What is the best practice for remotely managing multiple sites?

Brook Powers · ‎08-19-2011

What is the best practice for remotely managing multiple sites.

Install CCA on a workstation at every client site and access the workstation via RDP?

Setup VPN's from the service provider to each client site?

Install CCA on user's desktops and tie the user's PC up with a screen sharing app every time one requires access?

Create a running config on a local demo unit and upload it (not)?

Open up an SSHport/tunnel and connect remotely (speed issues?)?

Any experiences?

danplacek · ‎08-19-2011

We set up EZVPN on all our customers and use the Cisco VPN client to connect and make changes either via CCA or Telnet/SSH.

We have found that that works well for just about everything. The only things to be wary of are:

1. Making changes to WAN, Firewall, or VPN settings over the VPN.

2. Doing Upgrades/Downgrades/Backups over the VPN - we have had these fail spectacularily (Especially CUE). What this means basically -- if you need to do a software pack upgrade -- do it on site.

renato.guimaraes · ‎08-19-2011

For the most part, managing UC's remotely with CCA over a VPN works just fine. The trouble comes when messing with firewall settings and SIP trunk configuration...and not to mention software updates. What I did to overcome these obstacles is choose a single PC in the remote office and install CCA and a remote control software like LogMeIn. I've used SSH over the VPN with no problems either. Be aware that if you're going over a VPN to a UC that is not used as the primary router on the remote network, you'll have to add route entries to the UC to access it.

Good Luck

-Renato

Brook Powers · ‎08-20-2011

If Cisco was smart, they would create a web based portal (Lets call it Project Phoenix), where IT consultants could log in, view the status and manage ALL their clients' networks and devices.

BENEFIT #1

Cisco devices would work better, and offer more portal features than any other vendor so IT consultants would logically prefer Cisco products, boosting Cisco's sales.

BENEFIT #2

Cisco devices (UC540, SG2000P, AP541) could be configured and have configs backed up to the cloud, right inside the Phoenix portal - resulting in IT consultants recommending Cisco products over any competitor.

BENEFIT #3

Cisco could reference support calls with configuration output archival records created/generated by the portal in Cisco's cloud. Cisco could then correct the bad code efficiently and immediately. - resulting in increased vendor & customer satisfaction, lower Cisco support costs, lower CCA development, distribution & support costs and IT consultants choosing Cisco products over the competitors.

For example, imagine the NO HUNTSTOP ERROR or the POTs line CALL BACK RULES errors being fixed overnight, in the cloud - and you never have press "download" 8 times again on Cisco's silly download site to install the newest version of the CCA.

BENEFIT #4

WITH PERMISSION (emphasis added) Cisco could track, review and enhance the features and capabilities most utilized by its customer base, by Cisco's monitoring of the configurations generated and backup up to the Cisco Phoenix cloud.

BENEFIT #5

Cisco could monitor and report warranty status in the Phoenix portal. Cisco could offer extended warranties and service contract upgrades with a click, right from their portal - eliminating distributors, lowering prices, improving delivery time and making more money all at the same time. (Note: although after trying to update the contract mailing address on my UC540 warranty, I doubt Cisco is capable of offering anything with 1-click) - My task required 24 hours mandatory wait, three tickets and 12 emails. Allowing me to edit my own address was just unreasonable, I suppose... But I digress).

BENEFIT #6

Well I have 4 other killer benefits in mind - but you get the idea.

JOHN NIKOLATOS · ‎08-21-2011

Brook - FUnny you should mention PROJECT PHOENIX... Cisco calls it OnPlus.. It is a device that was in BETA for two years or so.... and just this month it has been released. You can purchase at your distributor...

http://www.cisco.com/en/US/products/ps11792/index.html

It can tell if warranty is current and when it expires. It can do firmware upgrades, it can allow you to easily connect to your clients device... It can alert you if the site or a device or service is up or down... and much more..

I am using it at a few clients already... and it is working out very great.

John Nikolatos

http://www.niktek.com

David Trad · ‎08-21-2011

Hi John,

Good catch OnPlus is almost a derivative of "Cisco Configuration Center" or "CCC" for short, there are a lot of major differences but the principles are almost practically the same, Cisco never proceeded with this EFT even though all us participants that were involved with it where deeply excited about the future of it... It was a huge let down to say the least, they decided to proceed with a full blown CCA version.

To answer your question Brooke, for rudimentary things try and get a EZ_VPN setup going to the system and use CCA like others have advised, where possible consider installing CCA on an SBS server and do major stuff from there as it is local then and less will go wrong as opposed to a VPN setup.

The biggest mistake in my personal belief was the dev team deciding against a full blown web GUI direct on the UC such as the ones they put on the ESW/SF-SG series switches, this would have been far more viable, it is by far more easier to forward ports for HTML services and much less resistance from I.T houses that are protective of their territory, it is also in my Opinion far more reliable way of managing a system.

I still sit in hope that one day Cisco will reverse this decision, it is not too late to make CCA a backup or LAB based system and go to a full blown WEB GUI setup, have the same telephony wizard or use the 320W style wizard... Either way the management side of the UC's are still an ongoing issue and a struggle for many engineers out there and it needs to be addressed with the same importance and urgency as what is being afforded to CCA.

Alas I digress I am always banging on about this in the hope that one day they will listen and change the course.. But that is my sneaky evil way of doing things

Cheers,

David.

Cheers, David Trad. **When you rate a persons post, you are indicating a thank you or that it helped, but at the same time you are also helping to maintain the community spirit - You don't have to rate posts and you wont be looked down upon :) *

Brook Powers · ‎08-21-2011

John,

Yea, I was in the Thunderbolt beta. Are you in the Phoenix beta?

Phoenix could make Thunderbolt look like an Apple II+

JOHN NIKOLATOS · ‎08-21-2011

Brook - didnt know... almost thought you were giving me a alley oop for a slam dunk for sugesting OnPLus/Thunderbolt.... I am using it and starting to like the remoet access benefits.

I use a mixture of SSH - IPSEC VPN - showmypc.com and Microsoft netmeeting/Easy assist.

SSH is nice... but then I cant download, tftp or even telnet (depending on the device I connect to). The other showmypc, Eeasy assist, is nice but then you have to take over a PC...

Microsoft small business server..... is nice where I have it.... Did you see 2011 sbs yet? Nice interface for REmote web workplace. This way at least you can have CCA installed on the server...

Where I have SSL VPN - that is nice too...

But nothing that gives me everything!! It would be nice if OnPlus would have a CCA type software installed on it.... so you can just take over that.... hmmm maybe in phoenix?

Marc Bresniker · ‎08-21-2011

As mentioned, OnPlus is now available, many viewing this thread participated in the market trial (Thunderbolt). Thus far, OnPlus has been communicated to a targeted set of partners but that will grow over the next few months. It took less than 18 months to go from the start of the Trial to the official launch of the OnPlus service. I hope you have seen how the team has listened to feedback and feature recommendations from the partners and applied them in the service.

This thread on how to improve remote management for voice deployments is what OnPlus can help with, and the team is tracking these suggestions. Brooks, I know you won't be shy in sharing your thoughts as we develop and roll out new features especially for voice technology.

Expect us to provide a list of potential features for a voice practice and we'll look to the partner community to help guide us on how to prioritize that functionality.