Scopia XT Desktop Server for IP Office Deployment Guide Version 8.2.1 8.2.1 For Solution 8.
© 2000-2013 RADVISION Ltd. All intellectual property rights in this publication are owned by RADVISION Ltd and are protected by United States copyright laws, other applicable copyright laws and international treaty provisions. RADVISION Ltd retains all rights not expressly granted. All product and company names herein may be trademarks of their registered owners. This publication is RADVISION confidential.
Table of Contents Chapter 1: About Scopia XT Desktop Server for IP Office About Components of the Scopia XT Desktop Server ..................................................................................... 5 Chapter 2: Planning your Scopia XT Desktop Server Deployment Minimum Requirements and Specifications of Scopia XT Desktop Server ..................................................... 7 Planning the Topology of Scopia XT Server for IP Office with Scopia XT Desktop ....................................
Chapter 5: Securing Your Scopia XT Desktop Deployment Protecting Meetings with a PIN ...................................................................................................................... 36 Securing Web Connections and Media Traffic to Scopia XT Desktop Server ............................................... 37 Deployment Guide for Scopia XT Desktop Server for IP Office Version 8.2.
Chapter 1 | About Scopia XT Desktop Server for IP Office Scopia XT Desktop Server extends the capabilities of videoconferences hosted on the Scopia XT Server for IP Office by enabling Scopia XT Desktop Clients and Scopia Mobile devices to join. Figure 1: Scopia XT Desktop Server extends meetings to include Scopia XT Desktop Clients The Scopia XT Server for IP Office solution is especially suited to the communication requirements of Small and Medium Businesses (SMB).
Figure 2: Components of the Scopia XT Desktop Server • Scopia XT Desktop Conference Server At the center of Scopia XT Desktop Server, the conference server creates conferences with Scopia XT Desktop Clients and Scopia Mobile devices, relaying media to the MCU to enable transparent connectivity with H.323 and SIP endpoints. • Scopia XT Desktop Application Server (Tomcat) The underlying Scopia XT Desktop web server and application server is implemented by Tomcat.
Chapter 2 | Planning your Scopia XT Desktop Server Deployment When planning your Scopia XT Desktop Server deployment, consider the following: • Will most Scopia XT Desktop Clients connect to videoconferences from within the enterprise, or from outside? For example, if there are many internal Scopia XT Desktop Clients, consider placing a dedicated Conference Server in the enterprise.
Important: Scopia XT Desktop Servers should be deployed on a physical server, not virtual machines like VMware. Web browsers (for the Scopia XT Desktop Server Administration): Scopia XT Desktop is tested with the latest internet browser versions available at the time of release.
Scopia XT Desktop Server Security Specifications Scopia XT Desktop Server has extensive support for security, both standard encryption with certificates and a proprietary secure protocol between the client and server: • HTTPS protocol between Scopia XT Desktop Client and Scopia XT Desktop Server.
Figure 3: Scopia XT Server for IP Office Deployment Deploying Scopia XT Desktop Server with Dual-NIC Scopia XT Desktop Server can be installed on servers with multiple Network Interface Cards (NICs). Depending on the deployment and network configuration, you may want to control which NIC is used for various server communications. Important: The minimum requirement is to use a 100 Mbit NIC. It is recommended that you use a Gigabyte NIC for better performance.
Figure 4: Scopia XT Desktop Server with a dual-NIC deployment Scopia XT Desktop Clients can connect to the Scopia XT Desktop Server either by an IP address or a DNS name. In many deployments the Scopia XT Desktop Server IP address is not accessible to clients outside the enterprise due to NAT or firewall restrictions. Therefore, Scopia XT Desktop Server has a public address, which must be a DNS name resolving to the correct Scopia XT Desktop Server IP address both inside and outside the corporate network.
The Scopia XT Desktop Server coordinates videoconferences between Scopia XT Desktop Clients/Scopia Mobile devices and the Scopia XT Server for IP Office. Table 1: Default bandwidth used for one connection on page 12 lists the default bandwidth used for each connection between the participant and the Scopia XT Desktop Server.
Figure 6: Setting maximum bandwidth in Scopia XT Desktop Server The formula for calculating external bandwidth is as follows: Total upload bandwidth = upload bandwidth per participant × num of internet participants Total download bandwidth = download bandwidth per participant × num of internet participants For example, if the defined call rate is 384 kbps, each participant uses 384 kbps for uploading and 384 kbps for downloading.
Figure 7: Locating the Scopia XT Desktop Server in the DMZ When opening ports between the DMZ and the enterprise on the Scopia XT Desktop Server, use the following as a reference: • When opening ports that are both in and out of the Scopia XT Desktop Server, see Table 2: Bidirectional Ports to Open Between the Scopia XT Desktop Server and the Enterprise on page 15.
Table 2: Bidirectional Ports to Open Between the Scopia XT Desktop Server and the Enterprise Port Range 1024- 65535 Protocol TCP (H.245/ Q.931) 10000-65535 UDP (RTP) Destination Result of Blocking Port Functionality Required Scopia XT Server Enables connection to Cannot connect to Mandatory for IP Office Scopia XT Desktop the meeting To limit range, see meetings. Limiting the TCP Port Range for H.245/Q.
Table 4: Inbound Ports to Open from the Enterprise to the Scopia XT Desktop Server Port Range 80 443 Protocol TCP (HTTP) TCP (TLS) Destination Web client Scopia XT Desktop Clients and Scopia Mobile Result of Blocking Port Functionality Provides access to the Scopia XT Desktop Server Web Portal (you can configure port 443 instead) Cannot access the Scopia XT Desktop Server Web Portal Enables sending control messages between the Scopia XT Desktop Server and Clients, and is also used to tunnel RTP med
Table 6: Inbound Ports to Open from the Public to the Scopia XT Desktop Server Port Range 80 443 Protocol TCP (HTTP) TCP (TLS) Destination Web client Scopia XT Desktop Clients and Scopia Mobile Result of Blocking Port Functionality Provides access to the web Cannot access the user interface (you can web user interface configure port 443 instead) Enables sending control messages between the Scopia XT Desktop Server and Clients, and is also used to tunnel RTP media if the UDP ports are blocked Scopi
Figure 8: Multimedia Ports Area 4. Configure your port range (using any values between 2326 and 65535) by doing the following: a. Enter the base port value in the Lowest Multimedia Port field. b. Enter the upper port value in the Highest Multimedia Port field. 5. Select OK or Apply. Limiting the TCP Port Range for H.245/Q.931 on the Scopia XT Desktop Server About this task The Scopia XT Desktop Server has designated ports 1024-65535 for TCP for H.245 and Q.931 signaling.
Chapter 3 | Installing the Scopia XT Desktop Server About this task Follow these recommendations when installing the Scopia XT Desktop Server components: • Do not install the Scopia XT Desktop Client on the same PC as any Scopia XT Desktop component. • If you want to encrypt communication with HTTPS, configure the Conference Server for Scopia XT Desktop to port 443 after the installation is completed (see Securing Web Connections and Media Traffic to Scopia XT Desktop Server on page 37).
Figure 9: Choosing language for the installation 3. Select Next and accept the license agreement. 4. Enter the IP address or DNS name of the Scopia XT Server for IP Office which hosts videoconferences with its built-in MCU in the XT Server Address window, and select Next. Figure 10: Specifying the XT Server with built-in MCU 5. Change the installation folder if required, and select Next. 6.
Figure 11: Selecting the NIC pointing to the internal network 7. Change the default web server port if required, and then select Next. For more information on port changes, see Ports to Open on Scopia XT Desktop on page 13 8. In the Hostname Configuration window specify the public name of the Scopia XT Desktop Server, to be used later as part of the URL sent to Scopia XT Desktop Clients to connect to videoconferences.
9. Select Install in the Ready to Install the Program window. 10. Select Finish. 11. If the local Windows Firewall is active on the Scopia XT Desktop Server, two core services which must have permission to communicate through the firewall. Navigate to the Windows Firewall Control Panel (Figure 13: Enabling public access for essential services on page 22) and enable the following programs: • Commons Daemon Service Runner, located at \tomcat\bin\tomcat7.exe.
Chapter 4 | Configuring Your Deployment This section describes how to access the Scopia XT Desktop Administration web interface, configure your Scopia XT Desktop, define a local administrator account, and verify that the Scopia XT Server for IP Office and Scopia XT Desktop are successfully connected.
The default username is admin and the password is admin. 3. Select Sign In. Defining an Administrator Account About this task You can define a username and password for an administrator to access Scopia XT Desktop Server Administration web interface. Procedure 1. Select Directory and Authentication in the sidebar. The Settings tab is displayed. Figure 14: Configuring the local administrator credentials 2. Enter a User Name and Password in the Local Administrator section. 3. Select OK.
Procedure 1. Access the Scopia XT Desktop Server administration web interface. 2. Select Deployment in the sidebar. 3. Enter the IP address of the XT Server with its built-in MCU in the Management Address field. Figure 15: Setting the address of the managing Scopia XT Server for IP Office 4.
Verifying Scopia XT Desktop Server Installation and Connection with Other Components About this task The Scopia XT Desktop Administrator web interface displays the connectivity status of your deployment. The indicators next to each link shows whether or not the connection or registration to the target server is successful. When the indicator is red, hover over the indicator to view the tooltip containing the error details. Procedure 1.
Defining a Local Directory of Endpoints About this task The local directory is a local database containing names and IP addresses of endpoints on the Scopia XT Desktop Server deployment. Typically, a local directory of endpoints is maintained in deployments which do not include Scopia Management. This list of endpoints is displayed when users select Moderate > Invite in their virtual room window in Scopia XT Desktop Client. Procedure 1. Access the Scopia XT Desktop Server Administration web interface. 2.
b. Select the Delete button. Defining Bandwidth Settings in Scopia XT Desktop Server About this task This section details how to define the maximum bandwidth used between the Scopia XT Desktop Client and the Scopia XT Desktop Server. Procedure 1. Access the Scopia XT Desktop Server Administration web interface. 2. Select the Client icon in the sidebar. 3. Select the Settings tab. 4. Select the maximum call rate in the Maximum Video Quality section.
Defining Scopia XT Desktop Server Public Address and Other Client Connection Settings About this task This section details how to define the public address of the Scopia XT Desktop Server, which is pushed to Scopia XT Desktop Clients participating in a videoconference on that server. You can also define Scopia XT Desktop Server's size of network packets (MTU size). The MTU, or Maximum Transmission Unit, is the maximum size of data packets sent around your network. Procedure 1.
Figure 21: Setting the MTU size for Scopia XT Desktop Client Important: This value must remain the same across all network components to guard against packet fragmentation. 6. Select OK or Apply. Enabling or Disabling Scopia XT Desktop Client Features About this task This section describes how to enable or disable features in the Virtual Room window of the Scopia XT Desktop Client for all users logged in to the Scopia XT Desktop Server. You can: • Enable or disable presentations (desktop sharing).
Figure 22: Enabling or disabling client videoconferencing features 4. Enter the fields as described in Table 7: Settings for the Scopia XT Desktop Client Virtual Room window on page 31. Table 7: Settings for the Scopia XT Desktop Client Virtual Room window Field Description Enable Desktop Sharing Determines whether participants can share their PC desktop content with others in the videoconference.
Table 8: Defining microphone behavior during a meeting Field Description Allow users to join a meeting with their microphone on When selected, this field enables the microphone by default, so participants must select the microphone button to mute themselves. Force users to join a meeting with their microphone off (Recommended) When selected, this field disables the microphone by default, so participants must select the microphone button to unmute themselves.
The section includes these topics: Navigation • Minimum Requirements for Scopia XT Desktop Client on page 33 • Installing Scopia XT Desktop Client Locally on a PC on page 34 • Centrally Deploying Scopia XT Desktop Clients in your Organization on page 35 Minimum Requirements for Scopia XT Desktop Client This section details the minimum hardware and software requirements of the Scopia XT Desktop Client The minimum hardware requirements for the Scopia XT Desktop Client depend on the video resolution.
Scopia XT Desktop is tested with the latest internet browser versions available at the time of release. Important: Internet Explorer must be installed on your Windows PC when using the Scopia XT Desktop Client, even if you access meeting with other web browsers like Firefox or Chrome.
Figure 26: Updating Scopia XT Desktop Client 3. Select Conference Client to install or update the Scopia XT Desktop Client. 4. Select Install. When the Scopia XT Desktop Client installation is complete, you should see the following icon in the task tray at the lower right corner of the screen: 5. To verify that any optional components were installed, select the View Installed Updates link. A list of installed components appears.
Chapter 5 | Securing Your Scopia XT Desktop Deployment This section describes how you can enhance the security of your Scopia XT Desktop deployment by encrypting communications using the encryption keys held in certificates which are uploaded to the various deployment components. Important: Using encryption is subject to local regulation. In some countries it is restricted or limited for usage. For more information, consult your local reseller. There are two types of certificates which can be installed.
Figure 28: Meeting PIN Section 4. Enter a PIN in the PIN field. 5. Enter the PIN again in the Confirm PIN field. 6. To check the PIN you have configured, select Display PIN. 7. Select OK. Securing Web Connections and Media Traffic to Scopia XT Desktop Server About this task This procedure explains how to secure all web traffic to the Scopia XT Desktop Server with HTTPS, including the administrator interface and user portals.
Figure 29: Adding a certificate to Scopia XT Desktop Server 3. Select Apply. 4. Select Add Certificate to upload an existing signed certificate. 5. Stop the service Scopia XT Desktop Conference Server. 6. Navigate to \Confsrv 7. Run the Certificate Configuration Utility by launching CertificateConfiguration.exe file. 8. If the certificate is installed in the local machine's certificate store: a. Select the Configure Certificate via Certificate Store b. Select Select Certificate. c.
11. Verify that the certificate information is listed in the Selected Certificate pane. 12. Select Apply. 13. Select OK. 14. Select OK. 15. Start the service Scopia XT Desktop Conference Server. 16. Select Restart Services. 17. Change the URL in the Invitations section of the Scopia XT Desktop Administration web interface to use the secure HTTPS protocol: a. Log into the Scopia XT Desktop Administration web interface. b. Select Messages and Invitations on the sidebar. c. Select the Invitations tab. d.
About Radvision Radvision, an Avaya company, is a leading provider of videoconferencing and telepresence technologies over IP and wireless networks. We offer end-to-end visual communications that help businesses collaborate more efficiently. Together, Radvision and Avaya are propelling the unified communications evolution forward with unique technologies that harness the power of video, voice, and data over any network. www.radvision.
