Authors Medium Mark Lindsey SMTS at ECG

Securing VoIP Carriers: Start with the CPE Management

It amazes me that VoIP carriers continue to make a very simple mistake: they setup an FTP server (which is good) to provide the configurations for their SIP Phones (such as PolyCom, and Aastra SIP phones) (which is also good), but they use the manufacturer's default "PlcmSpIp" username and password on the servers (which is not ideal, but that's debatable). (Google reports 411 web pages document...


Choosing BroadSoft and MetaSwitch

I regularly spend time working with BroadSoft BroadWorks systems, and with MetaSwitch systems. I rarely have a client that has both, but I have many clients in both camps. Both are winning -- in separate camps. The BroadSoft service providers and the MetaSwitch service providers really don't seem like the same market set. There have been a lot of competitors -- consider Sylantro, General Bandw...


VoIP-NSP Mailing list

There's no general discussion for people using VoIP in a Network Service Provider forum, until now. http://voip-nsp.e-c-group.com/ VoIP-NSP: for people using VoIP in a Network Service Provider environment. These should include people using BroadSoft BroadWorks, Acme Packet, MetaSwitch, Sylantro, VocalData, General Bandwidth M6, Alcatel-Lucent, Asterisk, and anybody else interested. VoIP Net...


VoIP Security is a Different Animal

A lot of Network Security Expert grew up protecting conventional enterprise applications. Clients are PCs. Servers are web servers, or run MS Exchange. Maybe they get involved in web proxies. Perhaps they have to create a special rule for Microsoft SQL Server. VoIP Security is entirely different. The ports, connections, services, and behavior are completely different than conventional PC s...


MetaSwitch "Innovators" and BroadSoft's "Marketplace"

Last week, MetaSwitch (part of Data Connection Limited, DCL) launched the "Innovators" site. It's similar in spirit to BroadSoft Inc's "Marketplace". They're both intended to spur "Client Development". Both are major VoIP software companies. MetaSwitch also handles hardware. Both keep their ordinary documentation locked in customer-only web sites. But both have released just a tiny bit of th...


FAIL: Isolated Development Engineers

I work with numerous telecommunications equipment providers who isolate their Development Engineers from customers -- and sometimes even from their internal staff. The Wall of Isolation becomes evident when you need to really understand how something works precisely. All I want is to talk to somebody who can read the source code and tell me what it's intended to do: A major VoIP software de...


The War over DNS and VoIP

Many people don't like using DNS to route VoIP traffic. I suspect other distributed applications have similar questions. They've had too many problems with DNS being reliable, or too slow for real-time call processing. In addition, many VoIP carriers use private IP addresses for their servers! This breaks Internet Engineering principles, and severely complicates name-to-address lookup services....


Black-Box Testing Fring for SIP and SkypeOut

"Fring" is a Instant Messaging and VoIP client for the iPod and iPhone Touch. It's a free download, and I decided to try it. Fring Setup When you start Fring, you have to register for a Fring User ID -- before you even enter your IM, SIP, or Skype contact info. That suggested to me that it was doing this stuff through a central server. I setup my MSN, AOL, and Yahoo IM contacts and se...


Selling more than you have for sale

Occasionally I get to observe a client who has made a mistake; sometimes they come to us to help clean things up. One such mistake is selling something that you don't have to sell. There are two forms of this mistake: the "Maximum Scale Error", and the "Unknown Cost Error". Maximum Scale Error. Suppose you have a service, like Shared Call Appearance (SCA), also called Shared Line Appearance...


Care and Feeding of Pet Ideas

Thorbjoern Mann's book, "Time Management for Architects and Designers" has a lot of good advice that applies to people doing network, system, or software design! No, I don't design physical structures or objects, but it's still design. There's always more than one way to satisfy a goal. And making Design Decisions that harmonize to create a good system or network overall is important. http://rc...


What is "Enterprise Quality Video"?

Psytechnics has a troubleshooting product that sounds neat. Expensive, but pretty neat. Their marketing folks have sent me this email, announcing they'd teach me how to ensure "Enterprise-Quality" Video and Voice. What is "Enterprise Quality"? To be honest, most "enterprises" I know do a lot of business over cell phones. Is cell phone quality what we're aiming for? And even if we accept that "...


Writing Detailed MOPs, and the Distinction between Planning and Doing

Service Providers often want a detailed Method of Procedure (MOP) for any change in their network. Some service providers, like Level(3), have Engineering people plan the procedure, while Operations people actually do the procedure. This does encourage careful planning. But sometimes things go wrong; most MOPs have a back-out procedure, so that any changes can be reversed. But wouldn't it be ...


On Organizing People and Work at a VoIP Service Provider

VoIP service providers these days face the technical challenges of huge flexibility, and no single integrated solution with interop-tested partner devices. You can't just buy a "switch", plug in some TDM/SONET transport and turn up "smart remotes" made by the switch manufacturer. Even integrated VoIP systems like MetaSwitch leave a lot of design space: -- What signaling protocols? -- Which of t...


The "Just Do It" approach to network design

The natural way networks are designed is "just do it". We just do whatever seems obvious; very little thought is given to design. Instead, neophytes think it's "just" a matter of configuration. This approach leads to incomprehensibly complex designs. Cables going in every which way, poorly-planned fault tolerance, VLAN inconsistencies (e.g., VLAN 200 is one broadcast domain on this switch,...


Sales folks and work avoidance

Sales folks are a funny breed. It's a salesman's job to work to convince you to buy his product. But he's only willing to do so much work! The amount of work he's willing to do is vaguely correlated to the amount of money he might make from you. For example, when I was at BellSouth, if I called Empirix to get information on their product, they wanted to get on a plane and come explain it t...