Video conferencing for one state organization: why we need hardware solutions

Telepresence Studio

So, once we won a tender for the creation of video conferencing (video conferencing) for one government customer, whose experts must constantly interact with various ministries and departments of the CIS countries and not only. The server core of the system should have been in Moscow at the customer. Another important thing is two large halls, talks, a telepresence studio, and personal terminals for management. In general, a lot of iron.

We are often asked why it is impossible to get by with some kind of instant messengers like Skype for business. Using this project as an example, it will be very convenient to show why we need exactly our own tunnels and our own server core.
')
So let's first look at the infrastructure of the entire project of equipping the complex of buildings by floor.

We are talking about two buildings in Moscow. We look at the first building:



Here, as you can see, everything is simple: there are negotiations on floors 6–9 where people gather in front of the camera and talk to other people in another meeting, plus there are regular personal terminals.


Talk


Workplace

We look at the second building:



It's all a little more complicated in terms of iron, but at the same time the needs are by and large the same. And now we look at the third building, which is also located in Moscow.

It also looks pretty simple, right?

Unless you introduce it with your hands, the project is simply monstrous in size, one of the largest in the country. It took place in four stages, each of which lasted about 90 days. As part of the first server core was built, equipped with large and small meeting rooms and part of the meeting rooms. At the second stage, we helped the customer move from the old building to two new offices, plus we increased the capacity of the server core and connected new meeting rooms to the video conferencing system. During the third, they created a telepresence studio, implemented the ability to connect external unregistered users to the VCS session. At the fourth stage, we carried out a global modernization of the conference hall (previously we completely transferred it from the old office to the new one without any changes). Here we replaced the wireless conference system with a wired one, since the electromagnetic fields of the room did not bring the wireless audio signal well). Plus, they equipped the press center with VKS equipment and further expanded the capacity of the server core. Video walls instead of projectors began to be used as means of displaying content. Well, etc.

The project grew, and the server node increased. And this is even more media ports, more connections.

But the scheme of a single server infrastructure, let's now go through all its parts:



The big blue thing is a Cisco MSE 8000 universal modular chassis. Two four-section power supplies (the second for balancing and a reserve), two fan racks, one (but two) control module. And in this thing are modules of multipoint conferences. As much as needs. First 2 modules MCU MSE 8510 through 20 HD720p. Then it became a little. Added one more. Then it took a multipoint for the video studio - diluted with the TS module MSE 8710 ...

Next - application servers. They have the Cisco TelePresence Content Server recording system (each (!) Conference must be recorded according to the schedule) and the VCS network management server software - Cisco TelePresence Management Suite. This includes conference management, global address books, and monitoring of the state of system components ...

Next comes a series of physical servers (which is older) and Cisco virtual machines and another vendor, which provide for managing calls within the system and connecting external participants to conferences in sufficient quantities. This kit is represented by Cisco Unified Communications Manager applications — the famous IP PBX along with Instant Messaging and Presence, Cisco VCS video proxy servers and Cisco Expressway, as well as a solution for connecting unregistered external participants.

The main question is why you can not make it easier?

In general, of course, it is possible, but just because of common thinking, video conferencing is done this way in large companies for purely economic reasons.

Here the specifics are such that it is necessary to communicate often and often almost personally, and it would be extremely difficult to travel each time to visit another country. Therefore, video conferencing greatly pleases all participants. Usually in companies - at a conference a week, and here something is constantly happening, and the iron does not stand idle. Accordingly, the infrastructure of video conferencing should not only be reliable and productive, but also provide a technologically high level of communication. Video terminals are responsible for this; they are sharpened strictly for one task: transmitting video and audio with the highest quality. A large number of such equipment includes a telepresence studio. Let's start with her.

In telepresence studios, people sit at one side of the table, on the other, screens and cameras. In a meeting in another country, the participants do the same at the exact same table. It turns out that opposite to you "sits" telesten, and the table continues into it. Quite realistic and convenient. If the color correction is set up properly and the channel is normal, then there is little difference with the present negotiations, unless you shake hands. In a more complicated case, subscribers are dialed from different places, and each can be seen on a separate screen corresponding to the chair on that side of the table.

Cisco Jabber messengers are integrated in the telepresence studio, because the usual ones would have fallen off long ago, since they do not allow displaying individual subscribers on separate screens - they are accustomed to working with one screen. At large meetings, it is sometimes necessary to display the key speaker on the hall screen, or two key speakers. Here begins the difficulty with the “picture in picture” and the management of the “mosaic”. Messengers just do not know how.


Server node

But what is more important, the question of iron and channels arises. More precisely - the quality of the picture. The same Skype, probably, on an ideal channel and an ideal hardware can produce a picture, like ours. The problem is that if you start counting the cost of the terminal, there will be a surprise: an ordinary desktop for video for large conferences will not be cheaper than a special Cisco terminal with a hardware codec.

Why? Everything is very simple. A number of modern instant messengers are trying to do all the calculations on the client. This is the future of unified communications, and here small computing power is indispensable. Video coding with the scalable H.264 SVC codec or soon H.265 SVC with high resolutions (from FullHD) places very high demands on computing resources and, most importantly, on communication channels.

Next comes the question of the camcorder. And here we are surprised to understand that a quality PTZ USB camera for a system unit costs about the same as an HDMI camera from leading video conferencing vendors. And how to make sound in this system unit? Well, even if one USB speakerphone is enough ... Otherwise, you will have to look for, for example, an audio mixer with a USB output on a PC and a system for suppressing noise, echo and feedback. It is easy to imagine what will be the price of the output. And all this - from different vendors and running Microsoft Windows ... The dream of tech support.

Advanced video conferencing features

The next feature is working with Cisco Jabber software clients. Clients are used mainly during business trips of a manual - in order to keep abreast, so to speak. That is, remotely participate in conferences. Authorization of such users is done on the Active Directory account or on the local CUCM account. But using Cisco Jabber along with authorization mechanisms, despite certain “extra gestures”, is a big plus — encrypting external traffic to make it difficult for the probable adversary's decoder to work, or so that the best moments do not appear on YouTube.

In general, the issue of authorization is very difficult for such systems, and it is the most painful. The fact is that few executives want to fool around to enter the conference correctly. For them, “entering a conference” is identical to entering a telepresence talk.

Well, what if you need to connect from the outside to the conference of an unauthorized employee? If this is a one-time connection? For each uchetok not do it, especially if urgent. In this case, the participant is emailed by a special link. By clicking on which the participant connects to the conference from any available device - from a smartphone, from a tablet or laptop with a camera using a browser plug-in or using WebRTC. Naturally, we can connect a subscriber with a regular telephone to the conference (by calling it via a standard telephone network from one of the gateways).

Channels within the VCS system are protected. Channels behind the port (for example, access to the urban telephone network), obviously, do not, because it is not controlled by the HQS system. It was necessary to pogormoritsya with user access to the conference by reference without software and client, without entering any passwords. At the time of implementation, this was an unusual decision. We connected the traditional at that time Cisco TelePresence video conferencing with the video conferencing of a little-known in Russia, but a promising developer. For then only its technologies could easily connect participants from the browser, by reference, without authorization. True, after a year and a half, such a solution appeared out of the box and at Tsisko, but there was no point in changing the proven bundle.

There are no own physical channels between the customer and the ministries, using the “big Internet” backbones (in fact, there are direct links on the backbone nodes of the key providers). But for special negotiations, studios are used at state telecom operators, to which the customer has tunnels made that are firmly encrypted. These tunnels actually integrate VKS devices into an overlay “local network” with their own rules.

How are the channels of communication

It is well known that budget organizations save on them, trying to use the narrowest possible strip. What helps us to push the most high-quality image with a multi-screen layout in a narrow strip? That's right - the good old H.264 AVC. Sometimes with the addition of High Profile. It is also advisable to add to this the high-quality optics of the video terminal, in order to compensate for the clarity of the picture unimportant indicators along the strip.

And this means that we needed at least a traditional MCU. And this component had to meet the requirements:

• Very reliable (read: modular, with hot swap of all or almost all components);
• Bug-free;
• Very large capacity at the beginning of the project;
• With the possibility of further modernization;
• From a known vendor, because unknown vendors do not produce such things. At the beginning of the project, the choice was almost obvious - Cisco MSE 8000.

Although videoconferencing virtualization in general, and the MCU in particular, has since widely launched its hands on the videoconferencing system, but then it was only necessary to dream about it. It took a heavy iron - and more.

But what is important, the customer did not lose. Equipment is more than relevant today. No upgrades, transitions to the new chassis, body ... Only the addition of media modules and licenses as needed.

References:

• What is VC
• Tales of engineers VKS
• My mail: EDmitriev@croc.ru