Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
To associate a Unified CM or other server/service with the deployment:
1. Go to
Configuration > Unified Communications >
and then
Unified CM servers
, or
IM and
Presence Service nodes
, or
Unity Connection servers
.
Any previously discovered service nodes of the selected type are listed here. The deployment column
shows where the listed nodes are associated.
If the list is not properly populated, see
shows where the listed nodes are associated.
If the list is not properly populated, see
.
2. Click the server / service node name.
3. In the Deployment field, select which deployment will enclose this server / service node.
4. Click Save.
Note: When you save this change, the VCS Control refreshes the connection to the node, which may
temporarily disrupt the service to the connected users.
temporarily disrupt the service to the connected users.
5. Repeat for any other Unified Communications services that will belong to the deployment.
Single Sign-On (SSO) over the Collaboration Edge
Use this feature to enable single sign-on for endpoints accessing Unified Communications services from
outside the network. Single sign-on over the edge relies on the secure traversal capabilities of the VCS pair at
the edge, and trust relationships between the internal service providers and the externally resolvable identity
provider (IdP).
outside the network. Single sign-on over the edge relies on the secure traversal capabilities of the VCS pair at
the edge, and trust relationships between the internal service providers and the externally resolvable identity
provider (IdP).
The endpoints do not need to connect via VPN; they use one identity and one authentication mechanism to
access multiple Unified Communications services. Authentication is owned by the IdP, and there is no
authentication at the VCS, nor at the internal Unified CM services.
access multiple Unified Communications services. Authentication is owned by the IdP, and there is no
authentication at the VCS, nor at the internal Unified CM services.
Supported endpoints
n
Cisco Jabber 10.6 or later
Supported Unified Communications services
n
Cisco Unified Communications Manager 10.5(2) or later
n
Cisco Unity Connection 10.5(2) or later
n
Cisco Unified Communications Manager IM and Presence Service 10.5(2) or later
n
Other internal web servers, for example intranet
How it works
Cisco Jabber determines whether it is inside the organization's network before it requests a Unified
Communications service. If it is outside the network, then it requests the service from the VCS Expressway
on the edge of the network. If single sign-on is enabled at the edge, the VCS Expressway redirects Jabber to
the IdP with a signed request to authenticate the user.
Communications service. If it is outside the network, then it requests the service from the VCS Expressway
on the edge of the network. If single sign-on is enabled at the edge, the VCS Expressway redirects Jabber to
the IdP with a signed request to authenticate the user.
The IdP challenges the client to identify itself. When this identity is authenticated, the IdP redirects Jabber's
service request back to the VCS Expressway with a signed assertion that the identity is authentic.
service request back to the VCS Expressway with a signed assertion that the identity is authentic.
The VCS Expressway trusts the IdP, so it passes the request to the appropriate service inside the network.
The Unified Communications service trusts the IdP and the VCS Expressway, so it provides the service to
the Jabber client.
The Unified Communications service trusts the IdP and the VCS Expressway, so it provides the service to
the Jabber client.
Cisco TelePresence Video Communication Server Administrator Guide (X8.5.1)
Page 83 of 563
Unified Communications
Mobile and remote access