Upload
nathan-sidden
View
216
Download
2
Tags:
Embed Size (px)
Citation preview
Enterprise-Centric UCLive Unified Communication Beyond the Borders
© 2010 Intertex Data AB 1
Prepared for: INTERNET TELEPHONY ConferenceIngate’s SIP Trunk-UC SummitLos Angeles, October 2010
By: Karl Erik Ståhl President Intertex Data ABChairman Ingate Systems [email protected]
© 2010 Intertex Data AB
Intertex & Ingate
Same parent company Intertex: SMB, SOHO and home SIP Firewalls
and E-SBCs• For volume deployment
Ingate: Enterprise and SMB SIP Firewalls and E-SBCs
• SIParators® for enterprises and projects
Cooperation in management and development Co-developed SIP code Ingate represents Intertex in the US
2
by in the US
© 2010 Intertex Data AB
SIP Trunking – Now SIP Trunk-UC Summit
UC, Unified Communication – Many definitions… This session is about the Live (Real Time) Person-to-
Person part (other parts may be Web and Email based)• Telephony – VoIP, SIP Trunking• Video, HD voice• Presence• IM – Instant Messaging
Today’s SIP Trunking makes VoIP global, but it is still mostly POTS (Plain Old Telephony Service)
But for the better; Video, better Voice, Presence and IM, we mostly see local islands of UC
3
© 2010 Intertex Data AB
Some History (Before the Internet)
MHS, Message Handling Systems appeared where terminals or computers where connected
One started building gateways between offices and partners (Compare today’s “Federation”)
Standard required! Telcos came up with X.400• Store and forward messages between Telcos, via various
networks• Extensive OSI layered standard – Complex!• Chargeable (good for the Telcos, they thought)
Then came the Internet with its simple SMTP for email• One network & standard, global connectivity (no islands) • The Email revolution (explosion)• X.400 and proprietary MHS died
4
© 2010 Intertex Data AB
The Web and Further
The World Wide Web, with its HTTP standard, created something totally new that we today cannot be without
Killed off the Videotex services and France’s successful Minitel
“World Wide” = global No island! Neither Email nor the Web are chargeable in themselves Telcos became bandwidth providers… What was next to come on the Internet?
• Live (Real Time) communication between persons!• H.323 came with Video Telephony• H.323 was much like X.400 – Not internet style• SIP is the Internet protocol!
5
© 2010 Intertex Data AB 6
HTTP created the Web
SMTP created Email
SIP should create global Live IP Person-to-Person Communication!
The Next Step of Internet Usage
© 2010 Intertex Data AB 7
…but NATs and Firewalls are an Infrastructure Problem
SIP (and H.323…) connects Person-to-Person
Internet
PERSONPERSON
Locate the person Set up a session+ Open real time media streams+
Typical Internet protocol (SMTP, HTTP…)
Internet
HOSTSERVER
NAT/Firewall
SIP is the Protocol for IP Communication Person-to-Person,
BUT IT DOES NOT REACH THE USERS!
© 2010 Intertex Data AB
So What Happened?
While there has been great success for MSN, Skype and local enterprise live UC (using proprietary protocols)…
Telcos have used SIP to replicate POTS (POTSoIP) Got stuck in replacing parts of the PSTN Islands again Telcos can’t even give their broadband customers a proper
SIP address like [email protected] Are we leaving it all to Skype (very good at penetrating
firewalls)?
8
Go better and beyond!
© 2010 Intertex Data AB 9
Europe
US
VPNTunnel
IP PBX
PBX
We have Seen Much POTSoIP
PSTN
Gateway
Gateway
TollBypass
IP PBX
Gateway
SoftSwitch
Gateway
Voice overBroadband
Very seldom VoIP connectivity between the VoIP IP clouds!
Most broadband VoIP providers still run calls between each other over the PSTN!
Are we stuckwith old POTStelephony over new wires?
© 2010 Intertex Data AB 10
Telcos Roll out CPEs where SIP Ends Up in Old Phones
InternetInternet
The 5060 SIP-port is just grabbed on the outside to the FXS ports!
(And lower level SIP ALGs often cause problems and do not handle more than basic scenarios.)
Telephone ports (FXS) on the CPE is a popular way to deploy IP telephony. By logically placing the SIP clients on the outside of the NAT/Firewall, unreliable work-around methods like STUN, TURN and ICE become unnecessary. However, this only gives POTS replication, often even stopping general SIP based services!
FXS ports (for plugging in analog phones) is really POTS replication!
© 2010 Intertex Data AB 11
We Want a World of Global Live IP Communication
Fix the NATs and firewalls and there is no reason to be caught in POTSoIPs islands! SIP connects globally and has
lots of applications. It’s not magic – It’s just the SIP standard!
VoIP++
Global IP Connectivity
All SIP Services
© 2010 Intertex Data AB
Back to Basics
The IP networks (Internet and other) are connected There is a standard, SIP SIP (incl. SIMPLE) is general, for Live Person-to-Person
communication, POTS replication is just one usage But it must reach the users on the protected LANs
behind NAT/Firewalls! Some E-SBCs can provide general SIP traversal NATs
and Firewalls The Intertex and Ingate products do that, in addition to
the SIP trunking (you don’t have to choose only one)
Let’s put it to use! Demos will follow
12
© 2010 Intertex Data AB
Is it about SIP Trunking, Hosted Services or a Combination?
The Trunk Service is in the Cloud, while the “PBX service” (as the users see it) is on the LAN. That is already a combination, that SIP Trunking – for Telephony - brought together on a Global level.
The other Live parts of UC; Video, better Voice, Presence, IM, also need to be brought together on a Global level - Not having it locked into enterprise islands!
Today’s demonstrations will show that it can be done by following the SIP standard and using the E-SBCs at the enterprise edge, to allow UC SIP communication across the borders (the enterprise firewalls).
© 2010 Intertex Data AB
No battery draining of WiFi mobile phones, otherwise caused by keep-alive packets* inhibiting sleep mode.* Work-around methods for SIP NAT-traversal like STUN, TURN, ICE and Far End NAT Traversal use frequent keep-alive packets to keep holes in the NAT/Firewall open.
Our CPEs are SIP Capable NAT/Router/Firewalls
InternetInternet
Problems solved where they occur Wired or wireless SIP clients (phones, soft clients, PDAs) No special requirements on the SIP Client – Just standard SIP
SIP
Intertex and Ingate have SIP Proxy based SIP aware Firewall/NATs General, can handle complex call scenarios and all SIP services Additional functionality available (SIP server, PBX functionality etc.)
IMSIMS
© 2010 Intertex Data AB
And the CPEs are also Adapted for SIP Trunking
PSTNPublic Internet
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Demarcation point of service and bringing SIP communication to the LAN
Soft Clients and Multimedia Terminals
Intertex IX78
Remote Users
© 2010 Intertex Data AB
For SIP Trunking, the Service is in the Cloud
PSTN
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Service in the Cloud
Users on the LAN
© 2010 Intertex Data AB
For (Remote) Users, the Service is on the LAN
PSTN
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Remote Users
…and users on the LAN
Service on the LAN
User in the Cloud
© 2010 Intertex Data AB
And Just Some Part of the UC Service may be in the Cloud
PSTN
SIP Trunking Provider
GWSIP System
Data & VoIP LAN
IP-PBX
Service on the LAN
UC Voice Mail
One example is MS Exchange UM for the BPOS service: Voice Mails are recorded and played using SIP with TLS and SRTP.
Specific Service in the Cloud, e.g. Voice Mail, Presence server, etc.
© 2010 Intertex Data AB
SIP Must Work with Services and Users Everywhere!
PSTN
SIP Trunking Provider
GW
SIP System
Data & VoIP LAN
IP-PBX
UC Voice MailRemote
Users
SIParator®Firewall
Ingate/Intertex E-SBCs enable SIP based Live UC Across the Borders! (SIP does not traverse ordinary NAT/Firewalls.)
© 2010 Intertex Data AB
20
Can We Move Beyond POTS Today?
RJ45
LAN Intranet Internet
We have a global network: The IP Networks
RJ11
POTS and PSTN have been there for 100 years
Black Phone
IP Phone
3.5 kHz isn’t HiFi, but MOS is 5!
Soft ClientWiFi Mobile
We have a standard: SIP
And there is more than Voice: Presence, IM, Video, etc.
INGATE LAN
ingate.com
InternetUS, Los Angeles
THIS LAN, SIP Trunk-UC Summit
[email protected]@ingate.com [email protected]
CELL
PSTN
INTERTEX LAN
intertex.se
Sweden
3G
PSTN
SIP/PSTNGateway
SIP Trunk Provider 1
PSTNSIP/PSTNGateway
SIP Trunk Provider 2
Japan
© 2010 Intertex Data AB 22
Beyond POTS: Mobility, Multimedia and Numbers
We certainly want our home workers connected to the company PBX
And the same goes for our road warriors - at the hotel- at public WiFi
All should have all PBX services- Reached by extension number or DID- Place PSTN calls (displaying correct CallerID)- Voice mail, conferencing etc.- Presence, IM, video if supported by the PBX
INGATE LAN
ingate.com
InternetUS, Los Angeles
THIS LAN, SIP Trunk-UC Summit
([email protected]) [email protected]
CELL
PSTN
INTERTEX LAN
intertex.se
Sweden
3G
PSTN
SIP/PSTNGateway
SIP Trunk Provider 1
PSTNSIP/PSTNGateway
SIP Trunk Provider 2
PBX Mobility with SIP Trunking (demo)PSTN +46 8 12345629 my direct numbersteeg 29 = my extension numbercalle 23 (steeg)PSTN +46 8 12345600 Intertex main ext 29, 25s leave Voice MailCalle mobile in the hallVoice Mail comes via email
Japan
© 2010 Intertex Data AB 24
Beyond POTS: Mobility, Multimedia and Numbers
So is IM (Instant Messaging)
Laptops have cameras and good screens, so why not video?- Video conferencing does not have to be complex with huge cost and for
internal use only.
And voice can actually be better than 3kHz AM-radio quality!- Who said MOS score 5 was perfect? Hardly HiFi?
Presence is really useful
INGATE LAN
ingate.com
InternetUS, Los Angeles
THIS LAN, SIP Trunk-UC Summit
[email protected] ([email protected])
CELL
PSTN
INTERTEX LAN
intertex.se
Sweden
3G
PSTN
SIP/PSTNGateway
SIP Trunk Provider 1
PSTNSIP/PSTNGateway
SIP Trunk Provider 2
…and other SIP based applications (demo)• Presence, Instant Messaging (Who is available?)Not restricted to own domain intertex.se, here also ingate.com [email protected] [email protected] (listen + video)• Wide band codec: “S” is not “F” anymore!• VideoMedia goes the shortest way (just trough the local switch here)and we saw global SIP calls – not restricted to own domain
Japan
© 2010 Intertex Data AB 26
Beyond POTS: Mobility, Multimedia and Numbers
Telephone numbers WILL be around for a long time- We are simply too used to E.164 numbers and everyone has one- But they are really not particularly user friendly…- Would email have been a success if we had used our fax numbers?
Operators often provide SIP names like [email protected] Not user friendly at all. For internal use only.
We want a real SIP address: [email protected] Just like our email addresses
Let us have both: +46 8 1234567 = [email protected]!- Service providers can do it- Here the Intertex and Ingate products do it!
INGATE LAN
ingate.com
InternetUS, Los Angeles
THIS LAN, SIP Trunk-UC Summit
[email protected] [email protected]
CELL
PSTN
INTERTEX LAN
intertex.se
Sweden
3G
PSTN
SIP/PSTNGateway
SIP Trunk Provider 1
PSTNSIP/PSTNGateway
SIP Trunk Provider 2
Telephone numbers and SIP addresses (demo)Can we do global SIP calls over the SIP trunk? It is up to the operators!E.g. Telia routes real SIP calls and don’t steal the media (even though they are on a managed VoIP cloud)0850004123 Calle using 08 12345629 (IP PSTN ------> PSTN IP only POTS voice)sophie Calle using 08 12345629 (ENUM: IP IP quick, wide band codec, video)
Japan
© 2010 Intertex Data AB 28
IPIP
PSTN
ENUM – Using Phone Numbers but Staying on IP
IPIP
Not only for PSTN by-pass, but also for better voice and multimedia
Clients, Intertexes/Ingates, or service providers can use ENUM
+46 8 12345629 [email protected]
2) ENUM lookup: Is there a SIP address for +46812345629?Ask DNS: 9.2.6.5.4.3.2.1.8.6.4.e164.arpaYeah try sip:[email protected]
1) Dial Phone Number 08 12345629
3) Place the call directly to: sip:[email protected]
© 2010 Intertex Data AB
Telcos Providing More than Bandwidth?
Operators deploy CPEs (E-SBCs) for SIP Trunking• Can also be general SIP enablers (at least Intertex’s and Ingate’s)
Provide high quality pipes for live communication! • If on separate layer 2 networks for quality, still make them routable
to the Internet.
Provide Presence Server!• Per-to-peer presence is not good enough (heavy signaling,
difficulties maintaining sync.)• Allow customers to manage their buddy lists and call policies
Provide the SIP Server and more if you wish• SIP Services can be anywhere (with cured firewall problem)!
Our E-SBCs produces CDRs if the provider wishes to bill• The CDRs also include bytes transferred & Call Metrics (e.g.
MOS)29
© 2010 Intertex Data AB 30
SIP Capable Firewalls
Ingate Systems [email protected] Farley Road Hollis, NH 03049United StatesPh: +1 (603) 883-6569Tel sv: +46 8 6007750
Intertex Data [email protected] 45 SE-174 44 SundbybergSwedensip:[email protected]: +46 8 12345600
See us at ITEXPO Room 403A!
© 2010 Intertex Data AB 31
STUN, TURN, ICE (client based) and Far End Nat Traversal (FENT) (typically done by SBCs) are alternative methods for working around non SIP capable NATs and Firewalls
Use them if required, e.g. for road warriors behind well behaved NATs with a not too tight firewalls
Ingate and Intertex can enable FENT to help SIP remote clients behind non SIP aware NATs and firewalls, e.g. Remote Users
But for SIP trunking and global and general SIP communication, one needs something reliable and secure that also handles real complex call scenarios
What about STUN, TURN, ICE and Far End Nat Traversal (FENT)?
© 2010 Intertex Data AB 32
Workaround Methods have their Limitations…
IMSIMS
VoIPVoIP
IMSIMS
LAN
LAN
FW FW
FWFW
RELIABILITY: STUN, TURN, ICE and Far End NAT Traversal (FENT) rely on guesswork of NAT/Firewall behavior – Thus never fully reliable. Unsuccessful calls – especially in complex scenarios, one way media, timeout during calls etc. etc.. Internet Internet Keep-alive packets
inhibit sleep mode, thus draining batteries of WiFi devices.
STUN TURN
SECURITY POLICY: These workarounds require Firewalls to have large port ranges open from inside. Enterprises can therefore not maintain tight firewalls and have same strict control! STUN, TURN and ICE delegate control to the Client. FENT delegates control to the Operator.
No control of QoS– where it is most important!
No control of QoS– where it is most important!
SECURITY AND STABILITY: STUN, TURN, ICE are Client based, FENT is operator based (part of SBC). All rely on punching holes in the Firewall and keeping NAT bindings open.
Issues:And with general SIP on several
WAN-pipes: No chance!