VoIP quality of service monitoring advice

How the main worry for firms adopting VoIP is the quality of service, and knowing how to assess that service once it is set up

How the main worry for firms adopting VoIP is the quality of service, and  knowing how to assess that service once it is set up

The adoption of internet protocol based telephony by organisations is a growing trend, thanks to the promise of free phone calls through the convergence of voice and data networking technology.

Voice over IP (VoIP) technology "is about to hit critical mass", said David Endler, director of security at networking supplier 3Com's TippingPoint division handling intrusion detection systems (IDS).

Analyst Frost & Sullivan predicted it will make up 75% of all voice traffic by this year. Market research firm InStat has also forecast the number of IP phones sold will increase nearly five-fold from 9.9 million in 2006 to 45.8 million by 2010.

Yet, with organisations seemingly embracing the potential savings and flexibility of VoIP, it appears as though they are not always prepared for the challenges involved in deploying and managing the technology.

Recent research by Vanson Bourne on behalf of software and services company, Compuware has found 73% of European IT executives are still worried about the quality and reliability of the technology.

The research findings show the main worries over adopting VoIP technology involve quality of service (QoS) and security, where over a third (39%) of companies do not profile the performance of telephony applications over existing IP networks prior to implementation, so cannot anticipate the effect that its adoption will have.

Compuware's global director of performance solutions Michael Allen said too many companies take the technology for granted, while at the same time underestimating its strategic importance.

"VoIP is a well proven technology now," he said, "and most of the IT directors we surveyed have plans to move over to it, if they have not done so already - if only because it's all the networking vendors sell nowadays.

"If moving to a new office, for example, it's more than likely the organisation will want a modern telephony infrastructure. But it can be easily forgotten just how much we take telephone communication for granted having had traditional telephone systems for so long. But voice is a high-profile application and users just won't tolerate degradation and jitter on a call."

Allen said the survey revealed a major reason call quality suffers is that the vast majority of IT departments (72%) are only looking at overall network usage rather than examining the individual behaviour and usage of each application, including voice.

This could lead to poor call QoS, even if the organisation is using Class of Service management tools on a multi-protocol label switching (MPLS) network, because IT departments will not have the necessary insight into application performance.

For example, Allen said, if there is a large amount of lag on a VoIP call, which may be due to a problem at one of the network nodes, this may go unnoticed because VoIP does not necessarily generate a large volume of traffic, even though call quality is suffering. This approach is also reflected in IT managers' reactions to problems - 46% of respondents admitted to simply throwing more bandwidth at network utilisation problems rather than probing into any further detail to get to the heart of the problem.

Alliance & Leicester, the UK's seventh biggest bank, handed its voice and data communications to BT Global Services in December 2006 in a deal designed to transform and converge company's networking infrastructure.

The infrastructure refresh will begin a phased implementation lasting three years, and affecting its contact centre, branch, ATM and corporate network with the aim of driving savings and efficiencies through the deployment of VoIP in future.

Chief technology officer Darren McKenzie said networking technology was now mature enough for a large enterprise like Alliance & Leicester to look at taking it on. "We've been tracking this technology for some time, and when we were sure it was advanced enough for our needs through the immense amount of due diligence testing in labs that we did, we made absolutely sure it would lower costs and add simplicity to our network needs.

"We have had to get guarantees to prioritise voice in our plans. But we are not buying technology, we are fundamentally buying a service," he said. He added that using the latest packet switching technology over a MPLS VPN network gave him the assurance he needed that the network linking Alliance & Leicester's 1,800 staff and 250 branches would transmit both quality data and voice traffic more reliably than the number of legacy large and wide area network (Lan and Wan) technologies from a number of different, existing suppliers.

Gavin Megnauth, Shaw Trust IT director is just over a year into a four-year contract with provider Affiniti for a virtual private network (VPN) covering its entire 1,300-strong user group and enabling free VoIP calls, new rich-media services, and more effective network management tools. The charity, which represents people who are disadvantaged in the labour market due to disability, ill health or other social circumstances, is hoping the VPN will deliver up to 30% in cost savings with increased bandwidth, performance, and reliability.

Megnauth said QoS issues were a key consideration for the charity. "We were quite lucky in that our existing networks had sufficient bandwidth to accommodate the extra needed for VoIP," he said. But he said they did encounter some instances where devices, like Skype phones installed independently by remote users, had eaten up bandwidth and affected call quality for other users and applications."

Megnauth said, "If the call quality is poor it's really disappointing from the user perspective, given they have to go through training on a new phone system. And although we remedied any such problem quickly, it has left a slightly bitter taste in the mouth and cost more in start-up costs." Although he did observe the savings on call charges between the organisation's 65 offices sites would see a return in the long term.

"There are ready-reckoner tools available now that are better than they were a few years ago that help you plug in how many calls are made and how much bandwidth you would use to discern cost more clearly," said Megnauth.

"But because of the potential security issues around unauthorised devices and applications like Skype competing for bandwidth, we decided to get a consultant in to do full penetration testing." But being a charity, he also said security was not as great an issue as it might be for a bank, for example.

Gartner research director, Lawrence Orans said that whether you decided to use the expertise of a managed service provider in the case of the Shaw Trust and Alliance & Leicester to migrate voice onto your data networks or not, most data infrastructures are perfectly capable of prioritising voice over the network.

The problems arose in the overlapping areas of security and traffic monitoring and detection, he said. "The voice team has typically not had to worry about security and security teams have not historically had to worry about voice," he said.

"IP-PBXs [private branch networks] are usually not subject to denial of service (DoS) attacks because they are behind the firewall, but when you send voice outside of those boundaries issues can arise."

Orans said security would be higher on the VoIP agenda in 2007 because companies will begin to open up session initiation protocol (SIP) gateways for application-layer control of voice traffic and make them accessible on the internet.

He said that while this will contribute to the lower costs associated with VoIP it will also expose organisations to a wide variety of threats they are not necessarily aware of because many still do not see VoIP handsets as computing devices in their own right.

UK-based web security firm ScanSage has recently warned, "The result is that both VoIP devices and servers will be subject to the same type of vulnerabilities as any other computer including denial of service attacks, theft of service, fraud and phishing attacks."

Symantec researcher Zulfikar Ramzan said phishers have developed more sophisticated attacks beyond just the traditional e-mails directing you to a website to enter personal details and into the VoIP arena. "For example, we've seen phishing attacks that use e-mail to get you to call a specific phone number or some even use the phone to contact you in the first place.

These so-called voice phishing or 'vishing' attacks exploit VoIP. As a result, such attacks can be conducted cheaply enough for phishers to see a sufficient return on their investment," he said. At the same time, Ramzan added that there have not been many reported cases of such attacks, so it is not clear if they will become more prevalent moving forward.

IP service optimisation solutions supplier, Allot Communications advocates the use of deep packet inspection (DPI) technology to add to the QoS and security arsenal of an organisation deploying VoIP. 

Allot said throwing more bandwidth at VoIP services is often not solving the true problem, which can only be uncovered by actually knowing what packets are travelling across your network. Measures to safeguard against any kind of attack using VoIP services should already lie within an existing data network's firewall, IDT, antivirus and authentication infrastructure.

But the DPI tools available from Allot or Compuware (which is also a component of BT's Assured Application Infrastructure service) for example, can help identify an attack and help configure access protocols to protect the network, as well as make sure critical voice traffic is given the priority required.

"DPI doesn't take care of the security threats out there, but it can work with other third-party management tools to be a critical element in better managing traffic across your network that includes voice," said Allott.

VoIP case studies






VoIP special report: Making a case for VoIP

VoIP special report: Taking VoIP to the next level

Comment on this article: [email protected]


Read more on Voice networking and VoIP