SIP

Sprint Rolls Out General Availability of SIP Trunking

Sprint was one of the first SIP trunk providers certified with Microsoft Office Communications Server 2007 R2 (OCS 2007 R2). Now it is expanding availability of SIP trunking to all business customers.

Sprint SIP trunking customers will be able to leverage Sprint’s Global MPLS network and utilize a single IP network connection to facilitate voice, date, and video conferencing connections.

SIP trunking and VoIP enable customers to save significantly over traditional local and long distance expenses, and it is also a key component of unified communications.

SIP Communications for Dummies- 2nd Edition

Avaya has sponsored the free eBooklet- SIP Communications for Dummies-2nd edition. The book is written by Lawrence Miller and Peter Gregory, with a foreword by Alan Johnston and covers a range of topics to introduce you to the basic concepts of SIP (Session Initiation Protocol). Chapters include:

1. SIP at a Glance
2. The Case for SIP
3. How SIP Transforms Communications
4. SIP Interoperability
5. SIP in the Contact Center
6. SIP and Intelligent Communications
7. Ten Reason to Use SIP-Enabled Solutions by Avaya

In the Foreword, Johnston says “So what is SIP and why is the industry buzzing about it? This book will tell you. What can you use SIP for? This book will tell you that too. Why is SIP so important? You’ll find that here too.”

The last chapter is obviously a little self-serving, but it is sponsored by Avaya. Overall the booklet is a good primer on SIP and is a solid resource. The price is right, so you can’t fault Avaya for plugging its products in the process.

It is definitely worth a read. Check out SIP Communications for Dummies - 2nd Edition.

Achieving UC Utopia

What is the ultimate goal of unified communications? For you, the user?

Organizations have all kinds of potential reasons for adopting unified communications. Cut costs. Improve efficiency. Communicate more effectively. Streamline business processes. Converge voice / network administration. The list goes o.

But what’s in it for you? Beyond from the hyperbole and and grandiose claims in marketing brochures, the ultimate promise of unified communications from a user perspective is the single number / single device access.

It’s nice to be able to use Presence to see if someone is available and choose the best method of communication based on that individual’s current status. What would be even better is if you only had one method of contact for the individual- his SIP URI for example- and the unified communications environment would intelligently route the communication based on Presence and preferences. Let the recipient choose the best method of communication instead of the sender.

We’re not there (obviously). Most people still have an email address, a desk phone number, and a mobile phone number at a minimum. Many people carry multiple mobile phones to stay in touch with different parties. Cutting Through the Clutter for Unified Communications takes a look at the current state of affairs and explores how we get from here to that UC Utopia of single number / single device communications.

The Rising Risk of Toll Fraud

Toll fraud is not new. Toll fraud has existed in some form, more or less, since telecom providers have charged customers for placing calls. But, just as technology and the computer / Internet revolution have streamlined productivity and helped people to work more efficiently, it provides the same benefits to cyber criminals.

The convergence of voice and data that comes with VoIP and unified communications deployments means that voice networks are now accessible- and exploitable- via many of the same vectors traditionally reserved for attacks on data. Attacks can be automated, they can be executed faster, and they can do more damage in less time thanks to the processing power and bandwidth available to work with. Read The 9 Deadly Security Gaps: Protecting Against the Rising Risk of Toll Fraud to learn more about the threats and how you can defend your VoIP / UC network from attack.

Five Things You Should Know About SIP

Are you familiar with SIP? SIP, which stands for Session Initiation Protocol, is the protocol that provides the backbone for most VoIP and unified communications platforms.  SIP binds multiple media types together and allows for the seamless integration of voice, video and IM. In a recent Reality Check podcast, Elaine Hom spoke with Jon Arnold to discuss the top 5 things you need to know about SIP. Listen and learn- Reality Check: Five Things You Should Know About SIP.

SIP Trunking: The Key to Maximizing UC Benefits

VoIP and unified communications each have a lot of promise in and of themselves. They each deliver innovative tools that allow businesses to operate more effectively and efficiently. As the Executive Summary of this presentation states though, deploying UC is not without challenges.

Too often, organizationsgo down the path of deploying new technology with old technology principles in mind and UC is no different. Many of the early adopter deployments of VoIP and UC were designed exactly the same as the old systems, severely limiting the overall value of UC, which is a highly flexible, IP-based solution.

Migrating from traditional trunk lines to SIP trunking is a very simple, cost-effective change to open doors to other advanced services that can enhance a UC deployment. SIP trunking will allow companies to recognize the following benefits:

• Dramatically lower the overall cost of communications
• Extends UC to software-as-a-service (SaaS) applications and other cloud-based options
• Accelerates UC deployments through the simplification of network design
• Easier migration to other advanced services such as mobile integration and MPLS networks

For more about SIP trunking and the impact that SIP trunking has on a successful UC deployment, check out this TechTarget presentation: SIP Trunking Is Key to Accelerating Unified Communications Deployments

Security Concerns of UC Networks

When voice was just voice, it did not pose a security risk to the data network…at least not directly. It could be argued that there is still potential to exploit the voice network for social engineering purposes that result in a compromised data network, but that is a semi-convoluted argument and not really the point of this post.

With VoIP alone, standard best practices suggest keeping the voice VLAN and the data VLAN separate so that a compromise of the voice network would not have any effect on the data network. However, we live in a converged world. Unified communications merges voice and data and requires that they all play nice on the same network. Where does that leave us? That leaves us with some new security concerns to be aware of and guard against.

This post from Nortel’s Voice Security Blog, in conjunction with Sipera Systems Chief Marketing Officer, Eric Winsborrow, provides some additional detail and illustrates some potential scenarios that could exploit a vulnerable VoIP system and lead to a compromise of the UC or data network.

Connecting Cisco to Microsoft OCS

According to a recent Gartner Magic Quadrant report for Unified Communications, Microsoft, Cisco, and Nortel are the industry leaders in terms of both innovation and the ability to actually deliver that innovation to customers. Nortel and Microsoft have an intimate partnership through their ICA (Innovative Communications Alliance) relationship with Microsoft, and they work very closely together to ensure seamless interoperability of their unified communications products.

Cisco is another story. At one point Microsoft and Cisco made a very public showing of burying the proverbial hatchet and vowing to cooperate in the best interests of corporate customers and unified communications in general. That cooperation lasted right up until they started rolling out products at which time the mud-slinging began. Each declared their approach and solution superior and slammed the other.

Whether they want to admit it or not though, they are sort of forced to play nicely together (sort of like the nerd and the playground bully while the teacher is actually monitoring recess activities). Cisco is a dominant player in network infrastructure and VoIP communications. Microsoft has a virtual monopoly on the PC desktop and a significant share of the enterprise server market. There is a high probability that a prospective customer is already using Cisco networking in conjunction with  their Microsoft Windows network, so that prospective customer may very well wish to continue that balance as they move forward into unified communications.

Thankfully for the prospective customer, Cisco Unified Communications Manager (CUCM) does integrate with the Microsoft Office Communications Server environment. It isn’t always pretty, but it works. Mike Stacy, a Director with Evangelyze Communications, provides an illustrated step-by-step guide to configuring direct SIP connectivity between the Cisco and Microsoft communications products.

VoIPshield Finds Flaws With Microsoft UC

VoIPshield, a VoIP security solutions company based in Ottawa, Canada, recently discovered vulnerabilities affecting the RTP (Real-time Transport Protocol), a standard data format used for delivery of audio and instant messaging packets over the Internet. Microsoft Office Communications Server 2007, Microsoft Office Communicator, and Microsoft Windows Live Messenger.

This excerpt from the VoIPshield press release explains the issue further:  “Most of the attention in enterprise VoIP/UC security has been paid to the control channel, where SIP and other signalling protocols are used,” said Ken Kousky, CEO of security research and analysis firm IP3 and advisor to the VoIP Lab at Illinois Institute of Technology. “Until now, the media stream has been largely ignored by the security community as a source of malicious activity.  But attacks from these vectors have the potential to be dangerously persistent and widespread.”

There are an estimated 250 million computers running at least one of these applications. If exploited, the discovered vulnerabilities could result in a DoS (denial-of-service) attack that impacts not just the affected application, but the entire computer system. VoIPshield’s research and disclosure are specific to the Microsoft products mentioned, but they note that these same protocols are used elsewhere and that other VoIP and communications applications are likely impacted by similar vulnerabilities in the media delivery channel.

Unified Threat Management Takes on Unified Communications

If you are going to build an ‘all-in-one’ security appliance, you also need to adapt with the times and add functionality to keep up with new attacks and technologies. Otherwise, organizations will end up with a UTM (unified threat management) solution, plus a mengerie of one-off solutions that undermine the purpose of having UTM protection in the first place.

WatchGuard is keeping up with the pace of technology, evolving their UTM appliance into an XTM (extensible threat management) appliance. In addition to standard enterprise security measures such as deep packet inspection (DPI) firewalls, spam blocking, URL and content filtering, anti-virus protection and intrusion prevention and detection systems (IPS/IDS), WatchGuard’s XTM 1050 includes protection for VoIP networks and VoIP communications.

According to their press release “WatchGuard recognizes that as more enterprise and mid-market businesses adopt VoIP, they open themselves to a new series of VoIP protocol exploits. By utilizing a host of high security technologies, including network address translation, port obfuscation, and SIP and H.323 proxies, the WatchGuard XTM 1050 becomes an ideal security appliance to thwart would-be attackers of VoIP and network systems.” You can read more about the XTM 1050 and the evolution of UTM security in this ITBusinessEdge article.