It's all very well to talk about VoIP, but the big issue is whether your network can cope

Using an Internet Protocol-based network for voice communications is a sure way to reduce IT infrastructure costs. But the age and functionality of your telephone and network infrastructure, and what you intend to do with business processes in the future, will directly influence your company's strategy on whether to adopt voice over IP (VoIP).

Using an Internet Protocol-based network for voice communications is a sure way to reduce IT infrastructure costs. But the age and functionality of your telephone and network infrastructure, and what you intend to do with business processes in the future, will directly influence your company's strategy on whether to adopt voice over IP (VoIP).

It will also help you to decide whether your strategy should be to upgrade gradually to VoIP, or to implement a complete VoIP system as part of a fundamental network overhaul.

Telecoms manufacturers are ceasing to develop traditional systems, so users will need to consider upgrading to IP systems, according to the Telecoms Industry Association.

The association recently released figures from research organisation MZA which showed that only 17% of enterprise phone systems are traditional private branch exchanges (PBX). Only 4% of systems are new pure IP-PBXs, with the majority of enterprises integrating the new technology as hybrid IP-PBX systems.

MZA forecasts that by 2008 the deployment of hybrid IP-PBX systems will have risen to 85%, with only 10% of enterprises maintaining traditional PBX systems.

The big question is whether your network can cope. Most industry experts believe it probably cannot.

Industry estimates show most networks are not capable of providing the uptime to match existing telephone networks, which operate on 99.999% reliability figures. This is not a hardware problem, but rather a software problem. Most networking operating systems are monolithic and have a single point of failure, rather than discrete threads that can be automatically rebooted in case of failure without bringing the switch/network down.

Changes to the data network will have to be made unless the company is already working towards a long-term voice strategy. It will then be essential forservices such as local area network readiness assessments.

The assessment involves sending a data engineer to a site where, using sniffers on the network, they will be able to detect what equipment is installed and what the performance is on the Lan.

In terms of cost saving, analyst firm IDC estimates that using VoIP as part of a converged network can save 68% in "adds, moves and changes" costs. Martin Northend, head of convergence platforms at Siemens Communications, said, "Migration to a converged voice and data wireless area network can also deliver a 30% saving in network charges."

Cost is directly related to the current network. Kevin Barnes, EMEA business developmentdirector at network supplierAdtran, said, "The existing data infrastructure must be examined to see if quality-of-service parameters exist throughout the network to properly handle the VoIP traffic. The bandwidth bottlenecks should also be examined."

When deploying VoIP it isimportant to remember voice traffic must be given priority over the network to ensure its time-critical nature is taken into account.

Good voice quality requires fairly constant network bandwidth (typically 10mbps or 100mbps), and acceptable levels of delay for each packet, according to analyst firm Gartner. "Voice packets must be given priority so that they are notaffected by network congestion," it said. 

The three main network protocols users will encounter to support service quality for IP telephony are:

  • UDP Port Selection
  • IEEE 802.1p/Q
  • DiffServ

Manufacturers such as Siemens, Nortel and Avaya recommend these hybrid systems as the way forward for companies wishing to take advantage of this technology. Session Initiation Protocol (SIP) ensures phones and end-user devices that support this standard are interchangeable, and allows organis- ations to selectively implement hardware from different suppliers.

However, other suppliers, such as Cisco or 3Com, can provide a one-stop shop with a complete end-to-end IP system that can provide everything from network installation to end-user devices from one source. Depending on your plans for the future, this may or may not be the best option.

There is a bewildering choice of products available. Management of the network and the end-user devices, plus the feature set that can be made available, all come into the decision of which supplier to choose.

VoIP is not just available to large enterprises. Products such as Cisco's Call Manager enable the handling of thousands of users, but Call Manager Express starts at 10 phones with 10 software licences.

Organisations tend to adopt a migration-based approach to VoIP so they can continue to use the traditional PBX equipment based on the DPNSS signalling language, at the same time as introducing IP-based network and phone systems.

Vaughn Armstrong, director of marketing at telecoms supplier Westell, said, "This transition can often give rise to interworking issues between the two, including the loss of valuable DPNSS-based supplementary services that many business have come to rely on."

Whatever product you choose, there will be cause for the new IP networks to talk to traditional voice networks. You will need to consider how the traditional and IP systems will talk to each other, and how the original feature s of the older systems will be maintained across the new network.

Translator products enable this to happen by acting as a gateway, allowing the two systems to talk to each other, converting old voice-based language protocols into IP.

The worry among business that voice traffic may be at risk has been shown to be a major factor in the speed (or lack thereof) with which companies are choosing to deploy this technology. A survey from net.com found that 70% of decision makers were not deploying VoIP based on security fears alone.

As voice signals are converted into digital signals as data packets to travel over the internal network or internet, this traffic is vulnerable to the usual threats such as spying, theft or manipulation.

VoIP security is typically only as strong as that provided for traditional e-mail and web traffic. Security vulnerabilities in IP are targets for viruses, worms and Trojans, which were not previously a factor in public switched telephone network (PSTN) systems.

Nigel Beighton, head of threat intelligence at Symantec, highlighted the problems. "Hackers will probably continue to exploit existing internet vulnerabilities while also evaluating old attacks on the telephone to see if and how they might be exploited in a new way. Hackers will also turn their attention to studying new protocols that represent new opportunities for launching attacks."

"An attacker could inject speech, noise or delays to calls. The greatest danger to most organisations is not the possibility of someone making free calls from their network, but rather the possibility of compromise of confidential and leaking of proprietary information."

However, Beighton believes the security issue can be solved with traditional technology.

"In general, most of the best practices for data communication are relevant for voice communication. Consequently, protecting data and VoIP environments requires a combination of anti-virus, firewall, intrusion detection systems, and virtual private networks. These technologies must also be optimised for voice," he said.

VoIP traffic can go through a number of both secured (private) and unsecured (open internet) channels. As a result, it is important to use encryption technologies such as IPSec, and secure tunnels to keep voice communications safe.

Beighton said, "Many VoIP protocols include optional encryption and authentication capabilities. For example, when sending voice traffic between two branch offices over the internet, it must be protected using at least 128-key encryption. SIP and H.323 voice protocols provide a standard for authenticating users."

Products such as the VoIP Migration Appliance (VMA) from net.com, are available to assist in migrating PBXs to IP. VMA incorporates security features including rogue packet ejector, proprietary voice tunnelling, MD5 authentication, transport layer security, and firewall traversal.

Scott Haugdahl, chief technology officer at network management software firm Wild- Packets warned that companies have to be even more vigilant if they are going to deploy VoIP over wireless networks. "Disrupting a VoIP call is as easy as disconnecting a network cable from a jack. This is much easier to do, unlike the analogue connections of old in a punch down block," he said.

There are also tools to grab packets with a laptop and playback the conversations. "We must go the extra mile in physically securing our wiring closets, and everywhere there is a connection for that matter, which can be quite difficult. Imagine 'rogue' hubs attached to unsuspecting user's cubicle or wall jacks," said Haugdahl.

Some companies rolling out VoIP services are using the Packetcable security specification, he said. Packetcable uses network call signalling to transmit call signalling between customers and infrastructure. Haugdahl believes such systems are more secure against attacks than SIP or Skinny, but the other vulnerabilities remain of concern.

Read more on Voice networking and VoIP

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close