[cisco-voip] IM&P - Jabber for Everyone, MRA and private/public IP addressing

Wed Jul 29 05:21:00 EDT 2015

does expressway support third party xmpp clients? I saw a no yes it does.
You just have direct to xmpp-client srv to the expressway. I also use it
for federation with external lync
On 28 Jul 2015 3:07 am, "Anthony Holloway" <avholloway+cisco-voip at gmail.com>
wrote:

> I just want to raise a point for us voice people, who do not typically
> live in the security world, but a compromised Expressway-E with one leg in
> the Internal swimming pool could compromise your entire internal network.
> The dual interface option would be best deployed with two DMZs on the
> firewall to remain control of the traffic which egresses the Expressway-E
> towards the inside.
>
> Something like DMZ1 and DMZ2, or simply DMZ (existing DMZ at customer
> site) and CollabEdge (new DMZ name for Expressway-E).
>
> Don't ask me how this compromise could happen, as I'm not a hacker, but I
> would think anyone with a black hat night hobby could explain buffer
> overruns and gaining the ability to run commands on the remote system as
> root.
>
> On Mon, Jul 27, 2015 at 9:13 AM Matthew Loraditch <
> MLoraditch at heliontechnologies.com> wrote:
>
>>  Inline
>>
>> Feel free to ask me more. I haven’t done it at your scale, but I have the
>> entire expressway feature set deployed.
>>
>>
>>
>> Matthew G. Loraditch – CCNP-Voice, CCNA-R&S, CCDA
>> Network Engineer
>> Direct Voice: 443.541.1518
>>
>>  Facebook <https://www.facebook.com/heliontech?ref=hl> | Twitter
>> <https://twitter.com/HelionTech> | LinkedIn
>> <https://www.linkedin.com/company/helion-technologies?trk=top_nav_home>
>> | G+ <https://plus.google.com/+Heliontechnologies/posts>
>>
>>
>>
>> *From:* cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] *On
>> Behalf Of *Lelio Fulgenzi
>> *Sent:* Monday, July 27, 2015 9:55 AM
>> *To:* cisco-voip at puck.nether.net
>> *Subject:* [cisco-voip] IM&P - Jabber for Everyone, MRA and
>> private/public IP addressing
>>
>>
>>
>>
>>
>> Just curious what people's thoughts are about Jabber for Everyone, MRA
>> (via expressway) and private/public IP addressing of the presence servers.
>> I've tried to find some documents that explain things, even in summary
>> format, but with no luck.
>>
>>
>>
>> My (random) concerns:
>>
>>
>>
>> - does expressway support third party xmpp clients? No
>>
>> - does expressway support jabber for everyone? (IM&P only) Yes
>>
>> - does expressway scale to the possibly 25,000 IM users I might have?
>> No, See here:
>> http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/srnd/collab10/collab10/sizing.html#pgfId-1284691
>>
>> I would doubt you’d ever have all 25k users off site though… expressway
>> is only for remote users
>>
>> - expressway does not support all the on premise features, like file
>> transfer -
>> http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/release_note/Cisco-Expressway-Release-Note-X8-5-1.pdf
>>
>> Scroll to page 7 bottom
>>
>> - do i use private or public IP addresses? Your expressway-e(s) is/are
>> the only server(s) that gets exposed to the internet and even then you can
>> NAT it and use 2 interfaces, one internal and one DMZ
>> - no real details on how to deploy presence server on public IP but still
>> use expressway for UC – You don’t put a Presence server on a public ip.
>> All External (MRA/XMPP/B2B) is via Expressway if you have it.
>>
>>
>>
>> Any ideas or pointers would help... Thanks!
>>
>>
>>
>> Lelio
>>
>>
>>
>>
>>
>>
>>
>> ---
>> Lelio Fulgenzi, B.A.
>> Senior Analyst, Network Infrastructure
>> Computing and Communications Services (CCS)
>> University of Guelph
>>
>>
>>
>> 519‐824‐4120 Ext 56354
>> lelio at uoguelph.ca
>> www.uoguelph.ca/ccs
>> Room 037, Animal Science and Nutrition Building
>> Guelph, Ontario, N1G 2W1
>>
>>
>>  _______________________________________________
>> cisco-voip mailing list
>> cisco-voip at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150729/3eefe0c6/attachment.html>