What is Cisco Collaboration Provisioning Automation?

Cisco Collaboration Provisioning offers a scalable web-based solution. According to statistics, it is evident that using the Cisco systems will continue to boost revenues. As of 2021, Cisco’s revenue was at $49.8 billion.

In particular, the system helps in managing your company’s next-generation communication services. It manages IP communication endpoints and services in a unified:

• Video,
• IP telephony,
• Voicemail, and 
• Integrated messaging environment.

Cisco Collaboration Provisioning enables the delegation of order management capabilities. As a result, requests for service additions, deletions, or changes can be done without the need for an underlying knowledge of the voice applications delivering those services. 

It offers a similar service management experience, despite the technology that delivers the Cisco Unified Communications services. 

What does the integrated messaging environment entail?

• Cisco Unified Communications Manager
• Cisco Unified Communications Manager Express
• Cisco Unity (not applicable for Cisco Prime Collaboration 11.0 and later versions)
• Cisco Unity Express
• Cisco Unity Connection systems
• Analog gateways 

Now, let’s find out more about Cisco Collaboration Provisioning automation.

How Employees Benefit from User Provisioning Software

Employees now benefit from using the self-service portal to manage their lines, intercoms, and speed dials. This becomes possible through user provisioning software. You even get to allow end-users to access the Visual Phone Editor through the self-service portal. With the user provisioning software, you also benefit in the following ways:

• Productivity

You get to reduce repetitive manual work. Initiating workflows across various UC apps, servers, and clusters becomes easier.

• Accuracy

You get rid of human errors and inconsistencies. Templates assure you that accounts are designed with standard configurations.

• Uptime

It becomes possible to cut out the risk of outages. A software layer eliminates the need to access the native UC apps.

• Security

It helps to safeguard against accidental or intentional service disruptions. Role-based access and audit trails allow for the control of system vulnerabilities.

How Does Cisco User Account Provisioning Automation Work

User account provisioning automation for Cisco unified communications (UC) is a technique that leverages technology. It allows the streamlining of the manual user provisioning processes of:

• Adds – Onboarding employees
• Deletes – Off-boarding employees
• Changes – Changing the collaboration service types an employee has
• Moves – Moving an employee to a new sector of the company

The automation of MACDs—Moves, Adds, Changes and Deletes—will reap benefits from:

• Risk mitigation,
• Simplification,
• Consistency, and 
• Access Control.

Let’s find out more about these benefits.

1. Risk Mitigation

A management system that enables user provisioning software automation is essential. It reduces the security risks associated with giving access and deleting users in UC systems and applications. Security should be a top priority for companies looking to implement Cisco integrated communications technologies.

CUCM (Call Manager), Unity Connection, Jabber, and such-like collaboration software systems may not have been a good target for hackers. But, these systems can easily expose your organization to operational cyber risks. This includes risks linked with procedures and not from the inbuilt software itself. 

People are now keen to protect other areas of IT, like networks and databases. Thus, attackers seek to penetrate businesses through any exposed surface area, including Unified Communications (UC).

1. Simplification

Integration through automation with other corporate systems used to manage users will simplify the provisioning workflow in the following areas. 

• IT Service Management (ITSM)
• Human Resources (HR Systems)
• Active Directory (Microsoft AD)
• Identity and Access Management (IAM solution)

The real-time integration with Active Directory is the most popular approach to enabling zero-touch account provisioning. There’s a 4-step procedure between the user-provision software solution, Active Directory, and the Cisco array of unified communications applications. 

The 4-step process includes:

Step 1: The provisioning automation solution finds new employees in the Active Directory. Once found, the provisioning software proceeds to Step 2. Here, you have the liberty to set how often you want to check Active Directory (AD) for new employees – hourly, daily, weekly, whatever you prefer.

Step 2: The provisioning software will automatically form accounts for any new employee in every relevant Cisco unified communications application. You can also customize which Unified Communications applications are provisioned. This is based on AD Groups, and you do it by matching with a group in your provisioning solution.

Step 3: Your provisioning solution will send the phone number of the new employee(s) to the Active Directory. There, it is stored with every other employee’s information.

Step 4: The final step is that the provisioning automation software will send an email to the new user(s) with every necessary detail about their Unified Communications accounts. All this takes place in real-time without needing manual work from the service desk or telephony team. It’s how the user account provisioning automation works.

1. Consistency

The automated account management for user access to the UC applications enhances a more consistent user provisioning. Eliminating manual intervention in Unified Communications account provisioning eliminates variability in how different provisioners can form accounts.

The most advanced approach to guarantee consistency is using predefined tasks that perform the provisioning tasks. Jobs should have one or more templates to formulate the desired provisioning result. 

It should be noted that the jobs should be highly flexible. They will vary based on an organization’s needs. Tasks should include multiple templates that work across call manager clusters and applications to provision user accounts.

1. Access Control

Account provisioning across various Cisco UC applications helps control who can access resources. You should integrate account provisioning with your access management IAM solution to manage access efficiently.

In short, access control is an essential facet of your security posture. An automation solution should provide granular role-based access control at different levels. 

With such flexibility levels around roles-based access control, big organizations manage to customize whatever they feel their users and teams require. They do this based on the users’ internal best practices.

Groups are essential to help provide a common category of users with access and permissions to items within a provisioning automation solution. 

These groups are the basis of security. Users must belong to a particular group that provides the user permissions. Again, the users can be part of multiple groups.

The four default groups configured within the systems include:

• Administrator
• Editor
• Provision
• Template Manager

The groups help define role-based access to jobs, devices and settings, and site templates.

Terminologies to Apply in Cisco Collaboration Provisioning

• Device – This comprises all applications, including Cisco Unified Communications Manager, Manager Express, Instant Messaging and Presence (IM&P), and Unity Connection. It also includes infrastructure elements like ISR Gateway devices and IOS Router. 
• Processor – A proxy for each device component. A call processor is a proxy for each device’s instance, including Cisco Unified Communications Manager and Manager Express. 

A unified message Processor is a proxy for every example of Cisco Unity, Unity Express, and Unity Connection. This does not apply to Cisco Prime Collaboration 11.0 and the later versions. 

The unified presence processor is also a proxy for every instance of Instant Messaging and Presence. 

• Endpoint – This comprises every active video, software and hardware voice, and all collaboration devices that users interact with. Examples include Cisco Jabber clients, tablets, Telepresence devices, mobile devices that run on Cisco Jabber, and personal Telepresence units involving DX, EX, MX, and SX series.
• User – This is an individual with an enabled IP Telephony service. The user also represents a structure that can access the collaboration provisioning to perform various schemes. 
• Service – Service involves the settings and unity necessary to carry out a series of functions anticipated by the user. For instance, offering an endpoint service means that the user can perform dial-out and allow answering. The user can also have speed dials, transfers, forward to voicemail, and conference. 
• Domains – Domains are user groupings. This is where one or more system users can be permitted to manage the services for users in the domain. Moreover, rules or policies may be set on the domain. Those rules and policies apply to the services for users within that domain. 

The standard policies can also apply to operations within the domain. The domain administrator handles moves, additions, changes, and deletions(MACD) for users within the domain. Advanced Provisioning offers support in assigning individual administrators to specific groups. 

• Service Areas – These are groupings within a particular domain. They are used to structure and manage the necessary IP telephony and messaging services across borders, be it geographical, organizational, or technological boundaries. 

The Service Area operates as a service offering location. It provides a template mechanism for determining the provisioning attribute values used in order processing. Service Area also serves Cisco Unified CM partitioning. It directs the particular location, device pool, and route partition, which assignments should use. This applies to any user assigned to that Service Area. 

• User Roles – User roles are responsible for offering policy enforcement and controlling which products and services to order for different user types such as; executives, contractors, or salespersons. 

They also filter processes that control which choices should be presented to administrators during order time. User roles also determine which service templates should apply for a particular user type during Automatic Service Provisioning. 

Thus, an administrator may create various user roles defining different levels of services. The default user roles include employee, executive, and room. 

• Service Templates – Service templates offer convenience to administrators responsible for setting up devices or ordering services for the end-user. The service templates enable the collection of small or extensive amounts of settings into a single template, which you can apply to endpoints or services. 

This helps you save time instead of having to set many individual attributes. It offers accuracy to prevent missed typos in attribute fields. Service Templates can enhance keywords to customize line texts indicated on endpoints.

They enable you to form service attribute settings using provisioning attributes. These are configuration settings applied to service during activation.

Key Takeaways

Cisco Collaboration has made possible user provisioning, which has enhanced digital identity. It has also made the access management process possible, which involves creating user accounts. 

Users get the rights and permissions to access organizational resources through the automation software. All these happen in real-time. By eliminating manual work, organizations can now realize more effectiveness in handling tasks.

Not only does it save time and costs, but it also enables the organizational leadership to gain visibility of their identity right from onboarding until their exit.