I’ve always meant this blog to serve as a resource for Skype for Business use. Both for users and for administrators…leaning a bit more toward administrators. Not today though. Today I’m leaning over to the user side, to answer common questions about privacy in Skype for Business.
Where did I find these questions? You asked them. Yes, you, right there.
Like I do (at least) monthly, I went through Google Search Console to examine this blog’s data. In the Queries data, I found a large group of fully-formed questions. People asking simple, direct questions about Skype for Business.
Questions everyone from basic users to admins might have. Questions that I can answer in just a few lines. Thus they don’t need their own posts…but they do need answering.
Solution: Group them together! Write up a resource post where you can find several answers in one spot. Which brings us here. This is the first group of questions I found. They all have one thing in common: Privacy.
Group Post 1: Privacy Questions & Answers
These are the 5 most-asked privacy questions on Skype for Business. My answers come from our own experiences deploying & supporting hybrid and on-prem Skype for Business Servers.
“Are Skype for Business calls recorded?”
Only if you record them. The Monitoring Server does collect data on call connections & quality, but not their contents.
“Are Skype for Business conversations private?”
Yes. Skype for Business encrypts the pipe between users’ conversations, as well as from each client to the Skype for Business Server.
However, you can potentially have eavesdroppers (though it’s very unlikely). It depends on your deployment type.
On-Prem: Your Server Administrator can view conversations.
Hybrid/Cloud: Microsoft CAN technically view conversations, though they’ve stated that they don’t.
One important caveat: Conversations between Skype for Business users and Skype-C users have one extra privacy risk. Even if you control privacy on the Skype for Business side, you don’t control the Skype-C side’s privacy. I documented this back in 2016: The Privacy Risks in Skype for Business-to-Skype Conversations.
“Are Skype for Business conversations recorded?”
Since this one mentioned ‘conversations’ and not ‘calls’ I’ll split up the answer.
VOICE: Only if you leave a voicemail. Otherwise, see above question on recording calls.
TEXT/INSTANT MESSAGING: These conversations are saved in your Conversation History, as well as the Conversation History of all parties involved.
“Recorded” in the sense of the NSA collecting data on you? They apparently like to do that to everyone. Good news is, with proper security for an on-prem deployment, the chances of your conversations showing up in an NSA vault go down to pretty much zero.
“Does Skype for Business track you?”
If you are logged into the Skype4B client on your devices, yes…to a certain degree. Skype4B does track your activity within its infrastructure.
The client tracks your Presence status from the last active client.
The client tracks your location, also by last active client.
There is also the Monitoring Server. This tracks users’ activity, call details, and system health.
A Monitoring Server is not required; admins can choose not to install it. But most would go ahead & do so, as it provides extremely useful data on communications stability & troubleshooting. We recommend Monitoring for all deployments.
If you’re worried about an Orwellian-esque sensor constantly following your movements…you’re thinking of Apple. Skype for Business doesn’t do that. Like any good communications software, it responds when someone triggers a conversation.
“How does Skype for Business know when you are away?”
Device activity! Skype4B clients monitor the last activity performed on the last device you used while logged in.
They look for mouse movements or keyboard presses on desktops, and taps/swipes on phones. After a certain interval (set by your Server Administrator) without any such activity, Skype for Business assumes you are ‘away from desk’ and changes your status to Away.
Server Administrators can set this ‘Away Interval’ anywhere from 5 minutes to 360 minutes, site-wide. We generally keep it to 5 minutes or 10 minutes for customer deployments.
“Does Teams record your calls/conversations?”
This question came up as well. Since people have just as much right to question Teams’ privacy controls as they do Skype for Business, I included it.
Teams does log your chat conversations. Since Teams is primarily text-based, and since most conversations take place in channels, it makes sense to keep records of those chats. You as the participant may access the logs. Teams Administrators within your O365 tenant can as well. Microsoft doesn’t scan or collect them either.
All in all, Skype for Business maintains a solid reputation for protecting your privacy. We’ve deployed it for thousands of users now, and received zero tickets on data leaks or breaches. I asked two of our customers if they thought their Skype for Business deployments risked their privacy. Both said no, not at all.
I take that as a vote of confidence. Hopefully you can too.
Thanks for reading! The next “Group Post” will discuss how to change several common Skype for Business elements. Join us back here next time for those.
3 Ways to Keep Voicemail & Auto Attendant when Upgrading to Skype for Business 2019
Those of us who use voicemail in Skype for Business face a quandary.
We did get a new Skype for Business Server, as well as a new Exchange Server. But we’re missing one component: the Unified Messaging service in Exchange Server 2013/2016. Exchange Server 2019 will NOT have Unified Messaging.
The sysadmins reading this already know what that means. They can feel it as a sudden clench in the chest. Skype for Business’ voicemail needs Unified Messaging. Without it you’ll end up upgrading a part of the office’s phone system away!
Two, actually…the Auto Attendant’s gone too. No more, “Press 1 for Customer Service. Press 2 for Sales…”
What do we do? If your offices use Skype for Business on-prem and employ Unified Messaging for voicemail and/or Auto Attendant, it’s time for some alternative thinking.
Fortunately, we’re all IT pros. We’re good at creative solutions. That’s what we’ll have to do here, to preserve Unified Messaging.
Right now we have 3 ‘preservation’ options, each with different levels of expense & usable time. Time to run some comparisons!
Voicemail/AA Preservation 1: Keep Your Exchange 2013/2016 Server On-Prem
This is a way to preserve UM within the Microsoft infrastructure. It involves juggling between different versions of Skype4B and Exchange. Essentially, you upgrade your Skype for Business Server to 2019…but not your Exchange Server. It stays at its current version. Accounts and configuration intact.
You’ll need to undertake several processes. Changing the UM dial plan, voice policies, etc. It all depends on your existing Exchange Server’s configuration. Here are resources to help you:
Important! If you take this route, make sure to configure the new Skype for Business Server as a partner application to your Exchange Server, and vice versa. Even if Exchange had partner app configuration before, I’d advise re-running it.
VERDICT: The most direct solution. With a critical flaw – it has a lifespan. Exchange 2016 will run out of mainstream support in October 2020. Extended Support runs until October 2025, which lets you stretch things more. You’re still faced with the potential of higher support costs the longer you go.
This is the option I prefer, frankly. Even with the lifespan boundary. You retain the most control, and it requires almost no new hardware.
If you don’t run Exchange 2016 already, or the lifespan boundary doesn’t work, then we have Option 2.
Voicemail/AA Preservation 2: Switch to Cloud Voicemail/Cloud Auto Attendant (Hybrid Deployment)
Cloud Voicemail is Microsoft’s response to yanking Unified Messaging out of Exchange. It’s (predictably) a part of Office 365, and requires a tenant to operate. Same with Auto Attendant—now it’s a cloud service too.
Setting up Cloud Voicemail isn’t that complicated. You must have hybrid connectivity enabled first, of course. I’d even recommend doing this a week in advance, so you can test & verify successful connectivity.
To configure Cloud Voicemail, you’ll need:
Your Office 365 tenant account login/password
The domain assigned to your tenant
Administrative access to your Skype for Business Front End and Edge Servers
Cloud Voicemail is not a 100% drop-in replacement for Unified Messaging though. According to ExPTA.com, Cloud Voicemail doesn’t include Play on Phone, call answering rules, text notification, or Outlook Voice Access. Doesn’t mean those won’t show up down the line, but for now, Cloud Voicemail’s sticking to the basics.
VERDICT: If you want to move to Exchange Server 2019, you’ll have to switch either to Cloud Voicemail or Option 3. Exchange 2019 doesn’t have the Unified Messaging service. This might help to gradually introduce Office 365 tools to the company. You also get Teams this way, which could provide a transition path for all staff…if you’re going that way.
Voicemail/AA Preservation 3: Integrate a Third-Party Voicemail/Auto Attendant Service with Skype for Business
This option essentially abandons using Exchange Online, Cloud Voicemail, and Office 365. Instead, you add in a third-party service to provide your users voicemail and/or an Auto Attendant feature.
We have a curious reversal on this track. It’s relatively easy to add in Auto Attendant…several third-party providers exist to do just that.
As far as I know, we haven’t worked with either of these solutions directly in a Skype for Business topology. If you have, please share your thoughts in the comments.
VERDICT: If you do want to upgrade to Exchange Server 2019, but don’t want anything to do with Office 365, this is your only option to preserve voicemail and/or Auto Attendant.
Preserving Unified Messaging: Unfortunate, but Necessary.
I can understand why Microsoft chose to remove Unified Messaging. It falls within their “cloud first” mission, consolidating things like voicemail & Auto Attendant into the Azure/O365 ecosystem. (Must have taken a LOT of coding…)
That said, those of us who appreciate on-prem control now have another instance of “technical gymnastics.” Trying to find a new solution for a resurgent problem.
Unless of course you want to drop Unified Messaging? I can’t think of a scenario when a business would voluntarily drop its voicemail/Auto Attendant…but that doesn’t mean it doesn’t exist. Perhaps you’re considering the idea?
In terms of how these processes shake out…we do have a full Skype for Business Server 2019 installation planned this year. We’ll most likely use Preservation 1, maintaining our current Exchange 2016 server. (Exchange 2019 will have a separate test.) I will document EVERYthing as we go, and produce plenty of blog posts from that.
If you’re planning a Skype4B 2019 upgrade, which Unified Messaging preservation method will you use?
It’s time to add chat to your communications tools. Which chat platform should you adopt? Teams? Slack? Something else?
First off, take a breath. Your search has brought you to the right place. In this post we’ll go over the available chat platforms, discuss the pros & cons of each, and identify the criteria for you selecting your best option.
Chances are you’re looking at chat platforms for one of these reasons:
Users are clamoring for a chat option
Need to get users off Skype (Consumer)
Time to replace less-advanced communications platforms
Worried about a data breach through user behavior (this one’s not limited to chat, of course)
Unless there’s another reason – if so, please share it in the comments!
Let’s address all of these reasons in one handy guide. I’ve put anchor links below for quick reference, but I recommend you read the entire guide. Only takes about 8 minutes.
First, before anything else, you’ll want to identify what you need from the chat platform. What it must do for you from an IT standpoint, and what it must do for the business’ communications.
Consider factors like these when identifying. These have all come from our own customers’ initial discussions about chat and/or voice offerings. Some contradict others, so make sure to decide which is most important.
Easy transition from another communications system
Easy adoption of a brand-new platform
Omni-device (apps for every major OS)
Focused on Windows devices
Security is paramount for all devices & data
Security should not get in the way of ease of use
Works within an existing cloud subscription we have (e.g. Office 365)
Stands alone, needs no additional subscriptions or hardware
Works in the cloud
Has a monthly fee, flat or per-user
Pay up front, no monthly fees
Has voice and video options built-in
Video is equally important to chat
Voice is equally important to chat
I’ll refer back to this list several times, so keep it in mind. Next up, we must narrow our focus. This is for business use; therefore, we need to look at only business chat offerings.
Focusing on Business Chat Offerings
This guide will focus on chat platforms where chat is the centerpiece product.
That’s why I won’t look at platforms like Fuze and Zoom here. I’m also leaving off consumer-targeted chat platforms, like Discord and Telegram.
No knock against any of these, of course. I like Telegram, but I don’t use it for business. For purposes of this guide, I’m focusing on chat platforms targeted for business use.
In order to qualify, they must meet these criteria:
Meant for business users
Good support options available
Work within existing office environments
That leaves us with a handful of platforms. Each very similar to one another. All crazy usable. All with at least decent security, mobile apps, and lots of integrations. So how do you choose?
Let’s start by identifying the elements you should consider.
ChatOps Adoption – Elements to Consider
Will your users accept a chat platform? Will your current IT infrastructure play nice with one? What about security? These are all important elements to consider…long before you trial anything.
Will your users adopt?
A chat platform’s useless if nobody wants to use it. You may have fielded requests for chat already…if so, you’re good! If not, you’ll want to check their thoughts.
The solution? Survey your users. A simple email, or SurveyMonkey form. I’ve written out a few questions you can use in it.
If the company adopted a new chat platform, would you use it to communicate with co-workers?
How do you think chat would help you in your daily routine?
Do our customers use a chat platform in their work? If so, which?
If users vote the idea down, well, less work for you! But if you get a positive response, and these days I expect you will, then you can move to the next element. Compatibility.
Which chat platforms work with your current infrastructure?
Most office networks will work with a cloud-based platform like Slack or Teams as-is. Check your max bandwidth though—you might overtax a smaller pipe.
An on-prem chat offfering will obviously require hardware & network changes. That’s a trade-off you’ll have to make, depending on budget & company policy.
Which features are necessary?
While most chat platforms have the same feature sets, they’re not all equal. For instance, Teams still doesn’t support private channels. If that’s something your users want, then Teams is (for now) off the list.
Identify the features your users would like the most, either through the survey or through conversations. These features come up frequently among our customers:
Talking with customers on an existing platform
Use chat app on phones (or blocking chat apps on phones)
Web-based only, app-based only, or both?
Voice call function built into chat
Integration with specific third-party services already in use
Pay Attention to Security
If I’d written this guide in 2016, this would be the biggest section. Think about it%—every chat user types out company IP in text format, every day, in a cloud-based medium that’s saved someplace you don’t control.
Fortunately for all of us, security around ChatOps has improved immensely since then. Every platform we’ll examine here has documented their security protections. Here are a few reference URLs to help your case-building:
That said, ChatOps adoption still requires some security updates on your network’s end. Pay attention to these adoption aspects as potential security risks:
MOBILE APPS—Handy, but they can leave chat conversations susceptible to data theft. Chats are not audio clips; they’re whole conversations in text form. Someone steals your phone, they could have a ton of your IP in their hands. As such, use 2FA on mobile apps, or limit who can use the mobile app at all.
GUEST ACCESS—Important to keep guest access regulated. Teams’ Office 365 account requirement helps with this, but also throws up a roadblock for ease of use. Slack is a little better with guest access, limiting adds with admin controls.
THIRD-PARTY INTEGRATIONS—If your users connect a third-party service with poor security, it can create a data leak. Make it clear that IT needs to know about integrations, and vet them first.
PRIVACY—Who owns the data? Most platforms will unequivocally say, “You do.” Still helps to check their TOS. Especially if you have GDPR to consider.
If you choose a cloud-based chat platform, make sure to incorporate its logs into your backups. You may not think you’d need to back up chat conversations when they’re already in the cloud. However, if you’re using chat for work, remember…those conversations contain important information!
With a backup running, you’ve made sure you know where chat logs are stored (and you can retrieve them). I did a post on this for the SpinSucks Blog recently.
Open the link and then come back. We have a lot more to cover!
Now that we have a clearer sense of what to watch for, let’s break out the best business chat platforms, one by one, and weigh them.
The Major Chat Platform Options
There are four ‘major’ chat platforms in use today. The most popular, the one you hear about all the time, is Slack.
With good reason. Slack is a titan of chat—near-infinitely flexible, stable as you can get, friendly with just about every device out there, and designed to support business users. Some businesses run their whole operation through Slack. The company supporting it is stable and plans to go public soon.
Choose Slack if:
Ease of use is paramount
Your company do not already have an Office 365 tenant subscription
Teams’ recent growth indicates that people who are new to business chat go for it the most. Not surprising either; it has a short learning curve, Microsoft’s weight behind it, and free options. It isn’t perfect; Teams loses to Slack on a few points (Linux clients, adaptability). However, its incorporation of Skype for Business voice & video tools enhance its appeal.
Choose Teams if:
Your company has an Office 365 tenant subscription, with accounts for the majority of users
You primarily use Windows devices
You want an easy transition from an existing communications system
The only on-prem offering in the majors. For security-conscious mid-markets and enterprises, this is THE chat platform of choice. It requires more up-front investment, but a search of this blog alone will tell you how much communications power Skype for Business provides.
(You might wonder why this is on here, when I made chat the centerpiece. Many would consider Skype for Business Server a voice product, with chat & conferencing added. Be that as it may, we use the IM tool more than any other in our office. So do most of our customers. Besides, this IS the Skype for Business Insider Blog. So it’s included.)
Choose Skype for Business Server if:
Data/IP security concerns are high
You must meet regulatory compliance such as GDPR or SOX 404
You have 150+ users
You previously used HipChat Data Center and need to switch
Rounding out the major platforms is Google Hangouts Chat. I find this offering a little TOO simplistic, and Google’s privacy shenanigans may dent Hangouts’ appeal. But it’s still popular, cheap, and sports a similar integration level to other G-Suite offerings as Teams.
Choose Hangouts if:
You already use G-Suite for your company’s email
You do not have an Office 365 tenant subscription
You have users who like using Skype Consumer in the office (Hangouts is similar, making a transition easier to accept)
The Challengers/Alternative Chat Platforms
Maybe the major platforms don’t appeal to you for whatever reason. You’re not a Microsoft/Google fan, or you want to test out several options before making a decision. I love testing myself, so if you’re in the latter camp, welcome! Here are a few ‘challenger’ chat platforms to whet your appetite.
These are chat platforms not as popular as the above options, but still chat-focused and business-oriented. I haven’t done official reviews of these yet; as such, please take the following information as general advice.
First up is Twist. Made by a team already known for a popular to-do app, Twist takes a one-topic-per-thread approach to chat. It focuses on simplicity, sticking to chat as its core and leaving the rest to third-party integrations. Not many of those yet, but they already put in a Zapier integration…clever.
Choose Twist if:
You haven’t used chat in the office yet & want to try it out
You’ve already tried one of the major platforms, and users complain of confusion or overwhelm
You need to keep price low (their Unlimited tier only costs $5/month per user)
Our sole on-prem Challenger. This one’s not trying to compete with Skype for Business though…they’re competing with Slack. Right up to compatibility with Slack’s third-party integrations. It’s probably one of the most extensive open-source projects I’ve come across.
This platform has teeth. A hefty feature set, good documentation, and an unapologetic targeting toward the DevOps community. That may make it a little more technical than some businesses want. Even so, it’s worth a look.
Choose Mattermost if:
You’d like an on-prem offering, but can’t/don’t want to pay for Skype for Business Server
You like to tinker with the tech
You support open-source projects
You’re a tech company and want a chat platform that can keep up
You previously used HipChat Data Center and don’t want to move to Skype for Business
Thirdly we have Wire.I’ve seen this one on the fringes of chat discussion, but know very little about it. Wire places a heavy emphasis on security. End-to-end encryption, secure guest rooms, and so on. I think this is an excellent position for a challenger chat platform to take. If they can back the claim up (and I’ll look for that in a review), then I expect this one to grow.
Choose Wire if:
Your company places a high value on security for all communications
You need a backup communications option for emergencies (Wire offers a “Wire Red” service for this)
You’re in the EU and would like a chat platform based there
Finally, we have Glip. I only came across Glip a few days ago! It’s a chat offering from RingCentral, the cloud-based phone service. We work with them for some customers, though none mentioned Glip to me.
From reviews I read, Glip is apparently popular with marketing agencies. I think the ‘unlimited guest users’ feature has something to do with that. The in-client document collaboration too. I’ll look into that myself.
Glip doesn’t appear to have any “stand-out” features. It’s pretty much what you’d expect from Slack or Twist, right up to third-party integrations. Pricing’s similarly cheap too. It’s an alternative, if you want to explore.
Choose Glip if:
You already use RingCentral
You’re comparing several chat offerings at once
“What do these platforms cost?” That’s what Management will want to know first, right?
I did the legwork on pricing too. This wouldn’t be a complete guide without it. I divided the platforms into Cloud-Based and On-Prem. You’re either paying a small monthly fee per user, or paying up front for server hardware & bandwidth.
Monthly Cost (Cloud-Based)
SLACK – Standard tier is $6.67/month per user, Plus tier is $12.50/month per user. Plus does come with better support and more administrative options.
TEAMS – Free, though I recommend getting an Office 365 subscription if you don’t already have one. Three options I’d recommend considering when Teams is your main focus: Business Premium ($12.50/month per user), E1 ($8.00/month per user), and E3 ($20.00/month per user).
GOOGLE HANGOUTS CHAT – Part of G-Suite for business users. Business tier is $10/month per user, though the Enterprise tier ($25/month per user) comes with more security.
TWIST – $5/month per user. For business, don’t even consider the Free version; it comes with a 30-day limit on viewing past messages. With Unlimited, you can always access the full message history.
WIRE – Sliding-scale, starting at €6/month per user. Enterprises go down to €4/month per user. To use their Wire Red emergency collaboration service, you must contact their Sales department.
GLIP – Like Twist, there’s a Free tier and a Standard tier at $5/month per user. In this case, the difference is the total time allocated for shared video; Free accounts get 500 minutes total, while Standard accounts get 1,000 minutes/month per user.
Up-Front Cost (On-Prem)
SKYPE FOR BUSINESS (SERVER) – Cost comes in initial deployment. No monthly recurring fees for the software, but you may pay for a SIP trunk mostly depending on configuration. Check my Pricing for Skype for Business and Teams post for details.
MATTERMOST – Free to download & use (it’s open source). You’ll need a server to host it of course, like Skype for Business Server. The Mattermost team does charge for Enterprise accounts though, starting at $39/year per user.
Try Out Some ChatOps Platforms Before Deciding
Okay, you’ve read all the material in this guide. Your users do want to use chat. You have go-ahead from C-level. Time to start the last part of the search—testing.
Make sure to try out at least two chat platforms. Not just yourself either; invite a handful of tech-savvy users to trial the chat with you. (That way you’re not talking to yourself the whole time. It gets lonely…trust me.)
While many of the same visual elements are the same for all these options, how they work with their own features, and how they interoperate with other tools, can make a big difference in your overall experience. We’ve had customers hate Slack but love Teams (and vice versa). One customer absolutely loved Skype for Business Server’s IM tool. It all depends on the office environment and user tastes.
Using a chat platform in your business can save a ton of time, and make everyone more productive to boot. I hope this guide helps you select the right one!
What chat platform did you end up going with? Please share!
Three major powers clash over and over. Challengers appear on the horizon. The productivity of millions hangs in the balance. Welcome back to the ChatOps War.
The Current State of ChatOps
Messaging apps. Online chat. Collaboration tools. Call them what you will. ChatOps (as I’ll refer to them here) have exploded across the business world in only a few years.
As with every new frontier, there’s a sort of ‘Wild West’ period. A few businesses pop up early, grabbing much of the attention & pushing growth forward. Then upstarts appear to claim slices of the pie. Big names in related industries wade in to crush the upstarts, early-stagers gear up…and everyone fights for market share.
That’s where we are now. Fighting stage. The War is on.
Why take the time to examine it though? What’s the advantage in surveying the battle scenes? As long as people can use their preferred messaging app, everything’s fine…right?
While true, there are two reasons. One, not everyone can use the ChatOps platform they want to. More on that below.
Two, it takes time & effort to move a company onto any platform. Especially if they’re already on another platform! Migrations take time, cause user frustration, and drive up support costs (temporarily at least).
When you decide to move onto a ChatOps platform, you need to make sure it’s one that will:
Do what you need it to
Work well for your user base, AND
Hence my reason for this post. Let’s see what’s happening in the ChatOps War.
Who’s On Top?
We have up-to-date information to start us off—a December 2018 survey conducted by Spiceworks. Love those guys.
The biggest move came from Microsoft Teams. It surged ahead in 2018, surpassing Slack to become the #2 collaboration tool in the business world. (Microsoft’s moves to place Teams front and center in O365 certainly contribute to Teams’ growth.)
Who’s #1? Skype for Business, of course. For now at least…its own cousin wants the crown.
Workplace, Facebook’s entry into messaging apps, died out of the gate. It’s not a terrible chat offering, as I mentioned in my 2017 review. But it didn’t really hold its own against Slack or Skype for Business, and Facebook’s overall privacy problems kneecapped Workplace as well.
The Challengers Nipping at Heels
I became aware last year of several newer, standalone ChatOps services. I do plan more extensive reviews of the services later this year, but for now, let’s meet the ‘Challengers.’
TWIST – Twist.com
This is a chat offering by the makers of Todoist, a popular to-do list app. You see this reflected in Twist’s structure: It’s somewhat like a group chat/email hybrid. Very similar to Teams in its Conversation-based structure. Twist’s makers tout its structure as superior to Slack, by using threaded conversations everywhere (thus making all communication easier to follow). It’s a subtle shift, but notable enough.
MATTERMOST – MatterMost.org
Mattermost acts a lot like Slack. With one MAJOR difference – it’s self-hosted. You run Mattermost on your own servers. It’s an on-prem chat platform!
The standard version is free, with a two-tier paid version that adds in Active Directory/LDAP integration, faster support, and several other useful tools. The Mattermost software runs on Linux, and has apps for Windows, Mac, iOS, Android…and of course Linux PCs.
Slack does have a Linux app, so this isn’t ‘Slack for Linux.’ It’s an open-source, on-prem alternative. Not quite as refined as Slack, but users report good experiences with it.
ZOOM – Zoom.us
Wait, Zoom? Don’t they just do video conferencing? Yes, and they do a pretty good job of it as I understand. But it turns out they have a messaging app bundled in too—Zoom Chat!
Zoom’s primary focus remains on conferencing, and rightfully so. The Chat app looks like Slack’s younger cousin. Useful, but meant as a supplement to the video tools. A good value-add.
These challengers for the most part have simpler feature sets and a nimbler approach to ChatOps. They’re definitely aiming for Teams/Slack’s heels as well. How much market share they win over will depend, I think, on two things:
Which chat features/structures become the most popular among businesses
Microsoft’s Teams expansion efforts
Skype4B’s Crown is Under Threat
At this point, Microsoft has forced Skype for Business almost completely out of the small business sector in favor of Teams. This will not get better. Skype4B will eventually lose its crown to Teams. We all knew this of course…but it’s here. It’s happening as you read this.
Enterprises still have the on-prem Skype for Business Server 2019 version, of course. I remain convinced that this will be the last on-prem version Microsoft will release though. By the time we’d roll around to a new server version—2021 or 2022—everyone using ChatOps will either be on Teams, Slack, or a challenger. They will all have full Enterprise Voice capability. Phones, video, and chat will all mesh together.
Now, let me give a prediction about Google Hangouts. You saw several ChatOps players in this post…but I’ll bet you noticed that Google Hangouts was not among them. That’s because I predict Google Hangouts won’t become a threat. Not to Skype for Business or to Teams.
The Spiceworks survey indicates that Google Hangouts use went up from 2016-2018…11% to 18% adoption rates, respectively. That’s because Google targets enterprise users with its Hangouts Chat and Hangouts Meet products. Moving away from smaller G-Suite customers and potentially alienating them. Thanks to challengers like Twist, Google can no longer make the ‘easier to use’ claim that kept them around.
I also think Google’s privacy concerns and business practices will scare off enterprises in next 2 years. The fact that Google split Hangouts in two, coupled with appealing value propositions from Teams, also throw some tacks on the road.
2019 Will Bring Winners and Losers in the ChatOps War
Now we know the state of the ChatOps War. But there’s plenty more to come!
2019 is a ‘Battle Year,’ where we’ll see promotion, feature adds/updates, rises and falls. I could easily see any of the following occur:
Microsoft shortens its Skype for Business sunset schedule
Google buys Slack (please don’t)
A challenger like Twist or Mattermost starts eating into Teams’ market share, due to their independent-of-Microsoft nature
Former HipChat engineers come out with something new & exciting
Workplace or Hangouts dies
This is something on which I’ll keep as close an eye as I can. Directly—we’re fielding Teams requests in the office, and at least one customer uses Slack. All from businesses under 100 employees.
Next post I’ll go into choosing your own chat platform. If you’re looking at all these options and wondering what the best choice is for your business? The next post will help you make that determination. Check back soon!
Our fifth entry in the “How It Fits” series is…the Mediation Server!
Mediation is a central element within Skype for Business. It’s arguably the most versatile Server Role in the Skype for Business topology too. There’s almost no end to the number of configurations you can deploy for it…collocate, standalone, or pool. SIP trunk or PSTN gateway. Multiple gateways. Multiple trunks. Call routes and bypasses.
The one thing all of these configurations have in common…is listening. Mediation Server listens and translates. Routes and connects. If you use Skype for Business at all for voice, you’re talking through a Mediation Server.
This post, like the previous posts in my “How it Fits” series, will give an overarching take on the Mediation Server’s function and value. I took a more agnostic approach, since we now have two versions of Skype for Business Server to consider (2015 and 2019).
How does Mediation Server work in both of them? Any differences between versions? Let’s find out.
The Mediation Server’s Primary Role
Mediation servers translate signals between your Skype for Business’ Enterprise Voice infrastructure, and the gateway your topology uses to reach the PSTN: either a PSTN gateway, a SIP trunk, or even a PBX. “Mediating” your voice communications, basically.
Because of this critical function, Mediation Server is a required Server Role. It also helps facilitate E911, Call Admission Control, and Media Bypass.
This is one of the Server Roles for whom hardware quality matters. The higher the server’s processing capacity & available RAM, the more calls a Mediation Server can handle.
Main Components of the Mediation Server
Signal Translation: The reason you must have a Mediation Server for Enterprise Voice. Without signal translation, nobody could understand each other on the phone. You’d either sound like 80s-era robots, or brain-scrambled demons!
Call Routing: The server coordinates with your gateway of choice to route calls where they need to go. Peer-to-peer inside the network, out to a branch site, or out to a customer three states away on their cellphone.
Media Bypass: Not really a component, but a capability. Skype for Business admins can configure a call route to flow AROUND the Mediation Server! The call route would travel directly between a user’s device and a PSTN Gateway. Why do this? It can reduce la without traversing the Mediation Server. Media bypass improves call quality by reducing latency, unnecessary translation, possibility of packet loss, and the number of potential points of failure.
Call Admission Control (CAC): A bandwidth management tool. Based on available bandwidth, the Mediation Server determines the best use for existing calls. The idea is to automatically prevent poor call quality as often as possible.
NOTE: Media Bypass and CAC are mutually exclusive. If one’s in use for a particular call, the other is not.
Other Servers a Mediation Server Communicates With
Front End. Of course, Mediation communicates with the Front End Servers all the time. It employs Front End’s database for call routing, and performs a similarly-central role in voice communications Site-wide.
PSTN Gateway / SIP Trunk / IP-PBX. These are the gateway mechanisms, or “peers” for bringing calls to & from Skype for Business. This is where your defined call routes meet the Mediation Server.
Load Balancers. I mentioned in the How the Load Balancer Fits post that load balancers must communicate with servers they’re balancing AND the servers sending them traffic. Since almost all voice traffic must go through the Mediation Server, they’ll talk with load balancers frequently.
(The peers performing call routing to/from Mediation Server also act as load balancers, particularly when you deploy a Mediation Pool.)
How a Mediation Server Works in a Hybrid Deployment
What does a Mediation Server do in a hybrid topology with Office 365?
Fundamentally the same thing. If you’re hybridizing an existing Skype for Business Server deployment, you’ll enable synchronization for Active Directory and change call routes. You’ll have to reflect such changes in your on-prem Mediation Server.
There are too many options to the hybridization process to cover in 1 post. Suffice to say, it all depends on your gateways/SIP trunks, and how much of Office 365’s calling services you use.
Should You Collocate with Front End, or Use a Separate Mediation Pool?
By default, Skype for Business wants to collocate a Mediation Server with the Front End Server. Which is fine for smaller topologies.
If you’re using a SIP trunk though, I recommend the standalone approach. At least one Mediation Server, or a small pool. Microsoft also recommends this approach, but we’ve seen it borne out in the field. Each time we deployed a standalone Mediation Server for a customer location with a SIP trunk, we fielded fewer calls about latency issues (if any).
One caveat for you Skype for Business Server 2019 deployers: According to Brian Siefferman at Perficient, if you’re migrating your Skype4B topology from an existing deployment, it’s a good idea to collocate the legacy Mediation Server during initial deployment. Then you can decide whether to keep it collocated, or move to standalone, later in the process.
Will the Mediation Server Change in Skype for Business Server 2019?
Not fundamentally. It continues its role of call routing/media processing.
We even get a performance boost for Mediation’s call capacity. Paul Lange points out that that a standalone Mediation Server in 2019 will handle 2,000 concurrent calls, with hyper-threading enabled (it can handle 1,500 calls in Skype4B 2015).
Makes sense, since a few deprecated elements deal with messaging—XMPP Gateways, Persistent Chat. Mediation Server won’t need communications with them now, freeing up more processing power for concurrent calls.
A Good Listener to Facilitate Voice Calls
The Mediation Server has existed since the OCS 2007 days. Of course, It has grown as more VoIP options came into being. But like its Front End partner, it has continued to provide the same fundamental service for over 10 years.
As long as it has sufficient bandwidth & a reliable gateway available, Mediation Server makes voice calls happen. Which type of gateway you use with it, depends on your network and Site needs.
Let’s start 2019 with a refresher. 2018 was a busy year, with new content and updates for older, more evergreen content.
In today’s post I’ve listed our the 5 most popular posts in 2018, by number of unique visits.
If you’re a new reader, welcome! I hope these posts help start you on the road to broadening your Skype for Business/Teams expertise. If you’ve been here a while, glad you’re here. There’s plenty more to come in 2019.
The 5 Most Popular Skype for Business Insider Posts in 2018 (in order)
Can You Turn Off Skype for Business New Message Alerts?
This one definitely struck a chord. Many readers commented about their desire to turn off New Message alerts entirely, or control their appearance. Short version: You have some control over notifications when on mobile. But on desktop, you’re kind of stuck.
It seems like Microsoft’s pricing shifts keep accelerating…and obfuscating. The post remains accurate, though I’ll put up another pricing post soon to incorporate Skype for Business Server 2019 and current Teams costs.
Making Sure You See Skype for Business Notifications – No Matter What!
This post talked about SuperToast as a method of guaranteeing you’d see Skype for Business notifications. It has limitations—no Mac version, no guarantee of Teams compatibility—but it does prove useful. Commenters did point out that some businesses ban third-party add-ons as a precaution (and a valid one), which can hamper SuperToast’s usability.
However, I want to note: in April or May of 2018, we had a customer with the same issue. Troubleshooting Point 1, purging an old local cache file & forcing a server refresh, DID resolve the issue. So my meandering helped!
Some of these date back as far as 2014. It’s rather heartening to see older posts still helping users!
Where the Blog Is As Of Now – Some Post Updating, Planning Out a Strong Year
I’ve gone through and made updates to each of these posts. A little additional content, including information from reader comments or emails, etc. New readers will get the most benefit…but if you read one of these posts in the past, it wouldn’t hurt to give it another look!
To give you a peek into my 2019 plans, here are some post titles on the roster:
Pricing for Skype for Business and Teams: 2019 Version
How the Mediation Server Fits into Skype for Business
The Path to Deploying Skype for Business Server 2019 (Series)
The ChatOps War: The Battles Raging
How to Preserve Unified Messaging
Have a topic you want to see covered? Leave it in a comment below, or drop me a DM on Twitter at @PlanetMagpieIT!
MS auto-moving new O365 customers to Teams (no access to S4B Online)
The announcement of Skype4B Server 2019 came begrudgingly. As I’ve said before, I suspect we won’t get any more on-prem versions after this.
We lost one of our office dogs. RIP Patches.
Tumultuous, to say the least. But we’re IT pros. We make things happen no matter what.
What’s Coming in 2019 for the Blog
I know the posting schedule diminished a little this past year. Don’t worry; we’re far from done! Here are some planned posts coming up next year:
A Skype for Business Server 2019 Install Series. We haven’t deployed Skype4B Server 2019 internally yet. But it’s on the docket. Once we do, I’ll blog about everything I can involving the setup, deployment, capabilities, and snags.
Teams Integration/Sunsetting of Skype for Business Online posts. A monumental change coming…what will its aftershocks result in? We’ll all find out.
Software & Device Reviews. I love doing these! Thanks to Yealink, Modality, and Plantronics/Polycom for sharing your hard work with us.
Collaborations. I’d like to do more collaborations in 2019. We’ve done a few in the past here, and they came out great. Are you a fellow tech blogger? A Microsoft tech with years of experience? Let’s talk! Shoot me an email at firstname.lastname@example.org.
No poll this time. But if you have thoughts about the state of Skype for Business/Teams, please feel free to share.
Merry Christmas to IT Pros Everywhere!
We at PlanetMagpie hope everyone has a safe & happy holiday! We’ll see you back here in January, refreshed and ready for another year.
As always, if you have a topic you’d like to see addressed in 2019, please share it with us.
Today I’m reviewing the Yealink SIP-T58A desk phone. Like its little brother (which we reviewed last time), this is a softphone designed for Skype for Business users. I put it through the same paces as the T56, within the same Skype for Business deployment.
Not surprisingly, it had very similar results. But they’re not identical phones…and they aren’t meant for identical uses.
As promised, I’ve included some use cases in this post. Instances where one phone works better than the other. Consider this post as a ‘Part 2’ to the previous post.
Ready? Let’s get to the T58A review!
The Yealink T58A is, like you’d expect, just a slightly more feature-rich iteration. It has the same dimensions as the T56A, the same desk footprint, and the same standardized phone layout with touch screen.
Here they are side-by-side. Can you spot the difference?
Hint: Look at the touch screens.
Design-wise, the only notable difference between the T56 and T58 is that the T58’s screen is adjustable. In nearly every other aspect, they are identical.
Because they’re so similar, I took a little more time with this model. Just in case it had any quirks only prolonged use reveals.
(Impromptu test: I accidentally dropped the handset before I could connect it to the cord. Luckily, nothing bad happened! It didn’t even scratch on our concrete floors.)
I did face the same sign-in challenge on the T58A as I did the T56A. It’s set to accept only Trusted Certificates by default. My contact at Yealink says they do this as a security measure. So it’s not really an issue as I said before…I can certainly envision topologies where this makes sense.
“You can easily turn your SIP-T58A smart media phone into a video phone ready with an optional removable two-megapixel HD camera CAM50.”
The T56A doesn’t have this slot available. A co-worker commented on the camera slot’s use of USB. It meant you could also plug a USB cable in, moving the camera to a better angle if desired.
It is a USB 2.0 slot, by the way.
Now we know why they made two models. One can take a video expansion module; the other cannot. This makes for a huge difference in use cases. I’ll go over that in a moment.
Please note: This is the SIP-T58A model. That means its camera works with SIP…NOT Skype for Business. Another phone version does that.
That said, let’s go through some testing!
Using Skype for Business on the T58A
Like its brother, the T58A shows favorited Skype contacts on its Home screen. The options, and simplicity of use, are the same too.
I also discovered that both models preserve account details. I disconnected both the T56A and T58A from PoE. Left them idle for a day. Then plugged them both into another PoE cable at a co-worker’s desk.
Both models saved my Skype4B account login. I only had to unlock the phone, and poof, there’s my Presence status & contacts. Nice going on this one Yealink.
Call Quality: Almost an exact mirror to the T56A. One thing I did notice was that the “Noise Proof” technology came through a little better on the T58. That could be due to my listening for it, though.
Voicemail: In a stroke of good luck, I had several voicemails come in succession one day. (Murphy’s Law, you walk away from your desk, and everybody calls…) This gave me a chance to test out the voicemail controls more heavily than before.
You reach voicemail on the T58A through its “Menu” button.
I tried both ways of dialing into voicemail:
Dial in, then pick up handset
Pick up handset, then dial in
No trouble either way.
Bluetooth: The Yealink team encouraged me to test out Bluetooth on the phone. I had to update the firmware in order to do this; the version shipped with the phone didn’t have Bluetooth enabled yet.
(NOTE: A new firmware just came out a few days prior to my review. If you buy a Yealink after reading this, your phone’s screen will look different.)
Once I’d updated, Bluetooth appeared as a rocker switch in Settings. You can enable Bluetooth and WiFi from the Web admin menu, or directly on the phone.
From there it’s the typical pairing process: Open the Bluetooth screen on the phone, wait for BT devices to show up in the “Available Devices” list, and tap to pair.
I paired my Jabra Motion Office headset. I keep its base wired to my laptop dock. To test, I disconnected the base from my dock, so it couldn’t field calls coming from my laptop.
Shortly afterward, two calls came in. The Jabra started beeping right away, just like it normally does.
I did notice a slightly shorter ‘walking range’ while taking these calls though. When my Jabra takes a call from the laptop, I can walk clear across the office and still have a nice clear call. When my Jabra took the calls through the T58, I got a little crackle of static when I walked about ten feet away.
Nothing huge. All in all, the phone did a good job of working with my Bluetooth headset.
Issues: Security/Hacking Concern
A reader messaged me after the T56 post went up. “Yealink phones get hacked all the time. Don’t use them!”
I checked on this, and did find several reports from people dealing with hacked Yealinks. All older models though. I searched specifically for the T56A and T58A, but didn’t come across hacking reports on them.
That doesn’t mean it’s impossible. Far from it! But the reader’s warning raises an extremely important point, not just about Yealink phones:
Whenever deploying a new VoIP phone, no matter the manufacturer, make sure it’s fully secured before issued to the user.
Default passwords changed. Firewall in place. Logging enabled. Ports closed. It’s another computer on the network…thus, a potential cyberattack vector. Treat it like one.
Use Cases for the T56A and T58A
Given how similar these phones are, it took me a while to determine separate use cases. They’re both solid phones, with an extremely useful Web administrative menu per device.
I did though! Here are some use cases where each of the Yealink T-Series phones would serve well.
Run-of-the-mill desk workers.
Compliance-heavy workstations, if regulations prohibit display of certain materials in a video feed. Even accidentally.
Multiple branch offices, in a bulk deployment (especially if you manage the branch offices’ IT remotely).
Common Area Phone. Both models have a CAP function in their settings. I prefer the T56 here since it’s a simpler device with no video.
T58A: All of the above, as well as the following.
Branch Management phones, for frequent conferencing.
Sales/Marketing team phones, for quick video calls.
Customer Service phones…in case you really want to embody ‘customer-facing’!
Small-team conferencing phone (though Yealink does have a series of conferencing phones, called the “CP Series”).
You have multiple offices, but similar communications needs (which means you can standardize deployment & save time/money).
The Verdict: An Easy-to-Use, Expandable Desk Phone for Power Users
Now that I’ve completed my reviews, I handed the T58A over to the co-worker I mentioned last post. His turn to play. He’ll also put the phone through its interoperability paces, in our own network and at customer sites. It has to work within our security parameters before he’ll sign off on customer use.
I do like the T58A’s video expansion option. But I personally don’t use video much. It’s a nice-to-have for standard users. For power users though, it’s necessary. Which is why I say power users would get more value from the T58A than the T56A.
Time for a new device to review! This time we have a new desk phone: the SIP-T56A from Yealink. Matt at Jenne.com kindly sent me this unit for review, after we expressed interest in the Yealink line.
The T56A is designed for Skype for Business use. It does support expansion modules, as well as Bluetooth & Wi-Fi connectivity, and plays nice with Office 365.
Would Yealinks serve as a good alternative to Polycom phones, if we couldn’t get a Polycom (or the customer didn’t like them)? Will they stand up to the daily grind? How well do they work with Skype for Business?
Let’s find out!
I unboxed the T56A as soon as it arrived. Pulling it out, I did a quick comparison to the Polycoms we have around the office. The T56A weighs about the same as those, but it’s wider. You’ll need a little desk space for it.
It’s a pretty straightforward phone console. Buttons for hold, transfer, volume, mute, etc. Build quality’s solid; nothing about this feels flimsy or loose.
The phone comes with a big touch screen attached. You can’t adjust the touch screen on the T56, but at least it’s low-glare. You can lower its brightness too, under Settings > Basic > Display > Backlight.
The T56 doesn’t need a separate power adapter if you use PoE (but one is optional). I plugged this in to a PoE network cable.
Issues: Signing In
The phone booted as soon as I plugged in the PoE cable. It brought me to a nice simple start window within about 20 seconds.
Once the phone finished startup, it brought me to a Sign In menu right away. I had three choices: An Extension/PIN sign-in, a Skype for Business sign-in, or a Web sign-in.
(Side note: Since the phone sent me straight into Sign In, I didn’t realize for several minutes that I could just hit Back a few times and reach the phone’s main menu!)
Now, here’s where I had the one issue. I had some difficulty getting signed in. It wanted me to use an extension and PIN at first, but I didn’t have those. (I did try my previous phone’s extension and PIN, but alas, no use.)
Next I opted for the Skype User Sign In. We run Skype for Business Server 2015 on-prem, and this phone used a PoE cable to connect. Should be no problem at all, right?
I entered my sign-in address (email), username (the same email), and my Skype4B password. Took me a couple tries to figure this out; the instructions didn’t specify the format.
When I did get the right combination, I saw the following error: “Cert web service not found.”
Hmmm. Did we have an issue with our on-prem Front End? I checked with the Consulting team. No, the Front End’s fine.
I checked online and found the solution: In default settings, the T56A only accepts Trusted Certificates. This can inhibit initial sign-ins, even on secured Skype for Business Front Ends.
The phone also has a Web administrative menu. You access it by entering the phone’s assigned IP into your web browser, like most such devices (e.g. “http://192.168.1.1”). The instructions contain the default login & password for this admin menu.
The fix involves disabling the Trusted Certificate Only option in the admin menu, under the Security tab. Once I did this, I discovered a very handy shortcut. Instead of returning to the phone and re-entering my login, I could sign into Skype4B right from the admin menu!
All I had to do was click the Account tab, enter my login & password, and boom. The phone recognized the sign-in and displayed its main screen. Ready for testing!
Using Skype for Business on the T56A
The T56A main screen shows favorited Skype contacts. You have a bottom toolbar with four options: Favorites, History, Contacts, and Menu. Menu gives you the Calendar, Voice Mail, Status, Setting, and Meet Now buttons. All styled consistently with Skype for Business.
The phone’s DEAD-simple to work with (heh heh). I replaced my normal desk phone, a Polycom CX300, with it to test out. I anticipated some learning curve, of course…it would take me a couple days to familiarize myself with the different ways to make & handle calls, right?
Nope! Within minutes I had this phone down. Unlock PIN set, favorites configured, and I know where & how to change my Presence status in two taps.
I connected my Jabra Motion Office headset to the T56A as well, using the headset port on the back. No configuration necessary.
Now, the most important aspect of a phone: Call Quality.
Since I replaced my Polycom with the T56A, it handled all my calls for the past week. The handset is marked HD, and judging by call quality, it’s true. Everyone’s voices came through as clear as could be, whether co-worker (internal) or customer (external).
(Even the recorded spam message came through nice and clear. No idea how they got my number…)
To illustrate the call quality, let me draw a comparison. When you talk with your co-workers on one device, and then switch to another, you can tell which device is clearer, can’t you? You already know their voice. Your brain knows how they should sound. So when one device carries their voice sharper than the other, you notice.
That’s what happened during my T56A testing. Voices came through sharper on the T56A than on my prior phone (the Polycom CX300).
I found out afterward that this happens, at least in part, due to Yealink’s “Noise Proof” technology. The phone actually blocks out background noise while you’re on a call. I’ve seen this demonstrated on other phones before. The fact that I didn’t think of it until well after my calls says Yealink did a good job with their own version.
The Web Admin Menu: Yealink’s Secret Superpower
The Web administrative menu is incredible on these phones…I can configure every aspect of the phone from my browser. From changing ringtones to upgrading firmware.
Not only does that save a HUGE amount of provisioning time, it means I can totally avoid hunching over the phone, tapping out letters on the touch screen.
Don’t get me wrong; it’s great that the T56A has a touch screen in the first place. The screen has a good response rate, analogous to an Android smartphone. But if I can save a few minutes typing on my laptop’s keyboard, so much the better!
Having a comprehensive Web admin menu makes a big difference for IT professionals. It means we can provision devices remotely, with ease.
All we need is the phone’s IP address when it’s plugged into the network. The IP address is under Settings > Status. With that, we can take care of Skype for Business configuration, security updates, directory control, and so on. The user just has to plug the phone in!
The Verdict: An Excellent Desk Phone for Skype for Business Users
I showed the T56A to a colleague. He handles hardware deployment for most of our Skype for Business customers. Most of the time he deploys Polycom phones, with Jabra or Plantronics headsets.
He saw what this device can do and his eyes almost popped out of his head! “Why didn’t we have this before?!” He started throwing out names of customer sites where he could place them. I stopped him at #5. He could have kept going. Coming from him, an IT pro who’s worked with dozens of device manufacturers over the past 25 years, I consider that high praise.
The poor Director server role. No longer needed by Teams, its primary function usurped by Azure AD for Office 365…Microsoft’s march into the future seems to have passed right by it.
Now, this is not the first time Microsoft has left a server by the digital wayside. But I have a special place in my heart for Directors. I like the concept, and what it embodies, Looking at the Skype for Business/Teams ecosystem now, I thought Directors would join Microsoft Bob and Small Business Server on the trash heap.
But I found a little light instead…one instance where it does still make sense to deploy Directors in today’s world. Let’s find out what that is!
What a Director Does, and How Skype for Business Changed Around It
I first wrote about the Director way back in 2012: What’s the Director For?
I characterized it as a sentry on the castle walls. Permitting only legitimate Lync/Skype for Business users entry.
That’s what a Director does—it provides authentication for users, so the Front End Server/Pool doesn’t have to. The Front End carries on with facilitating calls, Meetings, etc. while the Director handles authentication.
Now, the Front End CAN handle authentication requests as well. It never needed the Director. Having a Director server/pool helped in two ways:
Ease congestion on the Front End Server/Pool, which often translates to better call quality & Meeting stability.
Defend against DoS attacks targeting the Skype for Business Server. Not a common threat, but a growing one in recent years.
So the analogy still holds. You can still use a Director as a sentry, defending your Skype for Business deployment.
Which is what Microsoft’s done. By first offering a Hybrid deployment option with Office 365, then introducing Teams and beginning to fold Skype for Business Online into it, Microsoft’s slowly pulling the rug out from under Directors.
What about authentication requests though? How will Teams and Office 365 manage all those requests in your tenants?
Skype for Business Hybrid and Teams: Director’s Role Usurped
Since Office 365 tenants handle authentication through Microsoft’s cloud-based Azure Active Directory, they don’t need on-prem authentication from a Director. But what about hybrid deployments?
In most hybrid configurations, authentication’s done through on-prem Active Directory and Azure AD. Azure AD syncs to your on-prem Active Directory server, providing a built-in failsafe. Directors become superfluous.
To configure your deployment for hybrid with Skype for Business Online, you need to have one of the following supported topologies:
A mixed Lync Server 2013 and Skype for Business Server 2015 deployment with the following server roles in at least one site running Skype for Business Server 2015:
At least one Enterprise Pool or Standard Edition server
The Director Pool associated with SIP federation, if it exists
The Edge Pool associated with SIP federation
A mixed Lync Server 2010 and Skype for Business Server 2015 deployment with the following server roles in at least one site running Skype for Business Server 2015:
At least one Enterprise Pool or Standard Edition server
The Director Pool associated with SIP federation, if it exists
The Edge Pool associated with SIP federation for the Site
A mixed Lync Server 2010 and Lync Server 2013 deployment with the following server roles in at least one site running Lync Server 2013:
At least one Enterprise Pool or Standard Edition server in the site
The Director Pool associated with SIP federation, if it exists in the site
The Edge Pool associated with SIP federation for the site
“If it exists.” In other words, the Director is not critical to these hybrid topologies.
What about Teams? Since Teams will absorb Skype for Business Online anyway, does Teams need a separate authentication server?
No. It’s not designed that way. Even if it was, as a fully cloud-based application, Azure AD will handle the authentication. A Director isn’t listed anywhere in the Teams dependencies for guest access…only Azure AD.
(Whether or not Azure AD handles guest accounts & user expansion WELL is up for debate…but we’ve talked about that already.)
It’s safe to say that for Office 365 and Teams, Azure AD usurped the Director’s role. That leaves us with one other potential use: the upcoming Skype for Business Server 2019.
Edge Servers, standalone Mediation Servers, and Director: 6-core, 2.4 gigahertz / 16GB RAM / 8 or more 10000 RPM disks or SSD / Gig NIC/ dual Gig NIC for Edge
These may seem steep. But they’re almost identical to Front End Server requirements; the only exception is that Front End needs 64 GB RAM.
I can see many admins using requirements to justify dropping Directors from their 2019 deployments. In truth, our IT Consulting team hasn’t installed a Director in any Skype for Business deployments (on-prem or hybrid) since early 2017.
However, after some discussion and brainstorming, I realized the Director is in Server 2019 for a reason. One Skype for Business topology does exist where a Director helps.
The One Deployment Topology Where a Director (Still) Makes Sense: Director on Guard
Here’s my “Director On Guard” topology. The deployment must meet all of the following characteristics:
Installing Skype for Business Server 2019
More than 2 office locations
The company has suffered a cyberattack in the past
Why these? I’m so glad you asked.
An enterprise business will want the control and security they can exert over data trafficked within Skype for Business. This also gives them control over their phone system.
More than 2 locations means branch servers to maintain the call network. More than 1,000 users means thousands of authentication requests every single day.
A cyberattack? Nothing makes cybersecurity more important than suffering a cyberattack. (I wish this on NOBODY, but it’s a tragic reality of our world.)
In this case, the Director serves a purpose. It performs its original function of handling authentication requests, taking load off the Front End pool and preserving bandwidth. All worthwhile performance goals, which makes IT look good to the budget-conscious C-suite.
A Director also provides additional guard against cybercriminals. Post-cyberattack security improvements go a long way toward securing the network, and user workstations. The Director performs a similar role within the Skype for Business ecosystem—a central component of the enterprise business’ communications.
It’s doing its time-honored job…being a silent sentinel, ready to admit those who have authorization, and defend against those who do not. Hence my terming it, “Director on Guard.”
If we don’t get an on-prem Skype for Business version after 2019, it’s likely the Director role will fade with it. That’s okay…it’s done its job. But for now, don’t count the Director out yet. With cyberattacks on an upward swing, all systems need protection. Including Skype for Business.
Do you still use a Director in your Skype for Business deployment?