tmc internet telephony show leveraging ip telephony for telecommuting sip in telecommuting and...
TRANSCRIPT
TMC Internet Telephony Show
Leveraging IP Telephony for Telecommuting
SIP in Telecommuting and Teleworking
Internet Telephony Show, Long Beach CA 10/14/03-10/16/03
TMC Internet Telephony Show
Internet Telephony Show Long Beach, CA 10/14/03-10/16/03
• Robert Messer, ABP International, Inc.Introduction and Panel Host
• Nicolas Pohland, snom technology AGSIP IP Phones for Telecommuting
• Steve Johnson, Ingate Systems Inc.IP Security in Telecommuting
• Brit Vickner, Interactive Intelligence, Inc. Telecommuting Application support
TMC Internet Telephony Show
20 years later 42 million work at home—but not every day
42.7 43.545.8
41.6
45.5 6.6 7.3
9.1 8.5 8.711.6
14.416.8
23.5
15.818.3 19 19.9
23.4
16.5
0
5
10
15
20
25
30
35
40
45
50
1980 1985 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003
Self-employed
Employees + contractors
WAH business hours
Any employed work at home
Sources: The Dieringer Research Group, ITAC, U.S. Census
2.2
Joanne H. Pratt AssociatesCopyright 2003 Joanne H. Pratt Associates
TMC Internet Telephony Show
Demographics of Telework
* 39% of US workers would like to telework, but only 31 feel there employers will let them.
U. of Connecticut Study
* 17% or the workers in Finland telework. Eustats
* It is estimated that 100MM US workers will Telecommute by 2010. Kiplinger, 12/00
* The number of teleworkers worldwide in 2003 is expected to be 137 million. Source, Gartner Group
TMC Internet Telephony Show
Examples of Economic Benefits
• 17% of AT&T managers work full time from home in Virtual Offices, while the operational benefit of telework to AT&T exceeds $150 million annually.
• AT&T realizes approximately $150,000,000 in annual savings by teleworking $100,000,000 through direct employee productivity, $35,000,000 through reduced real estate costs, and $15,000,000 through enhanced retention and Productivity increase. AT&T 2002-2003 Employee Telework Survey
• The manager/staff ratio in a virtual organization is 1:40. It's 1:4 in a traditional office. Ft. Lauderdale Sentinel
TMC Internet Telephony Show
Ecological & Time Benefits
• A 40 minute commute equates to 8 working weeks per year. Colorado Telework Coalition
• Every week 32,000,000 Americans could be telecommuting at least one day. They would not drive 1,260,800,000 miles (equal to 51,000 times round the Earth)
• POLLUTION SAVINGS would be 1,081,955,230 lbs, or 540,978 tons of a mix of Carbon Monoxide, Carbon Dioxide, Nitrogen Oxide, Particulate Matter and Hydrocarbons.
TMC Internet Telephony Show
Virtual Organizations
• IP telephony specially SIP is the enabling technology
• Reduced cost of communications
• International Outsourcing is made possible but alsonew domestic organizations are emerging based ontechnological advances and cost reduction.
TMC Internet Telephony Show
Disaster Recovery• Business Continuity
Disaster Management When disaster strikes, key company locations may go offline or be physically inaccessible. Remote work capability will keep businesses running. Gartner
Business continues after Seattle quake though some of it from home
Telework allowed many to continue working during the Great Ice storm of '98 which cut power for millions for up to several weeks
TMC Internet Telephony Show
The IP Phone in Telecommuting
Nicolas Pohland, snom technology AG
What requirements and issues does the IP phone need to possess and address in a telecommuting environment?
TMC Internet Telephony Show
The IP Phone
• The phone as a specialized communication device is here to stay.
• The IP phone supports the telecommuters needs and makes his environment more office like.
• Telecommuting is the major driving force for VoIP in general, especially Western Europe.
• Not all SIP implementations are equal.
TMC Internet Telephony Show
Issues
• Phone number transparency• Encryption• NAT Traversal• Quality of Service• Maintenance• Security• Legal Issues
TMC Internet Telephony Show
Phone number transparency
• User needs to be reached under the same number whether at home, work, hotel or at a café, i.e. regardless of destination.
• SIP inherently provides that with proxy capable of forking.
• Transparency should also be independent of origin of call, i.e. whether call is done from PSTN or Internet.
• ENUM extension ensures this.
TMC Internet Telephony Show
Encryption
• By default voice is only encoded but not encrypted.
• An intelligent access device, e.g. VPN capable router can be used.
• Or the phones support encryption directly.
• This is slowly becoming reality.
• May be a legal “challenge” for the VoIP industry.
TMC Internet Telephony Show
NAT Traversal
• Most SOHO environments are small LANs that are connected to the internet with a NAT router.
• Problem: Phone normally has a local IP address and is not “visible” from the Internet. It cannot be called.
• There are several solutions to this. E.g. SIP aware firewalls, B2BUAs, session border controllers, STUN and UPnP.
• An IP phone supporting STUN or UPNP is a good solution for the home office since the already existing low cost asymmetrical NAT router does not need to be replaced.
• SIP aware firewall is good solution to improve security.
TMC Internet Telephony Show
Quality of Service
• Voice is very sensitive to interruptions, latency (delay) and jitter (delay variance)
• LAN side is not the problem. • In most countries the backbone is not the problem.• The access point is critical. Enough bandwidth must be
available for voice. Depends on used codecs, packet size and max. number of simultaneous calls.
• Preferably access device AND ISP should support QoS mechanisms. Not always available and not cheap, yet.
• Separate VLANs and access points also a pragmatic solution. See security.
• IP Phones should also implement DNS SRV to support redundant SIP proxies. This increases reliability a lot.
TMC Internet Telephony Show
Security
• SOHOs are not well protected.
• IP Phones are not as vulnerable to attacks as PCs. Separate VLANs possible but CTI benefit is lost.
• SIP aware firewall can help improve security immensely.
• Global proxies need to implement authentication.
TMC Internet Telephony Show
Maintenance
• Central and remote configuration and management a must for mass deployment, e.g. bigger corporation or IP Centrex provider.
• PSTN makes deployment easy because phone number belongs to physical lines (normally) and configuration options quite limited for residential phone.
• But home workers expect PBX functionality, global phone books, etc. A lot more parameters need to be setup.
• Mass deployment, e.g. remote settings management critical for larger deployments.
• This is not well standardized in SIP, yet. We are working on it …
TMC Internet Telephony Show
Legal Issues
• Encryption makes the intelligence community nervous
• Emergency call (“911”) origin may pose a problem in some countries and require a PSTN backup. How convenient for PSTN operators …
• Some countries forbid VoIP directly to protect telecom monopoly.
TMC Internet Telephony Show
Summary
• Telecommuting with SIP lowers costs and increases functionality.
• But SIP deployment is not trivial in the home environment.
• But with intelligent IP Phones telecommuting can be made easy, reliable and secure.
TMC Internet Telephony Show
The Third Wave of the Internet
HTTP created the Web
SMTP created Email
SIP enables universal communications over the Internet and the ability to telecommute when desired
TMC Internet Telephony Show
It’s all there – almost…
A single network (IP)
Everyone has a connection
High capacity and good performance
A single protocol (SIP)
But:Firewalls are meant to exclude inbound communicationsSIP does not traverse common firewalls and NATs
TMC Internet Telephony Show
What’s the difference?Typical Internet protocol (SMTP, HTTP…)
Internet
HOSTSERVER
SIP (and H.323…) connects person-to-person
Internet
PERSON
PERSON
Firewalls support communications from the inside out to reach application servers
Realtime Communications requires bi-directional connections which most firewalls don’t support
TMC Internet Telephony Show
One Way: VoIP Islands…
PSTN
No connectivity between the IP clouds
Europe
IP
US
VPNTunnel
IP
Gateway
Gateway
Gateway
TollBypass
SOFTSWITCH
MGCP
TMC Internet Telephony Show
The Global All IP Way
SIP-capable firewalls make the differenceMain Office
Home Office
Home Office
Branch Office
TMC Internet Telephony Show
Suggested SolutionsSTUN TURN ICE
– Can cope with certain types of existing NATs– Complexity has grown to increase reliability and handle more NATs– Needs to be implemented in the SIP clients and servers on the Net– Tight firewalls cannot be traversed
Dynamically-controlled firewalls/NATs – Midcom: By Firewall Control Proxy (no activity known at this time)– UPnP: By the client (Windows) (Microsoft)
Tunnelling - Brings the SIP-client to an operator or a corporate LAN– Requires ALG for each client on LAN with own address space– IPSec, Proprietary
ALG (non-Proxy) SIP-aware firewall– TLS not possible
Proxy-based SIP-aware firewall/NATs – General, handles complex scenarios, PBX functionality
TMC Internet Telephony Show
STUN TURN ICE
• Evolving IETF Standard• Requires client on the inside of the LAN and “reflector” in the
network• Client “pings” the reflector which returns the internal IP address that
is being broadcast by the SIP end point• Once the internal IP address is known, then all communications
carry that IP address in the header information
TMC Internet Telephony Show
STUN TURN ICE
Benefits• Simple solution to NAT traversal• Offers alternative to home users
and small businesses that don’t wish to incorporate a full firewall solution
Problems• Exposes the internal IP
addressing scheme• Circumvents the protection
offered by the firewall• Inappropriate for enterprises
and others with valuable information to protect on their LAN
• Only works for certain types of NATs
TMC Internet Telephony Show
Midcom
• Developing IETF standard for managing controllable firewalls with a Firewall Control Proxy
• Elegant solution that puts the solution at the point where the problem occurs
• Firewall Control Proxy would dynamically control the firewall to accept SIP media only when authorized
• Control resides with the Firewall Control Proxy and the existing firewall takes care of all of the logging
TMC Internet Telephony Show
Midcom
Benefits• Based on an IETF Standard• Leaves the firewall in place • Offers a separate device to
just manage SIP sessions
Problems• No companies are currently
developing this technology• There are currently no firewalls
that are controllable by an outside agent
• Leaves vulnerabilities on the Firewall Control Proxy which could result in a violation of network security
TMC Internet Telephony Show
UPnP
• Universal Plug and Play• Proposed by Microsoft• Allows all end points to be controlled by the Microsoft agent
TMC Internet Telephony Show
UPnP
Benefits• Simple implementation• Nothing to set up or configure• Excellent implementation for
home users• Would expand the use of SIP
Problems• Limited utility for enterprises of
any size• Cannot handle complex call
scenarios• Solution handles NAT only• Cannot handle hard phones,
only soft clients• Security of the network
controlled by Windows server
TMC Internet Telephony Show
Tunneling
• Network based NAT traversal solution• Minimizes infrastructure upgrades• Provides quick solution for remote clients
TMC Internet Telephony Show
Tunneling
Benefits• Simple implementation• No firewall upgrades
necessary• Network based solutions
available
Problems• Depends on “teasing” ports to
remain open• Some implementations only
allow outbound calling• May require a client inside the
LAN and on the end point• Non-standards based
solutions• Limitations for supporting
advanced calling features
TMC Internet Telephony Show
ALG (non-Proxy) SIP-Aware Firewall
• Implementation which sits between two hosts and modifies the information flow between them on the fly
• ALGs normally do small modifications to the packets
TMC Internet Telephony Show
ALG (non-Proxy) SIP-Aware Firewall
Benefits• Theoretically faster processing
times than proxy-based solutions
• Performs most of the important functions of allowing traversal of the NATed firewall
• Able to dynamically open and close ports for media
Problems• Cannot read deeply into the
packet headers• Cannot support encryption
(TLS); ALGs see everything in the clear so modifying authenticated packets is impossible
• Setup of complex call scenarios a problem
• Current implementations do not support soft clients
TMC Internet Telephony Show
Proxy-Based SIP-Aware Firewall/NATs
• Full proxy sits between two hosts• Proxy terminates a packet flow, then reinitiates flow to the destination address
– Records SIP client address to locate behind NAT– Digest authentication– Rewrites headers to destination on the LAN– Rewrites headers of outgoing messages to mask internal IP addresses
• Proxies can look deeply into the header information because it stops packet briefly
– Inspection of SIP signaling (including Instant Messages)• Support for Transport Layer Security (TLS)
– Adds privacy and authentication to communications– TLS is being used for adding security to Microsoft Office Live Communications
Server, Avaya, Reuters and others• Can also be used as a separate SIP firewall when all data ports are
permanently closed
TMC Internet Telephony Show
Proxy-Based SIP-Aware Firewall/NATs
Benefits• Most flexible solution• Able to support all call
scenarios, despite complexity• Can support servers on the
inside of the LAN• Supports TLS• Flexible and adaptable• Offers a backup registration/
location server option• No degradation of voice quality• Minimal latency
Problems• Possible slower performance
than an ALG solution
TMC Internet Telephony Show
Summary of Advantages
Capability Full Proxy ALG
Support for TLS Yes No
Flexible support for complex call scenarios
Yes No
Backup registrar Yes No
Support for soft clients Yes No
TMC Internet Telephony Show
Internet IP
Real and Complex Scenarios
SIP/PSTNGateway
Complications for non-proxy solutions:
Tight firewalls
Call transfer
SIP server on the LAN
Trusted connections: TLS
XP
SIPServer 2
SIPServer 3
SIPServer 4
LAN
Firewall/NAT
IP Phone
SIP
TLS Sooner or later:
The NAT/Firewall Problem needs to be solved
where it occurs
TMC Internet Telephony Show
Summary• Telecommuters are an extension of the
enterprise• Security should be a prime consideration• Solution should allow the user to take full
advantage of enhanced services• Compatible solutions between the telecommuter
site and the main office should be a consideration
• Products exist to make telecommuting an attractive option using the power of IP based realtime communications
TMC Internet Telephony Show
Telecommuting Application Support
Brit Vickner, Interactive Intelligence, Inc.
TMC Internet Telephony Show
You may be Wondering
• Complete technology tool set• Open standards (truly)• Choices for access, devices and infrastructure• Ease of use • Feeling of being disconnected• Management (I don’t know what people are doing)• Ease of support and administration• Future Proofing• Applications to the desktop (don’t workers lose functionality)
Reality: Mobile workers work longer hours with the proper tools that enhance the Customer experience.
TMC Internet Telephony Show
Composition of an Enterprise: 44%-57% out of Office
Multi-site
Teleworking
Mobile
Office56%
Traveling
44%
ITAC Estimates Teleworkers Will Grow by About a Third to 50M Workers by 2005
Total US Business Lines – Installed Base is 108 Million
Multi-site
Teleworking
MobileTraveling
57%
Office43%
51
Mobile Workforce and Devices
2003 2005
TMC Internet Telephony Show
Today’s Mobile Office Challenges
Unwired
VM
On the Run
VM
Separate, Multiple Voice and Data Platforms Depending Upon Employee’s Location and Device Availability
Remote or Home Office
VM
Corp. Office
VM
TMC Internet Telephony Show
Virtual Office
Virtual Office Platform
Integrated, Packaged, Mobile Business Communications Platform providing full Voice and Data Services to Mobile Employees and Workgroups
Communications Manager
Unified Message Manager
Corporate Information
Portal
TMC Internet Telephony Show
The Virtual OfficeDepartmental Solution
PSTN/Internet
Virtual Office Platform
IP/LAN
Wireless Provider
VirtualOffice
RemoteEmployees
VirtualOffice
Corporate Employees
PBX
Digital Phones
Virtual Office Client - Analog Phone
Virtual Office Client - SIP Soft Phone
Virtual Office Client - SIP Phone
Virtual Office - SIP Phone only
Virtual Office Unwired Employee
Virtual Office Employee with PDA
Virtual Office Work at Home Employee
TMC Internet Telephony Show
The Virtual OfficeEnterprise Solution
PSTN/Internet
IP/LAN
Virtual Office Client - Analog Phone
Virtual Office Client - SIP Soft Phone
Virtual Office Client - SIP Phone
Virtual Office - SIP Phone only
Virtual Office Unwired Employee
Virtual Office Employee with PDA
Wireless Provider
IP Gateway
VirtualOffice
RemoteEmployees
VirtualOffice
Corporate Employees
Virtual Office Work At Home Employee
Virtual Office Platform
TMC Internet Telephony Show
Virtual Office
Digital Phone Analog Phone
SIP Phone
PDA RIM
Palm
CellPhone
Communications Manager
Message Manager
Web PortalConnectors
Intelligent Communications
Device Independence
Integrated Enterprise Voice and Data Platform
Smart Phone
NotebookDesktop PC
PSTN LAN
TMC Internet Telephony Show
Full Remote/Mobile User Access
• Remote access by users from any location
• Turns any phone into a virtual office for Data Screen pops, conference calls, holding calls, parked calls, intercom calls, etc.
• Presence management features – in/out status
TMC Internet Telephony Show
Communications ManagerCommunications Console
Extensive Call Control FeaturesExtensive Call
Control Features
TMC Internet Telephony Show
Communications ManagerGraphical Status Manager
Graphically Manage Your
Status
Graphically Manage Your
Status
TMC Internet Telephony Show
Presence management means faster coordination of issues
•View status of users across sites
•See that a user is on the phone just like they are down the hall
•Find available resources at alternate sites quickly
•Dial plan means 4 digit or speed dialing works regardless of user log in location
TMC Internet Telephony Show
Virtual OfficeCorporate Information Portal
• Real time, Anywhere Data Access
• Increase Revenue Opportunities
• Improve Customer Service
• Greater Mobile Worker Productivity
• Make Informed, Agile Business Decisions
TMC Internet Telephony Show
Strategic Products
Enterprise Interaction Center®
Communité™
CustomerInteraction Center®
Communite’Hosted Services:
Unified Communications
Network IVR
Wireless Connectivity
Contact Centers
Custom Service Offerings
EnterpriseInteraction Center50-5000 users
All-in-One Comm. Server
Voice & Chat
Conferencing
Unified Messaging
IP Telephony
Customer Interaction Center20-2000 agents per site• ACD• IVR• Screen pop• Web collaboration
• Call recording• Predictive dialing• E-mail routing• Pre/post Call Routing
TMC Internet Telephony Show
SIP Communications Integrated with Corporate Data
Increase Employee Productivity
…improved access, presence management, and ease of use
TMC Internet Telephony Show
Internet Telephony Show Long Beach, CA 10/14/03-10/16/03
• Robert Messer, ABP International, Inc.Introduction and Panel Host
• Nicolas Pohland, snom technology AGSIP IP Phones for Telecommuting
• Steve Johnson, Ingate Systems Inc.IP Security in Telecommuting
• Brit Vickner, Interactive Intelligence, Inc. Telecommuting Application support