The Survivable Branch Appliance is a purpose-built appliance to increase voice resiliency in branch-office scenarios. Built by Microsoft UC partners, this appliance is a blade server that is running Windows Server 2008 R2 and the Microsoft Lync Server 2010 communications software Registrar service and Mediation Server role with a public switched telephone network (PSTN) gateway in a single appliance chassis. In addition to dedicated appliances that are provided by Microsoft UC partners, customers have the option to install the Lync Server 2010 Registrar service and Mediation Server role on Windows Server 2008 R2 to provide the functionality of a dedicated appliance.
This article also provides an overview of the Survivable Branch appliance, pre-requisite steps for configuration, and considerations for both deployment and management after installation.
Author: Wayne Filin-Matthews
Publication date: November 2010
Product version: Microsoft Lync Server 2010 communications software
To provide communications resiliency for branch offices, Microsoft Lync Server 2010 introduces the new Survivable Branch Appliance role and the Survivable Branch Server role. The Survivable Branch Server is a standard Windows Server 2008 R2 Server with the relevant installed components. The Survivable Branch Appliance is a physical appliance provided by Microsoft UC partners. The Survivable Branch Appliance and Survivable Branch Server are targeted for branch office scenarios to provide high availability to the majority of Lync Server services (particularly Enterprise Voice) in the face of network connectivity failures in the primary site where Lync Server is deployed.
The Survivable Branch Appliance is built with an ISDN card and the following Lync Server roles.
The Survivable Branch Server is pre-installed with Microsoft Lync Server 2010 Registrar and Mediation Server components on Windows Server 2008 R2. AudioCodes, Dialogic, Ferrari electronic AG, HP, and NET have all announced survivable branch appliance products that are supported by Lync Server.
For more information about Microsoft Partner Solutions, see, Microsoft Unified Communications Open Interoperability Program.
Understanding when and where to deploy the appliance or server is an important part of the architecture design phase. Figure 1 shows both the physical placement and the logical placement of the appliance in relation to the location of each branch office site.
The Survivable Branch Role, both appliance and server, is one of the only roles within Lync Server that is not supported running virtually on Hyper-V or partners virtualization solution supported by the Software Virtualization Partner program (SVPP).
Figure 1. Unified Communication network topology with enhanced media gateway for connectivity to PSTN
The Survivable Branch Appliance itself is supported directly by the vendor; customers have the option to have the partner support and update the appliance with relevant Windows and appliance updates or give the updates to the customer directly to implement and support.
Adding a Survivable Branch Appliance to your environment involves the following process:
1. Configure appliance networking.
2. Join the appliance to your Active Directory Domain Services.
3. Define the branch office sites within the topology.
4. Publish the newly configured Survivable Branch Appliance components by using Topology Builder.
5. Hardware Installation (refer to manufacturer's guidelines).
6. Configure the Survivable Branch Appliance (refer to manufacturer's guidelines).
7. Home users on the Survivable Branch Appliance.
Survivable Branch Appliances that are shipped usually includes all the required software be pre-installed. Following is how you can check whether your Survivable Branch Appliance has the software pre-installed as shown in Figure 2.
1. Check the Program menu on the server to see if Lync Server components are installed.
2. Click Start, Programs, Microsoft Lync Server 2010.
Figure 2. Check Survivable Branch Appliance pre-installed
Note If Lync Server doesn't appear in your Programs menu, you need to run setup for the Survivable Branch Appliance. To do this, see Lync Server UA documentation in the Technical Library.
Configure the IP settings for the Windows Server 2008 R2 blade that runs Lync Server Registrar service and Mediation Server. To complete this step, see the manufacturer's guidelines.
When the previous steps have been completed, the Survivable Branch Appliance must be joined to the Active Directory domain. Following are two ways that the Survivable Branch Appliance can be joined to the domain.
Option 1: join the Survivable Branch Appliance from Active Directory User and Computers or the command line:
1. Log on to the Survivable Branch Appliance as a member of the Administrators group.
2. Ensure you have network connectivity with the central site where Lync Server is deployed.
3. Create a new computer object in Active Directory services, and then add the new object to the RTCUniversalReadOnlyAdmins group.
4. Open a command prompt as an Administrator from a domain-joined machine and then type dsadd computer ComputerDN.
5. Type dsmod group RTCUniversalReadOnlyAdmins -addmbr, and then type dsmod group RTCUniversalReadOnlyAdmins -addmbrComputerDN.
6. Add the RTCUniversalBOATechnicians group to the local Administrators group.
Option 2: join the Survivable Branch Appliance from the Survivable Branch Appliance manufacturer's user interface. (The following example is taken from the AudioCodes Survivable Branch Appliance Mediant 1000, Mediant 1000 MSBG & Mediant 2000.)
Figure 3. Domain setup from the AudioCodes SBA Mediant 1000, Mediant 1000 MSBG & Mediant 2000
The purpose of creating Branch Sites in Topology Builder is to identify and publish branch offices where the Survivable Branch Appliance will be installed to provide voice resiliency if there is a WAN failure; see Figure 4. Create branch sites by using the following steps.
1. Open the Topology Builder by clicking Start All Programs, Microsoft Lync Server 2010, and then clicking Lync Server Topology Builder.
2. In the tree view pane:
1. If you've used the planning tool to design your Enterprise Voice topology, expand the Branch Office Sites node, and then expand the name of the branch site you previously specified. Next, go to step 3.
2. If you didn't use the planning tool, right-click the Branch Office Sites node, and then click New Branch Site.
Figure 4. Defining branch office sites in Topology Builder
3. Next, perform the following:
4. Click Next to create the branch site, and then start the SBA Wizard.
5. Repeat the steps 1-4 to create more branch sites.
1. In the Define Survivable Branch Server dialog box, type the FQDN of the Survivable Branch Appliance you will deploy at this branch site in the System FQDN field. The FQDN of the Survivable Branch Server will have been defined previously, usually by the Architect or Systems Administrator as shown in Figure 5.
Figure 5. DNS Fully Qualified Domain Name Definition
2. Figure 6 will then appear. Select the Front-End Pool that will be used by this Survivable Branch Appliance, and then select the front-end server in the central site that the Survivable Branch Appliance will connect to.
Figure 6. Aligning the Branch Site to the relevant Front End Pool
3. The dialog box as shown in Figure 7 will then appear; select the front-end server in the central site that the Survivable Branch Appliance will connect to.
Figure 7. Defining the Edge Server to the branch site
4. Click Next.
5. In the Gateway FQDN or IP Address field, type the FQDN or IP address of the gateway this Survivable Branch Appliance connects to if the connection to the central site Mediation Server is unavailable. The gateway selection should be based on the local gateway that is deployed in the branch office where the Survivable Branch Appliance will be deployed.
6. In the Sip Port field, type the port number of the gateway that will listen for SIP messages coming from the Survivable Branch Appliance.
7. In radio options, Sip Transport Protocol, select the transport type the Survivable Branch Appliance for your purchased supports as shown in Figure 8.
Note For security reasons, it is strongly recommended that if you deploy a Survivable Branch Appliance that it supports Transport Layer Security (TLS).
Figure 8. PSTN Configuration Definition
8. Click Finish.
9. Publish the topology.
Users that reside in the local branch office should move to the appliance to help ensure that access to voice services are not disrupted if there is a network outage between the branch office and any central site where the central Lync Server servers are installed and configured. Before moving users to the Survivable Branch Appliance, ensure that all the following are covered:
1. The appliance is up and running, and connectivity to the PSTN through the gateway is configured. You can verify this by initiating a call by using a test account homed on the Survivable Branch Appliance or by using the cmdlet Test-CSOutboundPSTNCall.
2. Make sure that users who are homed on the Survivable Branch Appliance are configured with the appropriate Voice Routing Policy. For more information, see the "Configuring Voice Policies, PSTN Usage Records, and Voice Routes" section of Lync Server 2010 Deploying Enterprise Voice.
3. Configure the Voicemail Rerouting settings. For more information see the "Configuring Voice Policies, PSTN Usage Records, and Voice Routes" section of the Lync Server 2010 Deploying Enterprise Voice.
After you have verified that the Survivable Branch Appliance is up and running and PSTN connectivity is configured, you can home users on the Survivable Branch Appliance. You can do this with either the Microsoft Lync Server 2010 Control Panel or the Move-CsUser cmdlet.
Customers have the option of deploying a Survivable Branch Server. This is a standard Windows Server 2008 R2 server with the Survivable Branch Server software installed and published through Topology Builder. For more information, see the Lync Server UA documentation the TechNet library.
The following table describes the prerequisite software that needs to be deployed on a Survivable Branch Appliance that doesn't have software pre-installed.
The operating system must be 64-bit Windows Server 2008 R2.
The following Windows Server 2008 R2 roles and features MUST be enabled on the operating system of the Survivable Branch Appliance as shown in Table 1.
Table 1. System requirements
Operating system component
Windows PowerShell 2.0.
Available by default on Windows Server 2008 R2.
Required to manage Microsoft Office Communications Server configuration. Can also be used to further automate Office Communications Server setup and deployment tasks.
Apply the update Windows6.1-KB974372-x64.msu from: Code Gallery (MSDN): http://code.msdn.microsoft.com/KB974372
Required by Communications Server Call Detail Recording and Archiving agent to queue call detail records and archived instant messages to. These records are then read by the Call Detail Recording and Archiving servers in the central site.
The addition of both the Survivable Branch Appliance and the Survivable Branch Server helps ensure that customers can keep important communication links open if there is a WAN failure. The introduction of the Survivable Branch Appliance role with Lync Server helps ensures that collaboration between branch sites can be maintained and the following functionality can still be maintained:
To learn more, check out the following articles:
Keywords: Branch, Appliance, Resiliency, UC, Partner, Discovery, Communication, Survivable
What type of Licensing should be purchased with one of these devices?
For Lync only the FE servers are licenced the appliance itself is procured directly at cost from the vendor with no licence implication for Lync Server itself.
For the SBS Server role (Not appliance) then Windows is licenced only and no requirement for addtional Lync Licences as this is covered by the FE licence costs.
Does the Survivable Branch Appliance support "session preservation"? i.e. Will on-net calls in progress seemlessly continue in the event where network connectivity fails at the primary Lync Server site?
Hi Thomas the session will be preserved for the calls in progress on SBA even if the network connectivity with the primary site is down, only for the P2P calls, Lync to PSTN calls at the branch office, calls which are P2 P but with the Lync client at primary site will be dropped as the WAN will no longer be available.
Wayne, somwhere in your reply I know there is intended punctuation - a period perhaps - but I think I get the general gist of what you are conveying. Thank you!
What is difference between Survivable Branch Server and Standard Server?
Should I also do Updates on the SBA (I have two from Audiocodex) ? And how should I do it, like i do it with the other LyncServers?
the NET UX SBA's have a single Web UI interface for the gateway/sba so you never have to RDP to the server to setup the SBA thought a diffeent management interface, the ease of setup is tremendous with one interface
I am using a SBS agaist a IPT service provider, that requires that REFER support is turned off.
Is that possible on an SBS ?
I am using AudioCodes Mediant 1000B, when process the MCS Certificates get the following result.
Request-CSCertificate failed. WARNING: Detailed results can be found at "C:\Windows\TEMP\Request-CSCertificate-be539922-5de5-4e4b-b799-d9585a888410.html". Command execution failed: The computer does not need a certificate for the usage type Default. Check the
services and components hosted on this computer.
I cannot found any suggestion for this message "The computer does not need a cerificate for the usage type Default".
I also experience "The computer does not need a cerificate for the usage type Default".. Have you managed to find something?
Is the Survivable Branch Role supported as a VM in Lync 2013?