NSW Government

Telecommunications – SIP (Session

Initiation Protocol) Standard

Final v2.0

March 2016

Telecommunications – SIP Standard

CONTENTS

1. CONTEXT 3

1.1. Background 3

1.2. Purpose 3

1.3. Scope and application 3

1.4. Policy context 3

1.5. The ICT Services Catalogue 4

2. KEY PRINCIPLES 4

3. REQUIREMENTS 5

3.1 Use Cases / Scenarios 6

3.2 Elements of this standard 7

3.2.1 Telecommunications – SIP requirements 7

3.2.2 Service Management 10

DOCUMENT CONTROL 12

APPENDIX A – DEFINITIONS 13

SIP trunk 13

Service demarcation 13

APPENDIX B – ABBREVIATIONS 14

APPENDIX C – REFERENCES 15

APPENDIX D – STANDARDS 16

Developing technical standards 16

Management and implementation 16

Telecommunications – SIP Standard

1. CONTEXT

1.1 Background This is a technical standard developed through the NSW ICT Procurement and Technical Standards Working Group. The standard contains technical and functional requirements that agencies should consider when procuring ICT services for Telecommunications – SIP (Session Initiation Protocol) solutions.

By defining the necessary and common elements across agencies the standard provides an opportunity to leverage the buying power of Government as a whole, improve procurement efficiency and increase interoperability.

1.2 PurposeThe purpose of this standard is to assist NSW Government agencies to develop, procure and implement SIP solutions and tools, as well as take full advantage of their benefits. This standard also helps agencies procure in a strategic manner that reflects the NSW Government’s priorities as outlined in the NSW Government ICT Strategy.

This standard details the issues that need to be considered so each agency can identify the available options that best suit their business requirements, helping agencies achieve value for money through cost savings and improved flexibility of service offerings.

1.3 Scope and applicationThis standard applies to all NSW Government departments, statutory bodies and shared service providers. It does not apply to state owned corporations, but is recommended for their adoption.

For the purposes of this standard, SIP refers to a communication protocol for real-time multiuser sessions, regardless of media content. It enables communication services over the internet, as well as over fixed and mobile IP networks. It enables communications to be initiated and managed, with key channels being voice, video and instant messaging (Gartner 2015).

See section 3.4.1 for elements that are included in a SIP service. Appendix A – Definitions for additional definitions, including a definition for “SIP trunk”.

This standard sets out service definitions as minimum requirements that vendors must meet to be able to offer their services through the NSW ICT Services Catalogue. Agencies should consider any specific operational or regulatory factors that impact their requirements, and specific requirements they have in addition to those detailed in this standard.

1.4 Policy contextThe NSW Government ICT Strategy and Digital + 2016 Final Update set out the Government’s plan to: build capability across the NSW public sector to deliver better, more customer-focused services that are available anywhere, anytime; and to derive increased value from the Government’s annual investment in ICT.

Developing whole of NSW Government ICT technical standards is a key initiative of the NSW Government ICT Strategy, driven by the ICT Procurement and Technical Standards Working Group. These standards leverage principles defined in the NSW Government ICT Strategy and the NSW Government Cloud Policy, and they support the NSW ICT Services Catalogue.

Telecommunications – SIP Standard

The standards set out service definitions as minimum requirements that vendors must meet to be able to offer their services through the NSW Service Catalogue. This helps achieve consistency across service offerings, emphasising a move to as a service sourcing strategies in line with the NSW Government ICT Strategy, and it signals government procurement priorities to industry.

Solutions should also assist agencies in their alignment with the NSW Government Enterprise Architecture (NSW GEA), which encompasses all aspects of enterprise architecture activity at the business, information, application and technology infrastructure layers. The NSW GEA is about providing direction and practical guidance to accelerate the development of agency EA capability and enabling a common, intra and inter agency approach to the design of digital government.

This standard should be applied along with existing NSW Government policies and guidance, including the NSW Digital Information Security Policy. More information on the process for the development of standards that populate the ICT Services Catalogue is at Appendix D – Standards.

1.5 The ICT Services CatalogueThis catalogue provides suppliers with a showcase for their products and services, and an opportunity to outline how their offerings meet or exceed standard government requirements. The standards, together with supplier service offerings, help to reduce red tape and duplication of effort by allowing suppliers to submit service details only once against the standards. The offerings are then available to all potential buyers, simplifying procurement processes for government agencies.

Implementing this category management approach embeds common approaches, technologies and systems to maintain currency, improve interoperability and provide better value ICT investment across NSW Government.

2 KEY PRINCIPLESThis standard is based on the following principles:

Fit for purpose: SIP solutions should meet agency business requirements.

Information security: Meet any applicable requirements of the NSW Digital Information Security Policy and ISO 27001.

Facilitating as a service: SIP solutions should facilitate the agency transition to as a service, and ensure agency alignment with broader NSW ICT Strategy.

Interoperability: SIP solutions should meet applicable recognised open standards to support interoperability.

Business continuity: SIP solutions should meet business continuity requirements (see the NSW Digital Information Security Policy and ISO 27031-2011 for guidance on business continuity).

Performance and latency: SIP solutions should be designed to optimise performance and minimise latency across all functions to encourage concurrent use and collaboration across different geographic locations.

Value for money: SIP solutions should deliver value for money, in line with the investment principles set out in the NSW Government ICT Investment Policy and Guidelines.

Telecommunications – SIP Standard

3 REQUIREMENTS – SIP solutionsWhen considering any aspect of a SIP solution an agency must consider the service management aspects of the service(s) on offer.

The Use Case / Scenario Table in section 3.1 sets out the recommended business and technical requirements for NSW Government SIP solutions. This provides a consistent approach for all NSW Government agencies regardless of their size.

Explanations for each element of the following table are provided at section 3.2

Telecommunications – SIP Standard

3.1 Use Cases / Scenarios

Anticipated use cases for SIP solutions are set out in the table below. The corresponding requirements of this standard are ticked in the columns.

Use Case / Scenario

Telecommunications – SIP Service Management

Stan

dard

SIP

te

rmin

ation

/ser

vice

leve

l Co

-ter

min

ation

Capa

city

cha

nges

Supp

ort s

ervi

ces

Elec

tron

ic b

illin

g

Serv

ice

prov

ision

ing

lead

tim

es

Qua

lity

of S

ervi

ce (Q

oS)

Com

patib

ility

with

age

ncy

phon

e sy

stem

sFa

xing

Call

forw

ardi

ng to

ext

erna

l nu

mbe

rsEm

erge

ncy

calli

ng

Toll

frau

d m

onito

ring

and

miti

gatio

nM

alic

ious

cal

l tra

cing

Serv

ice

leve

l rev

iew

s

Engi

neer

ing

stan

dard

s

Serv

ice

certi

ficati

on

Tran

sition

serv

ices

Serv

ice

avai

labi

lity

Load

bal

anci

ng

Serv

ice

loca

tion

IP d

eliv

ery

circ

uit p

rote

ction

Sess

ion

man

agem

ent o

ption

s

Encr

yptio

n

Burs

t cap

acity

Mod

em su

ppor

t

Criti

cal f

uncti

ons

Full-

serv

ice

adm

inist

ratio

n

Ons

hore

/offs

hore

m

anag

emen

tSe

rvic

e le

vel m

anag

emen

t

Mul

ti-se

rvic

e br

oker

pro

visio

n

Required NSW Government business outcomes

Additional business outcomes for agency consideration

6

Telecommunications – SIP Standard

3.2 Elements of this standard

3.2.1 Telecommunications – SIP requirements

A SIP service that provides the following:

Voice carriage service.

Service delivered over existing agency IP network from service provider termination equipment (delivered over an existing WAN, or through a newly purchased internet connection where one does not exist, or via the internet).

Service delivery to agency required site(s).

Price per channel with the ability to scale up or down as agency business needs change.

Aggregated usage across all services per agency or cluster.

Optional zero cost fixed line to fixed line calls (On–Net) within an agency, cluster and/or Government.

Ability to terminate any number of inbound (13/18 numbers) numbers on any number of SIP trunks or groups of SIP trunks.

Full compatibility with the NBN.

Authentication to be based on industry standard schema including IP based authentication (to lock service delivery to a specific route location) or username/password authentication.

Ability for agency to include any number of SIP trunks into one or more logical groupings, and

Optional fees associated with the porting out or in of phone numbers to from other providers to be agreed as part of upfront service level agreement (SLA) and contractual discussions.

Standard SIP termination / service level

Standard delivery of a SIP trunk service is to a single location at any required agency site with no hardware redundancy in the termination device.

The Standard Service Level is as follows:

99.7% availability; and

Degraded services are restored within supplier agreed SLAs based on agency business needs.

Special Note:Agencies and service providers must agree final SLAs including response and restoration times, penalties and other related matters as part of their due diligence prior to the commencement of any contract.

Capacity changes

An agency purchasing a SIP service may wish to implement additional (or reduce) channels during the course of the contract period. For additional services there should be the ability to terminate at the same time as the initial service engagement without penalty. At the time of commissioning services, Agencies should establish appropriate contractual and SLA agreements that ensure services continue to meet agency requirements.

7

Telecommunications – SIP Standard

Electronic accounts

Provide timely and accurate billing on a monthly basis for all services supplied. Summary bills to be sent to the agency for payment. An itemised electronic service inventory in agreed format should be available for all services on all accounts provided to an agency. All electronic Billing information to be sent to the agency within a reasonable timeframe (base 10 working days) from the end of the ‘billing cycle’.

Service provisioning lead times

Provision of services will conform with supplier defined and agency agreed SLAs. These should provide expected lead times based on metropolitan, regional and rural locations and be agreed to as part of any transition in arrangements. As a minimum these should cover the following scenarios:

New service provisioning

Changes to service capacity

Service cancellation

Quality of Service (QoS)

The target voice quality for all SIP calls should be for 85% of minutes or calls to have a Mean Opinion Score (MOS) >= 3.9 for G.711 and >=3.6 for G.729 calls for the component that is under the provider’s control.

MOS Quality Comment

5 Excellent

Imperceptible

4 Good Perceptible but not annoying

3 Fair Slightly annoying

2 Poor Annoying

1 Bad Very annoying

However, for an end to end MOS figure, there are many factors affecting the MOS, some of which may be outside the provider’s control, namely:

CPE/SBC configuration CAC WAN access speed WAN access QoS Router prioritisation LAN QoS End to end management may involve multiple parties, multiple networks Firewalls and the like

Agencies need to consider the above in service selection and in establishing of SLAs for the service(s).

Compatibility with agency phone systems

Provide functions such as SIP Early Offer/Media to allow for agency phone systems to deliver services as expected by the agency’s users (e.g. provide for local ring tone generation or network generated ring tone).

8

Telecommunications – SIP Standard

Call forwarding to external numbers

Optionally services should be able to support CLID of the calling party when an incoming call is forwarded externally or when using the mobility feature often referred to as simultaneous ring or Single Number Reach (SNR) is used. This is so the CLI of the external party is presented to the final destination.

Emergency calling

Optionally offer a method so that calls can be geo-located or that the service is flagged so that emergency services operators can verify the location of the caller.

Toll fraud monitoring and mitigation

Provide a method to mitigate potential toll fraud by utilising automated tools to detect unusual calling patterns that could be indicative of toll fraud activities. Service provider should be able to run daily routines to detect suspicious international calls and unusual call patterns. The service provider to contact nominated agency contact point within 4 hours of detecting issue.

Malicious call tracing

Support malicious call tracing.

Engineering standards

The following are the engineering standards that all SIP trunks should support:

a) Codec standards to be used:

i. G711a; or

ii. G.711mu; or

iii. G729a.

b) Service fail over time < 60 seconds.

The this list is not exhaustive and is only provided as a minimum, service providers should identify all requests for change RFCs they conform with and call out all they do not conform with as part of any response to market engagements.

Service certification

Suppliers will provide evidence that their SIP service is certified/accredited or proven to be working with the major voice switching vendors used by NSW Government for their current software release and two previous major software releases including but not limited to Cisco, Alcatel, Avaya, NEC and Microsoft (Lync).

The overall service should also be certified as meeting the following standards as appropriate:

ISO 27001

ISO 9001

AS/NZS 60950

AS/CA S004:2013

Service availability

The service provider will provide options to increase service availability through the use of redundant site locations and/or hardware redundancy.

Options may include (but are not limited to):

Single site redundant hardware

Dual site non redundant hardware

Dual site redundant hardware

9

Telecommunications – SIP Standard

Load balancing

This option allows the agency to increase availability via load balancing across different SIP trunk terminations which may be in the same location or geographically diverse.

Service location

Should the agency require a SIP trunk service to be delivered to a site, the agency is to purchase the service delivery at the required site as follows:

1) Agency has an existing WAN link, from an IPVPN WAN linked to the SIP trunk platform:

Order a SIP trunk with the required number of channels

Determine CODEC to be used

Ensure that the existing WAN access has QoS and has sufficient bandwidth. If bandwidth is shared with other data traffic, VOIP traffic should not exceed provider recommendations of WAN access speed. If dedicated to VOIP then VOIP traffic should not exceed provider recommended limits of the WAN Access speed as routing updates and critical traffic must be allowed for.

2) Agency has NO existing WAN link, from an IPVPN WAN linked to the SIP trunk platform:

Order a WAN link and follow above points

IP delivery circuit protection

Should the agency require resilience in connections the agency can select an optional service to protect the IP delivery circuit.

Session management options

Make available session management hardware in the monthly recurring costs. It could be available as follows:

1. Native SIP trunk Serviceo Integrated Access Device (IAD)

ISDN Primary Rate (PRI) ISDN Basic Rate (BRI)

o SIP trunk terminating on Customer CPE – no session management hardware2. Session Border Controller (SBC)

o Direct on a PABX – this would require service provider to manage the PABX as part of the service

Encryption

The supplier to provide an option that allows for both signalling (TLS) and voice encryption (SRTP) across the SIP component of the call path. This requirement would be mandatory on public network services and optional on private network services.

Critical functions

SIP trunks may not be suitable for critical functions. Phones that are used for critical functions should be identified by the agency and taken into consideration so that the service meets the minimum service availability expectations. If SIP is not suitable selectively migrate these functions to other more suitable services.

3.2.2 Service Management

Full-service administration

All provisioning, de-provisioning, together with all other administration and management tasks required to operate the environment, are provided as part of the service offering. The only exception will be service management of the provider which remains the sole responsibility of the initiating agency.

10

Telecommunications – SIP Standard

Operate a Service Desk on a 24x7 basis for incident, problem (and other agreed services) management for authorised users. For managed services: at a minimum if a service is unavailable or degraded the supplier will notify the affected agency, and the supplier is to monitor service availability and report on service availability on a monthly basis.

Performance and latency

The solution will provide appropriate built-in redundancy to achieve agency required levels of service. Typically this may be not less than 99.97% availability 24 hours 7 days per week. Bandwidth and latency expectations are to be defined and agreed up front.

Transition services

Ensure the smooth and orderly transition from any current service provision to the new arrangements.

Disaster recovery

The solution is to have appropriate levels of disaster recovery built in to minimise downtime or disruption to the service. This element could include anything from a duplicated solution that is available immediately if the primary site fails, to a fully documented process for restoring services within Service Level Agreement (SLA) defined times.

Service level management

Agencies will retain ultimate responsibility for service level management in any solutions engagement, which would ordinarily be covered by a SLA. Agencies, service-brokers and solution providers need to agree all SLA reporting and other related activities as part of any transition-in process.

Multi-service broker provision

Any solution provider must work within the confines of a multi-service provider environment where either the agency or nominated provider will perform broker service provision. This will be defined as one provider being made accountable for the provision of all associated services, whether these are provided by the provider itself, or other third-party providers.

11

Telecommunications – SIP Standard

DOCUMENT CONTROL

Document historyStatus: Endorsement Release

Version: 2.0

Approved by: Executive Director, Strategic Policy

Approved on: 21 March 2016

Issued by: ICT Services, Services & Digital Innovation Division, Department of Finance, Services & Innovation (DFSI)

Contact: ICT Services, Services & Digital Innovation Division, Department of Finance, Services & Innovation (DFSI)

Email: standards@finance.nsw.gov.au

Telephone: (02) 9372 7445

Review This standard will be reviewed as required.

12

Telecommunications – SIP Standard

APPENDIX A – DEFINITIONS

SIP trunk

For the purposes of this standard a SIP trunk is defined as: As a virtual entity that is constrained by an associated SIP channel which supports 1 x two way

voice path 1 SIP trunk = n SIP channels Multiple SIP channels can be grouped together for inbound or outbound purposes The codec used will depend on what is configured and/or as negotiated between the endpoints.

The default preferred codec is G.711 unless otherwise specified or agreed, with optional G.729.

Multiple SIP trunks can be terminated on an SBC or IAD. For outbound calls a SIP trunk typically requires that calls are authenticated and the SBC or IAD provides the access control function. For inbound calls telephone numbers are attached to a SIP Trunk and delivered to either the SBC or IAD.

Service demarcation

The service demarcation point is defined as the point of interconnection to the agency network from the SIP Termination device. In the case where the Supplier provides an SBC or IAD this is the network interface(s) on the SBC, in the case of IAD applications this is the ISDN interface.

13

Telecommunications – SIP Standard

APPENDIX B – ABBREVIATIONS

AIIA Australian Information Industry Association

ASCII American Standard Code for Information Interchange

ASD Australian Security Directorate

ASIO Australian Secret Intelligence Organisation

BCM Business Continuity Management

CAC Call Admission Control

CLID Calling Line Identification

CMIS Content Management Interoperability Services

CSA Canadian Standards Association

DQoS Dynamic Quality of Service

GovDC Government Data Centre

IAD Integrated Access Device

ICT Information & Communication Technology

IP Internet Protocol

ISDN Integrated Services Digital Network

ISO/TC International Organization for Standardization / Technical Committee

IT Information Technology

LAN QoS Local Area Network Quality of Service

LDAP Lightweight Directory Access Protocol

MOS Mean Opinion Score

NBN National Broadband Network

OCR Optical Character Recognition

OS Operating System

PCI-DSS Payment Card Industry – Data Security Standard

PTS Procurement & Technical Standards

QoS Quality of Service

RFCs Requests for Change

RTCE Real Time Collaborative Editing

SBC Session Border Controller

SIP Session Initiation Protocol

SLA Service Level Agreement

SNR Signal Number Reach

SRTP Secure Real-Time Transport Protocol

TLS Transparent Layer Security

WAN Wide Area Network

14

Telecommunications – SIP Standard

APPENDIX C – REFERENCES Agencies should have regard to the following statutes, NSW Government policies and standards:

AS/NZS ISO 31000 Risk management – Principles and guidelines ISO 27031-2011 Information technology – Security techniques – Guidelines for information and

communication technology readiness for business continuity ISO 27001 Information technology – Security techniques – Information security management systems

– Requirements Electronic Transactions Act 2000 Government Information (Public Access) Act 2009 Health Records and Information Privacy Act 2002 NSW Government Digital Information Security Policy NSW Government Open Data Policy NSW Government Cloud Policy NSW Government Standard for Data Quality Reporting NSW Government ICT Strategy NSW Government Digital + 2016 Final Update NSW Government Information Classification, Labelling and Handling Guidelines NSW Procurement: Small and Medium Enterprises Policy Framework Privacy and Personal Information Protection Act 1998 Public Finance and Audit Act 1983 Public Interest Disclosures Act 1994 State Records Act 1998 TPP 09-05 - Internal Audit and Risk Management Policy for the NSW Public Sector

15

Telecommunications – SIP Standard

APPENDIX D – STANDARDS

Developing technical standardsDevelopment of a standard begins with identifying the need for a new standard, which is followed by the development of the standard in consultation with the industry and experts groups, including the Australian Information Industry Association (AIIA).

The following diagram outlines the process.

The ICT Procurement and Technical Standards Working Group (PTS Working Group) is chaired by the Department of Finance, Services & Innovation (DFSI) and includes senior representation from across NSW Government.

Agencies engage with the PTS Working Group concerning services for inclusion in the ICT Services Catalogue. This drives the development of technical standards, where none exist. The PTS Working Group has the leading role in reviewing and endorsing the technical standards developed in response to agencies’ requirements.

The PTS Working Group is supported by two sub-groups responsible for the areas of Telecommunications and Services and Solutions. The sub-groups are responsible for initial development and review of standards relating to their areas of responsibility.

Management and implementationThere is scope to modify standards through the NSW Government ICT governance arrangements as necessary. Standards are designed to add value, augment and be complementary to, other guidance, and they are continually improved and updated.

This standard does not affect or override the responsibilities of an agency or any employee regarding the management and disposal of information, data, and assets. Standards in ICT procurement must also address business requirements for service delivery.

NSW Procurement facilitates the implementation of the standards by applying them to the goods and services made available through the ICT Services Catalogue.

16

Need for new or amended standard

identified

Standard developed (Industry/agencies

consulted)

Standard approved and released by PTS

Working Group

Market engagement for services which meet the standard

Services added to Catalogue

Business requirements change