISPAR01	N/A	iispar01.contoso.com (10.17.10.16)	N/A	N/A
Node2	IISPAR02	N/A	iispar02.contoso.com (10.17.10.17)	N/A	N/A
Web Conferencing Server Array
Node1	WCSPAR01	N/A	wcspar01.contoso.com (10.17.10.20)	N/A	N/A
Node2	WCSPAR02	N/A	wcspar02.contoso.com (10.17.10.21)	N/A	N/A
A/V Conferencing Server Array
Node1	AVCPAR01	N/A	avcpar01.contoso.com (10.17.10.24)	N/A	N/A
Node2	AVCPAR02	N/A	avcpar02.contoso.com (10.17.10.25)	N/A	N/A

Preparing DNS and Firewall Ports for the Madrid Deployment

Table 12-26 contains the summary view of all infrastructure requirements for the deployment in Madrid.

Table 12-26. Summary of Madrid Infrastructure Requirements

Server Role	Name	External DNS Name (IP Address)	Internal DNS Name (IP Address)	External Firewall Port (Direction)	Internal Firewall Port (Direction)
EE Consolidated Pool	MADPOOL01	N/A	madpool01.contoso.com (10.16.10.1)	N/A	N/A
EE (Load Balancer)	FREMAD	N/A	fremad.contoso.com VIP = (10.16.10.1)	N/A	N/A
			_sipinternal._tcp.domain (SRV) 5061 madpool01.contoso.com
			_sipinternaltls._tcp.domain (SRV) 5061 madpool01.contoso.com
EE Front End Servers
Node1	FECMAD01	N/A	fecmad01.contoso.com (10.16.10.2)	N/A	N/A
Node2	FECMAD02	N/A	fecmad02.contoso.com (10.16.10.3)	N/A	N/A
Mediation Server	MEDMAD01	Session Initiation Protocol (SIP)/Public Switched Telephone Network (PSTN) Gateway (GW) (not in DNS) (10.16.10.51)	medchi01.contoso.com (10.16.10.50)	N/A	N/A
SQL Server 2005 (non-clustered)	BAEMAD01	N/A	baemad01.contoso.com (10.16.10.11)	N/A	N/A
Exchange 2007 UM, Mailbox Server (MBX), Client Access Server (CAS), and Hub Transport Server (HUB) Server	EXUMAD01	N/A	exumad01.contoso.com (10.16.10.70)	N/A	N/A
Archiving Server	ARCMAD01	N/A	arcmad01.contoso.com (10.16.10.80)	N/A	N/A

Preparing DNS and Firewall Ports for the Singapore Deployment

Table 12-27 contains the summary view of all infrastructure requirements for the deployment in Singapore.

Table 12-27. Summary of Singapore Infrastructure Requirements

Server Role	Name	External DNS Name (IP Address)	Internal DNS Name (IP Address)	External Firewall Port (Direction)	Internal Firewall Port (Direction)
Edge Server—Web Conferencing Edge Server	WCESPO	wcespo.contoso.com (64.62.66.11)	wcespo01.contoso.com (192.165.10.41)	443 TCP (Inbound) (Internet → Web Conferencing Edge Server)	8057 TCP (Outbound) (Office Communications Server 2007 Pool → Web Conferencing Edge Server)
Edge Server—A/V Edge Server (Load Balancer)	AVESPO	avespo.contoso.com (64.62.66.16)	avespo01.contoso.com (192.165.10.46)	443 TCP (Inbound)	443 TCP (Outbound)
				(Internet → A/V Edge Server)	(Internal Network [all IPs] → A/V Edge Server)
				3478 UDP (Inbound)	3478 UDP (Outbound)
				(Internet → A/V Edge Server)	(Internal Network [all IPs] → A/V Edge Server)
				50,000–59,999 TCP and UDP (Both)	5062 TCP (Outbound)
				(Internet ↔ A/V Edge Server)	(Internal Network [all IPs] → A/V Edge Server)
HTTP Reverse Proxy Server	HTTSPO01	httspo01.contoso.com (64.62.66.30)	httspo01.contoso.com (192.165.10.60)	443 TCP (Inbound) Internet → HTTP Reverse Proxy Server	443 TCP (Inbound) HTTP Reverse Proxy Server → Office Communications Server 2007 Pool
EE Consolidated Pool	SPOPOOL01	N/A	spopool01.contoso.com (10.15.10.1)	N/A	N/A
EE (Load Balancer)	FRESPO	N/A	frespo.contoso.com VIP = (10.15.10.1) _sipinternal._tcp.domain (SRV) 5061 spopool01.contoso.com _sipinternaltls._tcp.domain (SRV) 5061 spopool01.contoso.com	N/A	N/A
EE Front End Servers
Node1	FECSPO01	N/A	fecspo01.contoso.com (10.15.10.2)	N/A	N/A
Node2	FECSPO02	N/A	fecspo02.contoso.com (10.15.10.3)	N/A	N/A
Node3	FECSPO03	N/A	fecspo03.contoso.com (10.15.10.4)	N/A	N/A
Node4	FECSPO04	N/A	fecspo04.contoso.com (10.15.10.5)	N/A	N/A
SQL Server 2005 (non-clustered)	BAESPO01	N/A	baespo01.contoso.com (10.15.10.11)	N/A	N/A

Contoso's Deployment Path for Chicago

After preparing the server hardware and surrounding infrastructure—such as DNS and firewall configuration—Contoso can begin its Office Communications Server 2007 deployment. Contoso decides to start with the deployment in the Chicago headquarters and follows the deployment path presented in Table 12-28. For each server role deployment, Contoso reads the information in the corresponding Office Communications Server 2007 deployment guides.

Table 12-28. Deployment Path for Chicago

Step	Server	Action
1	SQLCHI01	Install SQL Cluster.
2	BAECHI01	Install SQL Back End.
3	BAECHI02	Install SQL Back End.
4	SQLCHI01	Deploy Office Communications Server 2007 Back End Server.
5	FRECHI	Install pool Load Balancer.
6	FRECHI01	Install FRECHI01.
7		Install one Office Communicator 2007 client to test.
8	FRECHI02	Install FRECHI02.
9	FRECHI03	Install FRECHI03.
10	FRECHI04	Install FRECHI04.
11	FRECHI05	Install FRECHI05.
12	FRECHI06	Install FRECHI06.
13		Test Office Communicator 2007 Client Instant Messaging access first with one or more Front End Servers offline and then with all of them online.
14	DIRCHI	Install inside (pool-facing) Load Balancer Director.
15		Install outside (edge-facing) Load Balancer Director.
16	DIRCHI01	Install DIRCHI01.
17	DIRCHI02	Install DIRCHI02.
18		Test Office Communicator 2007 Client Instant Messaging access first with one Director Server offline and then with all of them online.
19	IISCHI	Install Load Balancer IIS.
20	IISCHI01	Install IISCHI01.
21	IISCHI02	Install IISCHI02.
22	HTTCHI01	Install HTTCHI01.
23		Test Office Communicator 2007 Client Group Expansion and Global Address List download first with one IIS offline and then with both online.
24	WCSCHI01	Install WCSCHI01.
25	WCSCHI02	Install WCSCHI02.
26	WCSCHI03	Install WCSCHI03.
27	WCSCHI04	Install WCSCHI04.
28		Install one Live Meeting 2007 client to test Web Conferencing Servers first with one or more Web Conferencing Servers offline and then with all of them online.
29	AVCCHI01	Install AVCHI01.
30	AVCCHI02	Install AVCHI02.
31	AVCCHI03	Install AVCHI03.
32	AVCCHI04	Install AVCHI04.
33		Test LiveMeeting 2007 and Office Communicator 2007 A/V Conferencing Servers first with one or more A/V Conferencing Servers offline and then with all of them online.
34	CAWCHI	Install internal Load Balancer Access Edge Server/Web Conferencing Edge Server.
35		Install external Load Balancer Access Edge Server/Web Conferencing Edge Server.
36	CAWCHI01	Install CAWCHI01.
37	CAWCHI02	Install CAWCHI02.
38		Test Office Communicator 2007 Client Instant Messaging external access first with one or more Access Edge Servers offline and then with all of them online.
39		Test Live Meeting 2007 client external Web Conferencing Edge Server access first with one or more Web Conferencing Edge Servers offline and then with all of them online.
40	AVECHI	Install internal Load Balancer A/V Edge Server.
41		Install external Load Balancer A/V Edge Server.
42	AVECHI01	Install AVECHI01.
43	AVECHI02	Install AVECHI02.
44		Test Office Communicator 2007 Client A/V Edge Server external access first with one or more A/V Edge Servers offline and then with all of them online.
45		Test Live Meeting 2007 client external A/V Edge Server access first with one or more A/V Edge Servers offline and then with all of them online.
46	MEDCHI01	Install MEDCHI01.
47		Install SIP/PSTN Gateway.
48		Test Office Communicator 2007 client by placing and receiving PSTN calls.

When configuring the Enterprise Voice Scenario in Chicago, Contoso configures Location Profiles, Phone Usages, and Routes that are needed later in the deployment process for the Madrid Enterprise Voice users together with the configuration for the Chicago Enterprise Voice users. The following sidebar explains Contoso's Enterprise Voice configuration.

Working with Enterprise Voice Route Helper

When Contoso starts implementing Enterprise Voice for the users in Madrid and Chicago, it is necessary to configure Enterprise Voice. This involves creating location profiles, phone normalization rules, policies, phone usages, and routes. It can be done using the Office Communications Server 2007 Microsoft Management Console (MMC) snap-in, but it can also be done using the Office Communications Server 2007 Resource Kit utility Enterprise Voice Route Helper.

Enterprise Voice Route Helper enables you to create and test the Enterprise Voice configuration and, when it is correct, upload it to the live environment. It provides a graphical user interface (GUI) to help with the creation of regular expressions used in phone normalization rules and routing. It also can save test cases and rerun them when the configuration changes.

Before you start configuring Enterprise Voice, you need to understand the requirements for making phone calls, who should be able to dial which phone numbers, and the routing of the calls. In the following lists are the requirements identified by Contoso.

Requirements for Madrid

The requirements for Madrid can be summarized as follows:

Direct-Inward Dialing (DID) range +34 9112345 001 through +34 9112345 999.
Internal extension to be dialed directly with 3 digits.
To dial an external national number, first press 0.
To dial an external international number, first press 000 or +.
All employees are allowed to dial extensions and to dial nationally.
Some employees are allowed to dial extensions, dial nationally, and dial internationally.
Service numbers in Madrid include the following:
- Helpdesk: 444
- Travel Service: 666
Routing:
- Calls to numbers in the U.S. and Canada should use the PSTN break-out point in Chicago via the Mediation Server in Chicago (MEDCHI01).
- Calls to numbers in Spain should use the PSTN break-out point in Madrid via the Mediation Server in Madrid (MEDMAD01).
- Calls to the rest of the world should use the PSTN break-out point in Madrid via the Mediation Server in Madrid (MEDMAD01).

Requirements for Chicago

The requirements for Chicago can be summarized as follows:

DID range +1 312 55 10001 through +1 312 55 89999.
Internal extensions to be dialed directly with 5 digits.
To dial an external local number in Chicago, first press 9 and then 10 digits.
To dial an external national number (long distance), first press 91 and then 10 digits.
To dial an external international number, first press 9011 or + and then the country code and number.
Users have phone numbers stored for their Microsoft Office Outlook Contacts in both E.164 format or just as 10 digits without the leading 91.
All employees are allowed to dial extensions and national calls.
Some employees are allowed to dial extensions, dial national, and dial internationally.
Service numbers in Chicago include the following:
- Helpdesk: 55555—Should call the helpdesk number in Madrid
- Travel Service: 666
Routing:
- Calls to numbers in the U.S. and Canada should use the PSTN break-out point in Chicago via the Mediation Server in Chicago (MEDCHI01).
- Calls to numbers in Spain should use the PSTN break-out point in Madrid via the Mediation Server in Madrid (MEDMAD01).
- Calls to numbers in France, Denmark, and Sweden should use the PSTN break-out point in Madrid via the Mediation Server in Madrid (MEDMAD01).
- Calls to the rest of the world should use the PSTN break-out point in Chicago via the Mediation Server in Chicago (MEDCHI01).

Creating the Location Profile by Adding Phone Normalization Rules

Let's now go through the Enterprise Voice configuration for Chicago using Enterprise Voice Route Helper. Configuration for Madrid is left up to the reader.

The first step is to create the necessary location profile for Chicago. To do this, right-click in the Location Profile section of Enterprise Voice Route Helper and select New Location Profile, to get the following window:

Working with Enterprise Voice Route Helper

Clicking OK brings up the Location Profile Editor, where we can start adding phone normalization rules:

When defining the phone normalization rules, it is important to understand the two main uses of the rules: to convert dialed numbers to the E.164 format, and to enable the Quick Dial experience of the Office Communicator Phone Experience device. The Quick Dial experience entails the device automatically dialing the number when it understands, based on the phone normalization rules, that the last digit in the number has been pressed. It is important to implement phone normalization rules so that users can dial the various number formats without being negatively affected by Quick Dial behaviors—for example, users should be able to dial an external national number without the device starting to dial the number after the last digit in an extension is pressed.

Let's implement the phone normalization rules for Chicago based on the dialing requirements just mentioned. The following screen shot shows the definition of the phone normalization rule that converts extensions in Chicago to the full E.164 phone number:

Because the phone normalization rule names need to be unique within the Active Directory forest, all the names have "Chicago -" prepended. Also, please note the string "[1-8]" in the Starting Digits field. The string means any digit in the range 1 through 8 (that is, excluding 0 and 9). The digits 0 and 9 are excluded because they are not part of the DID range. Please also note that the rule is marked as being available for Quick Dial.

All the phone normalization rules used in Chicago are shown in the next screen shot:

Let's look at the phone normalization rules in more detail. They are listed in Table 12-29 with a comment describing each rule.

Table 12-29. Contoso Normalization Rules

Name	Pattern	Translation	Quick Dial	Example	Comment
Chicago - External International	^9011(d*)$	+$1	Yes	Dialed: 90114512345678 Translation: +4512345678	Any number starting with 9011 identifies an international number. Strip 9011 and prepend a plus sign (+).
Chicago - Helpdesk	^55555$	+349112345444	Yes	Dialed: 55555 Translation: +349112345444	Direct translation of the helpdesk extension to the E.164 number of the helpdesk in Madrid.
Chicago - Extension	^([1-8]d{4})$	+131255$1	Yes	Dialed: 12345 Translation: +13125512345	Any extension in Chicago translated to the E.164 number.
Chicago - External Local (10 digits)	^9([2-9]dd[2-9]d{6})$	+1$1	Yes	Dialed: 97735550113 Translated: +17735550113	Dial 9 to get an external line. The 4-digit pattern following uses the fact that in the U.S. 10-digit numbers never have 0 or 1 in the first and fourth digits.
Chicago - External National	^91([2-9]d{9})$	+1$1	Yes	Dialed: 914255550179 Translated: +14255550179	Long-distance call starts with 91, and then the next digit is not 0 or 1.
Chicago - Outlook Contacts	^([2-9]dd[2-9]d{6})t?$	+1$1	No	Dialed: 4255550179 Translated: +14255550179	Uses the rules mentioned about U.S. 10-digit numbers. The t? pattern at the end means that this rule will not be used for Quick Dial.

To test Quick Dial, you can use the "Test as you type" feature of Enterprise Voice Route Helper by typing a number in the Dialed Number field near the bottom of the window and clicking the Test button. In the following screen shot, the testing of the helpdesk is shown:

In the following screen shot, the testing of a long-distance number is shown:

Creating Policies by Adding Phone Usage Records and Routes

In Chicago, there are two types of employees: some are allowed to dial only extensions and nationally, and some are allowed to make local, national, and international calls. Therefore, it is necessary to create two policies, which we'll call Chicago - Restricted and Chicago - Unrestricted.

A policy contains one or more Phone Usage records. A Phone Usage record contains one or more Routes. These two concepts are used to implement rules about who is allowed to make what kind of phone calls and where the calls should be routed.

For the employees in Chicago, we need four Phone Usage records, which are shown in Table 12-30. The Gateway column specifies the Mediation Server in either Chicago (MEDCHI01) or Madrid (MEDMAD01).

Table 12-30. Contoso Routes

Phone Usage Name	Pattern	Route(s)	Gateway (Mediation Server)	Comment
Chicago - Restricted	^+1	Chicago PSTN break-out: Restricted	MEDCHI01	All calls to the U.S. and Canada
Madrid - Helpdesk	^+349112345444	Madrid Helpdesk	MEDMAD01	Calls to the help desk in Madrid
Chicago - Unrestricted	^(?!((+34)\|(+45)\|(+33)\|(+46)))	Chicago PSTN break-out: Unrestricted	MEDCHI01	All calls, except calls to Spain (+34), Denmark (+45), France (+33), and Sweden (+46)
Chicago - Unrestricted	^((+34)\|(+45)\|(+33)\|(+46))	Madrid PSTN break-out: Unrestricted	MEDMAD01	All calls to Spain, Denmark, France, and Sweden

The Chicago – Restricted policy contains the following Phone Usage records: Chicago – Restricted (to enable calls to the U.S. and Canada), and Madrid – Helpdesk (to allow calls to the help desk in Madrid). The Chicago – Unrestricted policy contains the Phone Usage record Chicago – Unrestricted.

Testing the Enterprise Voice Configuration

The Enterprise Voice configuration for Chicago is now done. One of the other very nice features of Enterprise Voice Route Helper is the ability to have ad hoc and saved test cases and to run these against the configuration. When testing, it is important to test the phone normalization rules, permissions, and routes. Table 12-31 shows relevant test cases for the Enterprise Voice configuration in Chicago.

Table 12-31. Contoso Routing Test Cases

Dialed Number	Normalized Number	Policy	Expected Route	Comment
90114512345678	+4512345678	Chicago - Unrestricted	MEDCHI01	Allowed to make international calls.
90114512345678	+4512345678	Chicago - Restricted	No route	Not allowed to make international calls.
+4512345678	+4512345678	Chicago - Unrestricted	MEDCHI01	Allowed to make international calls.
+4512345678	+4512345678	Chicago - Restricted	No route	Not allowed to make international calls.
55555	+349112345444	Chicago - Unrestricted	MEDMAD01	Allowed to make help desk calls.
55555	+349112345444	Chicago - Restricted	MEDMAD01	Allowed to make help desk calls.
50116	+13125550116	Chicago - Unrestricted	MEDCHI01	Allowed to make calls to extensions. In real life, this call is routed directly to the Unified Communications–enabled user and not out via the gateway.
50116	+13125550116	Chicago - Restricted	MEDCHI01	Allowed to make calls to extensions. In real life, this call is routed directly to the Unified Communications–enabled user and not out via the gateway.
97735550113	+17735550113	Chicago - Unrestricted	MEDCHI01	Allowed to make local calls.
97735550113	+17735550113	Chicago - Restricted	MEDCHI01	Allowed to make local calls.
4255550179	+14255550179	Chicago - Unrestricted	MEDCHI01	Allowed to make national calls.
4255550179	+14255550179	Chicago - Restricted	MEDCHI01	Allowed to make national calls.

Note

On the CD The sample RouteHelper Configuration file and RouteHelper Testcase file for the Contoso Chicago office are available on the companion CD in the Appendixes,Scripts,ResourcesChapter 12 folder.

–Jens Trier Rasmussen

Principal Consultant II, Microsoft Corporation

Contoso's Deployment Path for Paris

The next location to be configured after the Chicago deployment in Contoso's Office Communications Server 2007 deployment is Paris. Contoso decides to deploy in the order described in Table 12-32.

Table 12-32. Deployment Path for Paris

Step	Server	Action
1	SQLPAR01	Install SQL Cluster.
2	BAEPAR01	Install SQL Back End.
3	BAEPAR02	Install SQL Back End.
4	SQLPAR01	Deploy Office Communications Server 2007 Back End Server.
5	FREPAR	Install pool Load Balancer.
6	FREPAR01	Install FREPAR01.
7		Install one Office Communicator 2007 client to test.
8	FREPAR02	Install FREPAR02.
9	FREPAR03	Install FREPAR03.
10	FREPAR04	Install FREPAR04.
11		Test Office Communicator 2007 Client Instant Messaging access first with one or more Front End Servers offline and then with all of them online.
12	IISPAR	Install Load Balancer IIS.
13	IISPAR01	Install IISPAR01.
14	IISPAR02	Install IISPAR02.
15	HTTPAR01	Install HTTPAR01.
16		Test the Office Communicator 2007 Client Group Expansion and Global Address List download first with one IIS server offline and then with both online.
17	WCSPAR01	Install WCSPAR01.
18	WCSPAR02	Install WCSPAR02.
19		Install one Live Meeting 2007 client to test the Web Conferencing Server first with one or more Web Conferencing Servers offline and then with all of them online.
20	AVCPAR01	Install AVCPAR01.
21	AVCPAR02	Install AVCPAR02.
22		Test LiveMeeting 2007 and the Office Communicator 2007 A/V Conferencing Server first with one or more A/V Conferencing Servers offline and then with all of them online.
23	WCEPAR	Install internal Load Balancer Web Conferencing Edge Server.
24		Install external Load Balancer Web Conferencing Edge Server.
25	WCEPAR01	Install WCEPAR01.
26	WCEPAR02	Install WCEPAR02.
27		Test the Live Meeting 2007 client external Web Conferencing Server access first with one or more Web Conferencing Edge Servers offline and then with all of them online.
28	AVEPAR	Install the internal Load Balancer A/V Edge Server.
29		Install the external Load Balancer A/V Edge Server.
30	AVEPAR01	Install AVEPAR01.
31	AVEPAR02	Install AVEPAR02.
32		Test the Office Communicator 2007 Client A/V Edge Server external access first with one or more A/V Edge Servers offline and then with all of them online.
33		Test the Live Meeting 2007 client external A/V Edge Server access first with one or more A/V Edge Servers offline and then with all of them online.

Contoso's Deployment Path for Madrid

After the Chicago and Paris deployments, Contoso proceeds with the Madrid deployment by following the deployment path described in Table 12-33.

Table 12-33. Deployment Path for Madrid

Step	Server	Action
1	BAEMAD01	Install BAEMAD01.
2	FREMAD	Install pool Load Balancer.
3	FECMAD01	Install FECMAD01.
4		Install one Office Communicator 2007 client to test.
5	FECMAD02	Install FECMAD02.
6		Test Office Communicator 2007 Client Instant Messaging access first with one or more Front End Servers offline and then with all of them online.
7	MEDMAD01	Install MEDMAD01.
8		Install the SIP/PSTN Gateway.
9		Test the Office Communicator 2007 client by placing and receiving PSTN calls.
10	EXUMAD01	Install EXUMAD01.
11		Test Office Communicator 2007 client access and forward to VoiceMail. Test external access to VoiceMail.
12	ARCMAD01	Install ARCMAD01.
13		Test whether the Archiving Server works by using Office Communicator 2007 Instant Messaging.

Archiving CDR (Call Detail Record) Reporter

Archiving CDR (Call Detail Record) Reporter, an Office Communications Server 2007 Resource Kit tool that is found on the Companion CD for this title, helps you to access and summarize the data from the various tables in the Archiving database. At first, a database has to be selected from which the tool can collect the data:

Once opened, the Archiving CDR Reporter tool displays available reports:

The criteria available in the Archiving CDR Reporter tool include the following:

Peer to Peer Usage Reports:
- Total Number of IM Sessions
- Total IM Usage Time
- Total Number of Audio Sessions
- Total Audio Usage Time
- Total Number of Video Sessions
- Total Video Usage Time
- Total P2P IM Message Count
- Total Number of FileTransfer Sessions
- Total Number of ApplicationSharing Sessions
- Total Number of RemoteAssistance Sessions
- Total Number of Users
- List of Users
Conferencing Usage Reports:
- Total Number of Conferences
- Total Number of Conference Joins
- Unique Number of Conference Users
- Total Conference Minutes
- Total Number of Conference Messages
- Total Number of Conferences Using DataMCU (Web Conferencing Server)
- Total Number of Conferences Using AVMCU (A/V Conferencing Server)
- Total Number of Conferences Using IMMCU (on Front End Server)
VoIP Usage Reports:
- Total Number of VoIP Calls
- Total Number of UC-PSTN Calls
- Total Number of PSTN-UC Calls
- Average Duration of Calls
- Total Number of Redirected Calls
- Total Number of Failed Calls
- Number of Calls per Gateway (Mediation Server)

Contoso's Deployment Path for Singapore

The last pool location for Contoso's Office Communications Server 2007 deployment is Singapore. Contoso decides to deploy Office Communications Server 2007 server roles in the order described in Table 12-34.

Table 12-34. Deployment Path for Singapore

Step	Server	Action
1	BAESPO01	Install BAESPO01.
2	FRESPO	Install pool Load Balancer.
3	FECSPO01	Install FECSPO01.
4		Install one Office Communicator 2007 client to test.
5	FECSPO02	Install FECSPO02.
6	FECSPO03	Install FECSPO03.
7	FECSPO04	Install FECSPO04.
8		Test Office Communicator 2007 Client Instant Messaging access first with one or more Front End Servers offline and then with all of them online.
9	HTTSPO01	Install HTTSPO01.
10	WCESPO01	Install WCESPO01.
11		Test the Live Meeting 2007 client external Web Conferencing Server access.
12	AVESPO01	Install AVESPO01.
13		Test the Live Meeting 2007 client and Office Communicator 2007 external A/V Conferencing Server.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for 12. Office Communications Server 2007 Deployment Example

Create new playlist

Sign In

Sign Up

Chapter 12. Office Communications Server 2007 Deployment Example

Understanding Contoso's Deployment Process for Office Communications Server 2007

Establishing a Server Naming Convention

Note

Note

Preparing the Server Hardware

Contoso's Deployment Path

Preparing Active Directory

Important

Overview of Preparing Firewall Ports, Certificates, NICs, and DNS

Preparing DNS, Firewall Ports, and Certificates for Chicago Deployment

Important

Important

Preparing DNS and Firewall Ports for the Paris Deployment

Preparing DNS and Firewall Ports for the Madrid Deployment

Preparing DNS and Firewall Ports for the Singapore Deployment

Contoso's Deployment Path for Chicago

Note

Contoso's Deployment Path for Paris

Contoso's Deployment Path for Madrid

Contoso's Deployment Path for Singapore

Table of Contents for
12. Office Communications Server 2007 Deployment Example