Home
Microsoft

Announcing Skype For Business Cloud Connector Edition version 2.0

Today, we are announcing Skype for Business Cloud Connector Edition version 2.0. We announced general availability in April, 2016 letting customers integrate their existing PSTN trunks to Cloud PBX providing three modalities:

  • Authentication of the local trunk to Office 365 Cloud PBX;
  • Keep media within enterprise boundaries;
  • Negotiation of codecs between the clients and a PSTN gateway/Session Border Controller (SBC)

Since the GA of Cloud Connector Edition, we've seen momentum from companies of varied sizes who use CCE to connect their telephony trunks to Microsoft Cloud PBX. Cushman and Wakefield, a global property management company uses Cloud Connector and Skype for Business Cloud PBX to empower their employees to be productive on any device saving $1 million a year on telephony costs.

 

We are pleased to release Skype for Business Cloud Connector Edition version 2.0 addressing the most requested improvements by our customers including media bypass, support of 16 Cloud Connector Editions per one PSTN site, the ability to manipulate SIP headers, use of Office 365 Skype for Business accounts and more.

 

Media Bypass

Media bypass allows a client to send media directly to the Public Switched Telephone Network (PSTN) next hop - a gateway or Session Border Controller (SBC) - and eliminate the Cloud Connector Edition component from the media path.

 

Media bypass can improve voice quality by reducing latency, the possibility of packet loss, and the number of points of potential failure. Elimination of media processing for bypassed calls reduces the load on Cloud Connector, which enables a higher number of concurrent calls, and can improve scalability. Freeing Cloud Connector Edition from media processing tasks may also reduce the number of hardware an infrastructure requires.

 

How media bypass affects media and signaling pathways

While signaling takes the same path with or without media bypass, the media flow will differ. The following diagrams show media and signaling pathways in topologies with and without media bypass.

 

For example, in the following topology - which does not employ media bypass - a Skype for Business client places a PSTN call to an external number, the SIP signaling goes to Office 365, and Office 365 then directs the signaling traffic according to the end-user voice policy. For Cloud Connector users, the voice policy directs signaling traffic to the Cloud Connector Edge Server, which then routes the signaling traffic to a PSTN Session Border Controller (SBC) or gateway via the Cloud Connector Mediation Server. Media flows from the Skype for Business client to the Cloud Connector Mediation Server, and then to the SBC or gateway, as shown in the following diagram:

 

Media and signaling pathways without media bypassmediaandsignalingpathways.png

 

An inbound call from the PSTN uses the same signaling path in the reverse direction. For internal users, media will ultimately flow between the Skype for Business client and the Cloud Connector Mediation Server and then the SBC or gateway.

 

In the next topology - which employs media bypass - signaling takes the same path, but media flows directly between the Skype for Business client and the SBC or gateway, as shown in the following diagram:

 

Media and signaling pathways with media bypassmediaandsignalingpathways2.png

 

For more information, go to TechNet to learn more on planning and deploying Media Bypass.

 

Support of 16 Cloud Connector Editions per one PSTN Site

Skype for Business PSTN site is a logical combination of Cloud Connectors in one physical location. You can assign users to a site to provide affinity between users and gateways. With the initial release, only four instances of Cloud Connector Editions are supported per PSTN site. Each instance of Cloud Connector can support up to 500 simultaneous calls. One site consisting of four instances of Cloud Connectors can support 1,500 simultaneous calls/lines (with one instance reserved for High Availability). This means one deployment of Cloud Connector Edition could support 9,000 to 15,000 users using a 1:6 to 1:10 ratio of available line to users.

 

However, many large companies want to centralize Cloud Connectors in one location to minimize their costs. This is when the number of users can exceed 15,000 and require more instances per site. With the support of 16 CCEs, we can now support 45,000 to 75,000 simultaneous calls/lines.

 

Ability to manipulate SIP headers for billing or interoperability purposes

With version two of Cloud Connector Edition we enable manipulation of SIP headers via the INI file of Cloud Connector.

 

The following headers can now be manipulated in the INI file:

  • EnableFastFailoverTimer: With the default value "True" if outbound calls are not answered by the gateway within 10 seconds they will be routed to the next available gateway; if there are no additional trunks, the call will be dropped. In the case of slow networks and gateway responses, or when establishing calls takes more than 10 seconds, you will need to change the value to False if you encounter similar issues. Do not forget to change the corresponding setting on connected SBC or Gateway.
  • ForwardCallHistory: These parameter turn on SIP headers that are used to report the initial caller in Simultaneous Ringing, Call Forwarding and Call Transfer Scenarios. Setting the parameters to True will turn on two SIP headers:
    • History-Info: The History-Info header is used for retargeting SIP requests and "provide(s) a standard mechanism for capturing the request history information to enable a wide variety of services for networks and end-users" (RFC 4244 - Section 1.1, http://www.ietf.org/rfc/rfc4244.txt). For the Cloud Connector trunk interfaces, this is used in Simulring and Call Forwarding scenarios.
    • Referred-By: For Call transfer scenarios the Referred-By header is used for retargeting SIP requests, specifically for Call Transfer scenarios with regards to the Cloud Connector trunk interface. In a call transfer scenario it may be necessary to provide the refer target with specific information about the referrer and the refer request itself. In the case of SIP trunks, the Referred-By header carries information (referrer's identity) which is typically used for authentication and billing purposes by the SIP trunk provider. Note that the Referred-By header sent by the Mediation Server to the SIP trunk provider will not be encrypted or signed.
  • ForwardPAI: PAI is a private extension to SIP which enables SIP servers to assert the identity of authenticated users. For SIP trunk providers, PAI may be used for billing purposes in the event that History-Info and Referred-By headers are not present. When Forward P-Asserted-Identity is enabled in the configuration, Mediation Server will forward PAI headers with SIP & Tel URI's from Cloud Connector onto the SIP Trunk. Mediation Server will forward PAI headers with tel URI's & E.164 numbers ONLY received on the SIP trunk to Cloud Connector. Mediation Server will also forward any Privacy headers received in either direction. If the SIP Request sent by mediation server includes a Privacy header of the form - "Privacy: id" in conjunction with the PAI header then the asserted identity should be kept private outside of the network trust domain.

More details about the History-Info and ForwardPAI headers can be found here http://download.microsoft.com/download/2/4/5/245583A7-E9E1-403B-BD15-AB711C7DF744/Lync%202013%20Head...

 

Use of Office 365 Skype for Business account instead of a Global Administrator account

Previously, we required a dedicated Office 365 account with Global Administrator rights to perform certain administrative tasks. Based on customer feedback, we now let any account with a Skype for Business administrator role to perform management tasks. This allows larger organizations with several administrators to easily administer the system while keeping strict rules on access rights.

 

Autogenerated passwords for local administrators of Cloud Connector instances

During the deployment of a Cloud Connector instance a new Active Directory forest is created for each appliance. There are two accounts created at the forest level and one account created for each VM: Domain Administrator account, Safe Mode Administrator account and an administrative account for each virtual machine. To lessen the burden on administrators, we no longer require manually creating a password for the forests administrators. Instead, the password for those accounts are auto generated during the installation.

 

Introduction of Hybrid Voice flag in Mediation Service User Agent to better distinguish Cloud Connector calls in the Call Quality Dashboard

When a call is placed, every Server or Client reports its name in SIP User-Agent header for diagnostic purposes. For example, when you place a call using a Cloud Connector before version two, RTCC/6.0.0.0 MediationServer was reported which led to confusion when there was a need to distinguish Cloud Connector calls from calls placed via other trunks.

 

To better distinguish the calls, Cloud Connector Mediation Server now reports in SIP User-Agent Header to better distinguish Cloud Connector calls in Call Quality Dashboard. 

 

Improvements to self-monitoring and self-troubleshooting process

The last improvement we made by customer request are improvements to the self-monitoring and troubleshooting mechanism. With this update, additional scenarios were added now detecting the following events:

  • One or more Virtual Machines of a Cloud Connector instance are not connected to internal or internet virtual switch;
  • One or more Virtual Machines of a Cloud Connector instance are in saved or stopped status;
  • The following services are not running:
    • On Central Management Store Virtual Machine:
      • Skype for Business Master Replicator Agent;
      • Skype for Business Replica Replicator Agent
    • On Mediation Server Virtual Machine:
      • Skype for Business Replica Replicator Agent
      • Skype for Business Server Mediation
    • On Edge Server Virtual Machine:
      • Skype for Business Replica Replicator Agent;
      • Skype for Business Server Access Edge;
      • Skype for Business Server Audio/Video Edge;
      • Skype for Business Server Audio/Video Authentication;
      • Skype for Business Server Web Conferencing Edge

If one of the events outlined above is detected, the entire instance of the Cloud Connector is drained and marked as offline.

 

Disabling SSL 3.0 by default for all services used by Cloud Connector Edition

We reviewed all services in Cloud Connector Edition and disabled use of SSL 3.0 by default according to the security advisory published on October, 2014 https://technet.microsoft.com/library/security/3009008

 

 

Since the release of Skype for Business Cloud Connector Edition, we've seen momentum from companies adopting the solution to achieve Hybrid PSTN.  With CCE version 2.0, we have addressed some of the most requested improvements by our customers.  As we look ahead, we are committed to improving the functionality of Cloud Connector Edition, so please provide feedback to us via skypefeedback.com and Technical Community.

 

For more resources on Skype For Business Cloud Connector Edition, go to the following links:

 

Documentation

Recorded Training

 

23 Comments
Frequent Visitor

Does CCE 2.0 support Hyper-V 2016 deployments?

Senior Member

Good content, the downloadable presentations may need bit of clensing. some internal review comments are still there.

Microsoft

@Lakmal Galappaththi, tahnsk the slides are updated now.

@ Mark Chow we only support Windows Server 2012 at the moment. Is there a reason you want support of 2016?

New Contributor

Any news on supportability for AA and CQ with CCE?

Hi Damian, we are working on it. 

Senior Member
As an organization we are trying to have all new installs of servers be on the most current OS. It just extends dealing with End of Life or End of Support issues a little longer. So Windows 2016 support would be welcomed.
Frequent Visitor

@Nikolay Muravlyannikov, as @Douglas Jones stated, Windows Server 2016 support is preferable as it is the latest iteration of Microsoft's server operating system and will reduce the amount of maintenance required to support CCE moving forward.

Microsoft

Team,

 

Any further guidance related to how may appliances are required when media bypass is enabled.

I have a customer with 33K and only about 10% will be connecting from the outside?

Thanks

@Ghazi Boufaden there are two factors you need to concider when plan Media Bypass.

1. Client version. Media Bypass supported only with Skype for Business Windows Cleint version 16.0.7870.2020 or greater.

2. External Cleints will not use Media Bypass

When calculate number of required appliances you need to sum these clients and they will define number of appliances required, given that one appliance can handle 50 to 500 media calls. Clients with Media Bypass don't generate significant load.

Microsoft

@Nikolay Muravlyannikov as Clients with Media Bypass don't generate significant load, if no one connects from outside and all users are running Client version 16.0.7870.2020 or greater. How many appliances are needed for 33K users? The CCEs will be centralized.

In case you don't have any cleint on old version and ther is no external users one instance (the bigger with ability to handle 500 simultanious calls) should be enough. But you also will need at least one for HA

Microsoft

@Nikolay Muravlyannikov last question I promise :)

 

Based on your experience, what would be the averge ratio PSTN Calls : Number of users per appliance?

is it  between 1:6 to 1:10 or can  be greater  than 1:10?

 

I'm still talking about the previous scenario.

Hi @Ghazi Boufaden we see the pattern toward 1:6 or even, in some cases, 1:4. The reason once you migrate to SfB many calls are converted to VoIP calls that don't require PSTN network. I recommend look at current tepephony statistic, predict how many calls will be VoIP (if migration from a pure PSTN deployement) and make the desicion. Let me know if you want to sync offline.

Senior Member

Hi,

On Technet, the Plan for Cloud Connector page mentions v2.0.1 ... What changed between 2.0.0 and 2.0.1 ?

Thx,

Koen

Occasional Visitor

Release 2.0.1 08/07/2017
The following updates were made in Skype for Business Cloud Connector Edition version 2.0.1:
1. Be compatible with Skype for Business Online Windows PowerShell Module version 7.0.1045.0.
2. Fix switching version failure when restarts virtual machines. Restarts virtual machines of the appliance follow the server role sequence AD, Cms, MS and Edge.

 

Occasional Visitor

Does anyone know future direction/roadmap of Skype-For-Business-Cloud-Connector? I have been hearing that Microsoft is going to kill CCE.

 
Senior Member
That seems like it would just be a rumor considering this product has not been out for that long and many companies are adapting it.
New Contributor

Very unlikely, CCE will be the go to solution for many organisations as it has benefits of the cloud first solution and flexibility of an on premise PSTN connectivity. In the recent public webinar MS announced their long term plans related to CCE.

Hi Damian, Douglas, Ravindran CCE recommended itself as a go solution for many customers. CCE allows separating PBX and trunk levels that customers love. Microsoft is committed to providing the Hybrid Voice options for our call systems. CCE keep evolving and there is no plans to get rid of it in Skype for Business. 

Occasional Visitor

Thank you Nikolay.  Is it Microsoft official product announcement? How does Microsoft Teams evolution impact CCE roadmap?

Senior Member

Can someone tell me why I am receiving the below message when trying to run Enter-CCUpdate?  The IP adress in question is the internal IP address of the Edge Server.

 

I am trying to figure our why automatic updating is failing for CCE 2.0.1.  I have restarted the WinRM service on all the servers and even tried running Enable-PSRemoting on all servers.

 

[10.xx.xx.31] Connecting to remote server 10.xx.xx.31 failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is
valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the
WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic.
At C:\Program Files\WindowsPowerShell\Modules\CloudConnector\Internal\MtVm.ps1:542 char:23
+     } -ArgumentList @($ServiceName, $TimeoutInSeconds, $IntervalInSeconds) -Erro ...
+                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (10.xx.xx.31:String) [], PSRemotingTransportException
    + FullyQualifiedErrorId : WinRMOperationTimeout,PSSessionStateBroken

Regular Visitor

Skype for Business merging into Microsoft Teams. PSTN included. PSTN with CCE as well ? Or only PSTN provided by Microsoft in the cloud ? That option is not even available in my country. I'd be happy to get rid of SfB and unify in one product, I guess MS has a solution for that setup.