Enterprise-Centric UC Live Unified Communication Beyond the Borders © 2010 Intertex Data AB 1 Prepared for:INTERNET TELEPHONY Conference Ingates SIP Trunk-UC

Enterprise-Centric UCLive Unified Communication Beyond the Borders

© 2010 Intertex Data AB 1

Prepared for: INTERNET TELEPHONY ConferenceIngate’s SIP Trunk-UC SummitLos Angeles, October 2010

By: Karl Erik Ståhl President Intertex Data ABChairman Ingate Systems [email protected]

© 2010 Intertex Data AB

Intertex & Ingate

Same parent company Intertex: SMB, SOHO and home SIP Firewalls

and E-SBCs• For volume deployment

Ingate: Enterprise and SMB SIP Firewalls and E-SBCs

• SIParators® for enterprises and projects

Cooperation in management and development Co-developed SIP code Ingate represents Intertex in the US

2

by in the US


SIP Trunking – Now SIP Trunk-UC Summit

UC, Unified Communication – Many definitions… This session is about the Live (Real Time) Person-to-

Person part (other parts may be Web and Email based)• Telephony – VoIP, SIP Trunking• Video, HD voice• Presence• IM – Instant Messaging

Today’s SIP Trunking makes VoIP global, but it is still mostly POTS (Plain Old Telephony Service)

But for the better; Video, better Voice, Presence and IM, we mostly see local islands of UC

3


Some History (Before the Internet)

MHS, Message Handling Systems appeared where terminals or computers where connected

One started building gateways between offices and partners (Compare today’s “Federation”)

Standard required! Telcos came up with X.400• Store and forward messages between Telcos, via various

networks• Extensive OSI layered standard – Complex!• Chargeable (good for the Telcos, they thought)

Then came the Internet with its simple SMTP for email• One network & standard, global connectivity (no islands) • The Email revolution (explosion)• X.400 and proprietary MHS died

4


The Web and Further

The World Wide Web, with its HTTP standard, created something totally new that we today cannot be without

Killed off the Videotex services and France’s successful Minitel

“World Wide” = global No island! Neither Email nor the Web are chargeable in themselves Telcos became bandwidth providers… What was next to come on the Internet?

• Live (Real Time) communication between persons!• H.323 came with Video Telephony• H.323 was much like X.400 – Not internet style• SIP is the Internet protocol!

5


HTTP created the Web

SMTP created Email

SIP should create global Live IP Person-to-Person Communication!

The Next Step of Internet Usage


…but NATs and Firewalls are an Infrastructure Problem

SIP (and H.323…) connects Person-to-Person

Internet

PERSONPERSON

Locate the person Set up a session+ Open real time media streams+

Typical Internet protocol (SMTP, HTTP…)

Internet

HOSTSERVER

NAT/Firewall

SIP is the Protocol for IP Communication Person-to-Person,

BUT IT DOES NOT REACH THE USERS!


So What Happened?

While there has been great success for MSN, Skype and local enterprise live UC (using proprietary protocols)…

Telcos have used SIP to replicate POTS (POTSoIP) Got stuck in replacing parts of the PSTN Islands again Telcos can’t even give their broadband customers a proper

SIP address like [email protected] Are we leaving it all to Skype (very good at penetrating

firewalls)?

8

Go better and beyond!


Europe

US

VPNTunnel

IP PBX

PBX

We have Seen Much POTSoIP

PSTN

Gateway

Gateway

TollBypass

IP PBX

Gateway

SoftSwitch

Gateway

Voice overBroadband

Very seldom VoIP connectivity between the VoIP IP clouds!

Most broadband VoIP providers still run calls between each other over the PSTN!

Are we stuckwith old POTStelephony over new wires?


Telcos Roll out CPEs where SIP Ends Up in Old Phones

InternetInternet

The 5060 SIP-port is just grabbed on the outside to the FXS ports!

(And lower level SIP ALGs often cause problems and do not handle more than basic scenarios.)

Telephone ports (FXS) on the CPE is a popular way to deploy IP telephony. By logically placing the SIP clients on the outside of the NAT/Firewall, unreliable work-around methods like STUN, TURN and ICE become unnecessary. However, this only gives POTS replication, often even stopping general SIP based services!

FXS ports (for plugging in analog phones) is really POTS replication!


We Want a World of Global Live IP Communication

Fix the NATs and firewalls and there is no reason to be caught in POTSoIPs islands! SIP connects globally and has

lots of applications. It’s not magic – It’s just the SIP standard!

VoIP++

Global IP Connectivity

All SIP Services


Back to Basics

The IP networks (Internet and other) are connected There is a standard, SIP SIP (incl. SIMPLE) is general, for Live Person-to-Person

communication, POTS replication is just one usage But it must reach the users on the protected LANs

behind NAT/Firewalls! Some E-SBCs can provide general SIP traversal NATs

and Firewalls The Intertex and Ingate products do that, in addition to

the SIP trunking (you don’t have to choose only one)

Let’s put it to use! Demos will follow

12


Is it about SIP Trunking, Hosted Services or a Combination?

The Trunk Service is in the Cloud, while the “PBX service” (as the users see it) is on the LAN. That is already a combination, that SIP Trunking – for Telephony - brought together on a Global level.

The other Live parts of UC; Video, better Voice, Presence, IM, also need to be brought together on a Global level - Not having it locked into enterprise islands!

Today’s demonstrations will show that it can be done by following the SIP standard and using the E-SBCs at the enterprise edge, to allow UC SIP communication across the borders (the enterprise firewalls).


No battery draining of WiFi mobile phones, otherwise caused by keep-alive packets* inhibiting sleep mode.* Work-around methods for SIP NAT-traversal like STUN, TURN, ICE and Far End NAT Traversal use frequent keep-alive packets to keep holes in the NAT/Firewall open.

Our CPEs are SIP Capable NAT/Router/Firewalls

InternetInternet

Problems solved where they occur Wired or wireless SIP clients (phones, soft clients, PDAs) No special requirements on the SIP Client – Just standard SIP

SIP

Intertex and Ingate have SIP Proxy based SIP aware Firewall/NATs General, can handle complex call scenarios and all SIP services Additional functionality available (SIP server, PBX functionality etc.)

IMSIMS


And the CPEs are also Adapted for SIP Trunking

PSTNPublic Internet

SIP Trunking Provider

GWSIP System

Data & VoIP LAN

IP-PBX

Demarcation point of service and bringing SIP communication to the LAN

Soft Clients and Multimedia Terminals

Intertex IX78

Remote Users


For SIP Trunking, the Service is in the Cloud

PSTN


GWSIP System

Data & VoIP LAN

IP-PBX

Service in the Cloud

Users on the LAN


For (Remote) Users, the Service is on the LAN

PSTN


GWSIP System

Data & VoIP LAN

IP-PBX

Remote Users

…and users on the LAN

Service on the LAN

User in the Cloud


And Just Some Part of the UC Service may be in the Cloud

PSTN


GWSIP System

Data & VoIP LAN

IP-PBX

Service on the LAN

UC Voice Mail

One example is MS Exchange UM for the BPOS service: Voice Mails are recorded and played using SIP with TLS and SRTP.

Specific Service in the Cloud, e.g. Voice Mail, Presence server, etc.


SIP Must Work with Services and Users Everywhere!

PSTN


GW

SIP System

Data & VoIP LAN

IP-PBX

UC Voice MailRemote

Users

SIParator®Firewall

Ingate/Intertex E-SBCs enable SIP based Live UC Across the Borders! (SIP does not traverse ordinary NAT/Firewalls.)


20

Can We Move Beyond POTS Today?

RJ45

LAN Intranet Internet

We have a global network: The IP Networks

RJ11

POTS and PSTN have been there for 100 years

Black Phone

IP Phone

3.5 kHz isn’t HiFi, but MOS is 5!

Soft ClientWiFi Mobile

We have a standard: SIP

And there is more than Voice: Presence, IM, Video, etc.

INGATE LAN

ingate.com

InternetUS, Los Angeles

THIS LAN, SIP Trunk-UC Summit

[email protected]@ingate.com [email protected]

CELL

PSTN

INTERTEX LAN

intertex.se

Sweden

3G

[email protected]

PSTN

SIP/PSTNGateway

SIP Trunk Provider 1

PSTNSIP/PSTNGateway


Japan

[email protected]


Beyond POTS: Mobility, Multimedia and Numbers

We certainly want our home workers connected to the company PBX

And the same goes for our road warriors - at the hotel- at public WiFi

All should have all PBX services- Reached by extension number or DID- Place PSTN calls (displaying correct CallerID)- Voice mail, conferencing etc.- Presence, IM, video if supported by the PBX

INGATE LAN

ingate.com



([email protected]) [email protected]

CELL

PSTN

INTERTEX LAN

intertex.se

Sweden

3G

[email protected]

PSTN

SIP/PSTNGateway


PSTNSIP/PSTNGateway


PBX Mobility with SIP Trunking (demo)PSTN +46 8 12345629 my direct numbersteeg 29 = my extension numbercalle 23 (steeg)PSTN +46 8 12345600 Intertex main ext 29, 25s leave Voice MailCalle mobile in the hallVoice Mail comes via email

[email protected]

Japan

[email protected]



So is IM (Instant Messaging)

Laptops have cameras and good screens, so why not video?- Video conferencing does not have to be complex with huge cost and for

internal use only.

And voice can actually be better than 3kHz AM-radio quality!- Who said MOS score 5 was perfect? Hardly HiFi?

Presence is really useful

INGATE LAN

ingate.com



[email protected] ([email protected])

CELL

PSTN

INTERTEX LAN

intertex.se

Sweden

3G

[email protected]

PSTN

SIP/PSTNGateway


PSTNSIP/PSTNGateway


…and other SIP based applications (demo)• Presence, Instant Messaging (Who is available?)Not restricted to own domain intertex.se, here also ingate.com [email protected] [email protected] (listen + video)• Wide band codec: “S” is not “F” anymore!• VideoMedia goes the shortest way (just trough the local switch here)and we saw global SIP calls – not restricted to own domain

[email protected]

Japan

[email protected]



Telephone numbers WILL be around for a long time- We are simply too used to E.164 numbers and everyone has one- But they are really not particularly user friendly…- Would email have been a success if we had used our fax numbers?

Operators often provide SIP names like [email protected] Not user friendly at all. For internal use only.

We want a real SIP address: [email protected] Just like our email addresses

Let us have both: +46 8 1234567 = [email protected]!- Service providers can do it- Here the Intertex and Ingate products do it!

INGATE LAN

ingate.com



[email protected] [email protected]

CELL

PSTN

INTERTEX LAN

intertex.se

Sweden

3G

[email protected]

PSTN

SIP/PSTNGateway


PSTNSIP/PSTNGateway


Telephone numbers and SIP addresses (demo)Can we do global SIP calls over the SIP trunk? It is up to the operators!E.g. Telia routes real SIP calls and don’t steal the media (even though they are on a managed VoIP cloud)0850004123 Calle using 08 12345629 (IP PSTN ------> PSTN IP only POTS voice)sophie Calle using 08 12345629 (ENUM: IP IP quick, wide band codec, video)

[email protected]

Japan

[email protected]


IPIP

PSTN

ENUM – Using Phone Numbers but Staying on IP

IPIP

Not only for PSTN by-pass, but also for better voice and multimedia

Clients, Intertexes/Ingates, or service providers can use ENUM

+46 8 12345629 [email protected]

2) ENUM lookup: Is there a SIP address for +46812345629?Ask DNS: 9.2.6.5.4.3.2.1.8.6.4.e164.arpaYeah try sip:[email protected]

1) Dial Phone Number 08 12345629

3) Place the call directly to: sip:[email protected]


Telcos Providing More than Bandwidth?

Operators deploy CPEs (E-SBCs) for SIP Trunking• Can also be general SIP enablers (at least Intertex’s and Ingate’s)

Provide high quality pipes for live communication! • If on separate layer 2 networks for quality, still make them routable

to the Internet.

Provide Presence Server!• Per-to-peer presence is not good enough (heavy signaling,

difficulties maintaining sync.)• Allow customers to manage their buddy lists and call policies

Provide the SIP Server and more if you wish• SIP Services can be anywhere (with cured firewall problem)!

Our E-SBCs produces CDRs if the provider wishes to bill• The CDRs also include bytes transferred & Call Metrics (e.g.

MOS)29


SIP Capable Firewalls

Ingate Systems [email protected] Farley Road Hollis, NH 03049United StatesPh: +1 (603) 883-6569Tel sv: +46 8 6007750

Intertex Data [email protected] 45 SE-174 44 SundbybergSwedensip:[email protected]: +46 8 12345600

See us at ITEXPO Room 403A!


STUN, TURN, ICE (client based) and Far End Nat Traversal (FENT) (typically done by SBCs) are alternative methods for working around non SIP capable NATs and Firewalls

Use them if required, e.g. for road warriors behind well behaved NATs with a not too tight firewalls

Ingate and Intertex can enable FENT to help SIP remote clients behind non SIP aware NATs and firewalls, e.g. Remote Users

But for SIP trunking and global and general SIP communication, one needs something reliable and secure that also handles real complex call scenarios

What about STUN, TURN, ICE and Far End Nat Traversal (FENT)?


Workaround Methods have their Limitations…

IMSIMS

VoIPVoIP

IMSIMS

LAN

LAN

FW FW

FWFW

RELIABILITY: STUN, TURN, ICE and Far End NAT Traversal (FENT) rely on guesswork of NAT/Firewall behavior – Thus never fully reliable. Unsuccessful calls – especially in complex scenarios, one way media, timeout during calls etc. etc.. Internet Internet Keep-alive packets

inhibit sleep mode, thus draining batteries of WiFi devices.

STUN TURN

SECURITY POLICY: These workarounds require Firewalls to have large port ranges open from inside. Enterprises can therefore not maintain tight firewalls and have same strict control! STUN, TURN and ICE delegate control to the Client. FENT delegates control to the Operator.

No control of QoS– where it is most important!

No control of QoS– where it is most important!

SECURITY AND STABILITY: STUN, TURN, ICE are Client based, FENT is operator based (part of SBC). All rely on punching holes in the Firewall and keeping NAT bindings open.

Issues:And with general SIP on several

WAN-pipes: No chance!

Documents

Enterprise-Centric UC Live Unified Communication Beyond the Borders © 2010 Intertex Data AB 1 Prepared for:INTERNET TELEPHONY Conference Ingates SIP Trunk-UC