Using an Internet Protocol-based network for voice
communications is a sure way to reduce IT infrastructure costs. But
the age and functionality of your telephone and network
infrastructure, and what you intend to do with business processes
in the future, will directly influence your company's strategy on
whether to adopt voice over IP (VoIP).
It will also help you to decide whether your strategy should be
to upgrade gradually to VoIP, or to implement a complete VoIP
system as part of a fundamental network overhaul.
Telecoms manufacturers are ceasing to develop traditional
systems, so users will need to consider upgrading to IP systems,
according to the Telecoms Industry Association.
The association recently released figures from research
organisation MZA which showed that only 17% of enterprise phone
systems are traditional private branch exchanges (PBX). Only 4% of
systems are new pure IP-PBXs, with the majority of enterprises
integrating the new technology as hybrid IP-PBX systems.
MZA forecasts that by 2008 the deployment of hybrid IP-PBX
systems will have risen to 85%, with only 10% of enterprises
maintaining traditional PBX systems.
The big question is whether your network can cope. Most industry
experts believe it probably cannot.
Industry estimates show most networks are not capable of
providing the uptime to match existing telephone networks, which
operate on 99.999% reliability figures. This is not a hardware
problem, but rather a software problem. Most networking operating
systems are monolithic and have a single point of failure, rather
than discrete threads that can be automatically rebooted in case of
failure without bringing the switch/network down.
Changes to the data network will have to be made unless the
company is already working towards a long-term voice strategy. It
will then be essential forservices such as local area network
readiness assessments.
The assessment involves sending a data engineer to a site where,
using sniffers on the network, they will be able to detect what
equipment is installed and what the performance is on the Lan.
In terms of cost saving, analyst firm IDC estimates that using
VoIP as part of a converged network can save 68% in "adds, moves
and changes" costs. Martin Northend, head of convergence platforms
at Siemens Communications, said, "Migration to a converged voice
and data wireless area network can also deliver a 30% saving in
network charges."
Cost is directly related to the current network. Kevin Barnes,
EMEA business developmentdirector at network supplierAdtran, said,
"The existing data infrastructure must be examined to see if
quality-of-service parameters exist throughout the network to
properly handle the VoIP traffic. The bandwidth bottlenecks should
also be examined."
When deploying VoIP it isimportant to remember voice traffic
must be given priority over the network to ensure its time-critical
nature is taken into account.
Good voice quality requires fairly constant network bandwidth
(typically 10mbps or 100mbps), and acceptable levels of delay for
each packet, according to analyst firm Gartner. "Voice packets must
be given priority so that they are notaffected by network
congestion," it said.
The three main network protocols users will encounter to support
service quality for IP telephony are:
- UDP Port Selection
- IEEE 802.1p/Q
- DiffServ
Manufacturers such as Siemens, Nortel and Avaya recommend these
hybrid systems as the way forward for companies wishing to take
advantage of this technology. Session Initiation Protocol (SIP)
ensures phones and end-user devices that support this standard are
interchangeable, and allows organis- ations to selectively
implement hardware from different suppliers.
However, other suppliers, such as Cisco or 3Com, can provide a
one-stop shop with a complete end-to-end IP system that can provide
everything from network installation to end-user devices from one
source. Depending on your plans for the future, this may or may not
be the best option.
There is a bewildering choice of products available. Management
of the network and the end-user devices, plus the feature set that
can be made available, all come into the decision of which supplier
to choose.
VoIP is not just available to large enterprises. Products such
as Cisco's Call Manager enable the handling of thousands of users,
but Call Manager Express starts at 10 phones with 10 software
licences.
Organisations tend to adopt a migration-based approach to VoIP
so they can continue to use the traditional PBX equipment based on
the DPNSS signalling language, at the same time as introducing
IP-based network and phone systems.
Vaughn Armstrong, director of marketing at telecoms supplier
Westell, said, "This transition can often give rise to interworking
issues between the two, including the loss of valuable DPNSS-based
supplementary services that many business have come to rely
on."
Whatever product you choose, there will be cause for the new IP
networks to talk to traditional voice networks. You will need to
consider how the traditional and IP systems will talk to each
other, and how the original feature s of the older systems will be
maintained across the new network.
Translator products enable this to happen by acting as a
gateway, allowing the two systems to talk to each other, converting
old voice-based language protocols into IP.
The worry among business that voice traffic may be at risk has
been shown to be a major factor in the speed (or lack thereof) with
which companies are choosing to deploy this technology. A survey
from net.com found that 70% of decision makers were not deploying
VoIP based on security fears alone.
As voice signals are converted into digital signals as data
packets to travel over the internal network or internet, this
traffic is vulnerable to the usual threats such as spying, theft or
manipulation.
VoIP security is typically only as strong as that provided for
traditional e-mail and web traffic. Security vulnerabilities in IP
are targets for viruses, worms and Trojans, which were not
previously a factor in public switched telephone network (PSTN)
systems.
Nigel Beighton, head of threat intelligence at Symantec,
highlighted the problems. "Hackers will probably continue to
exploit existing internet vulnerabilities while also evaluating old
attacks on the telephone to see if and how they might be exploited
in a new way. Hackers will also turn their attention to studying
new protocols that represent new opportunities for launching
attacks."
"An attacker could inject speech, noise or delays to calls. The
greatest danger to most organisations is not the possibility of
someone making free calls from their network, but rather the
possibility of compromise of confidential and leaking of
proprietary information."
However, Beighton believes the security issue can be solved with
traditional technology.
"In general, most of the best practices for data communication
are relevant for voice communication. Consequently, protecting data
and VoIP environments requires a combination of anti-virus,
firewall, intrusion detection systems, and virtual private
networks. These technologies must also be optimised for voice," he
said.
VoIP traffic can go through a number of both secured (private)
and unsecured (open internet) channels. As a result, it is
important to use encryption technologies such as IPSec, and secure
tunnels to keep voice communications safe.
Beighton said, "Many VoIP protocols include optional encryption
and authentication capabilities. For example, when sending voice
traffic between two branch offices over the internet, it must be
protected using at least 128-key encryption. SIP and H.323 voice
protocols provide a standard for authenticating users."
Products such as the VoIP Migration Appliance (VMA) from
net.com, are available to assist in migrating PBXs to IP. VMA
incorporates security features including rogue packet ejector,
proprietary voice tunnelling, MD5 authentication, transport layer
security, and firewall traversal.
Scott Haugdahl, chief technology officer at network management
software firm Wild- Packets warned that companies have to be even
more vigilant if they are going to deploy VoIP over wireless
networks. "Disrupting a VoIP call is as easy as disconnecting a
network cable from a jack. This is much easier to do, unlike the
analogue connections of old in a punch down block," he said.
There are also tools to grab packets with a laptop and playback
the conversations. "We must go the extra mile in physically
securing our wiring closets, and everywhere there is a connection
for that matter, which can be quite difficult. Imagine 'rogue' hubs
attached to unsuspecting user's cubicle or wall jacks," said
Haugdahl.
Some companies rolling out VoIP services are using the
Packetcable security specification, he said. Packetcable uses
network call signalling to transmit call signalling between
customers and infrastructure. Haugdahl believes such systems are
more secure against attacks than SIP or Skinny, but the other
vulnerabilities remain of concern.