Friday, March 30, 2007

Is the future of Internet Telephony clouded by politics and regulations?

Going back to some of my favorite topics, as some of you know, there was a recent ruling against Vonage for patent infringement that dictates that Vonage will have to pull the plug from the PSTN by April this year. Naturally, that hit Vonage's stock hard (yet again!) and people started speculating that this decision will impact the whole Internet telephony industry forever...

Well, first of all, this is nothing different than another legal battle that will lead to appeal after appeal. Second, we know for certain, that the FCC will get into it, defending Vonage as a non-telecommunications carrier, but rather a data company (some of you may know that the telecommunications act of 1996 clearly separates a Telecommunications Service provider like Verizon from a Data Service Provider like Vonage or any regular Internet ISP). Furthermore, the consumer will get into the fight... after all, Vonage has about 2 million users.

I foresee that the whole debate will trigger new discussions over not only the famous Net Neutrality, but also the Computer Inquiries, new Intercarrier Compensation schemes, and specially the new proposal of Horizontal Regulation.

As it affirmed in the 1996 Communications Act, in section 230(b)(2), the US will "preserve the vibrant and competitive free market that presently exists for the Internet and other interactive computer services". This was targeted to VoIP services like Vonage, and hoping to keep them unregulated... Verizon and the Communication Services folks don't want that, naturally. If you notice, the whole language is very broad, left to interpretations. Therefore the FCC asked for comments on what is called Horizontal Regulation.

Horizontal Regulation adopts the layered model of the OSI model for networking. It is what is called a layer-oriented regulation model. Instead of separating voice (communication services) from data (data services), the model suggests building layers for each model. So there would be upper layers for "services" and "applications" like for example voice-mail offerings, or video streaming. All that running on top of other more fundamental layers as in the physical medium used to transport the service. Then regulators at the FCC would determine which layers are subject to regulation.

Of course, this brings multiple concerns because it is a completely new approach to the original act, and implies full rewrite.

This will be an interesting battle. Let's see if the industry wants to start getting aggressive again, or if the Internet Telephony folks loose to the incumbent triple-play players...

[As a reference, if you are interested in how to model the layered-model of regulation, I found this great paper by prof. H.E. Hanrahan ]

Thursday, March 29, 2007

This posting will self-destruct in 3...2...1...

For the paranoid type, there is a service that I found called VaporStream (https://www.vaporstream.com/ ). This is quite a controversial security service that claims it makes possible to send an email that leaves no record of their existence for confidentiality purposes. Messages sent using VaporStream can be viewed but not forwarded or copied. Also the sender and recipient information is not on the email (for protection of the identity!?!?) .

An individual subscription costs about $40 per year.

So, is this for "confidential messaging" or for "Spam availability to the masses"???

I also found this Self-Destruct email service. You would be surprised, but there are in fact several companies that offer the service. Are you willing to make a time-bomb of your email for pseudo-security reasons?... how about leaving a trace of your email on the service provider's servers??? can they truly guarantee that???

Tuesday, March 27, 2007

Who's ready for VoWLAN?

A cheery hello from the warming North (so now Leo can stop bragging about Florida). As the weather has turned more conducive to outdoor activities, I have noticed more and more mesh customers are starting to ask about voice over wireless. Similar to its Voice over IP sibling, voice over wireless has been plagued by misinformation, bandwidth issues, and usability concerns. However, VoWLAN is around the corner and several handset makers are already making 802.11 or dual-mode handsets. Cisco has two 802.11 phones. The first one, the 7920 suffered from design and performance issues, but those problems were corrected with the 7921. It would behoove us to understand what the early problems were and why I believe that VoWLAN will soon be a reality.

First off, I am not talking about Skype, Vonage or any of those types of service if used on your computer. They do fall under the category of VoIP and subsequently VoWLAN, but I want to deal with the more impending issue of talking AND walking. Currently, you can open your computer at any wireless hotspot, fire up skype and talk to your friends- it's not that big a deal. As long as there is enough bandwidth and some measure of Quality of Service (don't worry, there usually is), you'll be fine.

Since people like to use their cellphones so much, there is going to be a booming market (unless the cell carriers try to block it) of VoWLAN phones. However, the issue is not how to do the call and be able to talk to someone, but instead, how do you walk around the city while staying on that same call? Remember, for people to consider this a success and have widespread adoption, the call quality and reliability must rival that of cell phones (which, even with all the dropped calls and static have come a long way in the last few years).

In mesh deployments, Cisco currently does not support VoWLAN, because we have no way of guaranting the level of service. However, as dual-mode phones and phones with a/b/g radios become more prevelant, we are going to see consistent levels of service. Most of these phones are going to play in the 802.11a radio spectrum, and with the enhanced abilities of fast roaming (a topic which must be discussed in the future), we can have clients roam from AP to AP and not drop packets. With the 1500 AP, we have tested it on courses with cars in excess of 100mph staying connected to the network and easily hopping from AP to AP. The issue of roaming has been the one thing holding back VoWLAN. We have been able to do it in office buildings for some time because there are few areas without coverage and people did not need to roam off one AP to another. Outdoors it is a different matter entirely

In addition to roaming, great strides have been made in offering quality of service through wireless. Similar to the wired network, we can tag frames and give them special priority through the controller. So while it is true that all packets and frames are competing for the same space, some of those frames are getting more help.

In conclusion, it is not a crazy idea that you will be talking on a phone outside that will not be linked up to a cell tower but instead to the coffee shop network. Phones that are both cell phones and wi-fi phones are already hitting the market, but are going to take off once wireless mesh networks really start to take off. We shall be covering mesh networks in a later segment- but for now, allow your thoughts to entertain VoWLAN..

Saturday, March 17, 2007

Teleworker Resources and News

I just thought of toping it up with some good references to other online articles and news. There is a great article about it on BusinessWeek and if you haven't heard, Cisco just announced that it agreed to acquire WebEx. The official release can be found here.

Teleworker Guide - Management

To close the series on Teleworking, I will talk about Management. How do you manage all the systems involved on a Teleworker solution?... we have VPN's, NAC, Wireless, IP Telephony, and Unified Communications.... lots of systems. And as you probably know already, the more global the company is, and the more of this systems are in place, the greater the need for a centralized and intuitive management solution.

You need to take into account that in reality you are to manage a suite of products. For example, for the IP telephony piece, you manage your Communications Manage, dial plans, Voice-Mail storage and servers, and also end-points (e.g. physical IP Phones and Soft-phones). Also, for your wireless solution you must manage your SSID provisioning and centralized deployment, and also the end points (e.g. Access Points). You must understand the size of the monster that it could become. Although, you should not be scared of deploying it! Teleworker can be (and should be!) deployed phased out. Say for example, first the VPN and NAC must be rolled out to the users, and once the system is stable and manageable Wireless and IPT can be installed.

Although, it is important to understand that as things get messy and complex, cost of operation and maintenance goes up. Therefore, the big benefit of a centralized management system in place is to contain that cost from offsetting all the benefits that you get from the Teleworker solution. In summary, if you want any of the following, you should get a centralized management solution:

  • Lower and Contained operational cost - as the system gets larger, it gets more costly to manage
  • Free-up some personnel - IT Department may spend more time in other tasks
  • Reduction of business down-time - Greater optimization and design due to appropriate design practices reduces potential problems that lead to business down-time

Thursday, March 8, 2007

Teleworker Guide - Unified Communications

This week the largest technology conference in IP Telephony took place in Orlando, FL. VoiceCon groups the most important vendors, entrepreneurs, and leaders in the industry.
This year's topic... is all about Mobility and Unified Communications.


Unified Communications is not IP Telephony. IPT is one of the blocks in the whole picture... when we say Unified Communications, we mean the integration of different communication channels to interoperate and facilitate communications to increase productivity. Usually, all that runs on top of a robust IP network.

The integration happens with any channel that you may imagine: voice (telephone), voice-mail, Instant Messaging, E-mail, RF Radio, Cellular, web (blogs!), etc… picture listening to your voice-mail as an attachment on your email. Or imagine having a FAX read to you over the phone. Or imagine having an officer, talking on his Push-to-talk radio with a fireman in California.

Some of the benefits are:
  • Increased employee productivity
  • Increased efficiency and response time
  • Reduction of mistakes and issues caused by communication gaps
Therefore, for your teleworking solution it is key to have the most efficient communication with your geographically distributed team. You must maximize the investment by having the most efficient communication possible. After all, you need to replicate a real office, where you can just walk around to a particular cube and discuss an issue in person. With an efficient communication suite, you can replicate that by having a presence server on an Instant Messaging application, and knowing in advance if the remote worker is on the phone, or if he is just not in his desk. Instead of leaving a post-it note on his desk, you can leave him a voice-mail with a “call me when you get back”.

Monday, March 5, 2007

Teleworker- Wireless

Nowadays, people expect wireless connections wherever they go- hotel rooms, airports, coffee shops, and even parks. Of course, many corporations are starting to incorporate wireless into their network designs- not only in conference rooms, but pervasively, throughout the entire building or campus. Of course, enterprise wireless is much different than the wireless router that one might have in his or her home, but nonetheless they both operate under some of the same principles. Users want to experience the comforts of surfing the web or doing work from the couch, the bedroom, or even their backyard. Leo has explained how to teleworker allows a user to connect into his corporate headquarters securely from his or her house through the use of VPN and NAC and also how to extend their capabilities by adding an IP phone to the mix, but wireless will allow a user to connect to the office from anywhere in his house. However, given the fact that this data is transmitted without the security of wires, we must be aware of the security holes that exist in the technology and how this can compromise the secure connections we have made into the corporate network. Leo has explained VPN both IPsec and SSL as well as the VPN software client and the possibility of using a hardware VPN box to off-load the processing from your machine.

Let us start with the easy scenario where you have a connection from your home machine to your router. If you start the software VPN client, you might notice that you can no longer connect to your home router to make any administrative changes or access any information you have on your local network. This is because with the VPN connection, as Leo has mentioned earlier, you are directly connected into your corporate network, thus bypassing your local network resources. There is no reason to worry about the wireless connection in this case- the traffic is all flowing through your secure VPN tunnel.

With a VPN Applicance- here, things get a little tricky. Let us assume that you have decided to get a VPN hardware solution and have a permanent connection to your corporate network. However, you don't want to have to make a direct connection to the ethernet switchports on the back to connect to it. How can we add wireless to this connection? Some appliances, like the Cisco 850 wireless ISR router, come with wireless built-in, but even then, secure connections need to be made. If like me, you use an appliance that does not have integrated wireless, you can add a wireless access point to one of the ports and then associate to that. A word of caution- either route, with integrated wireless or not, your system is only as secure as the weakest link. Inherently, without any security policies in place, your wireless network will be wide open and anyone can connect to it. Therefore, if someone were to connect to your access point and it was connected to your hardware device, they could have access to your corporate network as well.

So what can we do to mitigate this? There are two areas that are important- encryption and authentication. We will cover authentication in detail when we discuss enterprise wireless, but for home use encryption is much more important. Encryption is much like what the VPN tunnel does, it mashes up the data so that if someone is able to "grab it," they will not be able to understand it. There are levels of encryption- WEP, WPA and WPA2. Let's take a high-level view at each one of these

WEP- is the oldest of the encryption methods and does have rudmentary authenticaiton built-in to it. Recently, it has been considered to be no longer viable for enterprise use, as it is very easy to crack. The reason it is so easy is because part of the passkey needed to start the process is passed in the open without any encrpytion.

WPA and WPA2- are essentially the same, one uses an algorithm called TKIP and WPA2 uses a much stroger one called AES. To date, no one has successfully cracked AES and to crack TKIP takes so much time that it is considered to be very strong as well. When possible use WPA2, though this ability is only available on machines after 2004 because of the driver requirements WPA (which uses TKIP) is available on all machines that are running Windows XP.

To implement WPA you want to choose a passphrase that you will input in the menu of the access point as well as your computer. This passphrase is encrypted and the access point compares the passphrase with it has stored. If they match- the process is complete. The reason WPA is so much more secure is that it uses many different methods for disguising both the passphrase and the data, so that it is impossible for a hacker to capture and utilize that traffic.

There are many more security measures that can help enhance the protection of your wireless network, as well as more robust features for business. However, by simply incorporating WPA or WPA2 into your access point, you will create a secure tunnel that will allow you to connect securely to your corporate network from anywhere in your home.

Guest Writer - Wireless and Teleworking

To continue the series on Teleworker... I have invited my friend Ramesh Srinivasan to write down a piece on Wireless for Teleworkers. It should come in the next couple of days... Thanks Ramesh.