Core Prerequisites

Server Specification

Hypervisor Specification

Anywhere365 is supported on both Vmware and Microsoft Hyper-V hypervisor platforms. Anywhere365 should be treated as any other Microsoft Skype-for-Business Server and therefore hypervisors should be configured in accordance to the “Planning a LyncMicrosoft Lync (formerly Microsoft Office Communicator) is an instant messaging program designed for business use and is the successor of Windows Messenger. In order to use Lync, a Microsoft Lync Server is required. Server 2013 Deployment on Virtual Servers” technical whitepaper:

https://www.microsoft.com/en-us/download/details.aspx?id=41936

 

Virtual Server Specification

The deployment of Anywhere365 in an active / standby configuration, requires two identically configured and resourced virtual servers. These should be located in the same VLAN and datacenter as the Skype-for-Business Front End Pool that they will be connected to. It is recommended to provision the Anywhere365 virtual servers on separate hypervisors. The following specification should be provisioned for each server.

Component

Specification

Virtual CPU

8 vCPUs (2.26GHz each)

Memory

32GB

Operating System Hard Drive

72GB SAS 15K or SSD (Read IOPs: 700, Write IOPs: 350)

Data Hard Drive

50GB SAS 15K or SSD (Read IOPs: 700, Write IOPs: 350)

Operating System

Windows 2012 R2 Standard or higher, fully patched

Best practices indicate that it is possible to handle up to 500 concurrent audio calls, or 200 concurrent audio calls if recording is enabled, when the recommended specifications are in place. The exact number of concurrent audio calls should be monitored using the Anywhere365 KPI “Concurrent AudioCalls” (summed for all instances). Please note that when adding any other dialogs like web chat on an UCCUCC stands for Unified Contact Center and consists of a queue that can be handled by Agents Each Contact Center has its own settings, interactive voice response questions and Agent with specific skills. Agents can be member of, or sign up to, one or more Contact Centers. lowers the above numbers.

 

Service Accounts

In order to install Anywhere365 a number of Service Accounts need to be created in Active Directory. These accounts must have a password policy set to never expire.

Installation Account

Parameter

Value

Display Name

A365 Installation Account

Pre-Windows 2000 Log-on name

domain\username

User Principal Name

username@domain.extension

Password

Required

Description

Account used to install the Anywhere365 software

Security Group Membership

  • Domain Users
  • CsAdministrator
  • RTCUniversalServerAdmins

Other Requirements

  • Local Administrator on all Anywhere365 servers
  • Local Administrator on all Skype-for-Business server file shares
  • Content Manager on SQL Reporting Services Home Folder
  • RDP Access to all Anywhere365 and Skype-for-Business Servers
  • Super Admin privileges to the SQL Instance housing the CDR Database

 

Unified Contact Center Service Account

Parameter

Value

Display Name

A365 Service Account

Pre-Windows 2000 Log-on name

domain\username

User Principal Name

username@domain.extension

Password

Required

Description

Service account used to start and stop the UCC server services and connection to the CDR database

Security Group Membership

  • Domain Users
  • RTCUniversalReadOnlyAdmins

Other Requirements

  • Log on as a Batch Job and Log on as a Service right on the local security policy of each Anywhere365 server
  • Site Administrator permission on Anywhere365 SharePoint site
  • DB Data Writer on CDR Database
  • DB Data Reader on CDR Database
  • Protect from Accidental Deletion
  • Local Administrator on all Anywhere365 servers

 

Reporting Service Account (optional)

Parameter

Value

Display Name

A365 Reporting Service

Pre-Windows 2000 Log-on name

domain\username

User Principal Name

username@domain.extension

Password

Required

Description

Service account for SQL Reporting Service to access the CDR database for report generation

Security Group Membership

  • Domain Users

Other Requirements

  • DB Data Reader on CDR Database
  • Protect from Accidental Deletion

 

Security Groups

In order to configure roles based access control to the Anywhere365 system a number of Active Directory Security Groups are required. Please provide the following.

Note: Naming conventions can be changed to suit company policy. In the event of a change, please change accordingly in this document.

 

System Administrators

Parameter

Value

Security Group Display Name

A365 Administrators

Description

Security Group where members will be able to administer the system

UPNIn Windows Active Directory, a User Principal Name (UPN) is the name of a system user in an email address format. A UPN (for example: john.doe@domain.com) consists of the user name (logon name), separator (the @ symbol), and domain name (UPN suffix).

UCC-ADMINS

Members

All Telephony Admins

All Managed Services Members

All Technical Consultants

A365Install

 

Report Viewers

Parameter

Value

Security Group Display Name

A365 Report Viewers

Description

Security Group containing members who are allowed to view reports

UPN

UCC-RPT-VIEW

Members

UCC-ADMINS

UCC-MNGR-UCC Name (of each Contact Center)

 

UCC Groups

It advised to create two Security Groups for each UCC. The first group contains the Contact Center Managers, the second group contains the Contact Center Agents.

The Contact Center Manager Security Groups should be added to the Report Viewer Security Group

Parameter

Value

Security Group Display Name

A365 UCC Name Managers

Description

Security Group containing the managers of the contact center UCC Name

UPN

UCC-MNGR-UCC Name

Members

All Contact Center Managers of the UCC UCC Name

 

Parameter

Value

Security Group Display Name

A365 UCC Name Agents

Description

Security Group containing the Agents of the contact center UCC Name

UPN

UCC-AGT-UCC Name

Members

All Contact Center Agents of the UCC UCC Name

 

 

Anywhere365 Server Pre-Requisites

The following section details how each Anywhere365 application server should be built. To ensure an efficient deployment, it is your responsibility (together with your partner(s) if needed) to implement these prerequisites before Anywhere365 is installed. Your dedicated Anywhere365 project lead can answer any questions you may have about the prerequisites.

Hardware

  • Windows Server with OS 2012 R2 or higher
  • Application Server is Domain Joined
  • Application Server is Fully Patched
  • Application Server has 4 (or more) cores
  • Application Server has 16 GB (or more) RAM
  • Application Server has 80 GB (or more) hard disk capacity

Detailed Server Requirements

 

Windows Features

 

  • OS 2016
    Windows Features installed:
    • Web-Asp-Net
    • Web-Mgmt-Console
    • Web-Static-Content
    • MSMQ
    • NET-Framework-Core
    • NET-HTTP-Activation
    • NET-Framework-45-Core
    • NET-WCF-HTTP-Activation45
    • Web-Asp-Net45
    • .NET Framework 4.7.1

 

  • OS 2019
    Windows Features installed:
    • Web-Asp-Net
    • Web-Mgmt-Console
    • Web-Static-Content
    • MSMQ
    • NET-Framework-Core
    • NET-HTTP-Activation
    • NET-Framework-45-Core
    • NET-WCF-HTTP-Activation45
    • Web-Asp-Net45

Skype Components

 

Security

Note: Any intrusion detection and/or (deep) packet inspection protocols need to be optimized not to cause any detrimental latency to real time voice, video and data communication that Anywhere365 relies on.

Opened Firewall ports for A365 (if applicable; check table for a complete overview)

Port

Source

Destination

Remark

TCP 80

Client Machines

Anywhere365

A365 web services over http

TCP 443

Client Machines

Anywhere365

A365 web services over https

TCP 445

Front End

Anywhere365

Skype CMS Replication

TCP 1433

SQL

Anywhere365

SQL Connectivity

TCP & UDP 3389

Client Machines

Anywhere365

Remote Desktop Connection

TCP 5061

Front End

Anywhere365

SIPThe Session Initiation Protocol (SIP) is a protocol to make multimedia communication (audio, video and other data communication) possible and it is also used for Voice over IP (VoIP). SIP has similarities with other Internet protocols such as HTTP and SMTP. communications

TCP 6000-6100

Front End

Anywhere365

Port range for Trusted Applications

TCP 10000

Front End

Anywhere365

A365 InterceptorThe Interceptor is a service installed on the Lync / Skype for Business Front End(s). It monitors all the calls going over it. When a call going to or coming from an Agent it will come in to action. By intercepting that call and redirecting it you the Anywhere365, it lets you manage the Direct Inbound and Outbound dialogues of the Agents.

TCP & UDP 41000-65535

Front End

Anywhere365

Media flow; please note this is the default port range, it can differ in your deployment

 

Port

Source

Destination

Remark

TCP & UDP 53

Anywhere365

AD

DNS Queries

TCP 80

Anywhere365

SharePoint

SharePoint over http

TCP 80

Anywhere365

SQL Reporting

SQL Server Reporting Services over http

TCP 135

Anywhere365

SQL

SQL Server Management Studio

TCP 443

Anywhere365

SharePoint

SharePoint over https

TCP 443

Anywhere365

SQL Reporting

SQL Server Reporting Services over https

TCP 443

Anywhere365

Edge

SRTP, ICE, STUN & TURN

TCP 448

Anywhere365

Front End

Bandwidth Policy Service

TCP 1433

Anywhere365

SQL

SQL Connectivity

TCP & UDP 1434

Anywhere365

SQL

SQL Dedicated Admin Connectivity

TCP & UDP 1434

Anywhere365

SQL Reporting

SSRS Dedicated Admin Connectivity

TCP 2382

Anywhere365

SQL

Analysis Services

UDP 3478

Anywhere365

Edge

Edge Connectivity

TCP 4022

Anywhere365

SQL

Service Broker

TCP 5061

Anywhere365

Front End

SIP communications

TCP 8057

Anywhere365

Front End

Web Conferencing

TCP & UDP 41000-65535

Anywhere365

Front End

Media flow; please note this is the default port range, it can differ in your deployment

 

Added Anti-Virus exclusions (if applicable; check table for the required exclusions)

Folder

Default

Remark

Anywhere365 Install folder

C:\Program Files\Anywhere365

Folder containing the A365 application

Anywhere365 Data folder

C:\Program Data\Anywhere365

Folder containing the A365 service cache, logs and config files

Web Application Root folder

C:\inetpub\wwwroot

Folder containing all A365 web services

RTCReplicaRoot folder

C:\RTCReplicaRoot

Folder containing the Skype Replica

Pagefile Location

C:\Pagefile.sys

Folder used as overflow for physical memory

 

Monitoring

  • CPU above 90%
  • Memory above 95%
  • Hard Disk Free Space less than 12 GB on C:\
  • Hard Disk Free Space less than 5GB on D:\
  • Hard Disk Read / Write Latency less than 5ms
  • Network Receive less than 500Mbps
  • Network Send less than 500Mbps
  • Unified Contact Center Windows Service: Running
  • Anywhere365 Heartbeat KPI, repeated for each UCC, should be 1 for online, 0 (zero) for offline
  • Anywhere365 SharePoint Connected KPI, repeated for each UCC, should be 1 for online, 0 (zero) for offline
  • Anywhere365 Not Established Endpoints KPI, repeated for each UCC, should be 0 (zero) for active, greater than 0 for inactive
  • Anywhere365 Concurrent Audio Calls KPI, summed for each UCC, should be lower than 500 with recommended specs; 200 if call recording is enabled)
  • Anywhere365 Last Conference Creation Time KPI, repeated for each UCC, should be lower than 1500
  • Anywhere365 Last App Join Time KPI, repeated for each UCC, should be lower than 1500
  • Anywhere365 Last Customer Join Time KPI, repeated for each UCC, should be lower than 1500
  • Event Viewer Monitoring Applications and Services Logs > Unified Contact Center
  • Optionally Log File Monitoring D:\Program Files\Anywhere365\Core\Log\UCC_Log.txt – monitor for ERROR events

 

Skype-for-Business Pre-Requisites

The installation requires a working Skype-for-Business Server Front End Server Pool (or Microsoft Lync 2013). It is assumed that this is already configured and in a production state prior to installation of Anywhere365.

Please ensure that your Skype-for-Business configuration meets the following requirements:

Mandatory Requirements

Mandatory DR Requirements (if DR required)

  • Pool pairing configured and tested
  • Mediation Server located in DR location
  • PSTN connection in DR location from same carrier as primary (note: for inter-continental failover a global SIP provider may be required)
  • Skype-for-Business Enterprise Voice multi-path failover configured

Optional Requirements (unless otherwise stated)

 

For Anwhere365 Reporting: (on the Application server)

  • SQL Server Reporting Services (SSRS) 2012 or higher

  • (Optional) Reporting Services configured on SharePoint Server**

  • The Installation account has “Content Manager” rights on the Home folder

Optionally SQL Server Database for Anywhere365: (on the database server)

By default SQL Server Express will be installed on the application server to host the database required for Anywhere365. It is also possible to host the database on a separate database server, in this case at least a SQL Server 2012 database should be created (optionally in a separate SQL Instance).

  • SQL Server 2012 Database or higher

  • SQL Instance (optional)

 

Configure a New Trusted Application Server

To successfully publish, enable, or disable a topology when adding or removing a server role, you should be logged on as a user who is a member of the RTCUniversalServerAdmins and Domain Admins groups. It is also possible to delegate the proper administrator permissions and rights for adding server roles. For details, see Delegate Setup Permissions in the Deployment documentation. For other configuration changes, only membership in the RTCUniversalServerAdmins group is required.

To configure a trusted application server

Run on the first Front End Server in the Topology

  1. Start Topology Builder as a member of the Domain Admins group and the RTCUniversalServerAdmins group.

    Note If Topology Builder is not available, install or run on another Skype for Business Server.

  2. Select Download topology from existing deployment, and then click OK.

  3. In the Save Topology As dialog box, click the Topology Builder file you want to use, and then click Save.

  4. In the left pane, right-click Trusted application servers, and then click New Trusted Application Pool.

  5. Enter the Pool FQDNA fully qualified domain name (FQDN), sometimes also referred as an absolute domain name, is a domain name that specifies its exact location in the tree hierarchy of the Domain Name System (DNS). of the trusted application pool, select whether it will be a single-server or multiple-server, and then click Next.

  6. On the Select the next hop page, from the list, select the Front End pool.

  7. Click Finish.

  8. Select the top node and then, from the Actions menu, click Publish Topology.

Continue on the Anywhere365 Application Server

  1. Run Bootstrapper from Skype for Business DVD, to install Deployment Wizard.
  2. Run Deployment Wizard installer
  3. Click "Install or Update Skype for Business Server System"
  4. Complete all four steps of the Lync/Skype Deployment Wizard

The Trusted Application Pool should have been created successfully and associated with the correct Front End pool.