This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Enterprise-Centric UCLive Unified Communication Beyond the Borders
MHS, Message Handling Systems appeared where terminals or computers where connected
One started building gateways between offices and partners (Compare today’s “Federation”)
Standard required! Telcos came up with X.400• Store and forward messages between Telcos, via various
networks• Extensive OSI layered standard – Complex!• Chargeable (good for the Telcos, they thought)
Then came the Internet with its simple SMTP for email• One network & standard, global connectivity (no islands) • The Email revolution (explosion)• X.400 and proprietary MHS died
The World Wide Web, with its HTTP standard, created something totally new that we today cannot be without
Killed off the Videotex services and France’s successful Minitel
“World Wide” = global No island! Neither Email nor the Web are chargeable in themselves Telcos became bandwidth providers… What was next to come on the Internet?
• Live (Real Time) communication between persons!• H.323 came with Video Telephony• H.323 was much like X.400 – Not internet style• SIP is the Internet protocol!
While there has been great success for MSN, Skype and local enterprise live UC (using proprietary protocols)…
Telcos have used SIP to replicate POTS (POTSoIP) Got stuck in replacing parts of the PSTN Islands again Telcos can’t even give their broadband customers a proper
SIP address like [email protected] Are we leaving it all to Skype (very good at penetrating
Telcos Roll out CPEs where SIP Ends Up in Old Phones
InternetInternet
The 5060 SIP-port is just grabbed on the outside to the FXS ports!
(And lower level SIP ALGs often cause problems and do not handle more than basic scenarios.)
Telephone ports (FXS) on the CPE is a popular way to deploy IP telephony. By logically placing the SIP clients on the outside of the NAT/Firewall, unreliable work-around methods like STUN, TURN and ICE become unnecessary. However, this only gives POTS replication, often even stopping general SIP based services!
FXS ports (for plugging in analog phones) is really POTS replication!
Is it about SIP Trunking, Hosted Services or a Combination?
The Trunk Service is in the Cloud, while the “PBX service” (as the users see it) is on the LAN. That is already a combination, that SIP Trunking – for Telephony - brought together on a Global level.
The other Live parts of UC; Video, better Voice, Presence, IM, also need to be brought together on a Global level - Not having it locked into enterprise islands!
Today’s demonstrations will show that it can be done by following the SIP standard and using the E-SBCs at the enterprise edge, to allow UC SIP communication across the borders (the enterprise firewalls).
No battery draining of WiFi mobile phones, otherwise caused by keep-alive packets* inhibiting sleep mode.* Work-around methods for SIP NAT-traversal like STUN, TURN, ICE and Far End NAT Traversal use frequent keep-alive packets to keep holes in the NAT/Firewall open.
Our CPEs are SIP Capable NAT/Router/Firewalls
InternetInternet
Problems solved where they occur Wired or wireless SIP clients (phones, soft clients, PDAs) No special requirements on the SIP Client – Just standard SIP
SIP
Intertex and Ingate have SIP Proxy based SIP aware Firewall/NATs General, can handle complex call scenarios and all SIP services Additional functionality available (SIP server, PBX functionality etc.)
We certainly want our home workers connected to the company PBX
And the same goes for our road warriors - at the hotel- at public WiFi
All should have all PBX services- Reached by extension number or DID- Place PSTN calls (displaying correct CallerID)- Voice mail, conferencing etc.- Presence, IM, video if supported by the PBX
PBX Mobility with SIP Trunking (demo)PSTN +46 8 12345629 my direct numbersteeg 29 = my extension numbercalle 23 (steeg)PSTN +46 8 12345600 Intertex main ext 29, 25s leave Voice MailCalle mobile in the hallVoice Mail comes via email
…and other SIP based applications (demo)• Presence, Instant Messaging (Who is available?)Not restricted to own domain intertex.se, here also ingate.com [email protected][email protected] (listen + video)• Wide band codec: “S” is not “F” anymore!• VideoMedia goes the shortest way (just trough the local switch here)and we saw global SIP calls – not restricted to own domain
Telephone numbers WILL be around for a long time- We are simply too used to E.164 numbers and everyone has one- But they are really not particularly user friendly…- Would email have been a success if we had used our fax numbers?
Operators often provide SIP names like [email protected] Not user friendly at all. For internal use only.
We want a real SIP address: [email protected] Just like our email addresses
Let us have both: +46 8 1234567 = [email protected]!- Service providers can do it- Here the Intertex and Ingate products do it!
Telephone numbers and SIP addresses (demo)Can we do global SIP calls over the SIP trunk? It is up to the operators!E.g. Telia routes real SIP calls and don’t steal the media (even though they are on a managed VoIP cloud)0850004123 Calle using 08 12345629 (IP PSTN ------> PSTN IP only POTS voice)sophie Calle using 08 12345629 (ENUM: IP IP quick, wide band codec, video)
STUN, TURN, ICE (client based) and Far End Nat Traversal (FENT) (typically done by SBCs) are alternative methods for working around non SIP capable NATs and Firewalls
Use them if required, e.g. for road warriors behind well behaved NATs with a not too tight firewalls
Ingate and Intertex can enable FENT to help SIP remote clients behind non SIP aware NATs and firewalls, e.g. Remote Users
But for SIP trunking and global and general SIP communication, one needs something reliable and secure that also handles real complex call scenarios
What about STUN, TURN, ICE and Far End Nat Traversal (FENT)?
RELIABILITY: STUN, TURN, ICE and Far End NAT Traversal (FENT) rely on guesswork of NAT/Firewall behavior – Thus never fully reliable. Unsuccessful calls – especially in complex scenarios, one way media, timeout during calls etc. etc.. Internet Internet Keep-alive packets
inhibit sleep mode, thus draining batteries of WiFi devices.
STUN TURN
SECURITY POLICY: These workarounds require Firewalls to have large port ranges open from inside. Enterprises can therefore not maintain tight firewalls and have same strict control! STUN, TURN and ICE delegate control to the Client. FENT delegates control to the Operator.
No control of QoS– where it is most important!
No control of QoS– where it is most important!
SECURITY AND STABILITY: STUN, TURN, ICE are Client based, FENT is operator based (part of SBC). All rely on punching holes in the Firewall and keeping NAT bindings open.