It’s already been a year since the launch of CUCM 15 and Cisco is raising the bar again with CUCM 15, the latest version of its communication and collaboration platform. So far, it has managed to bring two important updates, SU1 and SU2 (Oct-2024), which consolidate this version. Since this release has brought some of the biggest changes in recent years, I thought it would be a good time to analyze in detail what has changed and how these new features can influence users.

An important aspect to note is that Cisco has implemented significant hardware changes in CUCM 15, which might surprise many users. These changes can create challenges regarding updates from previous versions, such as 12.x or even 14.x. In this article, we will analyze the hardware specifications, new functionalities and improvements, providing you with a clear vision of this new version, in case you are planning an upgrade or a new implementation.

Evolution of the platform and system arhitecture

CUCM 15 marks a significant change in terms of the platform.

• End of support for CentOS: in 2020, Red Hat announced the discontinuation of the CentOS project, offering support until June 30, 2024. After this date, CentOS will no longer receive security updates, making it an unsafe choice for business environments that rely on stability and protection against vulnerabilities. To address this challenge, CUCM 15 transitions to AlmaLinux, a reliable and modern platform designed to support critical operations. By adopting AlmaLinux, CUCM 15 provides users with a stable and secure environment, ensuring the continuity and protection of Cisco customers’ infrastructure.

• AlmaLinux 64-bit: Cisco has migrated from CentOS to AlmaLinux, a 64-bit open-source Linux distribution, aligning with the Linux community’s transition. This change was evidently driven by the discontinuation of support, which was initially planned to be maintained until 2029. AlmaLinux offers a smooth transition from CentOS, allowing organizations to convert their existing systems without requiring complete reinstalls.

Hardware and virtualization considerations

• Virtualization requirements: CUCM 15 supports virtualization on VMware ESXi 7.0 U3 or 8.0 U1. The system also requires additional hardware resources: a minimum of 10GB vRAM and a disk size of 110GB (compared to 80GB) for small VMs. Existing 80GB vDisk implementations need to be manually resized to meet this requirement.
• ESXi support: only ESXi versions 7.0 and 8.0 are supported due to VMware’s support lifecycle and the end-of-life status for CentOS.

These specifications are indicative and may vary depending on the number of users and the specific requirements of the organization. For precise sizing, it is recommended to use the Cisco Collaboration Sizing Tool (CST).

Functional features and improvements

Several new functionalities have been introduced to improve the user and administrator experience in CUCM 15:

Integration with Webex: CUCM 15 brings advanced integration with Webex Control Hub, enhancing service continuity and call resilience. In the event of a connection interruption to Webex Cloud Calling, local CUCM instances can take over calls and keep the service active until the connection is restored.

• Operational continuity – local backup for calls in case of network issues.
• Centralized management – unified monitoring and management through Webex Control Hub.
• Enhanced security – end-to-end encryption and improved certificate management.
• Optimized user experience – seamless transition between cloud and local calls.

This functionality is essential for organizations with critical communication needs, such as contact centers, financial institutions, global organizations and the healthcare sector.

Automatic provisioning for Webex and Cisco Jabber: now, LDAP users synchronized with Microsoft Active Directory can automatically provision Webex Teams and Jabber clients, simplifying device deployment and management. This functionality is ideal for large organizations, streamlining device management and improving operational efficiency.

• Rapid deployment – new users receive instant access to Webex and Jabber.
• Reduced IT effort – eliminates manual configurations of accounts and devices.
• Centralized management – allows efficient administration of many users.
• Enhanced security – access policies are managed centrally, reducing risks.

Centralized call history: CUCM 15 allows Webex Calling users for Microsoft Teams to view the call history made on shared devices registered in the system. This functionality is part of the Webex Cloud-Connected UC integration, providing unified access to call data and enhancing collaboration. Thus, users can monitor calls more efficiently, ensuring operational continuity and an optimized experience in hybrid work environments.

Improved device mobility: CUCM 15 extends support for the Webex App on Virtual Desktop Infrastructure, offering a more stable and performant experience for users. This enhancement brings extended compatibility, optimized troubleshooting and increased reliability, facilitating the management and monitoring of connections. Organizations using VDI, such as call centers, hospitals or financial institutions, now benefit from more secure and uninterrupted communication.

OAuth and refresh token improvements: the OAuth system has been enhanced to eliminate dependency on the CUCM publisher node for managing refresh tokens, providing more flexibility and security for updates.

Local push connectivity for iOS: in many work environments, internet connection is limited or nonexistent due to security or infrastructure reasons. CUCM 15 addresses this challenge by introducing local push notification service for iOS, an essential solution for maintaining connectivity and call continuity, even in the absence of internet.

• CUCM 15 manages push notifications directly within the local infrastructure, without sending requests to external servers.
• iOS devices are registered in CUCM, allowing them to receive calls through internal push notifications, regardless of the internet connection status.
• This solution improves communication reliability, making it ideal for organizations operating in restrictive environments.

Improvements to the user experience

Improved login flow in CUCM: CUCM 15 enhances user experience by simplifying the login process for Webex applications, maintaining a persistent login session and improving ease of use. This functionality not only enhances user experience but also boosts operational efficiency in organizations, having a positive impact on productivity as users can quickly access all Webex functionalities without interruptions.

RTMT improvements: the Cisco Unified Real-Time Monitoring Tool supports certificate-based authentication, making it an essential tool for monitoring and managing network and communication system performance in real-time. By implementing certificate-based authentication, RTMT adds an extra layer of security to accessing and handling sensitive network data. Instead of traditional usernames and password authentication, digital certificates allow for much more secure verification, avoiding risks associated with compromised passwords or improper credential management.

RTMT compatibility with Windows 11: RTMT can now be installed on Windows 11 systems, making the monitoring process more flexible for administrators. In previous versions, RTMT was only compatible with certain versions of Windows and users had to use specific operating system versions to install and run the application correctly.

Operational improvements

Cluster software management: in CUCM 15, the software upgrade process has been improved by introducing centralized management of ISO files for cluster nodes. This change allows the Publisher to manage and distribute the ISO files needed for software updates to all cluster nodes, simplifying the upgrade process and reducing administrative burden. Benefits include reducing human errors, improving efficiency and consistency in upgrades, better infrastructure scalability and control over upgrades. This system helps save time, minimize risks and streamline infrastructure management.

Automatic provisioning of Webex and Jabber devices: CUCM 15 introduces the functionality for automatic provisioning of Webex and Cisco Jabber devices, allowing their integration with Microsoft Active Directory. Thus, devices are automatically configured as users are added or modified in AD, eliminating the need for manual intervention. This automation improves deployment efficiency and reduces the risk of errors. Additionally, the centralized process helps enforce security and compliance policies, saving time and resources for organizations.

Security and compliance updates

Certificate Revocation Lists (CRL): in CUCM 15, a significant new feature is the support for Certificate Revocation Lists (CRL). This system plays a crucial role in security management, allowing administrators to have better control over digital certificates used for authentication and encryption of communications.

CRL – a Certificate Revocation List – is a file that contains certificates that have been revoked before their expiration. These can be certificates that have been compromised, used for malicious purposes or are no longer valid for various reasons (e.g., a private key change or certificate expiration). CRLs are used by servers and clients to check if a certificate issued by a Certificate Authority (CA) is still valid or has been revoked.

Multi-Factor Authentication (MFA): CUCM 15 implements multi-factor authentication (MFA) for the Real-Time Monitoring Tool (RTMT), providing an additional layer of protection for administrator access. MFA uses digital certificates and a second authentication factor (such as OTP or biometric verification) to secure access to critical system data. This measure reduces the risk of unauthorized access and protects sensitive information, ensuring advanced security for the communication infrastructure.

What is multi-factor authentication (MFA)? To better understand how MFA works and its benefits, read the article written by Andreea Cozuc, where the authentication mechanisms and the advantages of implementing this system in organizations are explained:

https://www.arcticstream.ro/en/blog/multi-factor-authentication-mfa-what-is-it-and-why-do-we-need-it

Deprecated functionalities and removed support

Cisco Unified Communications Manager (CUCM) 15 brings significant changes in terms of supported functionalities, removing certain features considered outdated or replaced by more modern and efficient technologies. These changes have been made to align the platform with current unified communications standards and to improve security, performance and compatibility with modern Cisco solutions.

• H.323 Gatekeeper: a major change in CUCM 15 is the removal of support for H.323 Gatekeeper, a protocol previously used for call management in VoIP networks. This functionality has been replaced by more flexible and scalable solutions based on SIP, which offer better integration with modern telecommunications infrastructures. Cisco recommends users who relied on H.323 Gatekeeper to migrate to SIP trunking, using Location Bandwidth Manager (LBM) for bandwidth management and call control.
• Remote Call Control with Microsoft Lync Server: CUCM 15 removes support for Remote Call Control (RCC) with Microsoft Lync Server, a functionality that allows users to control Cisco phones through the Lync client. This functionality has become redundant with the emergence of integrated collaboration solutions based on Microsoft Teams and Cisco Webex, which offer smoother and better-integrated experience.
• Device firmware deprecation: starting with CUCM 15, firmware for deprecated phones will no longer be included in the ISO. Devices that are no longer supported, such as the Cisco Unified IP Phone 7970 and 7971, will no longer receive firmware updates in CUCM 15 installations.

Cisco Unified Communications Manager (CUCM) 15 introduces significant improvements to its platform, focusing on system architecture, integration with Webex and other cloud services, security enhancements and a more user-friendly experience for both users and administrators. These improvements address the growing needs of modern businesses, particularly in terms of scalability, security, and collaboration, preparing organizations for the future by adopting more stable and efficient technologies such as AlmaLinux. As organizations transition to CUCM 15, it is essential to plan for necessary hardware upgrades, adopt new software management practices and ensure compatibility with the latest VMware requirements and operating systems.

If your organization needs consultation about implementing Cisco collaboration solutions, Arctic Stream specialists are here to help. Contact us at [email protected] for more details!