Trouble Shooting ShoreTel ECC Scripts

ShoreTel ECC Future?

The ShoreTel ECC or enterprise contact center is a remarkable product in many ways.   Though we are depressed to see that it has apparently taken a back seat to ShoreTel Connect as it relates to product enhancements, it remains a formidable player in the contact center space.   Clearly, if you are deploying a ShoreTel phone system, then it may be the only viable option.    We note that ShoreTel has made a new acquisition for contact center functionality in the cloud, so the potential of supporting ECC product enhancements may even be less hopeful as product development resources shift to the “cloud” and ShoreTel Connect.

Remember EasyRun?

We have worked with the ECC since before it was a ShoreTel product.  It actually originated as an OEM product, a re-branding  of a software solution brought to market by EasyRun, an Israeli based company founded by Avi Silber, long time VP of Software Development for Telrad.   ShoreTel ultimately executed a software source code licnese and the rest is history.  Unfortunately, we seem stalled at Version 9 of ECC, which was not a major evolutionary step from ECC Version 8.

At any rate, the product does a super job in small to medium sized Call Centers and meets the minimum daily adult requirement for call center functionality.   One particular  function enables the system to integrate with popular database solutions like Microsoft SQL.   This enables the system to take on some very sophisticated applications that include routing inbound calls based on the return of data in the customer service database.  One of them most asked questions of marketing professionals as it relates to Contact Centers:  “are all customers created equal”.   You might want to route an incoming call based on the callers status in your customer database as a Platinum client or as a deadbeat on credit hold.

SQL database dips are almost essential for any Contact Center offering.   ShoreTel enables this functionality through OBDC connectors to the host SQL server or CRM system.    One of the challenges for design and implementation engineers is testing the design and results of the SQL data dip.  Historically, ShoreTel has not provided a lot of debug tools here and documentation on inner workings of the ECC is not generally available.  If you are bold and go poking around in the BIN files, you will note a lot of exe files and if you are curious, brave and inquisitive you might take on an exploration of what these files are used for.

Undocumented ShoreTel Debuggers!

One file in particular seems to launch a very useful test tool.  We have never found any documentation on it, and it has become something of a legend among we ECC implementation engineers.   If you are fortunate enough to maintain a relationship with other engineers that share information, you can build up a library of useful tools based on shared results from others.  Kudu’s to one such brilliant engineer, Bill Fraedrich for sharing his growing list of FC_Thingy functions and the other members of the development community who regularly publish results.

Route Caller by ANI (caller ID)?

Recently we had to create a SQL data dip to pull back a customer record using Caller ID or ANI as the database index.   Now anybody who has done any Contact Center CRM integration regardless of vendor, knows that you have to do some string manipulations to strip off the +1 that will be passed by the carrier as part of the ANI information.   ShoreTel ECC, CISCO UCCX, it does not matter it is all relatively the same.   Once you clean up the ANI you can pass it off as part of a SELECT command and go get your data.  Then manipulate the data to find the fields you are looking for to make your routing determination.

The undocumented debugger!

The issue becomes how do debug a script that is not producing the results your design expected?  Again, ShoreTel comes up short here as it relates to documented debug tools.   The CISCO UCCX, for example, has a step by step debugger built right into the script editor, which is really helpful for those of us who have to design, implement and test these scripts.   It turns out that ShoreTel has one as well, you just have to know where to find it.   Again it is not documented and is well known only to those that know it well.

In this video clip we take a look at the tool and show an example of how you might use it to unravel a particular SQL data dip problem.    We have found a number of these tools and we are always looking for documentation and road maps produced by those who have gone this way before!   Next blog we will take a look at a TAPI debugger that is also very useful when troubleshooting ShoreTel phone system Communicator issues.

At any rate, the ShoreTel ECC has great potential and is a wonderful solution when applied in the proper environment.   You can create some very sophisticated routing applications based on a variety of CRM integration, custom software solutions and IVR scripts.    Despite all our grumbling and complaining,  we have not found anything we cant make work on a ShoreTel ECC!

CISCO Version 11 – New “Conference Now” feature!

Is your ShoreTel or CISCO Audio Conference Secure?

Most all phone systems have some embedded resource for ad-hock audio conferences, ShoreTel and CISCO are no different.    CISCO, like ShoreTel,   had “meet me” conference facilities, but it had one serious flaw.   Anyone could dial into the conference bridge, even after the conference had started and there was no security against “lurkers”.   This made the conference facility the last place you would hold a team meeting or corporate strategy discussion!  Optionally both vendors addressed this with add-on conference applications usually requiring a separate server and additional licensing based on number of ports or supported users.   CISCO offered the now defunct Meeting Place server and ShoreTel still offers its own Conference server application.   How frustrating is that!  Deploy a brand new phone system only to find out it has limited conferencing functionality without an additional investment.

CISCO Conference Now in Version 11

CISCO for one, has now addressed this in the most recent release of CISCO Unified Call Manager, Version 11.   A new feature, “Conference Now” has been added to the still available meet me conference facilities.    Setup is relatively simple and now provides password protection for conference ports.   Call into the Conference Now IVR application and you will be prompted for a meeting ID and a password.  The password is provided by the “host” who must be a participate before the conference can begin.   Advanced features like calendaring still require an external conference facility, but if you are looking for audio conference security, this is an ideal solution and is bundled as a basic feature of CUCM Version 11!


Basic Configuration

Conference Now Configuration is simple and a new line entry in CUCM Call routing administrator web page.  Just give the application a Directory Number, Route Partition, a Description and set the maximum time the bridge should wait for the “host” to join before dumping everyone!   You can also select a Music source that provides the media conference attendees will hear until the host joins!  Then Set Media Resources, Confirm that IVR is registered with phone system and that it is be part of Media Resource Group.

Users must have the “Conference Now” privileged enabled before they can establish conference sessions.   Under User Management you enable the users privilege to use this as a host and set their PIN.  A good practice is to set that users extension number as the Meeting Number.   Granted, not the most secure solution as you basically establish the same attendee access code for all that users conference sessions, but it is way more usable than the previous meet me conference solution.


Select or Create Custom Prompts!

There is a library of CISCO provided prompts to support this IVR application, but you can create custom prompts and select them as appropriated!


As embedded Conference facilities go, this is about the best we have seen.   It is a standard Call Manager feature and can be enabled by individual User and provides password protection for Conferences in session!



CISCO Configuration Professional Express

When you lease expect it, expect it!

We were deploying a new CISCO Voice Gateway, a CISCO 2921 with a PRI and mistakenly pointed a browser at the LAN Interface while searching for the CUCM URL!   Sometimes accidents result in new information.  We generally do not use Configuration Manger so we were very surprised when the browser returned the following screen.


What Can you do with it?

After the initial WTF?  We started to poke around and what we found was more than interesting!  This is a lightweight version of CISCO Configuration Professional, embedded in the router flash memory and it is enabled by default on newly Minted access routers.  Currently, Version 2.7 is shipping and it has both an Admin portal and a User Portal. The Admin portal is enabled and shipped on the router.  If you want to add the Use Portal (I have no clue why you would do that) you have to download and install additional software to flash memory.  The System enables base configuration of key components like WAN links,  VLANs,  User, DHCP and SSID management.  It has a Quick Setup Wizard and some interesting Router Diagnostics!  There are also basic troubleshooting tools like Ping and Trace to assist debug efforts.


“Plug and Play” Option

There is also and an option for a “Plug and Play” server as part of the Prime Infrastructure support to automate remote deployments.   If you are deploying a multi-site solution, this can significantly speed things along allowing for centralized planning, design, installation and management.    Ship the router to someone who is capable of plugging in the right cables and off you go!  The router finds the gateway, sends a request to the mother ship, identifies itself by serial number and can then download firmware and configuration files!   Reload, up and running!

When folks wonder why they should pay more for a CISCO router when they can get Brand X for so much less, you might think about the impacts this can have on total deployment and maintenance costs!   It had a great beat and it was easy to dance to, we gave it a 10!


Cloud based Next Gen Firewalls?

Firewall or Security Appliance?

Along with the general tend for business to move to a subscription based, recurring revenue model, the ubiquitous firewall has also moved to the cloud!   In the case of the firewall, however, there is measurable and dynamic benefit to be realized by coupling your firewall to a cloud based subscription.   The “wild west” that characterizes the internet in the 21st century demands a dynamic, self healing, unified treat management strategy!    It is no longer acceptable to use simple statefull packet inspection based firewalls that limit activity based on network layer source and destination IP address matching.  Firewalls must now become “security appliance” solutions!   Content Filtering Intrusion detection and prevention and a growing shared database of malware protection with cross referenced “reputation” based real time analysis is now the minimum daily adult requirement for network Internet work security.

Most of the popular firewalls in the commercial market place now couple some form of a subscription service to the base cost of the actual hardware.  Generally these subscriptions are spam and email filtering solutions at the low end, but include very advanced content filtering and malware protection at the high end.    Effective content filtering and malware protection requires access to a ever growing database where global information about daily treat and reputation analysis can be analyzed and shared among subscribers.    Identity based networking is also an essential component in managing network resource access.  Group policies that limit the facilities that the “guest” wireless network can access and the bandwidth that it can use, from the facilities and bandwidth that the corporate user can access begin to define the minimum specification for network computing.

Meet My Meraki!

We are particularly fond of the Meraki solution as a good fit alongside of the more sophisticated CISCO Next Generation and “SourceFire” solutions.  Both technologies are recent CISCO acquisitions and significantly expand the company’s well established range of threat management, Identity and VPN solutions.   The Meraki products are not only subscription based,  but are truly “cloud” resident.   This makes it very attractive for IT teams or Managed Service Providers to remotely install, configure and monitor geographically distributed firewalls and VPN devices.    When coupled with the subscriptions for ongoing software updates, the system provides unparalleled cost/benefit performance in the following key areas:

  • Identity Based Access and User Group Policy Control – Local or Active Directory definition of users and guest
  • Intrusion Prevention – Active before, during and after monitoring of known treats
  • VPN Automation – Mesh or Hub and Spoke configurations to integrate remote offices and work groups
  • Content Filtering – Limit internet access by specif URL or Group like “peer to peer”,  “file sharing” or “Social Media”.
  • Anti Malware and Anti Phishing – Active scanning of all HTTP traffic
  • High Availability and Fail over – Device and connection security through multiple uplinks
  • Application Visibility and Control – Know exactly who is using what and how much!
  • Centralized Management  – Log into the device through your cloud based “dashboard

Content Filtering and Central Management

Content Filtering is based on subject matter or specific site URL and is intuitive to configure as show below.     The group polices enable you to assign content filtering based on Active Directory identity and group authentication.  Guest log in pages enable visitors network access.   All of this functionality is dynamically made current through subscriptions and is centrally managed through a “dashboard” that is defined in the “cloud” and accessible by authorized personnel from anywhere on the Internet!



Register for a webinar and qualify for a free switch, firewall or WAP!