Skype for Business – Hybrid with little on-prem deployment

Howdy folks,

This week Microsoft have announced that you will soon be able to use a hybrid deployment from Skype for Business to Microsoft Office 365 with no on-premises server deployment, well, almost.  You still require servers or virtual machines to be in place.

So first things first, everyone has signed up at Http://skypepreview.com and gained access to the features as part of their O365 tenant.   As part of this deployment customers can deploy a minimal Skype for Business 2015 topology in a Hyper-V virtualised informant, no confirmation around VM Ware yet.  These VMs are packaged to provide the customer to connect to their on-premises domain and then configure it for Hybrid to the Office 365 tenant.

What’s required on-premises?

Resources:

  • No on-premises Skype For Business Deployment
  • Qualified next-hop SIP Peer: IP-PBX, SIP Trunk, SBC or Gateway
  • Two Host systems: one inside the Firewall, one in the DMZ
  • 64 bit dual proc / quad core, 64 GB RAM, 2x RAID-1 10k RPM 72GB HDD, 2x 1Gbps network

Roles:

Edge Server – we still need to be able to communicate with the O365.  Within the Edge we require 5 functions to work:

  • Access Edge service – this is going to provide the SOP routing from the on-prem to the Office 365 tenant.
  • Media Relay service – this is going to be doing the routing of the media betweent he Mediation and the other media end points.
  • Central management store – this is going to synchronise the configuration from the global CMS Database and the CMS Role Server on premises.
  • Outbound Routing – we need a way to provide routing to the gateways based on policies, just like all voice configurations.  Only global policies which are based on their outbound PSTN numbers will be supported.
  • Media Relay Authentication, or MRAS – is going to generate the tokens for access to the media relay.

Central Management Store (CMS) Role – Includes the configuration store of the topology components and the CMS File Transfer.

Mediation Server –  Creates a SIP and media gateway mapping protocol between  the PSTN gateway and the Skype for Business online. Of course the Mediation Server also includes a replica of the CMS and this will synchronise with the configuration from the global CMS database.

What else do you need?

  • Need to be a admin on your hyper-v host servers, so you can add the configuration and VMs on.
  • Need Skype for Business permissions, which means the AD Schema, Enterprise and Domain Admin roles need to be applied if they haven’t’ been done before.
  • External DNS need to be updated – these will be included ina new file called HybridVoiceMinTopNew.ini – but in essence it needs creating two key External DNS entries.
    • AP.Domain.com
    • MR.Domain.com
  • You’ll need a public cert, as per any normal edge server will require, it’d be a good idea to use the ones Microsoft approve. The approved list – https://support.microsoft.com/en-us/kb/929395
  • Firewall configuration – make sure that the required ports, 443, 5061, and 3478 are configured.  The gateway needs to be able to be configured for Internet to the DMZ Internal/External, and the internal network.
  • And lastly, obviously, you need a 365 tenant with all the normal DNS and SRV records creating to allow a Skype for Business online created.

Capacity:

  • Stand-alone capacity estimated with 70% Internal Users, 30% External users
  • Media transcoding performed by Mediation can handle up to 500 calls
  • Multiple Packaged VM sets can be stacked for greater scale.

Leave a Reply

Your email address will not be published. Required fields are marked *