Wednesday, 20 June 2018

How to: Microsoft Teams Direct Routing

Hello Readers.  I hope you're well.

This isn't going to be a short post, but you're probably used to my posts and you'll forgive me.  ;)

This post is a how to guide, plain and simple.  It is going to be heavy on PowerShell and screen grabs (for systems that don't take PowerShell), specifically concentrating on voice routing for Microsoft Teams in Office 365 and Session Border Controller (SBC) configuration.  I'll start with an intro before moving on to the tech stuff.  If you're not technical you might want to read the intro and get on with your day.

On with the show!

Today I'm here to talk about a new "feature" available in/for Microsoft Teams which is currently called Direct Routing.  I say currently because I hope Microsoft change it.  For one (and this has been said by many others), the abbreviation is DR and we already use that for disaster recovery.  For two, it is kind of a misnomer.  Given that this is connecting to on-premises lines and telephone systems by using a Session Border Controller, it should really be called Indirect Routing.  The lines and systems don't connect directly to Teams.  They connect to the SBC which connects to Teams.  
I like the term On-Premises Call Handling (OPCH) for Microsoft Teams, but what it really is, is Hybrid Voice for Microsoft Teams.  Remember Hybrid Voice?

To be fair though, it is more direct than we had for configuring OPCH for Skype for Business Online (SfBO).  SfBO had to connect to the SBC via Skype for Business Server on-premises in either a full deployment or the cut down version called Cloud Connector Edition (CCE).

If anything it was even more indirect than Direct Routing.

What is Direct Routing?  

At the time of writing, Direct Routing is in public preview.  So everything in this post is subject to change.  It has already gone through various levels of private preview with customers, TAP enabled resellers and MVPs all testing it out, so I can't imagine that it is far off from the final iteration, but you never know.

If you happen to live in one of the countries that has access to Microsoft Carrier Services (currently just 9 countries) you can add a Calling Plan for each user which gives them a bundle of minutes to use for calling to domestic or international numbers each month.  That's fine if you only have offices in those countries.

Direct Routing is feature that enables your Microsoft Teams users to use on-premises telco lines or SIP trunks to make and receive calls instead of using Microsoft Carrier Services via Calling Plans.  

Why do I need Direct Routing?

  • You need Direct Routing if you have offices outside the Calling Plan enabled countries and want users to be able to make calls. 
  • You need it if you have existing lines with long contracts. 
  • You need it if you need to connect Teams to your existing PBX to enable cross system calling.
  • You might also need it if your users have mixed calling need for your users.  I'll explain.  

Calling Plans are, as I said, a bundle of minutes you buy for your users.  Calling Plans are available as Domestic only and Domestic and International.  They are also available in two sizes.  In the UK you can have Calling Plan Domestic with 1,200 and 120 minutes of calling.  Calling Plan 1200 costs £9.10 per user per month.  Calling Plan 120 costs £4.50 per user per month.  So you get 10% of the minutes for half the price.  

Calling Plan minutes pool at the tenant level, but only on like for like plans.  Meaning that users with the 1,200 minute plan all share the cumulative total of the minutes for every user with that plan.  e.g. 10 users, 12,000 minutes to share.  If 2 users hammer the phone and use 80% of the minutes it only leaves 2,400 minutes for the other 8 users to share for the rest of the month.  And that might work for you or your customer.  However, I know companies that say they have a lot of users that rarely make calls at all.

Personally I would like to see Calling Plans change a little.  For one, pooling all minutes for all plans at the tenant level would be a great start.  You get the big plans for heavy users and small plans for light users.  But that's not quite enough.  PAYG for all calls for the lightest of users would be even better.

Keep in mind though that Calling Plans also include a SIP trunk and a number for each user.  Meaning that every user in the company can be on a call at the same time and even have a call on hold.  There's no limit, which is good.  But companies rarely buy that many lines.  1-4 (1 channel/line per 4 people) is typical for most companies if a little high.  I've seen it as low as 1-10.  Point being, Calling Plans give each user their own channel/line for calling which is great and all, but if you buy SIP trunks, you might only buy one channel for every 10 people and that might be just fine for you.  That means you line rental costs will be far lower than the multiple of Calling Plans for each user per month.

But I digress.  I'm not here to debate the value of Microsoft Carrier Services.  Each use case is different and you'll want to work that out for your company or with your customers on an individual basis.

You also need Direct Routing if you have offices and users all over the world and users have a need to call anywhere as cheaply as possible.  For instance, you could have a user in the UK that wants to call someone in Japan.  If you have offices and Direct Routing SBCs in both places you can enable it so your user in the UK calls out of the SBC in Japan to route their call out of the local lines.  You'd only do this if it would be cheaper for you in the long run.  But paying long distance from the UK can't be cheaper than paying local or national rate in Japan, can it?  My point is it is possible and that's good.

You can also use Direct Routing alongside Microsoft Carrier Services.  You could use Microsoft Carrier Services in countries where it is available and Direct Routing where it isn't.  If you have enough offices with Direct Routing enabled SBCs and local breakout and a decent network to route calls, you could set up Least Cost Routing and save on international calling.

Remember, Direct Routing isn't just about connecting to local lines.  It is also used to connect to a local PBX.  A PBX interconnect could be required for large migrations where you want to move users gradually or perhaps the PBX is connected to a specialist contact centre.  It could just be because you need to "sweat" the cost of the PBX for a little longer.  You could use Calling Plans for PSTN break out and Direct Routing to route calls internally to PBX users.

I could probably go on, but I think that's enough of an intro.  You hopefully get the point.  Direct Routing is definitely a good thing in the world of Microsoft hosted communications.


Now for the techie part.

What you need

You need a few things to make Direct Routing work.  These are broken down into categories.
  • Infrastructure
  • Office 365 subscription and relevant licensing
  • A public DNS record for your SBC(s)
  • Public SSL certificate for the SBC
  • SIP signalling and firewall ports


For starters you need a supported SBC.  Right now the list of vendors with supported SBCs is small, but that will grow to ~9 vendors total according to Microsoft.  Right now the vendors include Ribbon (nee Sonus) and Audiocodes. 

You need an Office 365 (or Microsoft 365) tenant with a real domain registered. won't work.  Instead you need

You also need lines on-premises or in the data centre where you will host your SBC.

In hybrid scenarios where you have a mixed estate with some workloads such as Skype for Business Server deployed on-premises, make sure the users that will use Teams for calling are "homed" in Skype for Business Online and not Server.

Office 365 subscription and relevant licensing

You need a plan that includes Skype for Business Online Plan 2, Teams and the Phone System add-on.  The Audio Conferencing add-on is optional.  You can technically buy all of the above as individual licenses.  Most will have an Enterprise plan such as E1, E3 or E5.  All of the "E" plans include Skype for Business Online Plan 2 and Teams.  You only need the Phone System add-on and you're good to go.  E5 includes SfBO Plan 2, Phone System and Audio Conferencing.

A public DNS record for your SBC(s)

As I said above, you need a read domain in Office 365.  You also need a public DNS record for each of your Direct Routing enabled SBCs.  e.g.

Public SSL certificate for the SBC(s)

You need a public SSL certificate to install on your SBC.  The Certificate is used to encrypt all SIP signalling and media between the Microsoft edge and your SBC.  The Certificate needs to have the SBC FQDN (that DNS record you created above) in the subject, common name or subject alternate name (SAN) fields.  If you have multiple SBCs and multiple DNS records you can add these as SANs.  Alternatively you can use a wildcard certificate such as * and must comply with RFC HTTP over TLS.

There is a fairly short list of qualified root certificate authorities currently and Microsoft is working on adding more based on customer request.  I won't list them because it will probably change before I've finished writing this post and you can check for yourself in the official documentation.  But I think you're going to be well covered by the companies on the list.

I'd strongly suggest that you request the certificate by generating a certificate signing request from the SBC itself.  You also need the private key size to be at least 2048.

SIP signalling and firewall ports

It might go without saying, but I'll say it anyway.  Your SBC needs direct internet egress as close to itself as possible.  If your SBC has multiple hops before it reaches the default gateway to the internet it could add latency and therefore affect call quality.  

Your Direct Routing enabled SBCs don't connect directly to Teams (which isn't a SIP enabled system), but instead to upstream SBCs hosted by Microsoft and are known as connection points.  There are three connection points;

Sip is the global PSTN hub FQDN and must be tried first.  When the SBC queries this DNS name, the Azure DNS servers return an IP address which it will use as its primary connection point.  It should return an IP address from a small list (below) that is geographically and logically (from a Round Trip Time perspective) closest to the SBC.

The FQDNs will resolve to one of the following IP addresses:


If you want to know how many hops you have, I recommend doing a pathping to and see for yourself.  Pathping shows you all of the hops, the RTT for each hop and the combined RTT for the final destination.  My lab server has a combined RTT of 10ms to get to the primary connection point even though it had 4 hops just to get to the Microsoft edge.  So not so bad.

Interestingly, I ran the pathping to the same FQDN twice and got two different connection point records.  One for Northern Europe (Dublin) and one for Western Europe (Amsterdam).  So I'm between regions.  I could also see that the internet provider for where by Lab servers are has a direct peering with Microsoft which means it is using very little of the "open internet".

You need to open the following firewall ports for all of these address to allow traffic to and from these addresses for signalling.  If your firewall supports DNS names, you can use the FQDN which resolves to all of the IPs.

Media traffic flows to and from separate services (the SBC and Media Processor) in the Microsoft Cloud on an IP address range of using the following ports:

Microsoft recommends opening at least two ports per concurrent call from a Direct Routing enabled SBC.  There are 4,095 ports available in the range which means you can route over 2,000 concurrent calls from a single connected SBC.

Sip2 and sip3 are the secondary and tertiary connection points and are used as an automated failover mechanism for SIP signalling.  In the event of an outage for the primary connection point the SBC tries sip2 to establish the connection.

The table below shows the relationship of primary secondary and tertiary connection points.  In this example, if your tenant is in the EU, your primary connection point will be in the EU, secondary in the US and tertiary in Asia.

All of this is covered in the official planning documents for Direct Routing.

How to set it up

Configuring Direct Routing is actually pretty simple and requires just four steps.

These are;
  • Pair your SBC(s) with Microsoft Phone System
  • Configure your SBC(s) for Direct Routing
  • Configure Microsoft Phone System voice "stuff"
  • Enable users for Direct Routing

Pair your SBC(s) with Microsoft Phone System

You will configure your SBC pairing, routes and routing policies in PowerShell.  Specifically in the Skype for Business Online PowerShell.  Wait, what?  I thought this was a service in Microsoft Teams.  It is, but obviously the meetings policy commandlets haven't been ported over to the MicrosoftTeams module.

Open PowerShell as administrator and run the following in order

Import-Module SkypeOnlineConnector $userCredential = Get-Credential $sfbSession = New-CsOnlineSession -Credential $userCredential Import-PSSession $sfbSession

The output looks like this:

If you have a stale session already established and you get an error executing any commands or get prompted for credentials run 
$userCredential = Get-Credential $sfbSession = New-CsOnlineSession -Credential $userCredential Import-PSSession $sfbSession -AllowClobber

Adding the -AllowClobber switch after $sfbSession squashes any previously established sessions.

Once you have a session established you need to Add/create a new Online PSTN Gateway for Teams Direct Routing by running the following:
New-CsOnlinePSTNGateway -Fqdn -SipSignallingPort 5060 -MaxConcurrentSessions 10 -ForwardCallHistory $true -Enabled $true

The output looks like this:

To see an entire list of configured/paired gateways run the following

Configure your SBC(s) for Direct Routing

I'm going to cover this in a separate post.  I have an SBC that isn't currently qualified (but will be), but does work.

It will be covered in the next port, but you must validate the SIP options flow.  Microsoft says to use the SBC management interface and see that the SBC gets a 200 OK response to the outgoing SIP options.

Configure Microsoft Phone System voice "stuff"

Voice config in Microsoft Phone System is similar to that in Skype for Business Server.  It is comprised of PSTN Usages, Voice Routes and Voice Routing Policies.

First, to see if you already have any configured PSTN Usage records you can run the following;


It should return one called "Global" with no usages if you haven't previously configured anything.

Now you can add PSTN Usages one at a time
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-Mobile"}
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-Toll-Free"}
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-Region-Local"}
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-National"} 
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-Service"}

or in bulk
Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="UK-Mobile","UK-Toll-Free","UK-Region-Local","UK-National"}

If you add one that you no longer need e.g. "Set-CsOnlinePstnUsage -Identity Global -Usage @{Add="New-Usage}"... can delete it by using the Remove switch.  The entry is case specific.  If you enter "uk-delete" you'll get an error "WARNING: Cannot remove item "UK-Delete" from the collection because it cannot be found."
Set-CsOnlinePstnUsage -Identity Global -Usage @{Remove="New-Usage"}

If the PSTN Usage is still in use by a Voice Route you'll get an error - "PSTN Usage "New-Usage" is still being referenced in OnlineVoiceRoute:New-Usage."  If you get that you just need to remove the Voice Route by running the Remove command.
Remove-CsOnlineVoiceRoute -id "New-Usage"

Removing a voice route automatically removes it from the Voice Routing Policy.

You can also group your PSTN Usages into a variable for later use
$UK_Only = (Get-CsOnlinePstnUsage).Usage | Where-Object {$_ -like "UK-*"}

To get an expanded list of your PSTN usages run the following;

Now you need to create Voice Routes for each PSTN Usage
New-CsOnlineVoiceRoute -Name "UK-Region-Local" -Priority 0 -OnlinePstnUsages "UK-Region-Local" -OnlinePstnGatewayList -NumberPattern '^\+440?1234(([2-8]\d\d|9[0-8]\d|99[0-8])\d{3})' -Description "UK Region Local Routing"

New-CsOnlineVoiceRoute -Name "UK-Mobile" -Priority 1 -OnlinePstnUsages "UK-Mobile" -OnlinePstnGatewayList -NumberPattern '^\+44(7([1-57-9]\d{8}|624\d{6}))$' -Description "Mobile Routing"

New-CsOnlineVoiceRoute -Name "UK-Toll-Free" -Priority 2 -OnlinePstnUsages "UK-Toll-Free" -OnlinePstnGatewayList -NumberPattern '^\+44(80(0\d{6,7}|8\d{7}|01111)|500\d{6})$' -Description "UK Toll Free Routing"

New-CsOnlineVoiceRoute -Name "UK-National" -Priority 3 -OnlinePstnUsages "UK-National" -OnlinePstnGatewayList -NumberPattern '^\+440?(1[1-9]\d{7,8}|2[03489]\d{8}|3[0347]\d{8}|5[56]\d{8}|8((4[2-5]|70)\d{7}|45464\d))' -Description "National Routing"

New-CsOnlineVoiceRoute -Name "UK-Service" -Priority 6 -OnlinePstnUsages "UK-Service" -OnlinePstnGatewayList -NumberPattern '^\+?(1(47\d|70\d|800\d|1[68]\d{3}|\d\d)|999|[\*\#][\*\#\d]*\#)$' -Description "Service Routing"


If you don't want t be granular and are ok with unrestricted calling through the same gateway
Set-CsOnlineVoiceRoute -id "UK" -NumberPattern "." -OnlinePstnGatewayList

If you add a Voice Route you no longer need you can remove it
Remove-CsOnlineVoiceRoute -id "New-Route" 

You know that variable you created earlier to group all of the PSTN Usages?  You can use that to add the group when you create your Voice Routing Policy
New-CsOnlineVoiceRoutingPolicy "UK-Only" -OnlinePstnUsages @{Add=$UK_Only}

If you create a new PSTN Usage you can add it to an existing Voice Routing Policy
Set-CsOnlineVoiceRoutingPolicy "UK-Only" -OnlinePstnUsages @{Add="UK_Service"}

You can also remove an entry from an existing Voice Routing Policy
Set-CsOnlineVoiceRoutingPolicy "UK-Only" -OnlinePstnUsages @{Remove="UK_Service"}

To see the configuration of your Voice Routing Policy

If you have a lot of PSTN Usages in your policy the list can get truncated.  Run the following to expand just the PSTN Usages

Enable users for Direct Routing

Enabling your users for Direct Routing is also simple.  Assuming they are homed online and have the relevant licensing all you need to do is enable Enterprise Voice and Voicemail, assign a phone number and grant them a Voice Routing Policy.

Make sure the user is online
Get-CsOnlineUser -Identity "User" | fl RegistrarPool

Enable Enterprise Voice, Voicemail and assign a number.
Set-CsUser -ID “User" -OnPremLineURI tel:+44123456789 -EnterpriseVoiceEnabled $true -HostedVoiceMail $true

Grant the Voice Routing Policy
Grant-CsOnlineVoiceRoutingPolicy -Identity "User" -PolicyName "UK-Only"

Maybe it goes without saying, but I'll mention it anyway.  I'm assuming here that you've already enabled calling in Teams and that you've set Teams as the preferred calling client for the users you want to configure for Direct Routing.

There is also an easier way to configure all this voice stuff and that is to use Ken Lasco's excellent SkypeOptimizer site/tool which can now create all of the config for Teams Direct Routing.
I would always recommend getting to know all of these commands and maybe doing it once manually.  You might need to make changes or add new stuff in the future so you will need to know anyway.

In my next post I'll walk you through configuring an SBC for Direct Routing.  If I can I'll have multiple posts.  One for each SBC I get my hands on.

More info:

That's all for now folks!


Thanks for reading.

If this or any other post has been useful to you please take a moment to share.  Comments are welcome. 

Tuesday, 12 June 2018

Cloud Recording in Microsoft Teams

Hi readers,

Hope you're well.  Just a quick one for a change.

You have probably seen that Cloud Recording is now available in Microsoft Teams.  BTW, I'm taking the trouble to write Microsoft Teams because of some recent product name changes.  You know who you are! ;), Cloud Recording is now available in Microsoft Teams.  It is still in preview so it probably isn't totally finished.  But I can say for sure that it works.  I just wanted to give you some quick detail on enabling it, using it and anything else you might need to know.

First things first.  If you want to use it, you need a license for Stream for Office 365.  Stream? you say.  What does that have to do with Teams?  Stream is actually the engine behind Cloud recording.  It provides the storage, playback and sharing capability, plus transcription and indexing.  Everything you need to be able to record and watch the recording.  

All users that initiate recording need a license with the rights to upload videos to Stream.  Users that view the recordings also need a license which includes the rights to view the video in Stream.

Stream is available as two plans.  Plan 1 and Plan 2.  Plan 1 includes view and upload rights.  2 includes more (see below).

Stream Plan 1 is included as standard with Office 365 Enterprise and Education E1 and E3.  Stream Plan 2 is included in Office 365 Enterprise and Education E5.  It is also available as an add-on to plans E1 and E3 as well as Kiosk.  Stream is not available in Business plans e.g. Business Premium and Business Essentials.  Office 365 Kiosk plans have view rights only.

It might go without saying, but your user also needs to be licensed for and enabled for Microsoft Teams.  Teams is available in Business, Enterprise and Education Plans as standard and as an add-on (free 1-year trial) for some smaller plans.

What's the difference between Plan 1 and 2?  You can see the table above which shows you what's available in each plan.  From a feature perspective, plan 1 gives you record and upload and playback with inline transcription [CC].  

That might be enough for some.  But what we say in the demos at Ignite or Enterprise Connect or both was the ability to search the transcription for keywords and skip ahead to those sections.  That was awesome and I know most of us want that.  It's okay of you have E5, but not for the vast majority of companies out there with E3.  The add-on costs £3.80 per user per month in the UK (plus VAT).  Not sure companies will be forking out for every user in a hurry.  At least not just for the extra meeting recording options.  What do you think?

Once you have the licensing make sure you assign the licensing to your users.  I won't cover that here.

Enable it
You can make changes to the meetings policies in PowerShell.  Specifically in the Skype for Business Online PowerShell.  Wait, what?  I thought this was a service in Microsoft Teams.  It is, but obviously the meetings policy commandlets haven't been ported over to the MicrosoftTeams module.

Open PowerShell as administrator and run the following in order
Import-Module LyncOnlineConnector $userCredential = Get-Credential $sfbSession = New-CsOnlineSession -Credential $userCredential Import-PSSession $sfbSession

The output looks like this

Now you need to enable recording and transcription.  

If you haven't been granular in creating and assigning meeting policies to your users and they all inherit the Global meetings policy, just run the following
Set-CsTeamsMeetingPolicy -Identity Global -AllowCloudRecording $true      
Set-CsTeamsMeetingPolicy -Identity Global -AllowTranscription $true       

If you have assigned other user policies to users and want to fallback to the Global policy you just need to clear out the policy.
Grant-CsTeamsMeetingPolicy -Identity {user} -PolicyName $null -Verbose    

Update: Recording is enabled by default for the Global Teams Meeting Policy.

Using it
Couldn't be simpler.  Microsoft has a dedicated landing page with a user guide

Just start a meeting in Microsoft Teams, click on the ellipses menu button and choose start recording.

I tried Recording in the full Windows client and in browsers including Chrome and Edge and it works the same in all of them.  Sadly the control isn't available in the mobile client (yet).

You also get a privacy policy popup for every participant.  The link is

You can also set a privacy policy that must be accepted before recording starts.

Interestingly, I scheduled a meeting and invited an external participant and saw the ellipses menu so I decided to look.  As you can see below, they get the menu item for start recording, but it is greyed out.  This is the experience if you don't have recording enabled for the meeting policy assigned to your user account.

Anyone who meets the following criteria can start or stop a recording, even if the meeting organiser isn't present.

  • Has an Office 365 Enterprise E1, E3, or E5 license.
  • Has a recording license from an IT admin.
  • Isn't a guest or from another company.
  • Has Microsoft Stream upload video permissions.

You can stop the recording by doing the same, before the meeting ends.

Recording automatically stops once the meeting ends.  You'll see a message in the channel you had your meeting in that recording is being uploaded and will be available shortly.  

Once that's done and it's ready you'll have the playback icon.

Click on the meeting and it opens up the player

Click play and it starts the meeting playback with a summary screen

Then the meeting including all audio, video...

...and content

You can also open the meeting in Stream by clicking on the ellipses menu button in the playback placeholder

Once in Stream you can Like and Share etc

You can also open the ellipses menu and do more, including downloading it

I won't go into all the options.  I just wanted to get a quick post out to give you the basics and let you discover the rest on your own.  Go, discover, play.

You also get an email with a link to the recording which takes you to Stream for playback.  

Before I forget.  Make sure you plan for storage requirements in Stream.  A 1-hour recording is 400 MB. Make sure you understand the capacity required for recorded files and have sufficient storage available in Microsoft Stream.  Read this article to understand the base storage included in the subscription and how to purchase additional storage.

More info:

That's all folks!


Thanks for reading.

If this or any other post has been useful to you please take a moment to share.  Comments are welcome. 

Monday, 4 June 2018

Which Microsoft UC deployment type is right for your company?

Hello Readers.  I hope you're well.  

I like to mix it up a bit with content type on my blog.  Some technical (and hopefully useful), some product review and some (like this one) which falls under consulting or maybe advice.  Whatever you call it, I hope it is useful to you.

I get asked this question almost every day.  How do I choose a Microsoft UC deployment type that's right for my company? 

One thing I'll say right up front is that when I drafted this post last year, Microsoft hadn't yet announced that Microsoft Teams was eventually going to replace Skype for Business Online.  The intention was to compare Skype for Business deployment types.  Because Teams is an eventuality for pure Office 365 deployments, I've had to adapt the post somewhat.

Most organisations have a clear mandate to save money and drive business efficiency.  The best way to do both is to unify your communication channels into a single, easy to use interface.  Skype for Business and Microsoft Teams combines chat, presence, meetings, video, internal and external telephony in one.  This means you can get rid of all of those point solutions such as your telephone system, AV deployment, audio and web conferencing solution and consumer based chat tool.  Consolidation alone can pay for itself quickly.  Removing the complication of multiple, hard to use tools and adding features such as rich presence and real-time collaboration make employees more productive.  Doing both could mean that you actually make money on your investment.

Now that you’ve chosen Microsoft as your Unified Communications (UC) solution vendor, you now need to decide which deployment type suits your company best.

On-premises or Cloud?

The first choice you have to make is whether you want to host it internally on your own infrastructure or consume it as a service, hosted by a 3rd party. 

  • On-premises - If you’ve already made a big investment in resilient server infrastructure and all of your other applications are hosted internally, you’ll probably choose to deploy on-premises.  Skype for Business Server can be designed to support companies of any size, shape and complexity.  An on-premises Skype for Business Solution requires a number of high spec servers to offer all of the features available.  A “one of each” deployment with no resiliency will require a minimum of 5 servers.  Adding in resiliency can make that number grow significantly.  Skype for Business Deployments with Enterprise Voice capability require expert knowledge to support effectively.

  • Cloud – If you’re already starting to move other applications to the cloud, such as moving Exchange Server or SharePoint to Office 365, you’re probably open to using Skype for Business from the Cloud.  Cloud deployments are supported by the provider of the service which means you can focus on your business.  Some solutions, like Microsoft Teams are only available in the cloud and many organisations are already using Teams alongside Skype for Business wherever it is deployed.

Private or public Cloud?

Skype for Business has two distinct product roadmaps.  These are Skype for Business Server and Skype for Business Online.  I've listed Teams under the SfBO banner.  

  • Skype for Business Server can be deployed on-premises or as a Private Cloud instance, hosted by a 3rd party provider.  Skype for Business Server is the full product with every feature available. 

  • Skype for Business Online is a multi-tenanted, Public Cloud version of Skype for Business Server, hosted by Microsoft in Office 365.  Phone System (formerly Cloud PBX) is an add-on service to Skype for Business Online which adds telephony functionality.  Last year, Microsoft announced that their Teams product was to get all of the features of Skype for Business Online including Phone System.  So, although there is no formal end date for SfBO, at some point in the future it will be gone.

Both are Skype for Business, however there are a number of key differences.  Such as; 

  • Feature parity - Skype for Business Online is a solution shared by multiple companies globally.  This architecture introduces a number of limitations in the features available.  Rather than deliver the features as written into Skype for Business Server, Microsoft has built custom add-on solutions that emulate the equivalent Server based feature.  The feature list deficit is shrinking all the time and eventually, Skype for Business Online and Phone System (formerly Cloud PBX) will offer parity or at least the equivalent of parity.  Teams adds a new dimension to this.  Just as Skype for Business Online started with only a basic set of features, Teams also had to start somewhere and then play catch up.  Teams should have feature parity (according to Microsoft's public roadmap) with Skype for Business Online by the end of June 2018 (Q2 CY2018).  By the end of CY2018 it should overtake it by adding additional features that were previously only available in Skype for Business Server (Call Park and Call pickup).

  • Application integration – Skype for Business Server has a rich and mature set of APIs and SDKs that allow application developers to integrate their solutions directly with Skype for Business server and the Skype for Business client.  Applications such as Contact Centre and Recording need deep integration with Skype for Business in order to allow the applications to control the call flow.  This requires application components to be installed directly on the Skype for Business Servers.  Again, because of the multi-tenant nature of Skype for Business Online and because of the number of 3rd party solutions available, it isn’t possible to install these components and isolate them to just a single tenant.  Microsoft is developing a new set of APIs and SDKs which could allow 3rd party developers to integrate their solutions with Office 365.  Microsoft started delivering a new set specifically for Skype for Business Online/Phone System however this stopped following the announcement about Teams.  Microsoft is now working on new stuff for developers for Teams.  It is already possible to build apps that can be added to Teams.  But this doesn't offer the same experience for software vendors.  It could be some while before these new Teams APIs are ready for deployment and it isn’t yet clear whether the solutions that use them will be able to offer the same capabilities as the more mature ones for Skype for Business Server.

  • Connectivity Private hosted solutions are often directly connected to a customer network to ensure end-to-end quality of service for voice traffic.  Skype for Business Online and Phone System is typically used over the internet which means that it isn’t possible to control the quality.  Additionally, most MPLS Wide Area Networks are designed with central internet breakout.  This means that all PSTN voice media must first cross the WAN and then break out centrally.  Although it is possible to get Express Route to connect your organisation to Office 365, it is hard to get it specifically for voice workloads.

  • Resiliency – Skype for Business Online and Phone System is resilient in itself, however private hosted can be made more resilient by utilising features that aren’t available in multi-tenant deployments such as branch survivability. 

  • Support – While the platform for both public and private cloud offerings is managed and supported by the provider of the service, public cloud provider support stops at the platform.  Private cloud providers can provide support far beyond the platform itself, helping with configuration, troubleshooting user issues, problems with software, hardware and even the network.  Public cloud is more self-service based, while private cloud providers are much more hands-on.

  • Cost – Pricing for Skype for Business Online, Phone System and associated add-ons are somewhat fixed at a set value no matter how large the deployment is.  Private hosted solutions can benefit from economies of scale, which means that the per user cost decreases as more users are added.  Additionally, Phone System requires the addition of fixed price calling plans with minutes bundles for every user.  The price for these minutes bundles could be much higher than the typical average spend for each user on a pay-as-you-go model.

What about Hybrid?

There’s a third choice which is a combination of the two.  A Hybrid deployment has a few use cases.  Such as;

  • Geography – If a Public Cloud provider can’t offer the full range of services in every country your organisation operates in, it is possible to augment the service by deploying some infrastructure on-premises or in a Private Cloud in those regions to fill the gap.  This is especially true for the new Direct Routing capability in Microsoft Teams which adds local PSTN breakout for Teams users using SBCs.

  • Controlled Migration – Larger organizations with complex infrastructure spread across multiple sites and with many hundreds or thousands of users require a more controlled migration.  Migrating large, complex infrastructure usually requires a period of coexistence with users on both platforms.  Deploying on-premises or in a private cloud infrastructure can facilitate this coexistence between the PBXs and the hosted service.

  • 3rd party integration – It is not always possible to directly integrate 3rd party applications or systems with Public Cloud based services.  For these situations it is necessary to deploy some infrastructure on-premises or in a private cloud to integrate into these applications or systems and then integrate this infrastructure with the Public Cloud service.

  • On-premises Dependencies – One of the last steps in migrating a telephony service is to move the numbers that feed into the system.  If you have months or even years left on your line contract that prevent you from porting numbers, you could use on-premises infrastructure to use these lines to deliver on-premises calling capability to users in the Public Cloud.

  • Different workloads for different users - A lot of companies are using Skype for Business and Teams side-by-side.  They use Teams for team based collaboration, chat and meetings in context with the content.  Some have a mix of users.  Some prefer the simplicity of the Skype for Business client and others need the richness of Teams and all it can do.  I know there is no end date for Skype for Business Online, but at some point it will be gone and all users will have left is Teams.  Hybrid could be a good option for companies that want choice after the decision has been made for them.

In Summary

If you’ve already invested in internal infrastructure and you have the capacity to host the required servers with a level of resilience that meets or exceeds your expectations, then an on-premises deployment makes perfect sense. 

If, on the other hand, you’re faced with the decision of a hardware refresh to add more capacity or you’re already starting to move services to the cloud, then a hosted model is probably for you. 

If you need a best of both, a mixed estate, integration for cloud users or just choice, a hybrid is definitely for you.

Whatever deployment method you choose, you’ll definitely want to work with an expert partner that can help with everything from assessing the network, user adoption and training, set-up and configuration, user and service migration to business as usual.  Working with a partner will help ensure a successful migration to unified communications.

That's all folks!


Thanks for reading.

If this or any other post has been useful to you please take a moment to share.  Comments are welcome.