Cisco Expressway Version X8.9 Data Sheet
Available Languages
Advanced Gateway for Simple and Highly Secure Collaboration
Product Overview
Collaborating with someone should be as simple and secure as a phone call. But often it’s not. Tools that enrich interaction, such as video and content sharing, typically are confined to enterprise locations or to users who are on the same network or using the same kind of application or device. It breaks down when employees leave the office, or when they reach out to suppliers, customers, or partners who aren’t using the same system, network, or device. These barriers force people to use less productive means, such as the phone or email. Meanwhile, they miss out on the stronger relationships, faster decision making, and competitive edge that comes with the best forms of collaboration.
Cisco® Expressway™ is an advanced collaboration gateway that addresses these problems and helps make collaboration universal. Expressway is used to extend services to users inside and outside your firewall. The type of services Expressway extends depends on where the devices are registered, and with Expressway version X8.9 two registration options exist:
● Registration directly to Expressway. This option is new in Expressway X8.9. Registering users and devices directly to Expressway (both SIP and H.323 registrations are supported with Expressway-C, and proxy SIP registration is supported with Expressway-E) enables you to extend video-centric services to users.
● Registration to Cisco Unified Communications Manager via Mobile and Remote Access. This option enables you to extend a full set of collaboration services, including voice, video, desktop share, instant messaging, and presence, to users. It supports Unified Communications Manager when deployed as call control, as part of Cisco Business Edition 9.1.2 or later, or as part of Cisco Hosted Collaboration Solution (HCS) 9.2.1 or later environments.
The main uses for Cisco Expressway include:
● Mobile and remote access (MRA): Extend office connectivity to on-the-go and home office employees. Cisco Expressway makes collaboration as easy to use outside the enterprise as it is inside, by simplifying the end-user experience. Using highly secure mobile access based on Transport Layer Security (TLS), Cisco Jabber® mobile users can access all their collaboration workloads (video, voice, content, instant messaging, and presence) without the extra step of establishing a VPN. Expressway also supports single-sign-on (SSO) capabilities for Cisco Jabber users, integrating directly with the enterprise authentication and authorization methods in place. Both of these capabilities help provide mobile experiences simply from anywhere, on a range of devices with Cisco Jabber clients, and they complement common IT department bring-your-own-device (BYOD) security policies.
In addition, Expressway makes it easier for teleworkers to use their Cisco endpoints (Cisco TelePresence® EX, MX, and SX Series; Cisco TelePresence Integrator C Series; and Cisco DX Series). Workers benefit from simplified provisioning, configuration, and registration of these devices, as well as the ability to connect from their home office without having to establish a VPN connection.
● Telepresence registrations: Designed for customers who wish to deploy Expressway as a native video call control solution, without the need for Unified Communications Manager.
● Business-to-consumer (B2C) collaboration: Cisco Expressway, with Cisco Jabber Guest, allows you to extend rich and engaging interactions to prospects, suppliers, and customers over the Internet. Using a simple point-and-click method, you can more securely and easily extend rich media communications—instant messaging, voice, and video—to guests coming in from your website or mobile application, whether they are consumers, other businesses, or even temporary employees.
● Business-to-business (B2B) collaboration: Share collaboration services with business partners. Cisco Expressway simplifies B2B collaboration, including instant messaging and presence (IM&P) federation. Using URI dialing, organizations can more securely collaborate with partners and suppliers, just as if they shared an office. No prearrangements are needed.
● Cisco Collaboration Meeting Rooms Hybrid: Connect your on-premises Cisco TelePresence Server infrastructure to Cisco WebEx® cloud services via Expressway to deliver a seamless conferencing experience for both telepresence endpoints and Cisco WebEx participants, all in the same meeting.
● Cisco Spark™ Hybrid Services. Expressway enables you to:
◦ Connect your on-premises Cisco Unified Communications Manager with Cisco Spark in the Cisco Collaboration Cloud to deliver integrated calling experiences.
◦ Connect your on-premises Microsoft Exchange to Cisco Spark users in the Cisco Collaboration Cloud, making it easier for them to schedule and join meetings, especially when they are mobile.
● Interoperability and interworking: Connect with third-party video endpoints and different protocols. Expressway can connect any standards-based endpoints, including Scalable Video Coding (SVC), Advanced Video Coding (AVC), H.323, Session Initiation Protocol (SIP), and Binary Floor Control Protocol (BFCP). With Expressway you can continue to use legacy video endpoints, whether from Cisco or third-party providers. This gives you tremendous flexibility to use your existing endpoints now, and upgrade to new endpoints when you’re ready. Cisco Expressway also supports Microsoft Lync and Skype for Business clients, even using the proprietary Remote Desktop Protocol (RDP).
Figure 1 illustrates the key Expressway use cases.
Cisco Expressway consists of two components, Expressway-C and Expressway-E, that work together to form a highly secure traversal link to enable collaboration services, including video, voice, content, instant messaging, and presence, for users both inside and outside the firewall. It does this by complementing your existing security tools and policies – with minimal firewall configuration, Expressway traffic flows through your secure firewall (unlike many session border controllers [SBCs] that require firewall bypass).
● Expressway-C is located within your network and is used to provide the native endpoint registrations for both SIP and H.323 devices in addition to the interworking of Cisco TelePresence endpoints with standards-compliant H.323, H.264 SVC, and SIP third-party video systems, as well as Microsoft Lync and Skype for Business clients.
● Expressway-E is located at the perimeter of the network and enables the traversal services that allow VPN-less connectivity with remote and home office users, business partners, and customers, as well as SIP endpoint registration.
Figure 2 illustrates a deployment with Cisco Expressway-C and Expressway-E for highly secure traversal.
Cisco Expressway supports flexible deployment options. It can be deployed on the Cisco Expressway CE1100 Appliance or as a virtualized application for VMware.
Benefits of Cisco Expressway
● Increased competitiveness: Expressway helps enterprises speed decision making and business processes with real-time video, voice, content, instant messaging, and presence collaboration beyond the firewall.
● Enhanced workforce mobility: Expressway embraces mobility and device proliferation trends. It provides simple and highly secure access for a range of Cisco Jabber unified communications clients, with single-sign-on capabilities and without the need for a separate VPN client. Therefore, it complements common BYOD strategies.
● Improved productivity and agility: Expressway empowers people to collaborate with colleagues, customers, and partners in a more timely and effective manner while helping reduce travel costs.
● Interoperability: Expressway breaks down barriers by supporting open standards and providing interworking between disparate systems and protocols. This helps enhance the value of your existing investments and increases the number of participants with whom you can connect. Supported standards include IPv4 to IPv6, H.323 to SIP, and Microsoft environments, including Microsoft RDP, to enable content sharing with Lync and Skype for Business users.
● Flexibility: Expressway supports businesses of all sizes as part of the Cisco Business Edition solutions or enterprise Cisco Unified Communications Manager deployments. Its services can also be enabled through a cloud using Cisco Hosted Collaboration Solution.
● Simplified licensing: Mobile and remote access using Expressway is included as part of Cisco Unified Workspace Licensing (UWL) Standard and Pro and Cisco User Connect Licensing (UCL) Enhanced and Enhanced Plus agreements. For Hosted Collaboration Solution deployments, it is included in the Hosted Collaboration Solution Foundation and Standard license bundles.
General Product Specifications
Table 1 lists the general product specifications of Cisco Expressway.
Table 1. General Specifications
| Feature |
Specification |
| User Interface |
|
| Web browsers supported |
● The web interface supports Internet Explorer 8, 9, 10, and 11; Firefox 3 or later; and Chrome
|
| Management interfaces |
● Support for industry standards such as HTTP and Secure HTTP (HTTPS), XML, Simple Network Management Protocol (SNMP) v1, v2, and v3, Secure Copy Protocol (SCP), and Secure Shell (SSH) Protocol
● Embedded setup wizard for simplified initial configuration
● Support for call logging and diagnostics
● Support for Maintenance Mode, allowing the MRA Expressway service to remain operational while individual nodes are upgraded (in a clustered environment).
● Local time zone aware
|
| Language |
● English, Chinese (Simplified), French, German, Japanese, Korean, Russian, and Spanish
|
| Endpoint Support and Session Management |
|
| Supported endpoints |
● Expressway is compatible with any standards-compliant SIP or H.323 video conferencing or telepresence device, and supports local registration of H.323 endpoints with Expressway-C
● Cisco TelePresence EX, MX, and SX Series; Cisco TelePresence Integrator C Series; Cisco DX Series; Cisco Jabber; and Cisco IP Phone 7800 and 8800 Series registered to Cisco Unified Communications Manager through Expressway Mobile and Remote Access
● Microsoft environments (see documentation for details:
http://www.cisco.com/c/en/us/support/unified-communications/telepresence-video-communication-server-vcs/tsd-products-support-series-home.html)
|
| Session control |
● Support for H.225/Q.931 and H.245 call-control-routed mode and non-call-routed mode
● Support for H.323 SIP Interworking Encryption
● Support for H.323 SIP Content Interworking (H.239-BFCP)
● Support for URI dialing
● Support for direct call signaling among neighbored Cisco Expressways and Video Communication Servers, border controllers, and gatekeepers
● Support for call policy management (RFC 3880)
● Support for call-routed mode
● Support for call loop detection
|
| Zone control and bandwidth management |
● Support for remote zone monitoring
● Support for remote zone redundancy
● Support for up to 1000 neighbor zones (including Cisco Expressways and Video Communication Servers, border controllers, gatekeepers, and SIP proxies)
● Support for subzone area definition for bandwidth management
● Support for flexible zone configuration with named zones and default zone
● Support for forwarding of requests to neighbor zones
● Support for interzone bandwidth management: Definable call by call
◦ Maximum bandwidth per call
◦ Maximum aggregate bandwidth for all neighboring zones
● Support for intrazone bandwidth management: Definable call by call
◦ Maximum bandwidth per call
◦ Maximum aggregate bandwidth
● Support for auto-downspeeding if call exceeds a per-call maximum
● Support for gateway load balancing
● Support for automatic network failover
● Support for capacity warnings for users and administrators
|
| Network |
● Support for Domain Name System (DNS) addressing
● Support for IPv4 and IPv6 simultaneously
● Support for IPv4 and IPv6 translation services
● Support for differentiated services code point (DSCP) classification for quality of service
|
| Firewall Traversal |
|
| Traversal services |
● Expressway technology
● Serial tunnel (STUN) discovery and STUN relay services
● Firewall traversal STUN-compliant
● H.460.18/19-compliant
● H.460.18 client-proxy support
● H.460.19 multiplexed media support
● SIP support
|
| Remote collaboration services supported |
● Extensible Messaging and Presence Protocol (XMPP) for instant messaging
● HTTPS for login, provisioning and configuration, contact search, and visual voicemail services
● SIP for session establishment, registration, and invitation using Cisco Unified Communications Manager, Business Edition, and Cisco Hosted Collaboration Solution
● Real-Time Transfer Protocol (RTP) and Secure RTP (SRTP) for audio and video
● Binary Floor Control Protocol (BFCP) for content sharing
● Single sign-on for Cisco Jabber 10.6 and later
|
| Network |
● Support for DNS addressing
● Support for IPv4 and IPv6 simultaneously
● Support for IPv4 and IPv6 translation services
|
| Scalability and Capacity |
|
| Single Expressway virtual machine capacity |
● The capacity of one Expressway unit (small and medium-sized virtual machine) is as follows:
◦ Up to a total of 2500 local or proxied SIP registrations on Expressway-C and Mobile and Remote Access (MRA) registrations to Cisco Unified Communications Manager
◦ Up to 100 video calls or 200 audio calls
|
| Single Expressway virtual machine capacity |
● The capacity of one Expressway unit (large virtual machine) is as follows:
◦ Up to a total of 2500 local or proxied SIP registrations on Expressway-C and MRA registrations to Cisco Unified Communications Manager
◦ Up to 500 video calls or 1000 audio calls
*
*Assumes a 10-Gbps interface |
| Expressway CE1100 appliance |
● The capacity of one Expressway CE1100 appliance is as follows:
◦ 1- or 10-Gbps network interface
◦ Up to a total of 2500 local or proxied SIP registrations on Expressway-C and MRA registrations to Cisco Unified Communications Manager
◦ Up to 500 video calls or 1000 audio calls
*
* Assumes a 10-Gbps interface |
| Clustered Expressway capacity |
● Up to 6 Expressway appliances and virtual machines can be deployed as a cluster to increase capacity and provide redundancy
● Clustering increases the maximum call capacity by up to 4 times
|
| Microsoft Lync, Skype for Business interworking capacity |
● The maximum number of calls interworked to Microsoft Lync/Skype for Business is 100. A separate Expressway-C server is required for this function. For greater scale and user experience, consider deploying Cisco Meeting Server.
|
| System Security and Resilience |
|
| Security features |
● Secure management with HTTPS, SSH, and SCP
● Secure file transfer
● Inactivity timeout
● Capability to lock down IP services
● Authentication required on HTTP, HTTPS, SSH, and SCP
● H.235 authentication support
● Transport Layer Security (TLS) for SIP signaling
● Roles-based password-protected GUI user access
● Capability to enforce strict passwords
● Capability to disable root access over SSH
● Automated intrusion protection
|
| Resilience and reliability |
● Capability to deploy Expressway in a redundant (6) cluster
● Capability to share licenses across a cluster
● Capability to replicate configuration for clusters
|
| Supported RFCs |
|
| RFC |
2543, 3261, 3264, 1889, 3265, 3325, 3515, 3891, 3892, 2327, 4566, 5626, 5627, 5389, and 5766
|
Product Specifications for Virtualized Environments
Expressway can be deployed virtually or as an appliance. Table 2 lists the Expressway virtualized application specifications.
Table 2. Specifications for Virtualized Deployment of Cisco Expressway
| Product Feature |
Product Specification |
||
| Virtualized Application Specifications |
|||
| Servers for virtual environment |
● Cisco UCS
® B-Series Blade Servers or C-Series Rack Servers or third-party servers that meet the minimum requirements
● VMware vSphere or vCenter server running VMware ESXi, which includes Cisco UCS E-Series Servers on Cisco Integrated Services Routers (ISR)
For full details of host requirements, refer to the Expressway virtual machine deployment guide |
||
| Virtual Machine Host Requirements |
Small Deployment |
Medium-Size Deployment |
Large Deployment |
| vCPU |
2 core |
2 core |
8 core |
| Reserved CPU resource |
3600 MHz (2 x 1.8 GHz) |
4800 MHz (2 x 2.4 GHz) |
25600 MHz (8 x 3.20 GHz) |
| Reserved RAM |
4 GB |
6 GB |
8 GB |
| Disk space |
132 GB |
132 GB |
132 GB |
| Network interface card |
1 Gbps |
1 Gbps |
10 Gbps |
Product Specifications When Deployed as an Appliance
Expressway can also be deployed as an appliance on the Expressway CE1100 appliance. Table 3 shows the specifications for these appliances, and Table 4 lists the standards compliance information.
Table 3. Specifications for Appliance Deployment of Cisco Expressway
| Cisco Expressway CE1100 Appliance Features |
Specifications |
| 10-Gbps unified network fabric |
● Low-latency, lossless, 10-Gbps Ethernet, industry-standard Fibre Channel over Ethernet (FCoE), and native Fibre Channel fabric
● Wire-once deployment model in which changing I/O configurations no longer means installing adapters and recabling racks and switches
● Fewer interface cards, cables, and upstream network ports to purchase, power, configure, and maintain
|
| Redundant fans and power supplies |
● Dual-redundant fans and hot-swappable, redundant power supplies for enterprise-class reliability and uptime
● Power efficiency through Cisco Common Form-Factor Platinum power supplies (450W and 650W)
|
| Integrated dual-port Gigabit Ethernet |
● Outstanding network I/O performance and increased network efficiency and flexibility
● Increased network availability when configured in failover configurations
|
| Trusted Platform Module (TPM) |
● TPM is a chip (microcontroller) that can more securely store artifacts used to authenticate the platform (server). These artifacts can include passwords, certificates, or encryption keys
● TPM can also be used to store platform measurements that help ensure that the platform remains trustworthy, helping to ensure authentication and authorization
|
| Tool-free access |
● Tool-free access to all serviceable items, and color-coded indicators to guide users to hot-pluggable and serviceable items
|
| Item |
Platform Specifications |
| Processors |
Two 3.50-GHz Intel® Xeon® processors (E5-2637 v3/135W 4C/15MB Cache/DDR4 2133MHz) |
| Memory |
32 GB (2 x 16 GB DDR4-2133-MHz RDIMM/PC4-17000/dual rank/x4/1.2v) |
| Network interfaces |
Intel X520 dual-port 10-Gb Small Form-Factor Pluggable Plus (SFP+) adapter |
| RAID card |
Cisco 12-Gbps SAS Modular RAID Controller and Cisco 12-Gbps SAS 1-GB FBWC cache module (RAID 1) |
| Hard drives |
Two 1-TB SAS 7.2K rpm 3.5-inch HDD with hot plug; drive sled mounted |
| Internal Recovery Partition (IRP) |
● 32-GB SD card
|
| Cisco Integrated Management Controller |
● Web user interface for server management; remote keyboard, video, and mouse (KVM); virtual media; and administration
● Virtual media support for remote CD and DVD drives as if local
● Intelligent Platform Management Interface (IPMI) 2.0 support for out-of-band management through third-party enterprise management systems
● Command-line interface (CLI) for server management
● Provides Cisco UCS visibility and control to management ecosystem partners using a comprehensive XML API
|
| Front-panel connector |
One KVM console connector (supplies 2 USB, 1 VGA, and 1 serial connector) |
| Front-panel locator LED |
Indicator to help direct administrators to specific servers in large data center environments |
| Additional rear connectors |
Additional interfaces, including a VGA video port, 2 USB 3.0 ports, an RJ-45 serial port, 1 Gigabit Ethernet management port, and dual 1 Gigabit Ethernet ports |
| Physical dimensions |
1 rack unit (1RU): 1.7 x 16.9 x 28.5 in. (4.32 x 43 x 72.4 cm) |
| Temperature: Operating |
32° to 104°F (0° to 40°C) (operating, sea level, no fan fail, no CPU throttling, turbo mode) |
| Temperature: Nonoperating |
-40° to 158°F (-40° to 70°C) |
| Humidity: Operating |
10% to 90% noncondensing |
| Humidity Nonoperating |
5% to 93% noncondensing |
| Altitude: Operating |
0 to 10,000 ft (0 to 3000 m); maximum ambient temperature decreases by 1.8°F (1°C) per 300 m |
| Altitude: Nonoperating |
0 to 40,000 ft (12,000 m) |
Table 4. Regulatory Standards Compliance: Safety and EMC for the Expressway CE1100 Appliance
| Specification |
Description |
| Safety |
● UL 60950-1 No. 21CFR1040 Second Edition
● CAN/CSA-C22.2 No. 60950-1 Second Edition
● IEC 60950-1 Second Edition
● EN 60950-1 Second Edition
● IEC 60950-1 Second Edition
● AS/NZS 60950-1
● GB4943 2001
|
| EMC: Emissions |
● 47CFR Part 15 (CFR 47) Class A
● AS/NZS CISPR22 Class A
● CISPR2 2 Class A
● EN55022 Class A
● ICES003 Class A
● VCCI Class A
● EN61000-3-2
● EN61000-3-3
● KN22 Class A
● CNS13438 Class A
|
| EMC: Immunity |
● EN55024
● CISPR24
● EN300386
● KN24
|
Licensing Information
Expressway virtual application software is available at no additional charge to customers who have a license and valid support contract for Cisco Unified Communications Manager 9.1.2 or later or for Cisco Hosted Collaboration Solution 9.2.1 or later. Standard and Professional Edition Cisco UWL or Enhanced and Enhanced Plus Cisco UCL agreements support mobile and remote access for Cisco Jabber unified communications clients and for Cisco TelePresence System EX Series, Cisco TelePresence MX and SX Series, Cisco TelePresence Integrator C, and Cisco DX Series endpoints. Cisco Hosted Collaboration Solution Foundation and Standard license bundles offer similar support for Cisco Hosted Collaboration Solution deployments.
Each concurrent call session terminating on a system not using Cisco Unified Communications Manager or Cisco Hosted Collaboration Solution (for example, business-to-business calls and Cisco Jabber Guests) requires a Cisco Expressway Rich Media Session license. In addition, each concurrent call requiring interworking requires a Cisco Expressway Rich Media Session license. Examples of such calls include H.323 to SIP interworked calls and H.264 SVC to H.264 AVC calls.
Ordering Information
The virtualized version of the core components of Expressway—Expressway-C and Expressway-E—is available at no additional cost as part of the Cisco UCL and UWL licensing schemes. The appliance version of Expressway is available for purchase on the Cisco Global Price List (GPL). In addition to obtaining the core components of Expressway, customers may need to purchase add-on licenses to support external user calling scenarios and/or interoperability functions.
Table 5 provides ordering information. Detailed information, along with examples, can be found in the Expressway Ordering Guide and on the Cisco Ordering homepage,
Table 5. Ordering Information for Expressway
| Product Name |
Part Number |
| Cisco Expressway Series |
|
| Cisco Expressway-C Virtual Edition |
EXPWY-VE-C-K9 |
| Cisco Expressway-E Virtual Edition |
EXPWY-VE-E-K9 |
| Cisco Expressway-C CE1100 Appliance |
EXPWY-C-BDL-K9 |
| Cisco Expressway-E CE1100 Appliance |
EXPWY-E-BDL-K9 |
| Ordering Options for Cisco Expressway Series |
|
| Cisco Expressway Rich Media Session license Required for concurrent calls to and from any endpoint or application not registered to Cisco Unified Communications Manager. For example, business-to-business calls, Cisco Collaboration Meeting Rooms, Cisco Jabber Guest, and interworked calls (H.323 to SIP, H.264 AVC to H.264 SVC) |
LIC-EXP-RMS |
| Enhanced Microsoft Collaboration key for Expressway Required to enable Microsoft Lync Gateway functionality |
LIC-EXP-MSFT |
| Advanced Account Security key for Expressway Required to enable FIPS140-2 cryptographic mode (in highly secure environments), enabling Advanced Account Security mode |
LIC-EXP-JITC= |
Service and Support
Cisco offers a wide range of services programs to accelerate customer success. These innovative services programs are delivered through a unique combination of people, processes, tools, and partners, resulting in high levels of customer satisfaction. Cisco Services can help you protect your network investment, optimize network operations, and prepare your network for new applications to extend network intelligence and the power of your business. For more information about Cisco Services, visit Cisco Technical Support Services online.
Cisco Capital
Financing to Help You Achieve Your Objectives
Cisco Capital® can help you acquire the technology you need to achieve your objectives and stay competitive. We can help you reduce CapEx. Accelerate your growth. Optimize your investment and ROI. Cisco Capital financing gives you flexibility in acquiring hardware, software, services, and complementary third-party equipment. And there’s just one predictable payment. Cisco Capital is available in more than 100 countries. Learn more.
For More Information
For more information about the Expressway Series, visit http://www.cisco.com/go/expressway or contact your local Cisco account representative or authorized Cisco partner. Product specifications are estimates and subject to change without notice.
Feedback