About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2016) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.


SBA and RGS Central Site Down

This is an old fix to an old issue.  But, I ran into it again, and was obliged to explain to my customer the what and why of SBA and RGS in a central site and how to get around the RGS going unanswered if the central site is down. So, in the midst of doing that, I also created some documentation which I thought I would share.  


SBA can terminate a local call, but if the call is destined for an RGS workflow, and the central site is not available for any reason, then the call will fail.  


The SBA can answer the call at the gateway routing level and at the mediation server level, but when the incoming DID is resolved, the system needs to send the call up to the central site to the RGS workflow because the RGS SIP address matches the incoming DID.

SBA does not handle RGS, so therefore the call needs to route up to the central site FE pool for handling; but the central site is not-available; the call fails.  


There are two possible fixes for this:

First, SLA can be used, or delegates. However, if there are more than a few account involved, this becomes somewhat onerous. It is also possible to use an ExUM AA, but usually the SBA site will not have an Exchange services, so while this might answer the call, in the end the caller will not reach the proper resource because of the central site outage.

Second, creating a dummy account with simulring for all hours. The call will come into the SBA, and then user is local, then the user connection is initiated. If the simulring is enabled for all hours, the call will simulring up to the RGS workflow. The RGS workflow will answer and route the call according to the workflow setup.

I guess there is a third option – put a full user pool in the site instead of the SBA – but this then becomes a cost/benefit ratio analysis that I am not prepared to go into here.  Suffice it to say that when faced with an SBA request, I can honestly say that 100% of the time I bring up installing an SE for the site.  Just sayin’  


Customer has existing RGS, which has an e.164 DID, which is routed inbound on a PRI that is handled by the SBA. During central site outages, the RGS inbound call fails. Customer wants the RGS call to be handled by an SBA local user until the central site becomes active. Customer is OK with notifying a user at the SBA site to login to a second account to answer the calls during the outage.  

Process to follow:

  • Identify the dummy account e.164 number then create dummy account in AD.


  • Create SIP account for dummy, registrar is SBA (not the SE as shown). Enable for Enterprise Voice.
  • Identify RGS workflow e.164 and assign to RGS workflow


  •   Open dummy account and setup for simulring to the RGS workflow. You can also accomplish this sub-task with sefautil.
  • clip_image003Test

Follow-up tasks:

1. Identify personnel at each SBA site to be prepared to login as the dummy acount from a full SfB client to handle calls in outage.

2. Possible alternative is to put a phone device on the network somewhere in the SBA site and have the *operator account login and stay logged in – and the training would be to answer that phone if needed.

An alternative to #2 is to just have the phone device available and login as needed (my personal choice).

If #2 is the route chosen, then you would be advised to set a ext= format and PIN on the account so that login process would be ext and then PIN.


I have show the what and why and how of SBA/RGS/Central site outage and suggested a way around your RGS not working in that scenario.



AudioCodes SBC 7.2 firmware

Most of my customers use AudioCodes appliances in their Skype deployments in one form or another; SBC, analog gateways, recording, management, phone devices.  So, when AudioCodes announced that SBC 7.2 firmware is now GA, I had to go get it.  I won’t bore my gentle readers with the exhaustive listing of the 30+ enhancement and session capacity updates – the document that outlines that stuff is 70 some pages – and I had to buckle down to get the entire thing digested.  Suffice it to say that this is a big update.  What I am really interested in is the promised GUI changes and the “click the GUI to configure” claims.

Having downloaded it the other day, I  upgraded the firmware on my Mediant 800 SBC and started kicking the new tires a bit.


OK, file loaded.  28.8MB of spotless CMP file.  I guess I will click on the “reset” button and hope I don’t have to figure out the “reset to factory” option I think might exist.  Well, I clicked the “reset” at 1309 PST…and waited.


The Results are In

After picking my teeth and looking at some Olympic Games results, at 1317 PST I am able to login to the upgraded SBC.  I think the watchword here is PATIENCE.  This is a total update for your firmware.  8 minutes of patience is not too much to ask for, right?  And, we have the new goodness that was advertised:


Let’s open a few pages to see if the advertised goodness actually is goodness and not pure market-speak.

A few minutes pass – did you sit here reading this same sentence in a loop or did you check those Olympic results for yourself?  Alright, I have poked around a little.  Things in general are the same…but some things have moved.  Not a huge issue, but it will take a bit of adjustment/learning.  The overall look and feel is certainly AudioCodes, yet refreshingly updated.  Like the header CSS?? layout…


And the promised GUI view of the relationships is certainly there also – very helpful for those of us with limited brain capacity.


And as further advertised, clicking an element in the Topology GUI view as shown, does indeed dump you into the tree to configure the element you selected.  Maybe now even *I* can figure this thing out, eh?  And while I am saying nice things, the linking between configuration elements along with “EDIT” right next to the element you want to change is….very welcome.

1.5 “not so nices”

While I am at it, there is a sorta not so great thing.  The old GUI used to have the type of device shown at the top of the page – that seems to have gone away.  I forget what I am doing very easily, and it was nice to have the reminder of what device I was accessing.  And no analog gateway version (boo hiss).

Two more “nices”

One nice thing, well, actually two – is that when you change something, the “SAVE” selection on the top row gets a red box around it.  And (genuflecting towards Tel Aviv) when you resize your browser window, the contents shuffle and resize.  Finally.



A big update for the AudioCodes SBC – it took a bit of time for the “burn and reset” but my SBC came back to life without losing a single iota of configuration.  The topology click to configure part is really nice.  I sure wish they had a version for my MP118FXS gateway.  Overall, I think this update is a winner.  Login to your AudioCodes account and get it today!



Logitech h650e v h570e

In my goody box that arrived about a month ago were two Logitech headsets.  Wired, stereo – well-built pieces of kit that work with SfB/Lync right out of the box.

image_thumb2<—H650e v H570e –>image_thumb3

Don’t they look just about the same in these high-quality graphics?  Maybe some color differences…and the mic booms look a little off.

What does Logitech Say?

Here is the official market-speak for each:

H650e Stylish and Sophisticated Headset with Pro-Quality Audio and H570e Comfortable, Resilient Headset in Stereo or Mono.

Other than price, what is the difference between these two headsets?  After an examination of the datasheets for each unit, it appears that the differences are:

  • In-call LED indicator light (h650e)
  • Flat no-tangle cable (H650e)
  • Dynamic equalizer (H650e)
  • Premium velvet bag (H650e) – oooh aaaah  
  • The headphone speakers are different – the H570 actually has (IMHO) better specs in terms of frequency response – and the THD is listed as only 1% difference – which you and I cannot differentiate.  The H570e specs are listed on the right side.

image_thumb image_thumb1[1]

How do they feel clamped to my gourd?


The H650 feels better on my hat-rack.  But this is totally subjective (I put them on the cat too; that did not work well).

Which plays better Musack?


H570e, hands down.  To my ears at least.  This is somewhat indicated by the frequency response numbers as the bass/mid-range is much fuller on the 570 than the 650.  But why check this?  Because I do listen to music during the day, and if, gawd forbid, that I am in an office setting, I don’t want my choice of tunes to intrude on my co-workers.

SfB Connection

Hey, you knew I would get to this.  After all, we are in business and what better tool to use for your business communications than Skype for Business.  And to get the most out of that experience, you are going to need a high-quality headset.  Sure, you could run down to the local bodega and pick up some POS for $19.99, but you will not be getting DSP, wideband, noise/echo cancelling pieces of wonderfulness to match up with the goodness that is SfB.  OK, </rant off>

Bottom line, both of these headsets, like everything else that Logitech makes in this category, plugs in and starts working.  SfB did not even blink the screen.  It just used them like they were built-in.  The inline controls worked as expected.  I had three plugged in at one time and could flop my audio around amongst them no problem.  Simply put, these headsets work with SfB as expected with ZERO hassles.  Perfect.


If you are purchasing for a number of users, I would get one or three of each, and let the users pick for themselves.  I would think that your system provider can probably get you some demos to try out.  Or you could just blanket buy.  Either way, you cannot lose picking one of these two headsets.  As a side note, Logitech also makes these units in single ear, but who wants that?

You can get your H650e here


or H570e here



AudioCodes IP Phone Manager Express

Yes, Matilda, another supporting software piece to examine and run through the Tsoorad Lab Experience.  This time AudioCodes released a FREE tool to help you manage your AudioCodes phones.  Previous to this, the AudioCodes EMS required some cabbage up front; this tool is FREE.  Up to 500 managed devices.  No SBC, SBA, or MPxxx management, but hey…

The EMS package allows you to manage all of the AudioCodes family, SBC, analog gateways, 4xx phones, and SBA’s too.  The IP Phone Manager Express does just the phones.  But, this may be very attractive to you.  Let’s take a look.

You can download right here. The basic documentation is included in the download.  The installer, once you have a suitable host SERVER, runs with zero issues.  I would think that something like this tool would be perfect for running on a workstation, but that is not what the documentation calls for.  To whit, the IP Phone Manager Express calls for a clean install of Server 2012R2.  Hmmm.  I suppose you could run this on a virtualized instance on your workstation…I, of course, am running it in virtual in my lab.  I also ignored the resource allocations called for in the documentation.  I used a single core and 2GB, and things appear to be hunky-dory. I imagine if you need to manage more than a few devices your resources might need to increase just a tad.

Here is the official market-speak on the features:


Also note that AudioCodes thinks that you can step up to the “Pro” version (part of the EMS) with one button click.

You can download the applicable documentation here.

For a quickie comparison of the different flavors offered, take a look at this.


The Install

</Rant> I would like to see this tool run on something other than a brand new server.  I see SQL Express and IIS getting installed…isn’t there anyway to get this running on something other than a new build? Not everyone has an environment leveraging Datacenter where you can load up as many servers as the hardware will handle Using an existing server would make this tool really free instead of incurring the server license. Or work out a way to get this into an admin workstation?</rant off>

I built on a clean 2012R2 server, patched (250+ of them – yikes!) it up to snuff, and then simply executed the installer.  I think I may have clicked on a few license boxes or “yes” selections, but I did nothing other than defaults.  It wanted a reboot.

After reboot, you can go to http://serverIP/IPP and you are in.  Install done.  Even I got it right the first time through.  That will change in the next section.

The Configuration

Note:  some manual editing of cfg files is needed.  For some weird reason, notepad on my server presented the cfg files as one long line.  Yucko.  I installed Notepad ++ and it worked as expected.  Don’t know what the issue is, but I know how to get around it!

Following along with page 13 of the aforementioned admin guide, I modified my DHCP server to present option 160 as follows:


If you are modifying a previous entry for your AudioCodes deployment, be aware that the previous entry was most likely FTP, not HTTP.  Ergo, my comment from above.  Using FTP (like I did) results in things not working as expected.  OOOPS.  This time I even read the documentation first, and yet I still managed to screw it up.  Just a heads up.  I know that my gentle (genteel?) readers would never make such a sophomoric mistake.  I also took the liberty of restarting the DHCP service to make sure things were right.

Back to the voluminous instructions on page 13, plug in your phones.  In my case, being POE, I just pulled the Cat5 and replugged it effectively restarting the phones.  After you get this tool setup, you will be able to perform that magic trick remotely to every phone in the org.  You can send messages to the individual phones - the practical joke prospects are endless.

Look and Feel

Pretty slick.  I might suggest changes to some of the GUI, but in the overall scheme of things, the entire tool works really well.  The navigation tree on the upper left gives access to everything, but you can do the clickety thing on various elements on the center and right sections and that works equally well.  Being able to do mass actions is an enormous plus.

Here is my new tool.  Use the secret squirrel code from page 13.  And then change it to suit your security policy.  You do have a security policy, right?


At any rate, here is our interface in all its glory.


I think the buttons in the middle could be a different size… but the automatic refresh makes up for it.  Note that I have the one 420HD phone registered.  Interestingly,  the IPP Manager ships with firmware files… and apparently the 420HD.img that came with was newer than what was on my phone.


I noticed this because as the phone was booting, it flipped into upgrading its firmware.  Nice, in some cases.  Maybe not so nice in others.  Just something to be aware of, I guess, if you start doing magic tricks in the middle of the day.

I downloaded the newest 405 IMG available, changed it’s name and pushed it up there for my 405 to discover when it restarts.  I have cleverly avoided that moment until now, because I want to use it as the demo for this article.  Here is the 405 before restarting it to pick up the new DHCP Option 160:


Note the firmware version.  And the incorrect Option 160 information.  You can’t see it, but rebooting the phone at this point resulted in the phone snaking the new firmware and working through the process to update itself.  And now we have this:


And in the IPP Manager we now have two devices – the unregistered part means that no user is logged into the phone.


If you get the dhcpoption160.cfg file correct (and use HTTP not FTP) rebooting phones will result in them showing up in the interface – its as easy as that.

Now What?

Log in to the phone silly!  IPP Manager handles the device…SfB/Lync handles the users.  Using the phones’ web interface (which, btw, you can access right from the IPP Manager), I did an extension+PIN login, and now we have this:


Update Firmware

One of the nice things here is that system-wide firmware updates can be done centrally.  Upload the new firmware file..


and tell the phone to update…


There might be a better way to accomplish this task, but, gee, it worked for me.  You could have a boatload of one model, upload one file, select the appropriate checkboxes, and tell them all to reset at once. At any rate, we now have two devices, both operating the same firmware whereas before we had two different firmware versions.


Configuration Files

You can work with configuration files en masse, or individually…If you need to see what a configuration (cfg) file can do, take a read of this document, or go searching for LTRT-11950 which will probably require a visit to www.audiocodes.com.




If you have more than a few Audiocodes phones, or even if you do have only a few phones, the new Audiocodes IP Phone Manager Express is a great piece of kit.  It does, however, require a server platform – but you can get around that with some virtualization.  Offering one-stop device management and visibility into the devices without having to go to a user’s desk, the IPP Manager can streamline bulk operations or allow you to get as granular as you want.  Just the firmware tracking and updating makes it worth looking closely at this tool. I would like to see it run direct on an existing server and not require its own server; ideally it would be nice to have it run on a desktop.  But, even with the implications of needing a server, free is a very good price.

I guess to be fair to all the other systems out there, I should mention that this tool manages Audiocodes IP phones, and is not restricted to just SfB/Lync environments – but why would you want to use another VOIP solution other than Skype for Business?



YADR–Logitech H820e (dual)


I had forgotten.  Back a few years ago, May of 2013 to be exact, I reviewed this headset.  I used it for a few months, and then other headsets came and went, and I kept going back to it.  About a year ago, it broke.  Not the headset’s fault, but a *&^%$# cat incident.  So I used other solutions.

The other day a box showed up with some new toys from Logitech, and one of them was a squeaky new Logitech Wireless Headset Dual H820.  DECT.  No software needed.  Plug n Play.  And no, not Plug n Pray, it really just jacks in and works.


Here is the official Logitech market-speak

SfB Connection

I have to say something.  uhm… it works perfectly.  Optimized for SfB/Lync, certified on the OIP.  What else can you say about a product that plugs in and your application goes “blink bonk” and starts to use it?




Much as I remembered, oh so nice.  No wires tethering my skull to the laptop. I consider this to be a HUGE plus.

Audio Quality

Dang but this is a nice piece of gear for voice. And with the slider in the WB (as opposed to NB) wowzer!  For the unwashed, WB and NB is Wide Band and Narrow Band.  In the DECT world, this somewhat equates to signal quality and range.  And maybe battery life.  Music is pretty excellent also. 

Back to SfB Connections

SfB client will do stereo to this headset.  Oh yes.  For those of us who suffer from a previous lifetime that caused hearing loss, having an over-the-ear, or on-the-ear solution with actual speakers in cups rather than some microdot in a ear canal thing is a real bonus.  ooh ooh ooh.

Noise cancelling mic standard.  One of the problems I see with SfB/Lync is that the devices pick up every last little noise.  And when the audio stream is literally silent if no one is talking, then the ambient noise on either end can be a real distraction.  Logitech wizardry to the rescue.  This headset ignores just about everything except what is right in front of the mic boom.  Really well done.

Build quality is right up there in the excellent to superior bracket – as you would expect from Logitech.  Comfort – yep.  Range?  Dang, I can wander all over and not lose signal.  Another HUGE plus.  That makes two of them.


Build quality, SfB/Lync certified, comfort, features, functionality. After having used at least six different headsets over the last 18 months, I hereby declare the H820e as my favorite.  There are others that offer more widgets, more wires, more software, or are customizable to the nth degree, but none of them perform the core task of being a VOIP headset and delivering audio to your gourd nearly as well the H820e.  

And, you can still get your very own H820e right here.


And in the darkness bind them – O365 PowerShell

A nifty quote, and only partially applicable here, but I have wanted to use that phrase for a long time, so this seemed like a good time.

Office 365, with Azure, MSOnline, Sharepoint, Skype Online, Exchange Online, all of that good stuff.  But managing the various interfaces can be a bit of a challenge. The web interfaces work OK, but for any serious, scaled out work, you will want to leverage PowerShell.  Now, we can do this via individual windows, but they all get jumbled up, and what is what?  And you need how many?  Just ONE won’t do?

Microsoft themselves offers up a TechNet article on how to get all the Office 365 services in a single window…. good luck keeping track of that.  Part of that article also shows the various single window methods.  Even I can figure out that part.  But there must be a better way.  Or perhaps a solution that better matches how I want to work.  As slick as the TechNet guidance is, that just don’t work for me.

Enter Brad Stevens, the Resident Bright Boy (RBB) on my team.  In conversation with him, the idea surfaced of creating a script that would open all the PowerShell requirements at once, label the windows, and possibly even give you the options of opening just what you wanted, yet remain ready to connect to the others.  Keep in mind that this script is his work, not mine.  I can write psuedo-code and create the concept all day long; actually coding the idea into reality is way past my skill set.  But, not his apparently!

A walkthrough

First off, I always run PowerShell as “administrator”  - it just solves so many problems!


Set your execution policy.  I always run my laptop in “unrestricted” – which is not the best choice for the uninitiated.  For this RBB script, you will want unrestricted.


Then, simply navigate to your script location and call it.  You will want to do [R] Run Once…


You will get this handy-dandy pick box to choose your level of functionality, and for entering those all-important credentials.


For the purposes of this article, I am going to hit them all, but the SPS window is going to have some red in it as I don’t have SharePoint setup in my tenant…


Selecting the “connect” button results in this:


You can close the windows individually, work in them all at the same time, etc.  Way better, IMHO, than having only ONE window and I am always having to open another while doing something else.  Why not have them all at once?  And they are cleverly labeled so you can look at the title bar and figure out what you are doing.

Remember that you can select one, like Skype, and then go back an redo things and select Exchange… the interface will stay open for you…

You can get it for yourself

The RBB has now posted the script on his blog so you can enjoy the goodness for yourself.



Array Networks vAPV Review

Have you looked at the Lync Server/Skype for Business Server Open Interoperability Program (OIP)  and wondered who some of the qualified providers are?  I know I have.  And then with the advent of virtualization a few years back, I started to ponder whether or not a vendor who is qualified on the hardware list but not on the VM list would function the same.

For the last two months I have been putting the Array Networks vAPV through it’s paces.  For the above reason, I have the virtual edition rather than the physical appliance.  Just so we are on a level playing field, I have been working with this right here. Array has been on the OIP since the Lync 2010 days, and the qualified firmware version for the appliance is 8.x.  The vAPV with which I have been working is I also have a running version of APV.  Gee, lots of periods there!


One of the things I have discovered is that Array is aimed a tad higher up the food chain than the SMB market.  This is not a bad thing, it just is.  In fact, I can easily make a case for this being a great thing. Price-wise, I would say that they are very competitive even for the SMB customer. Picture a company that is a bit above the SMB space, but below the “enterprise” space.  The needs are the same -  in fact even an SMB can have enterprise needs.  Array Networks has feature set in spades.  Very comprehensive – including some I had not thought were useful until I played with them.

Feature Set



The vAPV runs as an entry, small, medium or large virtual application delivery controller on Array’s AVX virtualized appliance to flexibly enable on-demand, full-featured load balancing and application delivery with guaranteed performance.

More Array Networks market speak: 

Local server load balancing, as well as both global server load balancing (GSLB)and link load balancing (LLB) ensure application uptime in the event that servers, ISP links, network segments or data centers become overburdened or unresponsive.

Upfront, this is the list of features that are available:


Specifications may be important to you also.  The capacity ramps up quickly – and you can see where I say that the APV is aimed at a higher market segment than the SMB (however, my previous comments still hold).


If you don’t like virtual load balancers, then guess what?  There is a range of physicals as indicated.  Bon appetit!  Bottom line, you need to read through this Array Networks information to get the full list of things the vAPV (or APV) can do for you.

What about me?

Well, what about me?  You’ve read the marketing material, I have presented some opinions, but what did I experience during the install and configuration and operation of the vAPV?


Because I am using VMWare workstation for my lab, I had to convert the OVA download into vmdx format.  No biggie once you have done it.  Here is the list of supported hypervisors.


Once that was done, there is a defined install guide that walks through the initial base configuration and then it is on to the good stuff.  Simple.  Worked first time through. What could be better?

In my time with this exercise I screwed up the entire mess.  So the support engineer had me check a box and restart.  The end result is that the box recovered with the previous known good.  So nice.



Speed is not an issue here.  The web UI is very snappy. Content delivery was noticeably faster than competing products.  I like that – I have zero patience for slow stuff when the resources are not being overtaxed and something is slow just because.  Array does not seem to have that problem.  Fast fast fast.  Did I mention content delivery was zippy?  And it got better with compression enabled.  I like it.  “nuff said.


One of the issues administrators run into is configuration.  Sometimes just reading the documentation is enough, sometimes formal classroom training is almost a prerequisite to success.  The vAPV fits somewhere in between the two extremes.  Getting into the GUI and poking around was easy enough, and seeing the basic administrative function was clear also.  At that point, neither of my brain cells could figure out what was needed.  Maybe I am just a bit dense.

Luckily, there is this built-in “quick start” feature where there is an outline of the steps needed to do tasks.


But still, Array has so much to offer that the granularity gets in the way of the KISS method I like.  Even when using the list shown above, I was at a loss to divine the steps to get things working.  See below for “SUPPORT.”  Configuration will be much like using an AlphabetNumber product.

For you CLI types, Array also supports a full CLI that will allow you to script your configuration and work that way.

VS and Reals and Groups

Here is what we need Mr. vAPV to do for us:


Granular is the word of the day here.  Think of each service you need for your system.  You will need by IP by port.  So, is NOT the same as – each of those needs to be separate.  And the common name is going to need to be unique also.  <sigh>  Each of these services, just for a DNSLB setup in SfB required the following.  Yes, I have my SE web services going through here also as I wanted to play with the content redirects.  Figure out your naming convention per layer before you start.


After you make the real servers up, you then need to lump them into groups.  Reals into groups; groups into virtual services.  Think ahead.  Maybe some UML work might be in order before you start?  Oh yes, you cannot put TCP reals into an HTTP group and hence an HTTP service.  Or, at least I could not figure out a way to do so.


Once you get past the real server and group setup, then you need to worry about the virtual services.  For my environment, here is what I came up with.



The APV has logs everywhere.  Which is right handy at times. For instance, you can drill into a group, and down at the bottom there are some basic stats listed for that group.


Included in the unusual plethora of admin tools is a copy of the running configuration for you CLI afficianados. And to get you really into it, the display is separated into startup config and running config.  So nice.

Monitoring of the entire mess gets granular as well.  Statistics exist for every layer of the construction.



Are you visually oriented?  You want pretty pictures to show that your virtually shiny appliance is in fact doing something?  Well, APV has you covered.


And you can choose from the following pre-defined graphs…notice how the pre-defined collection has our configured real, virtual, and policy connections listed.  *I* did not do that – the system saved me my lunch break.


You can also make your own definitions.  I put this beauty together in about 30 seconds. Such an artist am I.


Content Redirects

Near and dear to my heart is content redirects.  Not every customer of mine has entire class B subnets to work with in their public space – so we try to conserve IPV4 space as much as possible. If you read the link there, you will note that there was syntax involved, and you had to know what you wanted before you started.  Not a problem for ME…might be for an un-initiated hard-charging techie.  APV has you covered here also.  The content re-direct policy stuff in the vAPV was done on the fly, with no syntax needed other than knowing the called URL from the client perspective.  Sa-WEEET!  What you see here took about 10 minutes from start to finish.



Would you like to route stuff around your network?  Would you like some content to go via certain routes?  APV has you covered

(I just realized I have been using that phrase a lot.  But, in truth, APV does have all the bases covered, and then some.  Every time I look at it, there is more to appreciate.  Simply a very well done product that is continuing to evolve and get better.)


There is more in that networking section (basic and advanced) than my little pea-brain comprehends, but I showed this to a few networky-techy-nerd buddies, and then had to clean up drool from the monitor.  Their excitement over the possibilities was palpable.



Would you like some of your content delivery to get compressed and some not?  FWIW, this makes OWA 2016 pop on screen rather than ooze up there. As in a LOT faster.  I did not measure as I have no facility to do accurate measurements – Array claims 500% improvement over non-compressed.  I don’t know about that, but I know OWA flies up on screen.  OOS and OWAS scream into being rather than just oozing.  According to my setup, there has been an “87% compression ratio of compressible data” – whatever that works out into improvement percentage I do not know.  But seat-of-the-pants – mucho mejor.

IPv6 support – NAT64

When enabled, the APV can translate ipv6 to ipv4.  Or ipv4 to ipv6. You can’t mix the two in a group, but you can have both inside and both outside – you just can’t mix the group. I can think where this will come in handy down the road just a bit as (supposedly) the IPV4 pool is now exhausted.


Yes Matilda, the vAPV does SSL.  My configuration is decrypting and inspecting, then re-encrypting and sending to the real servers.  All faster than you can type about it.  The certificate import process was easy as it took .cer format directly.  I had some moments with the configuration, but read below in “support”  - we got through it.  After having it explained to me in kindergarten terms, even I grasped the simplicity (when you think about it) of how the SSL is handled.






Take a look at the wealth of deployment guides here.  The only problem I see on the deployment guide page is that the Lync 2013 guide is for the full load balance solution, whereas I only deploy in that fashion when I am pushed into a corner for some business or technical reason – otherwise I am going to advocate and deploy DNSLB.  In working with Array support engineers, I am told that the SfB documentation will include both methods.

I had some difficulties due to the extreme levels of granularity of the APV. My friendly (he never cursed at me – not even once!)(and I gave him plenty of reasons – there are times I am just stupid beyond belief…) support engineer showed me how to get multiple ports into the virtual service so that you could theoretically define a real service with port 0 and then create virtual services with any ports you want.  so if you had some generic needs, like RPC Endpoint mapper and port 80, you could handle that with one assembly.  Not the most obvious solution set, but when you look at the granularity model, it makes sense.

So they get a frowny, a smiley, AND a straighty.

Sad smileSmileDisappointed smile

I will reiterate, even in the midst of my personal issues, my assigned Array Networks support engineer was extremely helpful and patient. I am not the easiest person to coexist with; whoever that guy is deserves a medal.  If the rest of the folks at Array are anywhere close to this guy, it speaks well for them as a company/staff.

The SfB / Lync Connection

I would not be doing this homework if it was not for wanting to make my customer’s Skype deployments better.  That’s the bottom line.  After configuring the APV as shown above to match the environment shown below, SfB was happy as can be.  Internal and external web services were flawless. No issues.  OWAS as mentioned popped up on screen.  LWA worked perfectly.  Mobile clients went tearing through. I saw no issues whatsoever – let alone anything that could be attributed to the compression.  Web services with the compression were “seat of the pants” faster.


The Array Networks installation/deployment guide does a fine job of laying out the requirements and the “how to” part of the vAPV deployment to support Lync/SfB.  I have not yet had the chance to convert to a full load balance solution (nor do I really want to), but I would imagine that the results would be the same.


Let’s face it.  If you have an organization that is big enough, or perhaps small but needing the services of a load balancer – be it application delivery or just simple reverse proxy, then almost anything will work.  However; should you want to control the beast, and use your deployment for something other than just a one off, you need something more sophisticated.  As your traffic load grows and expands to cover more than just one workload, the underlying network devices become more and more important.  Enter Array Networks. The Array vAPV (and the physical APV for that matter) presents some very interesting feature sets for discussion.  Do you want simple or do you want granular control?  Are you willing to accept some sluggish performance or do you want screen-popping speed? Local load balancing is needed and you want global load balancing options for the future? If you went the caviar route on those questions, then Array Networks needs examination.

For a load balancer/application controller that offers a great feature set, is granular (seriously granular!), along with being wicked fast, then Array networks vAPV should be on your short list. 

You can get your very own vAPV here.