IT Showcase On: Deploying Lync Server 2010

V T t Thnh

BP Solution Manager
EPG Microsoft Vietnam LLC.

Agenda
Lync Server 2010 Environment Solution Benefits Infrastructure
Topology and Geographic Distribution Server Configuration Load Balancing Remote Access Security

Deployment and Migration Adoption and Education Operations and Support Lessons Learned

Solution Overview
Business Challenge Solution Results/Benefits

Workers rely on bandwidthbandwidth-intensive voice and video conferencing, instant messaging, e-mail, and desktop. Improvement opportunity existed with Lync Server 2010 to empower workers.

Enable users to collaborate in real time. Improve communications infrastructure. Converge traditional TDM services with Ethernet-based Ethernetservices.

Reduce costs through converged communications. Drive adoptions through ease of use and Microsoft Office. Ease deployment and migration through interoperability and extensibility.

Lync Server 2010 Environment

Perimeter Corporate
Active Directory, DNS A/V Hardware Director

External
External User

Edge

Internal Firewall

Load Balancer

Monitoring

Firewall
DMZ

FrontFront-end pool Mediation

Internal User

Content

Lync Benefits
Reduce costs through converged communications costs
$92 million saved by reducing the need for 45,600 trips per year. $8 million saved in audio-conferencing costs per year by using Lync audioAudio Conferencing. $1 million saved in reduced administrative overhead associated with office moves and voice infrastructure management

Ease of use
Integrated with Office applications and SharePoint Contact card with presence data

Interoperability and extensibility

Rich applications through managed API Vendor alliance

Topology
Americas1
DMZ Edge pool x4Director pool x4 x4Director PoolPool-01 FrontFront-end BackServers x4 Back-end SQL PoolPool-02 FrontFront-end BackServers x4 Back-end SQL Other Roles

Americas2
DMZ Edge pool x4Director pool x4 x4Director PoolPool-01 FrontFront-end BackServers x4 Back-end SQL PoolPool-02 FrontFront-end BackServers x4 Back-end SQL Other Roles

Dublin and Singapore

DMZ Edge pool x2Director pool x2 x2Director PoolPool-01 FrontFront-end BackServers x3 Back-end SQL PoolPool-02 FrontFront-end BackServers x3 Back-end SQL Other Roles

Mediation Monitoring Content Pool x3 Storage A/V Mediation x3 Pool x4 (SIP trunking, E911) trunking, VM VM Host

Mediation Monitoring Content Pool x3 Storage A/V Mediation x3 Pool x4 (SIP trunking, E911) trunking, VM VM Host

Mediation Monitoring Content Pool x2 Storage A/V Pool x2 VM VM Host

Server Distribution
Role
Director Pool Edge pool Front-end pool 1 Front-end pool 2 Mediation pool Audio/Video pool Monitoring and Archiving SQL back-end Mediation servers (for SIP trunk and E911) File server for content storage

Americas1 Americas2 Singapore 4 4 4 4 3 4 1 2 3 1 4 4 4 4 3 4 1 2 3 1 2 2 3 3 2 2 0 2 0 1

Dublin 2 2 3 3 2 2 0 2 0 1

Remote Access
Perimeter Network
HTTPS/443 HTTPS/4443 HTTPS 4443 HTTPS 443 HTTP 8080

Corporate Network

DNS /TCP 53 HTTP/TCP 80 SIP /TCP 443 SIP /TCP 5061 Access

Reverse proxy

Front-end pool SIP/MTLS/TCP 5061 STUN/TCP 443 STUN/UDP 3478 SIP/TCP 5062

PSOM /TCP 443 Web STUN /TCP 443 STUN /UDP 3478 AV Edge role Access Web AV RCP/TCP 135 445 4443 STUN/TCP/443 STUN/UDP 3478 PSOM/SIP/MTLS 8057

TCP/UDP 50,000 -59,999

Server Configuration (front-end) (frontComponent Specification CPU RAM Disk Other 2 quad core Xeon L5520, 2.26 Ghz 48 GB SAS, 4x300 GB RAID10 (+1 spare) Dual network interface controllers (NICs), redundant power supply

Server Configuration (back-end) (backComponent Specification

CPU RAM 4 quad core 64-bit, 2.26 Ghz 48 GB Logical Drive 2x146 GB RAID1 4x300 GB RAID10 (+1spare) Disk Hosted Resources OS, SQL, Swap, Support files rtcdyn.ldf rtcab.mdf, rtcab1.mdf, cpsdyn.mdf, rgsconfig.mdf, rgsdyn.mdf, rtc.mdf, rtcdyn.mdf, lis.mdf, xds.mdf Tempdb rtcab.ldf, rtcab1.ldf, cpsdyn.ldf, rgsconfig.ldf, rgsdyn.ldf, lis.ldf, xds.ldf rtc.ldf

12x146 GB RAID10 2x146 GB RAID1 2x146 GB RAID1

2x146 GB RAID1 Other Dual NICs, redundant power supply

Load Balancing
Perimeter
External User

Corporate

Internet External Firewall

Reverse Proxy

FrontFront-end Pool

Internal Firewall External NIC 3x IP Load balancer x2 Edge Access Web A/V Internal NIC 1x IP

Security
Secure by design and by implementation All communication is encrypted Multiple participant types n conferences with associated rights for each role RoleRole-based Access Control (RBAC) Guest access for anonymous users by invitation SpIM management

Deployment and Migration

Prepare infrastructure dependencies Deploy servers Validate environment Deploy final product company-wide companyFeedback from end users drives future features and improvements

Adoption
VolunteerVolunteer-driven User education
SelfSelf-guided modules InstructorInstructor-led sessions Lync adoption and training kit

TopTop-down methods Custom onboarding

Operations and Support

Four-tier support organization
Tier 1: Helpdesk call center - end user entry point Tier 2: MS Online Operations, shared by multiple services.

Escalation point for Tier 1. Tier 3: MS Online Operations. Escalation point for Tier 2. Tier 4: MS Online Engineering/UC Product Dev team

Top ticket generators

Lync install/uninstall help; authentication errors; online meeting/options

Tools and reports

QoE for audio quality performance metrics Call detail reporting (CDR) for session transactional metrics Performance monitoring for concurrency metrics SCOM for alerting and event monitoring SQL Server 2008 R2 reporting

Best Practices
Audit Edge role and firewall configuration Test and verify session persistence for SSL Verify dual home configuration on Edge role Ensure back-end servers are not performance-bound backperformanceGuide users through device choices Create training, onboarding, and evangelism programs Share commitments Think of sizing and capacity in terms of end points, not users Manage certificates

For More Information

Additional content on Microsoft Lync 2010 http://office.microsoft.com/enhttp://office.microsoft.com/en-us/lync/ Microsoft IT Showcase: How Microsoft Does IT http://www.microsoft.com/technet/itshowcase

Q&A

This document is provided for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. 2011 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, Active Directory, Excel, Lync, PowerPoint, SharePoint, SQL Server, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.