Polycom® CMA™ System Deploying Visual …supportdocs.polycom.com/PolycomService/support/global/documents/... · Polycom® CMA™ System Deploying Visual Communications Administration

4.1.0 | April 2009 | 3725-77604-001B

Polycom® CMA™ System Deploying Visual Communications Administration Guide

© 2009 Polycom, Inc. All rights reserved.

Polycom, Inc.4750 Willow RoadPleasanton, CA 94588-2708USA

No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Polycom, Inc. Under the law, reproducing includes translating into another language or format.

As between the parties, Polycom, Inc., retains title to and ownership of all proprietary rights with respect to the software contained within its products. The software is protected by United States copyright laws and international treaty provision. Therefore, you must treat the software like any other copyrighted material (e.g., a book or sound recording).

Every effort has been made to ensure that the information in this manual is accurate. Polycom, Inc., is not responsible for printing or clerical errors. Information in this document is subject to change without notice.

Trademark Information

Polycom®, the Polycom logo design, ReadiManager® SE200, SoundStation®, ViewStation®, Vortex®, and VSX® are registered trademarks of Polycom, Inc. Global Management System™, Instructor™ FS, iPower™, PathNavigator™,People+Content™, People on Content™, Polycom Converged Management Application™ (CMA™), Polycom EagleEye™, Polycom HDX 4000™, Polycom HDX 7000™, Polycom HDX 8000™, Polycom HDX 9000™, Polycom HDX 9001™, Polycom HDX 9002™, Polycom HDX 9004™, Polycom MGC™, Polycom RMX 1000™, Polycom RMX 2000™, Polycom RSS™ 2000, Polycom Video Border Proxy™ (VBP™), PowerCam™, SoundStructure™, StereoSurround™, and VS4000™ are trademarks of Polycom, Inc. in the United States and various other countries. Allother trademarks are the property of their respective owners.

Patent Information

The accompanying product is protected by one or more U.S. and foreign patents and/or pending patent applications held by Polycom, Inc.

Polycom, Inc. 1

Contents

About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Required Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

1 Polycom Visual CommunicationsHow to Create the Polycom Visual Communications Experience . . . . . . . . 2

Network Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2Network Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Management System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Endpoints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Conferencing Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3Distributed Media Application System . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Features of the Polycom Visual Communications Experience . . . . . . . . . . . 6Seat Capacity and Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Management Server Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Polycom CMA Desktop Client Licenses . . . . . . . . . . . . . . . . . . . . . . 6

Directory Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Enterprise Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Rooms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10User, Group, and Room Management . . . . . . . . . . . . . . . . . . . . . . . 10

Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Device Provisioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Device Softupdate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Conference Management Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Environment with Polycom CMA and Polycom RMX Systems . 13Environment with Polycom CMA, Polycom DMA, and Polycom RMX Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Localization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Deploying Visual Communications Administration Guide

2 Polycom, Inc.

2 Deployment Process OverviewPre-installation Planning Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Define Desired Visual Communications Experience . . . . . . . . . . . 16Design System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Complete Standard Pre-installation Process and Documents . . . 16Determine Device Management Requirements . . . . . . . . . . . . . . . 17

Installation Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Post-installation Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

3 Polycom® CMA™ System DeploymentInstall and Configure the Polycom CMA System . . . . . . . . . . . . . . 19Integrate the Polycom CMA System into the Network . . . . . . . . . 21Set Up Primary, Alternate, and Neighboring Gatekeepers . . . . . . 21Set Up Sites, Site Links, Services, and Dial Rules . . . . . . . . . . . . . . 21Set Up Conference Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Set Up Local, Global Address Book, and Enterprise Directory Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

4 Polycom® DMA™ Installation and IntegrationInstall and Configure the Polycom DMA Conferencing System . 23Integrate the Polycom CMA and DMA Systems . . . . . . . . . . . . . . 23Create Polycom CMA System Conference Templates . . . . . . . . . . 24

5 Polycom® RMX™ 2000 System Installation and IntegrationAssess Polycom RMX 2000 Conferencing System Needs . . . . . . . 25Install and Configure the Polycom RMX 2000 Conferencing System 25Integrate the Polycom CMA and RMX 2000 Systems . . . . . . . . . . 26Create Polycom RMX System Profiles . . . . . . . . . . . . . . . . . . . . . . . 26

6 Endpoint Installation and IntegrationPolycom CMA Desktop Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Verify User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27Deploy Polycom CMA Desktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

Polycom HDX Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Polycom HDX System Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Standard Endpoints Supported . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34Set Up Automatic and Scheduled Provisioning and Softupdates 35

Third-Party Endpoint Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

Contents

Polycom, Inc. 3

7 Testing the Deployment

A Polycom HDX System Configuration Files

B System Security and Port Usage


4 Polycom, Inc.

Polycom, Inc. 5

About This Guide

This guide describes how to deploy the Polycom® Visual Communications experience—specifically the Polycom products that enable the experience.

Required SkillsDeploying the Polycom Visual Communications experience requires planning and elementary knowledge of video conferencing and video conferencing administration. Also, the Polycom Visual Communications experience may require:

• An external domain name server

• An external Microsoft SQL database server

• An external Microsoft Active Directory server

This document assumes that these systems are already deployed and that the administrators for these applications are available to aide the administrator deploying the Polycom Visual Communications experience.


6 Polycom, Inc.

Polycom, Inc. 1

1Polycom Visual Communications

The Polycom® Visual Communications experience is enabled by an integrated suite of Polycom hardware devices and software applications that allow you to quickly implement high-quality video and audio conferencing. This integration of Polycom products makes them faster to deploy and easier to manage. But these integrated products also provide the most requested video-conferencing functionality Polycom has to offer and may include:

• The Polycom® Converged Management Application™ (CMA™) Desktop client—an easy-to-use video and audio conferencing application that lets your users see and hear the people they call on their desktop system.

• Automatic device provisioning for dynamically-managed Polycom CMA Desktop clients and Polycom HDX systems

• Scheduled device provisioning for standardly-managed and legacy devices

• Automatic device softupdates for dynamically-managed Polycom CMA Desktop clients and Polycom HDX systems

• Scheduled device softupdates for standardly-managed and legacy devices

• On-demand conferencing using embedded MCUs or external MCUs

• Conference scheduling via the Polycom CMA system Web Scheduler or the optional Polycom Scheduling Plugins for Microsoft® Outlook® or IBM® Lotus® Notes®

• Advanced routing to distribute audio and video calls across multiple media servers (MCUs), creating a single seamless resource pool

• Gatekeeper, alternate, and neighboring gatekeeper functionality

• Access to global user and room directories for on-demand and scheduled calls. Directory services include:

— Presence and contact list functionality for dynamically-managed devices like Polycom CMA Desktop clients and Polycom HDX systems

— Global Address Book functionality for standardly-managed devices


2 Polycom, Inc.

— H.350 and LDAP directory functionality. H.350 defines a directory services architecture for multimedia conferencing for H.323, H.320, SIP and generic protocols.

• Device monitoring and management

• Conference monitoring and management

• An optional high-availability, redundant management server configuration

How to Create the Polycom Visual Communications Experience

This section describes the Polycom hardware platforms and software applications that can be integrated to create the Polycom Visual Communications experience. However, Polycom products are scalable to environments of any size, so customers can choose the products that work best for them to implement high-quality video conferencing.

Network TopologyThe following diagram shows the network topology for a basic, standard deployment of Polycom hardware platforms and software applications to create the Polycom Visual Communications experience. In this configuration, a Polycom CMA system manages the endpoints and devices within a single private IP address space of an enterprise network.

In this case, remote users can access the enterprise video network, but only through a virtual private network (VPN). And only, if in all aspects the VPN is configured such that the endpoint appears to be on the same network as the server. Customers using a VPN for remote access are responsible for ensuring

Polycom Visual Communications

Polycom, Inc. 3

their VPN provides full access for the client to contact the server. Polycom Global Services cannot provide support for VPN configuration and traffic analysis.

Network RequirementsTo ensure system performance and reliability, Polycom recommends deploying its products in a high quality IP network with very little packet loss (preferably 0%) and low latency.

In systems with enterprise directory integration, the network between the Polycom CMA system and the enterprise directory should have less than 200 ms round-trip latency and less than 4% round-trip packet loss. The network between the Polycom CMA system and the conferencing platforms (Polycom RMX or Polycom MGC devices) should have less than 200 ms round-trip latency and less than 2% round-trip packet loss.

Round-trip packet loss is the percent of ICMP packets lost in a round trip from one point in the network to another point and back again. Round-trip latency is the number of milliseconds an ICMP packet takes to travel from one point in the network to another point and back again.

Management SystemThe Polycom Visual Communications experience requires the Polycom CMA system as the network gatekeeper and management system. While your network configuration may include a ReadiManager® system, ReadiManager systems don’t support the visual communication experience of automatic provisioning, automatic softupdate, and presence.

Endpoints The Polycom Visual Communications experience is supported by Polycom CMA Desktop clients and Polycom HDX endpoint systems operating in dynamic management mode. While your network configuration may include other audio and video endpoints (see “Endpoint Installation and Integration” on page 27), they are supported in standard mode and are not eligible for automatic provisioning, automatic softupdate, and presence.

Conferencing PlatformThe Polycom Visual Communications experience requires one or more Polycom RMX™ 2000 multimedia conferencing platforms.

The Polycom RMX 2000 conferencing platform is a scalable multimedia IP processing media server optimized for high definition audio and video conferencing across enterprise and service provider networks. It is an architecture built for high-speed IP networks and designed to support


4 Polycom, Inc.

Polycom HDX systems and applications. The Polycom RMX 2000 conferencing platform is the primary conferencing platform for medium to large scale deployments.

When integrating the Polycom RMX 2000 conferencing platform with a Polycom CMA system, consider the following:

• The Polycom RMX 2000 platform is an IP device that supports H.323 protocol

• The Polycom RMX 2000 platform is an MCU only and does not offer gateway services

• Implementing a Polycom CMA system with one or more Polycom RMX 2000 bridges enables scheduled multipoint conferencing while implementing a Polycom DMA system with with one or more Polycom RMX 2000 bridges enables ad hoc multipoint conferencing. In an environment where you wish to implement both scheduled and ad hoc conferencing, you should set up two pools of RMX 2000 bridges. This allows the Polycom CMA system to schedule one pool of resources, while the Polycom DMA system has another pool of resources from which to draw.

While your network configuration may include one or more Polycom MGC™ or Polycom RMX 1000 bridges, they don’t support the automatic provisioning, automatic softupdate, and presence features.

Distributed Media Application SystemThe Polycom DMA system is a multipoint conferencing solution that uses advanced routing policies to distribute audio and video calls among multiple MCUs, creating a single resource pool. The Polycom DMA system acts much like a virtual MCU, greatly simplifying video conferencing resource management and improving efficiency.

Logically, the Polycom DMA system is a cooperative two-node cluster. Both nodes register with the gatekeeper and can accept and process calls. In the Polycom Visual Communications experience, the Polycom CMA system is the gatekeeper. It recognizes that the H.323 gatekeeper registration requests from the DMA nodes are part of a two-node cluster. When both nodes are registered and the systems completely configured, the Polycom CMA system routes calls destined for the Polycom DMA system to the first node that it finds available. If the first node isn’t available, it automatically routes the call to the second node.

Note Although it can distribute conferences among a pool of MCUs, the Polycom DMA system doesn’t currently support cascading of MCUs. Each conference is limited to the capacity of the MCU on which it resides.


Polycom, Inc. 5

You may wish to implement both scheduled multipoint conferencing (enabled by a Polycom CMA system) and ad hoc multipoint conferencing (enabled by a Polycom DMA system) using your Polycom RMX 2000 bridges. If so, you should identify two pools of RMX 2000 bridges. To do this, add all of the bridges to the Polycom CMA system, because it will act as the gatekeeper for all of the bridges. However, for those bridges that you wish to reserve for ad hoc conferencing, disable the Available to Schedule option (enabled by default) on the Polycom CMA system.

In this initial release, a Polycom CMA system does not provide provisioning, softupdate, monitoring or control for a Polycom DMA system.

DatabaseFor easier management, you may integrate your Polycom CMA system with an external database. This integration allows your database to grow as needed and provides you with a toolset for managing your database.

An external database is required for non-redundant and redundant Polycom CMA 5000 system configurations. Otherwise an external database is optional.

The Polycom CMA system external database requires a Microsoft SQL Server 2005 system with:

• Service Pack 2

• At least 1 gigabyte (GB) of memory (2 GB recommended)

• At least a 1 gigahertz (GHz) processor (2 GHz recommended)

• At least 6 GB of disk space (2 GB for each of the databases) in addition to the 1 GB required by the database engine

The database size will vary depending on use, reporting levels, log levels etc. If your database size is not set to auto-grow, the 2 GB recommendation is a minimum.


6 Polycom, Inc.

Features of the Polycom Visual Communications Experience

Seat Capacity and Licensing

Management Server LicensingThe seat capacity for a Polycom CMA 5000 system scales from 500 to 5,000 devices. The entry-level Polycom CMA 5000 system has a baseline capacity of 500 client access licenses. Additional licensing is offered in 100, 500, and 1000 license pack sizes.

The seat capacity for a Polycom CMA 4000 system scales from 200 to 400 devices. The entry-level Polycom CMA 4000 system has a baseline capacity of 200 client access licenses. Additional device licensing is offered in 100 license pack size.

With your system order, you will receive one or more License Certificates. You must activate each License Certificate to receive an activation key, which you then enter in the Polycom CMA system.

When applied to the system, an expansion license pack augments the device license count. For example, applying a 1000-device expansion license pack to a baseline Polycom CMA 5000 system will yield a total license count of 1500 concurrent licenses.

Where applicable, the number of concurrent calls supported by a Polycom CMA system is derived from the number of device licenses at a 3/10 ratio (calls/devices). For example, a system licensed for 5000 devices supports up to 1500 concurrent calls in routed mode and 3000 calls in direct mode.

Device licenses are consumed based on a 1:1 basis for any managed device (endpoints, MCU, GK, GW— including personal endpoints, IP blades, and more) that can be added to the system by any means, including the user interface, registration for management services, or registration for Global Address Book services.

Polycom CMA Desktop Client LicensesLicensing for the Polycom CMA Desktop client is included with the Polycom CMA system. When a Polycom CMA Desktop client is provisioned by the Polycom CMA system, it automatically consumes a license. That license is then reserved for that Polycom CMA Desktop client. However, you can configure the Polycom CMA system to automatically released a Polycom CMA Desktop client license after a set number of days of inactivity.

NoteDevice licenses are consumed by managed devices, not by users. You may add any number of local or enterprise users to the Polycom CMA system.


Polycom, Inc. 7

Licenses consumed by registered devices are never automatically released. To release a license from a registered device, an administrator must manually delete the device from the system.

Directory ServicesCurrently, the Polycom CMA system offers two directory services options:

• An enterprise (LDAP) directory

• A Global Address Book or global directory service (GDS)

These directory services options are exclusive options, but by default the system setting for Include all Active Directory users in the Global Address Book is enabled. However, you will want to disable this feature if you have legacy devices such as VSX, ViewStation, and FX endpoints. These endpoints cannot handle the larger size Global Address Book. See the Polycom CMA System Release Notes for more information about this setting.

The Polycom CMA system sets no limits on the number of local or enterprise users in the directory. However, the Global Address Book is limited to the maximum number of device licenses.

Enterprise DirectoryFor easier user, group, and room management, we strongly recommend integrating your video conferencing systems with an enterprise directory. This integration:

• Speeds up deployment, because the enterprise directory automatically populates the Polycom CMA system User list with enterprise directory users and assigns them scheduling permissions.

• Allows you to import one or more enterprise groups, so that system features can be assigned at the group level.

• Allows you to designated which enterprise entries are conference rooms

• Allows users with scheduling permissions to enter their standard network usernames and passwords to log into the management and endpoint systems and select conference participants and rooms from the company’s enterprise directory.

To take full advantage of the Polycom CMA system, the enterprise Microsoft Active Directory must:

• Have Global Catalog turned ON. The Global Catalog enables searching for Active Directory objects in any domain without the need for subordinate referrals, and users can find objects of interest quickly without having to know what domain holds the object.

• Use universal groups. The Global Catalog stores the member attributes of universal groups only. It does not store local or global group attributes.


8 Polycom, Inc.

• Have a login account that has read access to all domains in the Active Directory that the Polycom CMA system can use. We recommend an account with a adminstrative username and a non-expiring password.

The Polycom Visual Communications experience supports only a Microsoft Active Directory implementation of an LDAP directory. Also, the enterprise directory is not changed by the Polycom CMA system or endpoint users.

Users

Local Users

The Polycom CMA system allows you to add local users (i.e., users added manually to the system) and associate them with devices and roles.

For local users, the Polycom CMA system manages all user information and associations.

Enterprise Users

When the Polycom CMA system is integrated with an enterprise directory, the Polycom CMA system manages only two pieces of user information: the device(s) assigned to the user and the role assigned to the user. The remaining user information is pulled from the enterprise directory.

For security purposes, when the Polycom CMA system is integrated with an enterprise directory, users defined to the enterprise directory are by default added to the Polycom CMA system without a role. If you wish to have enterprise users assigned a Scheduler role by default, an administrator must configure enable the CMA Access via default profile option on the Security Settings page.

Integration with an enterprise directory allows users to log into the Polycom CMA system and immediately begin scheduling dial-in conferences with enterprise users. However, to dial out to enterprise users, they must be associated with devices.

NoteTo allow Polycom HDX systems to dial ISDN phone numbers from the directory, the phone numbers must be stored in one of the following formats:• Country Code.Area Code.Number• Country Code.(National Direct Dial Prefix).Area Code.Number.


Polycom, Inc. 9

User Roles and Permissions

The Polycom CMA system is also a role and permissions based system.

• Users are assigned one or more user roles

• User roles are assigned a set of permissions

• Users can access only the screens and functions available to their role(s) and associated permissions

An administrator has three options when implementing user roles.

• Implement the system default user roles of Administrator, Operator, and Scheduler and keep the standard permissions assigned to these roles

• Implement the system default user roles of Administrator, Operator, and Scheduler but change the permissions assigned to the Operator, and Scheduler roles.

• Create unique, workflow-driven user roles and determine which permissions to assign to each user role

To ensure Polycom CMA system access and stability, the default roles cannot be deleted and the Administrator role cannot be edited.

GroupsGroups are efficient, because they allow you to assign roles and provisioning profiles to a set of users rather than to each user individually.

The Polycom CMA system sets a limit of 500 groups.

Local Groups

The Polycom CMA system allows you to add local groups (i.e., groups added manually to the system) and associate them with with provisioning profiles and roles.

For local groups, the Polycom CMA system manages all group information and associations.

Enterprise Groups

When the Polycom CMA system is integrated with an enterprise directory, groups defined to the enterprise directory are not automatically added to the Polycom CMA system, but you can import enterprise groups into the system.

For enterprise groups, the Polycom CMA system manages only three pieces of information: the provisioning profile assigned to the group, the role assigned to the group, and whether or not the group is displayed in the endpoint’s directory. The remaining group information is pulled from the enterprise directory.


10 Polycom, Inc.

RoomsThe Polycom CMA system also manages local and enterprise rooms. You add local rooms manually. You add enterprise rooms by finding them in the enterprise directory and then associating the room with a device. Currently the Polycom CMA system does not manage virtual rooms—virtual rooms are defined on a Polycom RMX or Polycom MGC conferencing platform.

The Polycom CMA system sets a limit of 500 rooms in the directory.

User, Group, and Room ManagementThe Polycom CMA system manages the following user, group, and room management entities:

Name Description Comments

Users list Displays local and enterprise user accounts. Local users are added to the system manually. Enterprise users appear in the Users list when you associate the Polycom CMA system with an enterprise directory.

For Polycom endpoint systems, such as Polycom HDX systems, these local and enterprise user, group, and room entries may appear in the endpoint’s directory and/or contacts. For more information, see the endpoint system’s product documentation

Groups list Displays local and enterprise groups. Local groups are added to the system manually. Enterprise groups appear in the Groups list when you associate the Polycom CMA system with an enterprise directory and then import the enterprise groups.

Rooms list Displays local and enterprise rooms. Local rooms are added to the system manually. Enterprise rooms appear in the Rooms list when you associate the Polycom CMA system with an enterprise directory and then search for the room in the enterprise directory.

Global Address Book

Automatically populated by devices that register with the gatekeeper function of the Polycom CMA system. You can edit a device in this list and associate the device with a user.

For Polycom endpoint systems, such as Polycom HDX systems, Global Address Book entries may appear in the endpoint’s directory and/or contacts. For more information, see the endpoint system’s product documentationPolycom CMA Desktop systems cannot access the Global Address Book.

System Guest Book

Entries added to the system Guest Book when Polycom CMA system schedulers enable the Save to Guest Book option when they add a guest participant to a conference.

The Guest Book is only available to people scheduling conferences via the Polycom CMA system Web Scheduler.


Polycom, Inc. 11

Some additional settings may affect whether or not entries appear in an endpoint’s directory:

• When Directory Viewable is enabled for a local or enterprise group (the default setting), the group appears in the endpoint system’s directory .

• When Allow Directory Changes is enabled at the endpoint, Polycom HDX systems can manage their own set of local and enterprise users, groups, and rooms or their own local contacts.

• When you can specify a default contact group (also called the Default LDAP Group), the members in this default contact group appear in the endpoint systems’ contact list.

The following illustration shows the relationship between the Polycom CMA system user management entities and those of the dynamically managed endpoints.

AuthenticationThe Polycom CMA system and the Polycom CMA Desktop uses NTLM version 1 or 2 authentication. NTLM is a suite of authentication and session security protocols used in various Microsoft network protocol implementations and supported by the NTLM Security Support Provider.

To authenticate endpoint users with NTLM Single Signon technology before they can connect to the system and access Polycom CMA system services, you must enable the Use Integrated Windows Authentication option on the

Presence service contacts

For dynamically-managed endpoint systems only. Presence service contacts are XMPP buddy entries saved as contacts by both buddies and stored with the presence service. Entries saved as contacts by both buddies and stored with the presence service share presence status.

Not listed in the Polycom CMA system interface. Stored in the system database as the XMPP_db file.

Name Description Comments


12 Polycom, Inc.

LDAP page. To configure this feature, an Active Directory administrator must enter their AD credentials so that the Polycom CMA system can create a trusted machine account to perform trusted passthrough authentication.

SecurityBeside implementing NTLM authentication, the Polycom CMA system also includes the following new methods of securing its operations.

• AES provides media encryption

• TLS provides secure media signaling

• Communications between the system and the endpoints and scheduling plugins are over an HTTPS secured connection

Device ProvisioningThe Polycom CMA system device provisioning, which requires provisioning profiles, allows an administrator to configure one or more devices with a standard set of information the registering devices need to operate within the network. This eliminates the need to configure each device individually.

The Polycom CMA system supports two exclusive types of device provisioning: automatic and scheduled. Automatic and scheduled device provisioning are exclusive management scenarios. Devices enabled for automatic provisioning should not be scheduled for provisioning through the Polycom CMA system.

For more information on device provisioning, see the Polycom CMA System Operations Guide.

Note• The current release of Polycom HDX systems support only NTLM version 1. If

you have a Polycom HDX system operating in dynamic management mode, you must allow NTLM version 1 on the Domain Controller via the Domain Security Settings.

• The Polycom CMA system authenticates the Polycom CMA Desktop client at the time of provisioning.

NotePolycom recommends that all endpoints in a region (i.e., a gatekeeper zone) be managed by a single management system.


Polycom, Inc. 13

Device SoftupdateThe Polycom CMA system softupdate feature, which requires a softupdate profile for the device type and model, allows an administrator to upgrade the software on one or more endpoints with a standard software package. This eliminates the need to upgrade each device individually.

The Polycom CMA system supports two exclusive softupdate processes: automatic and scheduled. Automatic and scheduled softupdate are exclusive endpoint management scenarios. Endpoints enabled for automatic softupdate should not be scheduled for softupdates through the system.

For more information on device softupdate, see the Polycom CMA System Operations Guide.

Conference Management Settings Depending on the Polycom products you have in your visual communications network, you can standardize and manage conference settings or properties in several different ways.

Environment with Polycom CMA and Polycom RMX SystemsIf you have a Polycom CMA system that is used to schedule conferences on one or more Polycom RMX MCUs, you must:

• Create RMX profiles with standard conference settings on each of those MCUs. RMX profiles allow you to define a variey of conference types and include parameters such as Bit Rate, Video Layout, Encryption, etc.

• Create Polycom CMA system conference templates that link to one of the RMX profiles. These templates allow schedulers to create, save, and schedule identical conferences and provide settings that supplement the RMX profile settings. However, note that RMX profile settings can override Polycom CMA system settings.

Environment with Polycom CMA, Polycom DMA, and Polycom RMX SystemsIf you introduce a Polycom DMA system, into an environment with a Polycom CMA system, you must decide which RMX MCUs are dedicated to the Polycom DMA system and which are Available to Schedule by the Polycom CMA system.

NotePolycom recommends that all endpoints in a region (i.e., a gatekeeper zone) be managed by a single management system.


14 Polycom, Inc.

Conference templates are used to create users’ conference rooms, which define a user’s conference experience. A conference template specifies a set of conference properties, such as the line (bit) rate and video display mode. You can create a Polycom DMA system conference template in two ways:

• Specify the individual conference properties directly in the Polycom DMA system, creating a “standalone” template independent of the profiles available on the Polycom RMX 2000 MCUs.

• Link the template to an RMX profile that exists on some or all of the Polycom RMX 2000 MCUs.

LocalizationThe products that create the Polycom Visual Communications experience are localized into Simplified Chinese, French, International Spanish, German, and English. The individual products may also be localized into other languages, as they are also distributed individually.

Polycom, Inc. 15

2Deployment Process Overview

The process for deploying the Polycom® Visual Communications experience has three phases: pre-installation planning, installation, and post-installation. The following flow chart illustrates these phases, which are discussed in more detail in this chapter.


16 Polycom, Inc.

Pre-installation Planning PhaseDuring the pre-installation planning phase, you will work with the Polycom sales and support teams to perform the tasks described here. During this phase, the Polycom sales and support teams will require assistance from a knowledgeable network administrator from your company.

Task 1: Define Desired Visual Communications ExperienceYour Polycom® sales representatives will discuss with you the wide range of visual communication experiences supported by the integrated suite of hardware devices and software applications that Polycom has available. From these options, you will define the specific visual communications experiences you may wish to provide to your end user.

Task 2: Design SystemTo create your customized visual communications experience using Polycom products, you will work with Polycom sales and support representatives to:

• Identify and document the network environment into which the products will be installed

The network diagram developed during this phase describes the LAN, WAN, public and private VLAN equipment in the path of the Polycom CMA system and other video network equipment. This network diagram will also include IP addresses, firewall restrictions, ports open or closed on firewalls, and H.323-aware firewalls. At a minimum, this will include the location of endpoints, routers, and firewall restrictions to identify potential problem areas.

• Select the products required to provide the experience desired

• Verify that the network infrastructure supports the products selected. This network infrastructure includes a domain name server, a Microsoft SQL database server, and a Microsoft Active Directory server.

As part of this network infrastructure, your Microsoft SQL Server 2005 database server and Microsoft Active Directory enterprise server must be deployed on the network.

Task 3: Complete Standard Pre-installation Process and DocumentsNext, working with a Polycom project manager, you will complete the standard pre-installation process and documents that guide the installation process and ensure everything is prepared for deployment.

Deployment Process Overview

Polycom, Inc. 17

When completing these forms, you should also include plans for the other elements of a typical deployment such as:

• A Polycom DMA system to distribute audio and video calls across multiple media servers (MCUs),

• One or more Polycom RMX or Polycom MGC MCUs

• A Polycom MGC bridge designated as an ISDN gateway

• A Polycom VMC system for conference recording and streaming

• A Polycom VBP system as a firewall/NAT

The pre-installation documents include:

• Site survey-- Describes the system configurations, the interoperability with other Polycom products, network details, firewall details, and advanced configuration. The device details to include are the make, model, IP address, ISDN number, alias and software version.

• Endpoint inventory--The endpoint details to include are the make, model, IP address, ISDN number, alias and software version. A Polycom CMA system has many features that have been tested and certified on third-party endpoints, so include those endpoints as well.

• Enterprise directory integration plan--A Polycom CMA system requires specific information for integration with your enterprise directory. Your enterprise directory administrator should be available to provide this information.

• External DB integration plan--A Polycom CMA system also requires specific information for integration with the Microsoft SQL Server 2005 database. Your database administrator should be available to provide this information.

• Polycom CMA System Getting Started Guide First Time Setup worksheet.

Task 4: Determine Device Management Requirements Determine what methods of device management you must implement. Automatic provisioning, scheduled provisioning, automatic softupdate, scheduled softupdate.


18 Polycom, Inc.

Installation PhaseDuring the installation phase, the Polycom support team will install the integrated suite of Polycom hardware devices and software applications that you choose to implement.

It is during this phase that the Polycom support team will require active assistance from the administrators of your domain name server, Microsoft SQL database server, and Microsoft Active Directory server.

The remaining chapters in this document describe the tasks required during the installation phase.

Post-installation PhaseAfter installation, see Chapter 2 of the Polycom CMA Operations Guide for instructions on how to complete the implementation and customization of your Polycom CMA system.

Polycom, Inc. 19

3Polycom® CMA™ System Deployment

To provide the fully integrated Polycom Visual Communications experience, perform the Polycom CMA system installation and configuration tasks described in this chapter.

Perform these installation tasks as directed in the Polycom CMA System Getting Started Guide and configuration tasks as directed in Chapter 2 of the Polycom CMA System Operations Guide.

Task 1: Install and Configure the Polycom CMA System

To install and configure the Polycom CMA system

1 Add the DNS service record for the Polycom CMA system to the domain name server.

2 Verify that the same domain name server has entries for both the external database server and the Active Directory server.

3 Install the Polycom CMA system as directed in the Polycom CMA System Getting Started Guide. Leave the Polycom CMA system pointed to its internal database.

4 Connect the system to the network as detailed in the network diagram.

5 If you have an existing internal ReadiManager SE200 database to transfer to this new Polycom CMA system as an internal database (Polycom CMA 4000 systems only):

a On the ReadiManager SE200 system, back up the internal database to a USB memory drive. See Chapter 14 of the ReadiManager Operations Guide for more information.

b On a local computer, download DBUpgrade.exe (available at http://<IP_of_CMA_server>/pub/DBUpgrade.exe) from the Polycom CMA 4000 system.

c Using the serial console on the Polycom CMA 4000 system server, copy the database files from the USB memory drive to the system.

d Shutdown the ReadiManager SE200 system.


20 Polycom, Inc.

e Using the serial console on the Polycom CMA 4000 system server, restore the ReadiManager and Logger databases to the system. See Chapter 15 of the Polycom CMA Operations Guide for more information.

f On the local computer, run DBUpgrade.exe to integrate the system with the restored database and clear the former IP address configuration. When prompted for an IP address, enter the IP address of the Polycom CMA 4000 system.

g Using the serial console on the Polycom CMA 4000 system server, reboot the system.

6 If you have an existing internal ReadiManager SE200 database to transfer to this new Polycom CMA system as an external database:

a On the ReadiManager SE200 system, back up the internal database to a USB memory drive. See Chapter 14 of the ReadiManager Operations Guide for more information.

b Copy the database files from the USB memory drive to the external database server.

c Shutdown the ReadiManager SE200 system.

d On the Polycom CMA system, run DBSetup.exe (available at http://<IP_of_CMA_server>/pub/DBSetup.exe) to set up the external database.

e Restore the ReadiManager and Logger databases onto the external database server according to SQL Server Management Studio procedures or your company’s restoration procedures.

f On the Polycom CMA system, run DBUpgrade.exe (available at http://<IP_of_CMA_server>/pub/DBUpgrade.exe) to integrate the system with the restored database and clear the former IP address configuration.

g Go to System Setup > Server Settings > Database and select the Use an external SQL Server database check box.

7 Configure the system for redundancy as required. (Optional for Polycom CMA 5000 systems only.)

8 License the system.

NoteDo not reboot at this time.

Polycom® CMA™ System Deployment

Polycom, Inc. 21

Task 2: Integrate the Polycom CMA System into the Network

To integrate the Polycom CMA system into the network

1 Configure the connection to the external database. (Optional for Polycom CMA 4000 systems.)

2 Configure the connection to the external LDAP directory. (Optional for Polycom CMA 4000 systems.)

Task 3: Set Up Primary, Alternate, and Neighboring Gatekeepers

To set up the primary, alternate, and neighboring gatekeepers

1 Set primary gatekeeper settings. Be aware that changing the default open registration settings to more restrictive settings may mean that devices cannot automatically register with the gatekeeper and that calls sent through the gatekeeper may be blocked.

2 As required, set up an alternate gatekeeper.

3 Set up neighboring gatekeepers so that the

Task 4: Set Up Sites, Site Links, Services, and Dial Rules

To set up the sites, site links, services and dial rules for your system

1 Add sites.

2 Add site links.

3 Generate multisite links.

4 Create dial plan services.

5 Create dial rules.

6 Create the least call routing tables.

Task 5: Set Up Conference Templates

To set up conference templates on the Polycom CMA system

1 Assess your t.

2 Add site links.

3 Generate multisite links.


22 Polycom, Inc.

Task 6: Set Up Local, Global Address Book, and Enterprise Directory Services

To set up local, GAB, and enterprise directory services

1 Import enterprise groups.

2 Add local and GAB users.

3 Add local groups as needed.

4 Add rooms.

Polycom, Inc. 23

4Polycom® DMA™ Installation and Integration

To distribute audio and video calls across multiple RMX 2000 media servers (MCUs), you can implement a Polycom DMA system by performing the installation and configuration tasks described in this chapter.

Task 1: Install and Configure the Polycom DMA Conferencing System

To install a Polycom DMA system

1 Install the Polycom DMA system as directed in the Polycom DMA System Getting Started Guide for the system.

2 Connect the Polycom DMA system to the network as detailed in the network diagram.

Task 2: Integrate the Polycom CMA and DMA Systems

To integrate the Polycom CMA and DMA Systems

1 Determine the H.323 prefix for the Polycom DMA system. This must be a prefix that is not used by other network devices, endpoints, services, or dial rules within the network. If you are not sure which H.323 prefixes are available:

a On the Polycom CMA system, go to Admin > Dial Plan and Sites > Dial Rules and edit each dial rule to identify which prefixes are used for the dial rules.

b Go to Admin > Dial Plan and Sites > Services and identify which prefixes are used for the services.

c Go to Endpoint > Monitor View and identify which aliases are used for the endpoints.


24 Polycom, Inc.

d Go to Network Device > Monitor View and identify which aliases are used for the network devices.

2 Go to Admin > Gatekeeper Settings > Primary Gatekeeper and verify that the gatekeeper registration policy is Allow Registration of All Endpoints. It must be set to this so that the Polycom DMA nodes can register with the Polycom CMA system. Also, if any of the Polycom RMX systems you will be associating with the Polycom DMA system are not registered with the the Polycom CMA system, make sure that Deny calls to/from unregistered endpoints setting is not set.

3 On the Polycom CMA system, go to Admin > Gatekeeper Settings > Alternate Gatekeeper and determine if the Polycom CMA system has an alternate gatekeeper assigned.

4 On the Polycom DMA system, configure signaling as described in the Polycom DMA System Operations Guide, designating the Polycom CMA system as the primary gatekeeper and setting the H.323 prefix and alternate gatekeeper as required.

Task 3: Create Polycom CMA System Conference TemplatesIn Chapter 3, “Polycom® CMA™ System Deployment,” you created Polycom CMA system conference templates, which supplement the Polycom RMX 2000 system profiles. You may also create Polycom DMA system conference templates, but these templates will either invoke a Polycom RMX 2000 system profiles or replace it.

Polycom, Inc. 25

5Polycom® RMX™ 2000 System Installation and Integration

To provide the fully integrated Polycom Visual Communications experience, you must install and configure one or more Polycom RMX 2000 conferencing systems as described in this chapter.

Task 1: Assess Polycom RMX 2000 Conferencing System NeedsBefore you begin installing your Polycom RMX 2000 systems, you must assess your scheduled and unscheduled conferencing requirements and determine how to divide your pool of Polycom RMX 2000 systems.

Task 2: Install and Configure the Polycom RMX 2000 Conferencing System

To install a Polycom RMX 2000 conferencing platform

1 Install the Polycom RMX 2000 system as directed in the Getting Started Guide for the selected RMX 2000 system.

2 Connect the Polycom RMX 2000 system to the network as detailed in the network diagram.

3 Configure the Polycom RMX 2000 system, but do not configure the Gatekeeper field.

4 If you’re installing multiple Polycom RMX 2000 system, repeat this procedure for each system you are installing.


26 Polycom, Inc.

Task 3: Integrate the Polycom CMA and RMX 2000 Systems

To integrate the Polycom CMA and RMX 2000 Systems

1 Manually add the Polycom RMX 2000 system to the Polycom CMA system as directed in the Polycom CMA Operations Guide.

2 If this Polycom RMX 2000 system will be part of the Polycom DMA system pool of RMX systems, in the Capabilities section of the Add Device or Edit Device dialog box, clear the Available to Schedule setting.

3 In the Polycom RMX 2000 Management application, configure the Gatekeeper field of the Polycom RMX 2000 system so that it points to the Polycom CMA system as described in the Polycom RMX 2000 Administrator’s Guide.

4 If you’re installing multiple Polycom RMX 2000 system, repeat this procedure for each system you are installing.

Task 4: Create Polycom RMX System ProfilesIn Chapter 3, “Polycom® CMA™ System Deployment,” you created Polycom CMA system conference templates, which supplement the Polycom RMX 2000 system profiles. In Chapter 4, “Polycom® DMA™ Installation and Integration,” you created Polycom DMA system conference templates, which will either invoke a Polycom RMX 2000 system profiles or replace it.

Now you must create the Polycom RMX system profiles

NoteIn the Device > Admin/Monitor View, a Polycom CMA system displays MCUs as two separate Device Types, the MCU type and a GW/MCU device. The GW/MCU designation represents the network interface.

Polycom, Inc. 27

6Endpoint Installation and Integration

The Polycom Visual Communications experience requires the Polycom Converged Management Application™ (CMA™) system and video endpoints that support automatic provisioning, automatic softupdate, and presence. This chapter lists the video endpoints supported by the Polycom CMA system.

Polycom CMA Desktop DeploymentAfter you’ve installed the Polycom CMA system, you can distribute the Polycom CMA Desktop client application to users.

Task 1: Verify User AccountsBefore distributing the Polycom CMA Desktop client to users, verify that the users have accounts on the system. Users are typically added through integration with your enterprise directory, but can be added as local users as well.

Task 2: Deploy Polycom CMA Desktop To deploy the Polycom CMA Desktop client to users within a private enterprise network, you can:

• Copy the link for the Polycom CMA Desktop client from the Polycom CMA system Downloads page into an email that you can send to users. See “Option 1: Distribute the Polycom CMA Desktop client via an email link” on page 29.

• Provide users access to the Polycom CMA system, from which they can download the client. See “Option 2: Distribute the Polycom CMA Desktop client via the management system” on page 30.


28 Polycom, Inc.

• Distribute the .exe installation file as a desktop management or group policy object to a location on client systems and provide directions to users on how to run the executable. See “Option 3: Distribute the Polycom CMA Desktop client via a desktop management or group policy object” on page 31.

IMPORTANT• On a Windows XP system, the user installing the Polycom CMA Desktop must

sign in with administrative privileges. On a Windows Vista system, the user installing the Polycom CMA Desktop must sign into the Administrator account.

• The following procedures assumes you have implemented DNS lookup and Windows authentication for single signon.

Endpoint Installation and Integration

Polycom, Inc. 29

Option 1: Distribute the Polycom CMA Desktop client via an email link

To distribute the Polycom CMA Desktop client to users via an email link:

1 Log into the Polycom CMA system and go to User > Users to verify that the users have accounts on the system. (Users are typically added through integration with your enterprise directory.)

2 On the task bar, click the Downloads link.

3 Copy and paste the Polycom CMA Desktop (shipped version) link into an email to be sent to users.

4 Create installation instructions and add them to the email. Edit the following sample instructions (the procedure encased by the dashed lines) for your situation. Include usernames and passwords as required.

To install the Polycom CMA Desktop application from the email link provided

1 Connect a webcam to your computer and install the camera software using the instructions received with the webcam.

2 Click the link provided in this email.

3 Save the software to your local system, and then double-click it. The installation program launches automatically.

4 Follow the instructions to install the software.

5 <Note to Administrator—Have users choose Automatic, if you have a DNS server record for the Polycom CMA system on your DNS server.>

a When prompted for the server location, select Automatic.

b When prompted for the server location, select Specify and enter the following IP address: ____________________________.

When the installation program is complete, the Polycom CMA Desktop client starts. You will be asked if you would like to sign in using your network credentials.

6 <Note to Administrator—Have users choose Yes, if your Polycom CMA system is integrated with your enterprise directory.>

a Click Yes to use your network credentials.

b Click No to use locally defined credentials.

7 Click Sign In. Once the system signs you in, you’re ready to connect to anyone else using Polycom CMA Desktop or other video endpoints systems.


30 Polycom, Inc.

Option 2: Distribute the Polycom CMA Desktop client via the management system

To distribute the Polycom CMA Desktop client to users by providing them access to the Polycom CMA system, you must:

1 Log into the Polycom CMA system and go to User > Users to verify that the users have accounts on the system. (Users are typically added through integration with your enterprise directory.)

2 Copy and paste the Polycom CMA system IP address or host name into an email to be sent to users.

3 Create installation instructions and add them to the email. Edit the following sample instructions (the procedure encased by the dashed lines) for your situation. Include usernames and passwords as required.

To install the Polycom CMA Desktop application from the Polycom CMA system

1 Connect a webcam to your computer and install the camera software using the instructions you received with the webcam.

2 Open a browser window and in the Address field enter the Polycom CMA system server IP address.

— If prompted to install the Adobe Flash Player, click OK.

— If you receive a Security Alert, click Yes.

3 When the Polycom CMA system login screen appears, enter your standard network Username and Password.

4 Click Login.

5 From the Polycom CMA system toolbar, click Downloads.

6 Click Polycom CMA Desktop.

7 Save the software to your local system, and then double-click it. The installation program launches automatically.


9 When prompted for the server location, select Automatic.

10 When you are asked if you would like to sign in using your network credentials, click Yes.

11 Click Sign In.

Once the system signs you in, you’re ready to connect to anyone else using Polycom CMA Desktop or other video endpoints systems.

12 Close the Polycom CMA system Downloads screen and click Log Out.


Polycom, Inc. 31

Option 3: Distribute the Polycom CMA Desktop client via a desktop management or group policy object

The Polycom CMA Desktop client is a standard .msi or .exe installation file and as such can be distributed via a desktop management or group policy object should your company have such processes and tools available to it.

To distribute the Polycom CMA Desktop client .msi or .exe installation file via a desktop management or group policy object, you must:

1 Build a desktop management or group policy object that writes the .msi or .exe installation file to a directory (for example, C:\temp) on the user’s local system.

2 Create installation instructions and put them into an email to be sent to users. Edit the following sample instructions (the procedure encased by the dashed lines) for your situation.

To install Polycom CMA Desktop from the .msi file


2 Choose Start > Run.

3 Enter this command:

msiexec /qn /i "C:\temp\CMA Desktop.msi"


5 When prompted for the server location, select Automatic.

When the installation program is complete, the Polycom CMA Desktop client starts. The Sign In screen displays your <DOMAIN>\<username> in the Sign in as field.

6 Click Sign In.

Once the system signs you in, you’re ready to connect to anyone else using Polycom CMA Desktop or other types of video conferencing systems.


32 Polycom, Inc.

Option 4: Distribute the Polycom CMA Desktop client via a .zip file

To distribute the Polycom CMA Desktop client .msi or .exe installation file via a .zip file, you must:

1 Download the .msi or .exe installation file to a local system.

2 Create a .zip file using your favorite compression tool.

3 Create installation instructions and put them into an email with the .zip file to be sent to users. In the email, you must also include the IP address of the Polycom Video Border Proxy system.

Edit the following sample instructions (the procedure encased by the dashed lines) for your situation.

To install Polycom CMA Desktop from the .zip file


2 Save the .zip file to your local system.

3 Extract the .msi or .exe installation file from the .zip file.

4 Run the installation file.


6 When prompted for the server location, select Specify and enter the following IP address: ____________________________

When the installation program is complete, the Polycom CMA Desktop client starts. The Sign In screen displays your <DOMAIN>\<username> in the Sign in as field.

7 Click Sign In.

Once the system signs you in, you’re ready to connect to anyone else using Polycom CMA Desktop or other types of video conferencing systems.


Polycom, Inc. 33

Polycom HDX SystemsPolycom HDX video conferencing systems are state-of-the-art visual collaboration tools that provide crisp, clean, high-definition (HD) voice, video, and content. The series has models that include room and executive desktop models.

In dynamic management mode, Polycom HDX systems support the Polycom Visual Communication experience of automatic provisioning, automatic softupdate, and presence.

In standard mode, Polycom HDX systems support gatekeeper registration, GAB support, scheduled provisioning, scheduled softupdate, and other standard conferencing experiences.

Polycom HDX System DeploymentPolycom HDX systems version 2.5 can be deployed in standard or dynamic management mode. Polycom HDX systems released before version 2.5 can be deployed in standard management mode only.

In dynamic management mode, you can simply install a Polycom HDX system onto the network. Once on the network, a Polycom HDX system in dynamic management mode is configured to automatically discover the Polycom CMA system via its DNS service record and register with the Polycom CMA system. The endpoint system then prompts the user to complete the system setup. If the user accepts, the endpoint system pulls provisioning and softupdate data from the Polycom CMA system and then restarts to implement the downloaded provisioning data.

If this automatic provisioning process doesn’t work in your environment, for example in a static IP environment or in some 802.1 networks, you have two options.

• On the Polycom HDX system, go to System > Admin Settings > Global Services > Provisioning Service to enable automatic provisioning with the Polycom CMA system. For more information, see the Administrators Guide for Polycom HDX Systems.

• You can create a USB boot device that contains the minimum information required for automatic discovery, automatic provisioning, and automatic softupdate.

To create a USB boot device

1 On a desktop system, create a /usb_oob/general directory.


34 Polycom, Inc.

2 Use a text editor to create the following .dat files within the /usb_oob/general directory. These files provide the minimum information required for automatic discovery.

— provisionserveraddress.dat should contain just the IP address of the Polycom CMA system, for example 172.60.23.4

— ldapuserid.dat should contain just the User ID for the user i.e., his or her network login, for example jsmith

— ldappassword.dat should contain just the password for the user i.e., his or her network password

— userdomain.dat should contain just the domain that includes the Polycom HDX system

3 Copy the /usb_oob/general directory onto a USB storage device.

To use a USB boot device

1 Install the Polycom HDX system as described in the accompanying printed set up guide, but do not turn on the device.

2 Connect the USB boot device to the system’s USB port and turn on the Polycom HDX system.

3 Complete the setup wizard. Do not remove the USB boot device until the system has completed the setup wizard.

Standard Endpoints SupportedThe Polycom CMA system can also register the following devices in standard mode. Standard mode does not support automatic provisioning, automatic softupdate, and presence.

• Polycom HDX systems in non-dynamic management mode

• Polycom ViewStation systems

• Polycom ViewStation FX and EX systems

• Polycom V Series and VSX Series systems

• Polycom PVX client systems

NoteThese files provide the minimum information required for automatic discovery in most situations. Appendix A lists all of the .dat files that the Polycom HDX system can read from the USB memory device. Depending upon your environment, you may need some of these additional .dat files.


Polycom, Inc. 35

Task 3: Set Up Automatic and Scheduled Provisioning and Softupdates

To set up automatic provisioning and softupdate

1 Create automatic provisioning profiles for endpoints that the Polycom CMA system supports in dynamic management mode.

2 Edit the Site Provisioning Details for each site to add the additional automatic site provisioning details.

3 Set up automatic softupdate profiles for endpoints that the Polycom CMA system supports in dynamic management mode.

To set up scheduled provisioning and softupdates

1 Create scheduled provisioning profiles for endpoints that the Polycom CMA system supports in standard mode.

2 Create scheduled softupdate profiles for endpoints that the Polycom CMA system supports in standard mode.

3 Schedule provisioning and softupdates for endpoints that the Polycom CMA system supports in standard mode.

Third-Party Endpoint SupportThe Polycom CMA system supports gatekeeper registration and Global Address Book registration of the following third-party endpoints:

• Sony PCS Version 03.00

• Tandberg MXP Series endpoints, version NTSC including the 990, 880 and 770

• Aethra Maia Starr Version 5.1.35

• VCON (Galaxy and Vigo) Version 0202.M05.D28.H12

• VTEL, all versions


36 Polycom, Inc.

Polycom, Inc. 37

7Testing the Deployment

The following table describes some of the tests you may perform to verify your system deployment. What tests you perform are dependent on your configuration, so not all of these tests may apply to your situation and additional tests may help verify your configuration.

Feature Result

Conference Scheduling

• Create Different Templates

• Schedule Point to Point Call with Web Browser

• Schedule Multi-Point Call with RMX/MGC Web Browser

• Schedule Multi-Point Call with Video System enabled with MP License Web Browser if Applicable

• Schedule above with Outlook or Notes Plug-in if Applicable

• Schedule a Conference and Allow “Rogues”

• Change / Cancel a Meeting

Conference Management

• Extend Time of Conference

• Mute, Disconnect, Send Message to Participants

Call Control (Gatekeeper)

• Review List of Registered End Points

• Review Log (troubleshoot) End Point Connection


38 Polycom, Inc.

• Create a Dial Plan and Test

• Create Least Cost Routing Table and Test (if ISDN and Applicable)

Global Address Book (GAB)

• Add, Change and Remove GAB Entries

• Test GAB Access from End Point

Device Provisioning

• Create Provisioning Profile

• Schedule Provisioning

• Softupdate to Upgrade Software

Reports

• Call Detail Report

• Other Reports

CMA Desktop Video

• Installation

• Adding Contacts to “Buddy List” (Add other CMA Desktop users, Room Systems and Bridge Meeting Rooms)

• Test Video and Audio quality

• Test Content Sharing

Feature Result

Polycom, Inc. 39

APolycom HDX System Configuration Files

The following table lists all of the .dat files that the Polycom HDX system can read from the USB boot device.

You can either put these files in a /usb_oob/general directory or in a /usb_oob/<serial_number> directory on a USB storage device.

• Provisionable configuration files in the /usb_oob/general directory are copied to the Polycom HDX system unconditionally.

• Provisionable configuration files in the /usb_oob/<serial_number> directory are copied to Polycom HDX system only when the <serial_number> matches the serial number of the endpoint.

• If the same file exists in both the /usb_oob/general and /usb_oob/<serial_number> directories, the copy in the /usb_oob/<serial_number> directory takes priority.

.dat File Name Description Value Range Content Example

langwithcntry Language and country Text string English/en

connecttomylan Enable or disable LAN interface False, True

lanportspeed LAN speed Auto, 10_Mbps, 100_Mbps, 1000_Mbps

landuplexmode LAN duplex Auto, Full, Half

dot1xenabled Enable or disable 802.1X authentication

False, True

dot1xid 802.1X authentication user id Text string johnsmith

dot1xpwd 802.1X authentication password Text string johnsmithpassword

vlanmode Enable or disable VLAN False, True

vlanid VLAN ID Integer in [2,4094]

100


40 Polycom, Inc.

dhcp_flg Enable or disable DHCP client Client, Off

hostname Host name of the Polycom HDX system

Text string hdx334

userdomain Domain of the user account used to log into the provisioning server

Text string polycom.com

domainname Domain of the Polycom HDX system, which will be set by the network itself if DCHP is provisioned

Text string

ipaddress IP address of the Polycom HDX system

IP address 172.18.1.222

subnetmask Subnet mask of the Polycom HDX system

255.255.255.192

defaultgateway IP address of the default router IP address 172.18.1.65

dnsserver DNS server IP address 172.18.1.15

dnsserver1 Alternate DNS server IP address



provisionserveraddress IP address of the Polycom CMA server

IP address or host name

polycomCMA.polycom.com

ldapuserid LDAP user id Text string johnsmith

ldappassword LDAP password Text string johnsmithpassword

.dat File Name Description Value Range Content Example

Polycom, Inc. 41

BSystem Security and Port Usage

This section provides an overview of the port usage and security required by the Polycom® Converged Management Application™ (CMA™) system system and includes a comprehensive list of services and clients on the system that are required for normal operation.

Port UsageThe Polycom CMA system in this release is designed to sit behind your corporate firewall. The following sections describe inbound and outbound ports on the Polycom CMA system.

Open Inbound Ports on the Polycom CMA SystemThe following table lists the open ports on the Polycom CMA system and provides a description of their use.

Port Description

TCP 80 HTTP web server, through which the web application displays and where Polycom endpoints post status messages

UDP 123 Network Time Protocol (NTP) listener

TCP 135 Microsoft RPC listener

TCP/UDP 137 NetBIOS name service listener

TCP/UDP 139 NetBIOS SMB listener

TCP/UDP 161 SNMP listener

TCP 389 Directory services (LDAP)

TCP 443 HTTPS web server listener

TCP 700 Service monitor for redundant Polycom CMA servers


42 Polycom, Inc.

Outbound Ports Used by the Polycom CMA SystemThe following table lists all outbound ports that the Polycom CMA system uses to communicate with other systems, including endpoints, bridges, database servers, and other network equipment.

TCP 1042 .NET listener used for the Microsoft SQL Server

TCP 1063 .NET listener

TCP/UDP 1167 .NET listener

TCP/UDP 1433 Internal MSDE server listener on this port, which enables views into the database from outside the Polycom CMA system

TCP/UDP 1720 The gatekeeper listener for RAS messages

TCP 2773 Codec manager for remote control of iPower endpoints

TCP 3601 Global Address Book listener with which endpoints register

TCP 5222 Presence service (XMPP)

TCP 8085-8088 .NET listener for remote access

Port Description

Port Description

TCP 20Used to FTP data to endpoints

TCP 21

TCP/UDP 24 Used to access the telnet interfaces on endpoints

TCP/UDP 25 Used to send email messages to SMTP servers

TCP/UDP 53 Used to access domain name servers (DNS)

TCP 80 Used to access the web application on endpoints and MGCs, version 7.x and higher

TCP 135TCP 137TCP 139

Active Directory Single Signon (NetBios/NTLM)

TCP/UDP 389 Used to access LDAP services

TCP 443 Secure access to endpoint devices (SSL) including CMA Desktop

TCP 445 Active Directory Single Signon

TCP 1205 Used to access MGCs for management and monitoring

System Security and Port Usage

Polycom, Inc. 43

TCP/UDP 1719 Used by the gatekeeper for H.323 datagrams

TCP/UDP 1720 Used by the gatekeeper for H.323 RAS messages

TCP/UDP 3268 Used to access the Active Directory Global Catalog

TCP 5001 Used to access MGCs for management and monitoring

TCP 5222 Presence service (XMPP)

Port Description


44 Polycom, Inc.

Polycom, Inc. 1

Index

Ddocuments, predeployment 16

Eendpoints

third-party 35See also devices

Oopen ports

list of 41

Pports used by the Polycom CMA system

list of 42predeployment documents 16

Ssupported third-party endpoints 35

Tthird-party endpoints 35TitleChapter 39


2 Polycom, Inc.