SIP Trunk

The SBC: A VoIP Network’s Best Friend

[Post is better viewed on the blog Website]

The Move from TDM to SIP Trunking

SIP TrunkI recently participated in an interesting webinar hosted by NoJitter entitled Real World SIP Trunking Advice: How IT Managers Seize the Opportunity and Avoid the Pitfalls. The webinar focused on the increasingly popular trend to move to SIP Trunking from legacy TDM.  The webinar highlighted research by Forrester which pointed to the fact that while only some 25% of companies have moved over to SIP Trunking so far, the move to SIP Trunking is indeed the future trend and will increase in the coming years.  The move is inevitable as it will save businesses a considerable amount of money, including dramatic reductions in telephony costs by moving to VoIP. And the key ingredient to the success of the move over to SIP trunking is the Session Border Controller (SBC).

The Necessity of an SBC

Theoretically, SIP trunks can connect to the existing IP-PBX without the need for an SBC. However, not using an SBC can lead to a whole array of issues which need to be taken into consideration.  For example, SIP implementation variances can lead to interoperability issues across multivendor systems and service provider networks.  Delivering high voice quality by minimizing packet loss, jitter and latency are also issues that need to be handled. And finally, the vital issue of security must be taken into account as well as SIP trunks are exposed to security threats. Conventional firewalls are not designed to secure VoIP traffic from denial of service attacks or toll fraud.

All of these issues are handled by the basic functionality of the SBC which includes: Security (encompassing such features as providing a VoIP firewall, topology hiding, encryption, and protection from attacks such as denial of service and call fraud); Connectivity (including SIP normalization, NAT Traversal, voice mediation and transcoding, DTMF and Fax conversion); and SLA and Quality of Service. Additionally, the SBC ensures business continuity by minimizing potential service interruption due to call spikes, power outages, service failures, loss of connectivity and natural disasters.

(For more on the role of SBCs, see our previous post by Amir Zmora, Who Needs an SBC Anyway?)

SBCs Handle Unique Challenges Facing Large Enterprises

SBCs are indeed very powerful devices that provide a plethora of services to the enterprise or service provider on whose network they are deployed, and they play a major role in the move to SIP Trunking. This is especially true for large enterprises which have their own unique set of challenges that go beyond the basics, challenges that are also well met by the SBC.

Large enterprises tend to have several major data centers and many geographically dispersed branches. These branches many times have different PBXs, different technologies and different network hardware, and they all need to talk to each other.

These large enterprises will face challenges managing their VoIP networks. Here are some examples:

  • Different branches may be using equipment from different vendors, for example, from Cisco, Avaya, Microsoft Lync and others. Through mergers and acquisitions, large enterprises may have acquired different systems that are now incorporated into the larger network and have to be managed differently.
  • The organization may be going through a migration from one technology to another (moving from TDM to SIP Trunking, for example) but still needs to interoperate with its legacy equipment.
  • The enterprise cannot afford down-time on the network and must ensure the survivability of the network in the case of the loss of WAN connectivity to the Service Provider.
  • IT Administrators would ideally want to see all the alarms monitored on the network in a single location, aggregated and prioritized, rather than have to go out and get them from different systems.
  • Because large enterprises deploy complex networks with a number of SBCs and Gateways, sometimes with different PBXs and IP-PBXs in the various branches, they are faced with complex routing challenges for their VoIP networks.
  • And more…

(For more information on the opportunity of VoIP for small businesses, see our previous post by Itzik Feiglevitch, Small Businesses-Big Opportunity)

 A VoIP Network’s Best Friend

More and more IT administrators are recognizing the power and value of the SBC on their voice networks. In their March 2014 Enterprise Session Border Controllers Quarterly Worldwide and Regional Market Size and Forecasts: 4Q13 focused on the enterprise, Infonetics Research reported that 2013 SBC revenues rose 42% over the previous year and they projected revenues to continue to rise at around 12% annually through 2018. Infonetics states that the primary driver for growth for SBCs is the adoption of SIP trunking services (no surprise), and while most sales are currently in North America (76% of total sales in 2013), other regions are expected to post growth as well, especially in Europe, where the adoption of SIP trunking is accelerating.

Clearly, large enterprises with complex VoIP network deployments face considerable challenges. However, the SBC provides tremendous functionality that can address these challenges well. As the move to SIP Trunking continues to gain momentum, more and more IT Administrators are sure to discover that the SBC is their VoIP network’s best friend.

Image credit: Flickr user Christina Quinn. Modified by AudioCodes under Creative Commons licensing

Call Toll Fraud

46.3 Billion Reasons to Invest in Call Toll Fraud Prevention

[Post is better viewed on the blog Website]

I remember the summer of 1972 as one hell of a hot summer. We were a bunch of kids on summer vacation without much to do. Our daily routine was mainly playing football in the deserted schoolyard and searching for other “exciting” activities the rest of the day.  One day we decided that it would be much “cooler” to stay indoors in the classrooms. So we broke the lock of one of the classroom and entered. I don’t remember exactly what we did in the classroom but what I do remember is that for some reason we decided to remove the blackboard (in those days it was really black and heavy) and take it with us through the window. But we had no clue of what to do with the loot! That took place more than 40 years ago and I still can feel the bitter taste of helplessness kids standing on the schoolyard with stolen blackboard

Call Toll FraudI have cool job in AudioCodes. Together with my colleagues, we are working on next generation products. A few months ago, I came up with a “revolutionary” idea as to how to prevent toll fraud using big data technologies.  I met with our security expert and presented my idea. He gave me an “offering my condolences” look saying – who cares about toll fraud? Who needs to fraud when calls are so cheap? And I felt again like I did 40 years ago, defeated, sweating, carrying a huge blackboard, and this time alone. But I didn’t give up, I decided to check the numbers.

The CFCA 2013 Global Fraud Loss Survey

The Communications Fraud Control Association (CFCA) published a fascinating report, “the 2013 Global Fraud Loss Survey”,  taken from fraud and security experts working within the industry who are directly involved in identifying and stopping communications fraud.  Responses were received from 93 Communications Service Providers (CSPs) located throughout the industry and around the globe. The CSPs included companies both small (<1K employees) and large (100K+), and covered wireless, wireline, broadband, and narrowband service providers. The CSPs reported providing service in multiple areas including: voice, data, financial services, and content distribution.

According to the survey, the estimated 2013 Global Fraud Loss was $46.3 Billion (USD) annually which is approximately 2.09% of total telecom revenues. Here are some interesting findings from the survey.

Top 5 Fraud Methods Reported

  • Subscription Fraud
  • PBX Hacking
  • Account Take Over / Identity Theft
  • VoIP Hacking
  • Dealer Fraud

 

Top 5 Fraud Types Reported

  • Roaming Fraud
  • Wholesale Fraud
  • Premium Rate Service
  • Cable or Satellite Signal Theft
  • Hardware Reselling

Top 10 Countries from which Fraudulent Calls Originate:

Ten countries account for 35% of the originating global fraudulent calls

Top 10 Countries from which Fraudulent Calls Originate

Top 10 Countries from which Fraudulent Calls Originate (CFCA)

 Top 10 Countries where fraud terminates:

I find this  graph to be amazing as many of these top ten are relatively esoteric countries (sorry for the non-politically correct language) and are the destination of more than 40% of the fraudulent calls!

Top 10 Countries where fraud terminates

Top 10 Countries where fraud terminates (CFCA)

 Estimated Fraud Losses by Service Type (in $USD Billions)

 

This pie chart shows that calls (PSTN & VoIP) comprise of more than 50% of the fraud service types

Estimated Fraud Losses by Service Type

Estimated Fraud Losses by Service Type (in $USD Billions) (CFCA)

 

According the survey, the companies that are subject to fraud don’t report this to law enforcement for the following reasons:

  • Debt recovery pursued through civil means
  • No faith in the judicial system to administer the right punishment to deter others
  • No perceived value to the business
  • Not referred due to lack of evidence
  • Perceived lack of interest by law enforcement to take the case
  • Perceived lack of understanding by law enforcement to pursue the case
  • Lack of resources

 

Conclusion

According to this survey, losses are huge and the fraud trend is definitely on the rise. From estimated total global revenues of $2.214 trillion (USD) in 2013, the estimated loss due to fraud is $46.3 Billion (USD), or 2.09%. The estimated total global revenue has been growing by 3.7% since 2011 where the Estimated Global Fraud Loss is growing by 15.4%!

So what do I hope are the main takeaways from this blog post?

Firstly, don’t write posts which can incriminate you or that you don’t want your kids to read. And, don’t break into school classrooms! And now seriously… Don’t give up on your ideas, even if the “experts” say they aren’t worth anything. Fraud detection applications are absolutely viable, According to the survey, toll fraud doesn’t occur often, but when it does hit, it can be financially painful.  And what’s amazing is that CSPs and other organizations prefer not to report to law enforcement since they don’t want to be tagged as low security firms. Additionally, they also lack the confidence that there is a real chance to expose the “faceless” net criminals.

Stay tuned for my next post on how to prevent toll fraud using big data tools.

The Value of Voice

Make it Short, it is Expensive

Determining the value of communications

[Post is better viewed on the blog Website]

Mothers-in-law are a sensitive subject. Anyone who has a mother-in law knows this very well.

Now, don’t get me wrong. Most people would probably envy me for mine. She got into this post because she is a natural reserve for technology of the 60-70’s. She made a conscious decision to remain planted back in those days in many areas, technology is just one of them. It’s a long story and this isn’t the best place to go into details about it J. Last week I was in Spain with my wife trekking in the Pyrenees and our kids were left with our extended family. Two days during the week were with my mother-in-law at our house. When I called and my 6 years old son picked up the phone he started waffling his usual nonsense. In the background I heard my mother-in-law saying to him – “make it short, this is a very expensive call”.

The value of voice goes down to zero

This is something I heard many years ago and one I use myself. But this statement needs to be placed in the right context. When I call from my vacation, I have many means of making a free call or a call that is so cheap that practically puts it into the “free” category. My son can waffle for as long as he wants. I can call through a mobile application (called Bphone) provided by my local service provider that takes my home number with me and allows me to make calls from anywhere over WiFi at the cost of a local call, as if I was calling from home. This happens to be an application AudioCodes has provided Bezeq (the local service provider) for this service. I have plenty of other options for calling PSTN using Viber, Skype… or the AudioCodes enterprise mobility application. All these allow for calls from anywhere for a free/flat rate to a very low cost.

But this doesn’t mean that the value of voice goes down to zero. Voice is still the #1 revenue source for service providers. It has value for consumers and surely has value for enterprises, value that is far more than the call itself. There are services attached to calls in the enterprise environment.

A good post written by Yossi Zadah is scheduled for release next Monday that takes a look at the value of voice calls through the prism of call toll fraud, so stay tuned.

The value of communication is determined by the service in which it is embedded

The Value of VoiceThe value of voice as well as video, presence and messaging, is not in simply connecting such sessions but needs to be viewed in the context of the service in which it is embedded. If voice/video communication is embedded in an insurance company’s self-service website where a user can speak with an agent when running into issues purchasing his insurance, the value of the call is not the amount of cents it costs but rather the fact that the deal was closed instead of the customer going to the competitor. There is a multitude of examples of similar and other cases such as remote learning and group collaboration. In all these cases, the value of the call is the cost saved or the revenue earned. The value perceived by the provider of this specific service is higher than the value the Communications Service Provider (CSP) receives for the call. Therefore, packaging the calling service in a way that is easy to embed into other services will allow the communications service provider to extract more value from it. This naturally leads us to the web and to WebRTC.

WebRTC as a catalyzer

WebRTC makes communications ubiquitous across web services. It renders the world of VoIP communications accessible to web developers and not only to VoIP experts. WebRTC is a catalyzer for communication revenue as it allows combining communications with web services. Moreover, it allows connecting these services with the existing enterprise communications platforms through SBCs that reside within the enterprise domain or in the cloud. With WebRTC, communications become a web feature that allows for the increase of conversion rates and revenue from web-based services and therefore, its true value becomes the value of the service and not of the call itself.

Returning to the phrase “The value of voice goes down to zero” I would coin a new phrase “The value of voice is equal to the value of the service in which it resides.

What is your view on the value of voice? Feel free to express your views and comment to this post.

Cloud

Who is afraid of the cloud?

[Post is better viewed on the blog Website]

Cloud“The Cloud” – everyone is talking about it. Studies, market reports and analysts refer to it as the “next thing” and as the opportunity that communication service providers (CSPs) must not miss. Well, it is not so easy!

Revenue opportunity for the service providers

There is no doubt that the telecom market is changing. The increased competition and the commoditization of traditional telecom services have negative impact on the CSPs revenues leading them to evolve beyond network connectivity and seek new revenue opportunities.

The good news is that the cloud trend that we are seeing for some years in the market has reached a point where CSPs can create “real” business value. According to Informa’s Telecom Cloud Monitor (http://www.informatandm.com/cloud-monitor/), the number of CSPs selling Cloud services has increased from around 60 in 2009 to about 230 in 2012 and there is a consistent growth in CSPs cloud spending.

CSPs active in cloud services by region

Cloud services allow the CSPs additional revenue streams with new value propositions that they can offer. For example, a CSP can leverage its key strengths in communication technologies to offer hosted unified communications (UC) services that combine data, voice, security and more, but at a lower cost as compared to on-site platforms. Another example is the provision of cloud applications such as business sales automation, invoicing and billing, and storage and backup in the cloud.

Why should businesses move to cloud-based services? Well, there are some good reasons for doing so including cost flexibility, business scalability and simplifying communication services.

Can we trust the cloud?

How can the CSPs deal with customers’ fears of the cloud? These customers, most of them being small medium business (SMBs), are scared of putting key business functions into the cloud because if something goes wrong, they fear it could stop their business in its tracks. So, CSPs need solutions that will enable them to allay these fears.

We need to remember that CSPs have a unique advantage over other cloud players such as Over-the-Top (OTT) providers, given their existing data and voice communication networks. This is the biggest asset differentiating them from others. Using their existing managed networks, the CSP can guarantee end-to-end Quality-of-Service (QoS) that is critical for SMBs that need to perform at an enterprise level. The CSPs are known for their existing secure networks, providing them with a strong brand advantage when dealing with SMBs that are concerned with putting their sensitive business data in the cloud. And of course, CSPs have the advantage of existing local footprints and existing customer relationships.

The SMB customers that move to the cloud, in most cases do not understand technology and products, but they do require solutions and services. From the CSP perspective, the most critical factor for the SMBs will likely be the quality of experience (QoE) – keeping customers satisfied and avoiding churn. As mentioned above, CSPs are in a unique position given their existing managed communication network including the on-premises access equipment. The on-premises equipment is the demarcation point to the CSP data and voice cloud services. Without QoE assurance in this equipment, it will be extremely difficult for the CSP to sell and deploy reliable and trusted cloud-based services.

SMBs and Cloud

Protecting the business

As part of my work in AudioCodes I meet regularly with leading CSPs and hear their perspectives regarding their SMB customers’ needs when moving to cloud-based services. One of the things that they are most wary about is the business continuity, meaning, how can they make sure that the data and voice cloud services are always available? Consider the implications of an unreachable business, even if it is just for few minutes. Of course this will reduce customer satisfaction and eventually cost the business money. Or consider the example of a small insurance company that cannot access to its customer data base in the cloud and how bad that would affect the business customer support service.

In the real world, failures happen, and yes, there will be cases when the voice or data services in the cloud will be unreachable. So the question is how can we protect ourselves from such a scenario?  And the answer is: Backup, Survivable & Resilience.

SMBs and Cloud Appliance

One solution is to use business routers with backup and survivability features. One of the great things about such a product is that it allows the CSPs to allay their customers’ fear of the cloud and provide them the confidence they need to place their key business functions in the cloud.

The approach is to use multiple WAN interfaces, backup PSTN interfaces and suitable software. With redundant WAN interfaces, you can make sure that in the case of a connection loss to the primary WAN the router will auto-switch to the backup network (for example the 3G/4G mobile network) assuring the SMB customer’s an “always on” Internet connection.

The router also ensures that critical business telephony services will continue to operate in the case of a connection loss with the hosted PBX. This is done using unique software features that will auto route the outgoing calls to the backup PSTN and will maintain internal business telephony operations.

So, the next time you are considering cloud-based services, ask yourself, are you protected in the case of a connection loss to the cloud? There is no reason why you shouldn’t be.

Image Credit: Flickr user Karen Ka Ying Wong

Who-needs-an-SBC-Anyway-Thumbnail

Who Needs an SBC Anyway?

[Post is better viewed on the blog Website]

In the early days of SIP, I was working on VoIP protocol stacks at Radvision. As part my role there I used to attend many of the IETF meetings and SIPit interoperability events. The standards where the holy grail and we were a bit naïve in assuming that everyone would be implementing the standard and nothing but the standard…and networks and products would interconnect easily.

The SBCs Come to life

In those days, almost 15 years ago, new startups that focused on something they called a Session Border Controller (SBC) were coming to life. Later down the road of VoIP deployment, more established companies adopted this concept.

I remember a panel at one of the VON shows in which I came out against this trend. At the end of the day, I said, every single SBC function is handled by the standards. As long as the VoIP community will follow the standards, life will be good and simple.

Reality check

I guess it is needless to say that the world of VoIP is more complex than simply implementing the standard. The reality is that networks and products usually don’t interwork without a special effort to make this interworking possible. There are 2 fundamental reasons for this:

  • Standards are complex, very detailed with multiple options, and many times companies interpret them differently
  • Companies want to add their special secret sauce into their products and sometimes, due to technical or commercial reasons, they implement some of the functionalities in a proprietary manner

Regardless of the reasons this is the reality. The naïve position of the past didn’t pass the reality check of real life.

Who-needs-an-SBC-Anyway

The business communications angle

VoIP is deployed in many enterprises and service providers’ networks, yet there are still many enterprises and SMBs that are not connected to VoIP services. Taking a closer look at those already using VoIP in the enterprise or receiving such a service from their service providers, we see several common characteristics:

  • Not all branches use the same PBX. This is due to acquisitions or changes along the life of the network that were not implemented across the board
  • A hosted service was added servicing some of the branches, requiring the connecting of the on-premise PBX and phones with the hosted service network
  • A unified communications service such as Microsoft Lync was added in addition to the existing telephony system requiring the connection of the 2 networks together
  • Survivability needs and local PSTN termination require an on-premise “box” to provide these capabilities

Each one of the points above introduces complexity and a mix of standard and proprietary (or as some vendors call it, “SIP like” or “in the spirit of SIP”). As this phenomenon is the reality of today’s business networks, a smart mediation box is required to connect between the different elements and support these requirements.

What is special about the SBC that makes it the “Swiss Army Knife” of VoIP?

An SBC is like a Swiss Army Knife as it handles many functions. It is well aware of the specific environment in which it is deployed and typically has a flexible configuration that allows adapting it to the specific deployment environment. On the other hand, SBCs are also known for complex configuration due to their complex functionality. As such, a configuration wizard that contains various vendor product profiles for automatic and easy configuration of the SBC for specific deployment scenarios comes in handy for simplifying SBC configuration.  

A typical SBC would have the following functions:

Mitigation & connectivity – connect between different PBXs and different hosted services, connectivity with different SIP trunk providers.

Security – detect security threats such as denial of service, call theft and eavesdropping and protect the network from them. The SBC may also perform encryption/decryption functions to force a policy requiring all outbound traffic to be encrypted.

Quality of Service – the SBC monitors call quality, reports on issues and may enhance quality through media manipulation

Routing & policy enforcement– making sure calls routed based on the enterprise policy-based on user identity & privileges, call termination cost, quality requirements and network conditions

Regulatory compliance – route calls to recording services

The list of functions above is a general and non-exhaustive list. Naturally, there are different functionalities required depending on the type of the SBC, be it an access SBC or an enterprise SBC.

In conclusion, if in the past there was a debate about the need for an SBC, today SBCs are found in most deployments, on-premise as well as in hosted services, providing functionalities such as security and resiliency. Moreover, the SBC is included in many of the architectures defined in the standards.

Image credit: Flickr user Hiking Artist