Teams encrypts all communication by default with industry-standard technologies including Transport Layer Security (TLS) and Secure Real-Time Transport Protocol (SRTP). By default TLS authenticates all traffic and encrypts them. SRTP is used for media traffic and also encrypted. And by default they are definitely Trustworthy and this end to end encryption is definitely not required unless there is a specific business case.
Last month Microsoft announced the public preview of the end to end encryption as per this blog
The goal of end-to-end encryption is to prevent data from being read or secretly manipulated by anybody other than the sender and recipient. The sender encrypts the calls, chats & files, but the third party or even the service provider has no way of decrypting them and stores them encrypted. The recipients obtain and decrypt the encrypted data on their own.
There may be a situation when a few participants are dealing with business-critical data or sensitive information, and they want more increased security to meet their compliance and regulatory obligations. In some circumstances, end-to-end encryption can be used to accommodate those scenarios, and it can be enabled exclusively for those users who are specifically targeted.
Dynamic emergency calling assists in routing calls and notifying security personnel during an emergency scenario based on the location of the Teams Client. Earlier this setup was working on Microsoft Calling plan and Direct Routing. Now with Operator connect being public GA this is a mandatory prerequisite before enabling them on the Teams Admin Center.
The dynamic emergency calling works completely with the help of the Location information service. The Location Information Service (LIS) delivers geodetic (latitude/longitude) or civic address location information. The LIS is used by emergency services to make location-based call routing decisions and to properly locate callers for dispatch. LIS addresses the intermediate solution for providing e911 service for users of VoIP telephony.
Microsoft Teams uses this same LIS based on the Network Topology Information. This is collected from the Teams Client location data which works based upon two information
With Operator connect we will be able to manage partnerships with our local telephony providers and provide telephony features to end users in Microsoft Teams. We can evict the need of managing & maintenance of SBC locally in the datacenter unless we have some specific requirements for routing calls to another ip-pbx environment within the organization .This is a big advantage for customers who want to go completely to the cloud and eliminate their on-premise dependency.
Microsoft recently announced Operator Connect to be General and it can be a good start for organizations which has less dependency on legacy PBX integrations in their environment. For instance when a customer having only Skype for business, SBC and a SIP Trunk with their local telephony provider in their current configuration can easily think of moving this enterprise voice service to cloud easily by benefiting the operator connect service.
At the moment of writing this post there are 22 operators present in this program which supports upto 60 regions all over the world with Microsoft and the list can definitely grow in future. In this blog we will run through the steps to enable operator connect and the steps to enable them with the provider NTT.
Below prerequisites are required fromOffice 365 tenant to evaluate the operator connect service:
Users must have minimum E1+Phone System, E3+Phone System or E5 License.
All these users leveraging the operator connect service must be in Teams Only mode.
Emergency Address must be created and assigned to these users.
In our case we are testing from the location Netherlands and hence we have only Netherlands defined as Emergency address.
A content camera can be used with a Microsoft Teams Room system. A content camera collaborates with image-processing software and a whiteboard to enable a presenter to draw on an analog whiteboard and share the content with remote participants.
In this blog we will run through the steps to enable content camera on Teams Room Systems.
There are few prerequisites that needs to be prepared before trying this setup:
This content camera should be pointed at the room’s whiteboard. Please keep in mind that content camera has physical infrastructure requirements that must be considered. It’s usually a piece of equipment (a supported content camera) that hangs from the ceiling and faces the whiteboard.
The writing board must be mandatorily white in color. Other colors are not supported.
A supported content camera as per Microsoft Recommendation on this link needs to be used mandatorily for this functionality.
The camera’s positioning is influenced by the size of the whiteboard used for sharing. The following are some suggestions for board size from Microsoft:
3–6 ft. (0.9–1.8 m) wide — Supported best suited for medium sized rooms.
6–9 ft. (1.8–2.7 m) wide — Recommended best recommended for medium-large rooms.
9–12 ft. (2.7–3.6 m) wide — Supported suitable for board rooms.
Above 12 ft. (3.6 m) wide — camera covers 9–12 ft. (2.7–3.6 m) and crops the rest.
The camera can be placed up to 6 in. (152 mm) above the whiteboard’s top and centered on the whiteboard.
In the current scenario most of the Organizations are running Teams Room systems as their meeting room solution from their Offices. Few of their customers, vendors and partners host their meetings from Zoom ,WebEx or other meeting solutions. In these unique circumstances, we will be hitting in a scenario where there are people attending the meetings from Teams Room from our organization and the meeting sent by vendor or a customer might be Web-Ex or Zoom.
Knowing this requirement Microsoft released a supported Teams App version in the mid of last year for the Room Systems to join Cisco WebEx Meetings from a Teams enabled room system with the direct guest join. Later this option was extended to attend a Zoom Meetings as well from the Teams App version 220.127.116.11. We’ll walk through the procedures to enable Teams Room Devices to join the 3rd party meetings Cisco WebEx and Zoom Meetings.
There are few prerequisites to be met in order to join WebEx and Zoom Meetings from a Teams Room System
Make sure the WebEx and the Zoom Meeting URLs are fully whitelisted in your proxy and in your network to fully support this scenario.
Configure Office 365 Threat Protection and Link Rewrite exclusion list for WebEx and Zoom Meeting URLs.
Configure your Room Mailbox to automatically accept and process the invitation from Zoom and WebEx.
Configure this settings in your Room Systems devices , so that they are ready for this functionality.
To make this work for the Room Mailbox Connect to your Office 365 Exchange Online Tenant and check for the current setup for accepting the meeting room from a 3rd party meeting invites by running the below command.
One of the new feature that was announced in last week for Teams Rooms update was an option to directly cast your content from the mobile device without setting up a formal meeting. This is really beneficial when we need to share some thing directly from our mobile device to the participants in the meeting where we have a meeting room involved as a participant.
To start with utilizing this feature the Microsoft Teams App must be installed on your mobile , Bluetooth must be turned on , both the mobile device and the Teams Room system must be connected to the same network. At this moment the Teams Room must be running on Windows and must be within 10 meters range from the mobile device.
Its very easy to utilize all we need to to is open Teams App on the device – Go to the more option and click on Cast your screen
Once after we do that we are prompted with the below screen and all we need to do is just click on get started.
As we all know the basic authentication will be retired for Office 365 sooner and its high time for us to enforce Modern Authentication on all clients. When most of the organizations have already enabled Modern Authentication which is a good sign. However there are cases where the modern authentication cannot be interactive for the 2nd factor authentication ,needs some planning on those special cases and they have exceptions. For instance Room Systems they are having resource accounts with Teams Enabled and Exchange Online where these resource accounts cannot have modern authentication enabled with MFA like normal user accounts to approve for the 2nd factor authentication.
Post Microsoft Teams Room App version 18.104.22.168 we have the option to enable Modern Authentication on the devices capable of hosting Microsoft Teams Meeting. The account management of the Teams Room devices is set at the application level.
Continuing the previous article now we’ll go through the next steps that is required to complete the enterprise voice configuration. Now we have setup the AudioCodes SBC , configured SIP trunk from Office 365 to SBC the next step is to setup PSTN trunk from the SBC to the Telephony Provider.
If there is already an existing setup then this part is not required because the configuration will be already present in that case. In this article we will have a look at how to configure the PSTN Trunk for a new telephony provider.
There are multiple PSTN Sip Providers that we can use to complete this configuration. In our case we have chosen Telnyx as the PSTN Sip Provider for this demo purpose. They provide us the flexibility to purchase numbers as low as 10 USD and hence have chosen this for our testing.
Over here we are not going to deep dive much into Telnyx configuration since our task is to create a PSTN Trunk between them and our SBC. So we will go through only the steps that is required to complete the Direct Routing Configuration.
The moment when we subscribe with Telnyx they provide an advance credit of 10 USD and a portal like below. As per the Telnyx documentation we need to create a new SIP connection to our SBC in the below section where we could see they have a SIP connection with their backend system as a default setup.
Microsoft Teams Room devices are a great way to have virtual meetings that provides us a amazing meeting experiences. This especially helps a lot in sharing content, collaborate easily and increases the work efficiency more subsequently by viably utilizing the Microsoft Teams Meetings. Surface Hub 2s have been a great fully integrated windows device capable of organizing the remote meetings, enhanced collaboration with the white board and provides great video quality with its astounding 4k camera.
So as per this article the Surface Hubs that are running Windows 10 Team OS version RS2 (build 1703) might reach end of support by March 16th 2021. So here we will go through the steps on how to update the Surface Hub 2s devices that are currently running Windows 10 Team OS version RS2 to Windows 10 Team OS 20H.
As per this article there are 3 options to achieve this via Windows Update, Windows Update for Business and Bare Metal Recovery.
When we enable Teams for Skype for Business Hybrid users the final stage of action is to move the actual on premise Skype for Business Account to Office 365 to make them to Teams only mode. As more organization are adopting the Microsoft Teams in a full fast track approach the last stage of migration is to move all the local accounts to Teams Only Mode.
This script will help in moving the users on batches to Teams Only Mode from an input csv file. It also provides the time taken to complete the batch on screen once the migration is completed.
I'm a Certified Microsoft Infrastructure/Cloud Architect with hands-on 14 years of International proven experience in Planning, Design, Execution, Integration, Operations, IT Management specialized in Messaging Platforms Microsoft Teams with Telephony, Skype for Business Voice, Microsoft Exchange, Intune Deployment, Microsoft Azure Infrastructure, and Cloud Security Implementations.
Over time have developed complete IT Implementation skills on Microsoft Infrastructure/Cloud projects within Multinational, Government, Construction, Leisure & Entertainment, Production, Automobile & Financial Industries.
I can be contacted through email firstname.lastname@example.org or through mobile +31 62 050 6978