Microsoft has just released a really neat tool that threatens to make obsolete all of my OCS Edge-related blog material :) Seriously, as complicated as it can be to design and configure an Edge deployment when reading through the deployment guides, the Perimeter Network white paper, blog articles, and any other resources this tool can help clear up things ten-fold. I think just the existence of this tool goes on to underscore just how complicated an Edge design and deployment can be when so many external parameters can affect the design.
Tom Laciano’s latest blog briefly covers the release of the Edge Planning Tool for Microsoft Office Communications Server 2007, as well as hints to a future OCS team blog covering the tool. With that in mind I won’t go into too much detail in an effort to not be redundant.
Update: The R2 version of the Edge Planning Tool can be downloaded here:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=ec4b960c-3fe2-41bd-abdf-ae89cfcb8c6c
Simply put, the planning tool takes a lot of the guesswork out of the Edge configuration by asking straight forward questions about the design of the current network, the configuration of the Edge server, specific IP addresses, etc. The process identifies where best practices are observed and where they are ignored, summarizing everything in separate reports upon completion.
You’ll need to install .NET Framework 3.5 on the host before installing the tool, but it can be run on any workstation; it does not need to be installed on a server like the BPA tools typically are.
Once launched, you’ll be presented with a step-by-step questionnaire that runs through the following topics:
- Perimeter Network
- Internal and/or External firewalls?
- Topology
- Consolidated, Single-Site, or Scaled Single-Site?
- Operating System
- Using Windows 2003?
- Using 32-bit platform?
- Certificates
- External certificates issued by Third Party CA or Windows Server 2003 CA?
- Internal certificates issued by Windows Server 2003 CA or Third Party CA?
- SIP Domains
- Enter all defined SIP domains.
- Edge Server
- Deploy Web Conferencing?
- Deploy A/V?
- Two network adapters in the Edge Server?
- Access Edge
- Provide FQDN, external firewall IP address, external interface IP address, and TLS port number.
- Web Conferencing Edge
- Provide FQDN, external firewall IP address, external interface IP address, and TLS port number.
- A/V Edge
- Provide FQDN, external IP address, TCP and UDP port numbers and ranges.
- Consolidated Edge
- Provide internal FQDN, internal interface IP address, MTLS and TCP port numbers.
- Director
- Currently deployed?
- Standard or Enterprise?
- Provide FQDN and IP address or server or virtual pool.
- Provide FQDN(s) of any Web Conferencing Pool servers.
- Remote Access
- Functionality desired?
- Allow anonymous conference access?
- Automatic Discovery
- Functionality desired?
- Federation
- Functionality desired?
- Allow discovery of Federated Partners (Open Federation)?
- Configure an Allow List?
- Provide SIP domains and Access Edge Server FQDN’s for desired federations.
- Public IM Connectivity (PIC)
- Functionality desired?
- Has PIC already been provisioned and licensed from the MVLS portal?
- Was PIC previously in use with LCS 2005 SP1?
- Provide the FQDN of the LCS 2005 Access Proxy.
- Reverse Proxy
- Provide FQDN, external firewall IP address, external interface IP address, and TLS port number.
- Provide internal IP address of the Reverse Proxy.
After completing the entire questionnaire the planning tool will create a number of completely customized reports:
The Best Practices Report compares the settings to Microsoft best practices and outlines which components either meet or fail to meet those requirements. A general list of common mistakes is also displayed for review.
The OCS Admin Report contains all of the specific configuration information that an administrator would need to setup the Edge servers, divided into 5 sections:
- Edge Report
- Reverse Proxy Report
- Next Hop Report
- Edge Server Configuration Documentation
- Internal Director / Pool Configuration Documentation
The Certificate Report lists the Subject Name and Subject Alternative Name values, as well as the type (public CA versus private CA) of certificate required for each component.
The Firewall Report details the rules, ports, traffic flow direction, and offers guidance on how to configure internal and external Perimeter firewalls to support the Edge server and Reverse Proxy rules.
The DNS Report lists all required name records with type, FQDN, and IP address as well as some optional recommendations for using additional SRV records.
And finally the Custom Documentation tab contains a step-by-step report complete with screen shots which walk through the process of configuring the Edge Server to communicate with the internal Front-End or Director servers. It also includes the same level of detail for changes required on the Front-End or Director server in order to use the newly deployed Edge server.
All of these reports can be exported to a web browser and then saved which make the task of documenting your working environment a snap. Even if you’ve already deployed an Edge presence in OCS I’d recommend walking through this tool simply to see where you stand on best practices and to create a customized configuration document to file away with your disaster recovery documentation.