Author: DrVoIP

Peter S. Buswell (aka DrVoIP) is a rare blend of C-level executive leadership and deep technical expertise in telecommunications and cloud infrastructure. With a career that began at AT&T in 1970, he has founded and led multiple industry-defining companies, including Dextr.Cloud—acquired by AWS Global Partner CloudHesive. Peter has held senior roles at firms like Exxon Enterprises, Intervoice/Brite, and Franklin Telecommunications, and has consistently driven innovation from traditional PBX to Amazon Connect cloud deployments. A hands-on architect with certifications from Cisco (CCNP/CCDP, UCCX/UCCE) and AWS (Solutions Architect, Developer, SysOps), he combines strategic vision with engineering precision. Known as DrVoIP, he continues to bridge the gap between enterprise goals and technical execution in today’s evolving cloud communications landscape.

Is there a RAT Virus in your phone system?

Posted on by DrVoIP

If you have a device on your network that you do not have root privileges for, then your entire enterprise is at risk for a Cybercrime! Do you want to know what a Trojan horse might look like? It might very well look like a Linux appliance provided by an outside manufacturer, delivered and installed on your network. This might be a network camera, firewall, phone system or monitoring device. As network security professionals we would never allow any device to be connected to our network, in which we did not have root administrative authority. IT Directors who budget for network security, intrusion prevention and detection and apply best practice to the care and feeding of their enterprise networks seem to overlook this very large potential security vulnerability. Every day, new networking equipment, appliances and hosts are connected to your network and nobody every questions the fact that you do not have root authority?

Most of the younger folks carrying an Android device have “rooted” their phone, why? Yet you will allow your company to install equipment for which you do not have root authority? Makes no sense to us? The fact is that most modern VoIP phone systems like those from ShoreTel and CISCO are delivered with key components built on Linux like platforms. These devices are placed on the network inside the firewall and perimeter security devices yet the root privilege is not available to the system owner. A very curious practice, would you not agree? Even if you have no clue about network security and hacking, would you allow someone to come into your place of business and install a “box” for which you have not access rights?

Anyone with root access could easily put programs on that appliance that could act unnoticed by network security devices. No virus protection would take note and the device would have complete access to the entire network. A common and popular hack is the RAT, a Trojan horse that can easily be placed on an unsuspecting users phone, computer, or other network device. These RAT’s or “remote access terminals” can be remotely controlled to turn on you microphone, camera and would have full access to all files and network resources. They become remotely controlled “bots” or computer zombies. The good news is that most modern virus protection will find these RAT’s if they are installed on a host computer. What about that appliance you just added to your network, the one you do not have root access privileges? You would never even know that RAT was there and you do not even have access permission to check!

Business owners, regardless of their personal level of technical savvy, need to question every device installed on their enterprise network. Who owns the box and who administers the box? Do you have root administrative authority on every device in your network? If not, why not?

Don’t Look now you’ve been hacked – part 2 (useful tools for awareness)!

Posted on by DrVoIP

Big Brother is Watching!

The thought of people being concerned that NSA is listing and monitoring their activities is a hysterically funny concept to me. Whatever you think of Edward Snowden, know that he is a day late and a dollar short. Most of these very same people that worry about the NSA, have a “Tracebook”, Twitter, Instagram or a half a dozen other social media accounts that should be significantly reducing the NSA operating budget. In fact, let’s just disband the NSA and hire Google! It seems that most of us have no issue publicly posting our most intimate details on Facebook including everything short of our Social Security numbers. Posting our current location and “checking in” so that the entire planet knows not only where we are, but what we are doing seems to be an absolutely essential public service and should also include pictures of the meal I am about to eat. How many of these same individuals are aware that every picture posted contains Meta Data that also memorializes the GPS co-ordinates and the camera type used to take the picture? I know you want to share picture of the family, but do you really want ISIS to know exactly where they live?

Useful Tools for Privacy!

As everyone is so willing to publicly disclose these personal details, it explains why so many remain ignorant of the data mining that goes on that you do not knowingly consent to. I assume we all know that Google is in the business of selling digital user profiles to advertisers? Every type an email to a friend about planning a trip to the Italy only to find your inbox now populated with travel agency “hot deals”? If your email does not fill up with travel deals to the Italy, you can bet your internet browser will now display a travel agency advertisements, “learn to speak Italian” and top Italian Restaurants on every page you view fin! Now ask me what we think about using Google Docs! We suggest that you consider DoNotTrackme extensions to your Chrome and Firefox browsers. We also recommend that you install “self-destructing cookies” and watch how many cookies are exchanged with your browser each use. Remember, we really don’t need your username and password, we need your cookies all of which are transmitted in clear text over that Starbucks wireless you have been using! All available using FireSheep!

Now if this is a vulnerability that effects individuals, what vulnerability effects enterprise level environments? Forget the notoriously leaking Windows Operating system and your hopelessly porous laptop, in the wake of the 55 Million credit card numbers stolen from Home Depot and the 45 million stolen from Target, we now have to worry about the credit card machines at the checkout counter. Actually the TJ Maxx heist was in many ways much larger! You might be considering how did the hackers get through the Firewall? As we have pointed out before, most computer network security exploitations are not executed through the firewall, they are executed by “social engineering” with the assistance of an ignorant employee or paid hit man. It is suspect that at least one of the above break ins was assisted by a third party trusted partner like the heating and air conditioning service company. Nothing like a starving janitorial night service crew to earn a few extra bucks plugging a USB device into any desktop computer releasing a new and improved malware version of BlackPOS ! Most of these stolen credit card numbers can be purchase here or on the Darknet using a Tor browser to reach silk road type websites.

It seems you can’t turn on an electronic device today without it alerting you that a software update is available for download. From the TV set, to the mobile phone, tablet and now even your car, all are subject to software updates. Do you even question what is being downloaded to your device when you do a software update? You just assume you are connecting with Apple, Amazon or Samsung? What if some evil doer was really just spoofing a software update and you just willingly downloaded a super basket of spy goodies that turn on your phone camera, activate your microphone and email snapshots to back to the mother ship. NSA, are you kidding? You would never know if it was your spouse, or employer would you? Yet millions of people do this without care, day after day and think nothing more about it. If you want to be tracked everywhere you go, risk having your most intimate communications published (just ask Jenifer Lawrence and the other celebrity Nude hack victims) just carry your Smartphone with you at all times!

Cyber-crime, next to the Ebola virus and violent terrorism is the single most economically destructive phenomenon to threaten the American way of life since the Cuban missile crisis. Yet the average business owner winces at the cost of engaging a computer network security audit and thinks that penetration testing is lovemaking foreplay. When the IT team asks for a Firewall upgrade or an increase in budget to cover a subscription to virus, spam and bot net filtering they somehow can’t justify the added expense. Educating your employees on the safe use of the Internet over WiFi should be part of the healthcare preventive medicine program, but most business will ignore “social engineering” vulnerabilities until a major data thief publicly embarrasses them.

(DrVoIP provides VoIP network readiness assessments and is a certified Network Security consultancy providing penetration testing, firewall and related security services. If you contact DrVoIP@DrVoIP.com we recommend that you use Ipredator and remember that there is a difference between being anonymous online and untraceable on online! We can help you with both.)

Looking for a UCCX Wall Board? – VSR2 has the vision!

Posted on by DrVoIP

If you have ever considered adding a Wallboard to your CISCO UCCX based Contact Center deployment, you know that the selections are slim.  There is a wealth of unsupported “freeware”  solutions on the net, generally the failed  result of someone trying to “roll there own” wallboard.   Clearly,  you always have that option if you have the time, talent and ongoing commitment to support Cisco’s follow on versions and upgrades.  To assure ongoing compatibility with CISCO, you need a dedicated development team!  Finding a vendor supported wallboard that does not cost as much as the UCCX itself, however, has been very difficult until now.   We recently had the opportunity to work with VSR2, a UK based  CISCO partner who has been building software based solutions since 2007.   The VSR2 UCCX Wallboard product offering is both an astonishing accomplishment and a must have product for any serious call center deployment.   Not only is the product exceptional, but the entire team behind the product is a real joy to work with!

The VSR2 installation is very simple, but it is generally done by a factory engineer over a remote desktop or TeamvViewer type remote connection.  The VSR2 solution runs on a Windows Server under IIS and interconnects with the UCCX over an Informix database connector.   Simply provide the usual UCCX database credentials and if there is network connectivity between your Windows Server and your UCCX server the install will be completed in less than 30 minutes, most of which is spent waiting for Microsoft!   We worked with an excellent engineer, Victor Spirin, who was very helpful in answering questions and also provided an initial over view of the systems capabilities.

We successfully tested the VSR2 on both UCCX Version 8.5 and Version 9 with no problems, or show stoppers to report.  The Wallboard is easy to customize and there is a great deal of flexibility in every aspect of the configuration.  Your can select your columns, content, color and triggers.  You can create multiple CSQ  wallboards, or Agent based wallboards.  In fact you can create a library of  wallboards and you can send supervisors links to previously created wallboards.   VSR2 has also developed other tools that are effective for Call Centers including a call recording capability, but it is the VSR2 wallboard that brings this company to the forefront!   They offer a 30 free trial and if installed, it would be hard for us to predict that it would ever be removed!   Take a look!

 

Don’t look now but you have been hacked!

Posted on by DrVoIP

Hackers at the Front Door?

Most every home and business office now has a firewall that separates your internal computer network from the wild west of the world wide internet. The good news is that firewalls have become increasingly more sophisticated and properly configured can do an excellent job in securing your internal computer network devices.  Modern firewalls now include intrusion detection and prevention, email spam filtering, website blocking and most are able to generate reports on who did what and when. They not only block evil doers from outside your network, but they police the users on the inside from accessing inappropriate resources on the outside internet. Employees can be blocked from visiting sites that can rob your business of valuable productivity time or violate some security compliance requirement.  Prime business hours is really not the time to update your Facebook page! Nor do we want our medical and financial service folks using an instant messaging service to chat with and outsider!

The Firewall is the electronic equivalent of the “front door” to your computer network and there is an endless parade of potential evil doers spray painting your doors and windows, relentlessly looking for a way in. A properly configured, managed, and regularly updated Firewall can be very effective in protecting your computer network, both in the office and at home. Behind the firewall, must desktop computers and office servers have local software based firewalls installed that also provide virus protection.  Hopefully if something does get past the firewall, the internal virus and desktop firewall solutions will provide an additional level of security.

What is a Firewall Anyway?

Firewalls are both reasonable and appropriate but here is the bad news. Most of the hacking you now hear and read about is not done by evil doers coming through your firewall! The real damage is done by those inside your network! Malicious users and dishonest employees will always a treat. There is always the treat of the unscrupulous employee swiping credit card data or passing security information for money. The real danger, however, is from users who are just ignorant of today highly sophisticated security vulnerabilities. The most honest employee can unwittingly become the source of a major security breach resulting in the loss of their own personnel data, or the personal and financial data of your customers.

Take your average laptop user as a perfect example. How many times have you gone down to Starbucks and setup shop?  Beautiful day, open air, sun and a high speed internet connection, wireless phone and it is business as usual! If I told you how easy it is to setup a “man in the middle” attack at Starbucks you would give up coffee for the rest of your life. You think you are on the Starbucks WiFi, but actually that kid in the back of the Starbucks with the Wireless Access Point attached to his USB connector, has spoofed you into thinking he is your door to the Internet. He has been monitoring every key stroke on you laptop since you logged in. In fact he now has your log in, password and most everything else on your computer.  Now when you head back to the office and plug in,  you just unleashed a bot on the company network and he will be back later tonight!

If laptops were not enough, everybody is now walking around with a Smartphone!  Did you know that your Smartphone keeps a list of all the WiFi networks you have used recently? Remember when you were down at Starbucks checking your email while waiting for that cup of coffee? Now everywhere you go your phone is sending out a beacon request that sounds like “Starbucks WiFi are you there?” hoping it will get a response and auto connect you to the internet. Remember that kid we were just talking about?  He decided to answer your beacon request with a “yeah here I am, hop on!” Just another “MITM” attack and what he can do to your Smartphone, especially those Androids makes your laptop look like Fort Knocks!

Sometimes for fun and entertainment, while sitting at a gate in an airport waiting room, I will net scan the WiFi to identify how many phones, computers and ipads are online and connected. Not saying that I would do this, but I think you could execute a Netbios attack in less the five minutes?  It is amazing how many people leave their printer an network sharing options on when they travel.  Even more people leave their “Network Neighborhood” settings  in the default configuration!  The drill is always the same:  map the network to see what hosts are connected; port scan for know vulnerabilities; out the exploit tool kit and the rest is actually getting relatively boring for the ethical hacker.  Now credit card thieves on the other hand…….

Chances are your Internet browser is worst enemy when it comes to securing your privacy.  Every website you visit, every email you send and every link you follow is being tracked by hundreds of companies. Don’t believe me?  If you are using Firefox, install an add in extension named DoNotTrackme and study what happens.  Assuming you are an average internet surfer, in less that 72 hours you will have a list of over 100 companies that have been tracking your every move on the internet!  These companies don’t work for the NSA,  but they do sell your “digital profile” to those willing to pay for the information.  Where has your GPS been? What sites did you visit, what movies did you watch, what products did you buy, what search terms did you select – all of this dutifully reported back by you and your unsuspecting employees.  Ever wonder if your competitors want to know what your viewing on line?

Voice Over IP phone systems offer an entirely new range of vulnerabilities waiting to be exploited by the unscrupulous evil doer!  We recently illustrated to a client Law Firm (as a paid intrusion detection and penetration testing consultant and with the clients permission) just how easy it is to covertly switch on a conference room based speakerphone and broadcast the entire conference to a remote observer over the internet! In fact, capturing voice packets for replay is the first trick script kiddies learn in hacking school!

VoIP, Bluetooth, WiFi, GPS, RFid, file and print sharing and even the “cloud” all add up to a list of vulnerabilities that can be easily exploited. What can you do? You need to educate yourself and develop your own “best practice” for safe computing.  You need to educate your employees and co-workers about the various vulnerabilities we all face every day as we become more “wired” and more Mobile.  Hire a competent Computer Network Security professional to do “penetration testing” on your corporate network and firewall.  It would be better to pay a professional to “hack” you, then pay to  fix it after you have been hacked!  Remember if we can touch your network, we will own your network!

(DrVoIP provides VoIP network readiness assessments and is a certified  Network Security consultancy.   If you contact DrVoIP@DrVoIP.com we recommend that you use Ipredator to do so!)

ShoreTel Virtual Trunk Switch – Configuration and License impact!

Posted on by DrVoIP

ShoreTel currently has three virtual appliances that can be used in place of the Orange ShoreGear voice gateways and conference servers.  These three virtual appliances are shipped within the ShoreTel core Server Software and consist of OVA files and ISO images.  The tree appliances consist of the phone switch; the trunk switch and the Service Appliance, a virtual replacement for the SA-100 and SA-400 conference servers.   Once they are virtualized, they install exactly like the hardware versions of the Orange ShoreGear boxes.   The only noticeable difference, is that the configuration page in the ShoreWareDirector does not seem to offer up the image of the switch as it does with the hardware version.    There are no drop down boxes for configuration of switch feature options in large part because each option is defined by the OVA file.    We note only two ISO images in the FTP root of the HQ server, so we have concluded that  the same ISO is used for the phone switch as is used for the trunk switch, the differences being set by the OVA file.

Each of the virtual devices install in a very similar manner, with little difference as it relates to the bring up under VMware.    Open the proper OVA file and the hardware is appropriately configured.  Launch the machine and you will be required to provide the normal Network configuration data and identify the location of the ShoreTel HQ/FTP server.   After the machine is configured you can log in as root, run Ifconfig to check your network card settings and note the MAC address for configuration in the ShoreWareDirector.    Then bring up the cli interface using “stcli” and you will be greeted with the familiar and easy to navigate ShoreTel Switch menu system.  You will need to add the FTP, NTP and DNS address information.   Having a primary NTP source is of critical importance especially when configuring the Service Appliance used for conferencing applications.

Now that the virtual machine is configured and running you can add it in the ShoreWareDirector.   Again aside from the lack of an orange switch image on the configuration page, it installs like any other ShoreGear device.  From a license perceptive, no harm done until you actually configure a SIP trunk.   In addition to the normal SIP trunk licenses you will need for any of the hardware gateways, the vTrunk switch will require licenses as you add trunks to the virtual appliance.   All in all this is sweet stuff and you should have a ball playing with virtual switches!  The video walks you through the entire setup! – DrVoIP@DrVoIP.com

 

 

Hacking ShoreTel with Wireshark or Trouble Shooting One way Audio.

Posted on by DrVoIP

My First Hack?

When I was a little kid, back when there was black and white TV sets and 33 RPM records, I was always amazed at the work of the telephone company repair man! At that time there was only one Phone Company. When they sent a repair man out your house he arrived in a drab olive trunk like those used by the Army. The telephone repair man had a belt of tools including a very Kool line mans “butt set” or handset and some really super hand held drills and other stuff.

I remember watching as he installed our new “touch tone” wall phone! Then I watched as he took the “butt set” from his tool belt and like all those spy movies, he clipped it across the copper wires, which I later learned were Tip and Ring, to test the circuit! I did not even have to ask, I could hear it. When he clipped across the wires he could hear the conversations that were being held on that circuit. How freaking Kool is that!

Now with IP or VoIP telephony, the butt set has gone away, but listening in on phone calls is still possible. Forget the NSA, is one of your employees copying and recording your conversations to a USB drive and posting it on Facebook? The fact of the matter it is easier than using that old “butt set” which required a physical presence and an ability to touch the circuit. With VoIP, you can “remote “in from anywhere on the planet, do a remote packet capture and leave little or no trace that you were even there. In fact, using some deep net technology like Tor, or stacking multiple virtual machines in an Amazon cloud, not even the NSA could trace your route!

Network engineers long ago figured out they could not see the packets that run around the local area network, let alone those that go off into the Internet. Tools were needed to capture the packets, slow them down and sequence them through a protocol analysis. One of the early on tools to do this, now named Wireshark, is the minimum daily adult requirement for network trouble shooting and must definitely for VoIP problem analysis. With this software tool, a network engineer can capture all the traffic moving over the wired or wireless network that interconnects your office to the World Wide Web, and save it for future analysis. The TCP/IP protocol, though a mystery to the uninitiated, is like a microscope to a network engineer or serious hacker.

It continues to amaze me that technologically I can position myself as a “man in the middle” and basically watch as you type your user name and password into your favorite website. Bored teenagers or “script kiddy’s” now do this for light entertainment. Again, forget the NSA, your teenager has more ability to track your internet activity and probably more reason to do so. Now apply this concept to your VoIP network, and you have much the same situation. It is very possible to gather up the packets on your local network, or in route to your SIP provider and reassemble them into complete phone calls.

Next to QOS issues, “one way” audio issues are among the most common of VoIP network issues. When trouble shooting these kinds of issues on ShoreTel deployments, we typically telnet into each phone in the conversation and ping our way from the phone, to the default gateway and back to the other end. Invariable we find a configuration error in a default gateway somewhere on the network. QOS issues are best solved with a protocol analysis and verification of call control signals.

This is where Wireshark comes in.

Version 14 of ShoreTel simplifies the use of Wireshark. As a Network Engineer you are aware that if you install Wireshark on the ShoreTel HQ server, you are only going to see unicast packets sent to the Server or multicast broadcasts set to all devices on the network. Wireshark will not see unicast packets sent to the other devices on the network unless you setup remote monitoring or port mirroring. With Version 14 of ShoreTel, you can setup remote monitoring from the HQ server and copy packets for analysis and assembly. Voice or RTP media between ShoreTel phones and ShoreTel Switches is encrypted while on the network. Media traffic between devices in not encrypted and can be captured and played back. MGCP, unlike SIP, treats RTP as UDP and you will need to modify Wireshark preferences to capture it as playable voice.

The accompanying video walks you through the process of capturing VoIP traffic, looking at both MGCP and SIP call control and how to assemble voice and media streams for playback.

Can you create a “killer” Contact Center Script?

Posted on by DrVoIP

Most Scripting engineers working with Contact Center deployments built on CISCO UCCX, ShoreTel ECC, or Avaya have amassed a collection of script subroutines.  These subroutines are used over an over, from script to script to avoid having to recreate them for each new deployment.   Most every script needs to check a holiday schedule, check for Service Level parameters and update language options.  Why not have your new script call on one of your existing library scripts, a technique used by software engineers since the first line of assembly code was written.

We have always been preoccupied with the concept of a “killer script”.  A single, reusable script that can reconfigure itself to meet the specific requirements of the call flow required to satisfy a particular contact center application.   This concept continues to preoccupy our thinking. Saving deployment resources also reduces deployment costs, implementation, test and turn up time.  It also eases long term maintenance and documentation efforts.

DrVoIP has emerged a “root” script that we use as the base line of any new deployment.   It contains a number of subflows, prerecorded generic prompts and call handling options that enable us to move a new call center to operational status quickly and with confidence that our code meets requirements, both known and likely to emerge as management experience is gained operating the new setup.

Using a “QueueOptions” XML file we are able to read in options that reconfigure the script each time it is launched.   Using DNIS as the variable that indexes the XML filewe can choose custom prompts, determine if a Menu, or IVR needs to be launched or if the caller needs to be routed directly to the agent pool.  We can also retrieve the name of the Agent Pool or CSQ, determine what options should be offered callers in queue and provide customize queue messages and even push out custom screen messages to the agent desktop.

The core script is the same for applications, the elements of which, are customized based on the called number.  We use a value that determines DIRECT, MENU, IVR, or UTILITY which will call on the necessary subflow to provide the custom call flow.   One CSQ might hear a different Menu of self navigation options then another caller might hear based on the number they dialed.

We have even emerged a range of custom numbers that minimize the potential for digit conflict.  We set the triggers in our applications, or the numbers that launch the script, to 3009998000-8999 for example.  This ten digit number looks like a typical +1 area code and number, but it can not be dialed.   As such it is an ideal way to standardize on a script that can be reused without having to worry about changing triggers.

The script can call subflows for options that might not be needed for each caller, but can be initiated if required.  For example, holiday checks, call back options, special emergency call center closings.   Audio Prompts are numbered to allow prompts to be specified but drawn from sub directories that are identified by the values stored in the XML file, indexed by the number called.  Using numbers instead of names also allows us to create a script that can allow a supervisor to re-record a specific prompt at will.

The UCCX version of this script, the generic audio prompt library and the QueueOptions.XML file is available in the subscription video library on the DrVoIP site next to nothing.  We have tested and debugged version 1 of this script using Version 8.5 Enhanced license, so I can be easily upgraded.   We will update the script with options for schedules, menus, prompt re-recording and interface it to some of our previously released modules.

Save the software!  We are now working on a similar concept for ShoreTel ECC.  The video walks you through the design concept and illustrates key elements of the core script.  Keep the cards and letters coming! – DrVoIP

Run ShoreTel on Vmware Player or Oracle VirtualBox!

Posted on by DrVoIP

With the release of ShoreTel Version 4.2 the company introduced the concept of virtual appliances. These software objects, had the potential of replacing the Orange ShorGear hardward boxes that typically characterize a ShoreTel deployment. The wisdom of trading the power of dedicated hardware based digital signal processing chips for the variable power of a shared computing resource aside, there are any number of advantages to using “virtual machines”. Currently ShoreTel supports Vmware ESXi and Hyper-V, so we thought we would push the envelop and try alternatives, for example Oricales Virtualbox and Vmware’s Fusion and Vmware player and see what results we could achieve. Just for kicks we thought we would see if we could inport and OVA file into Amazon Web Services and run a ShoreTel switch instance in the cloud!

The ShoreTel OVA and ISO files are distributed with Version 14.2 and you can link to them in several ways. They are in the intetput, ftproot folder on the ShoreTel HQ server. You will find two folders TSU and TSV, each with an OVA file and an ISO image. The TSU folder contains the objects necessary to create the Conference Appliance and the TSV folder contains the Phone and Trunk Switch objects. Think of the OVA file as a configuration profile that draws the outline of your virtual machine and defines the basic hardware configuration. The ISO image, contains the operating system. In the case of the ShoreTel ISO, it is in fact a Windriver Linux distribution, which has its roots (excuse the Linux pun) in the https://www.yoctoproject.org.

Clearly, ShoreTel is cutting the cost of goods, by reducing the need to produce Voice Gateways. It does not look to us however, that they are passing any of that reduction off to end users however. The cost of implementing a virtual ShoreTel Gateway is not much different than the cost of actually buying the hardware solution. The motivation for using the Virtual machines must be based on something other than acquisition cost. For we engineers however, it is fun to play with. You can spin up a machine in short order and use if for 45 days before you have to pay for the licenses. In the case of the conference appliance, there does not appear to be any cost other than the hardware used to run your Virtual Machine.

There appears to be three options for virtualization: the conference server; a phone switch and a trunk switch. The conference server lets you create an environment for web based conferencing and desktop sharing. The phone switch is a direct replacement for the ShoreGear family of users switches. Likewise the Trunk Switch, enables you to create SIP Trunks. If you have no hardware to connect, there is no reason that you can not put your users on a virtual switch. In fact if you have no copper connected to your VoIP deployment in the form of analog phones, telephone company analog lines or digital lines, your entire ShoreTel soltuion can be a figment of your imagination, living only in a virtual world, HQ server included!

Ingate apparently has made a Session Border Controller that is virtualized and may be integrated with the ShoreTel Trunk Switch, but we have yet been able to get a test device in our lab. Having a Virtual Switch configured and available as a “fail-over” solution or secondary switch in a ShoreTel deployment makes a lot of sense to us. You can configure the switch, put it live in your deployment and you only pay for it if you actually fail users over to it and you have 45 days to think about it! We have been able to successfully deploy ShoreTel in an Amazon Cloud, completely in software, using SIP trunks and remote phone registrations over VPN. There are lots of powerful options for deploying a virtualized ShoreTel, limited only by your imagination!

We attempted to deploy ShoreTel on an Oracle VirtualBox but keep running into an issue with the network adapter settings. The ESXi version of Vmware allows you to create a soft ethernet switch and route it to the rest of yoru network. The VirtualBox achieves the same flexibility allows you to NAT, Bridge or establish a host only NIC card. As the Virtualized ShoreTel switch needs to communicate with the rest of your deployment, you need configure the NIC card to Bridge or NAT. Both Fusion on a MAC and VMware Player on PC’s resulted in working ShoreTel switches without to much drama. We were able to bring up VMware Player on the ShoreTel HQ server and build out a Conference Server replacement for the SA-100 Hardware solution with little issue.

Candidly, these are not supported ShoreTel configurations, but we are just engineers playing with all the kool stuff! Remember that if you clone your virtual machines you will need to change the NetBios names and IP addresses before they can be useable in the same deployment. The embedded video is an overview of how to configure both the Free Oracle Virtual Box and the Vmware Fusion for Mac and Vmware Player for Windows to run ShoreTel. Keep the cards and letters coming and remember to support the GNU project!

 

 

 

SIP as a Disaster Recovery Strategy? EtherSpeak answers the call!

Posted on by DrVoIP

As a standard deployment practice, we at DrVoIP implement SIP trunks as a “fail over” on every system we install.   As reliable as your PRI circuit has been, they do fail from time to time!  In fact, we recently lost 27 PRI’s at a major San Diego Hospital when a carrier ( who’s name will remain anonymous) experienced a fiber cut taking out most of their clients in the region!  Stuff happens!   Having an alternative circuit in place is not only a wise step to take, but by using SIP,  can be very economical.     We find that most carriers offer a “circuit down” capability that  can automatically reroute incoming calls to another number if they detect a “D” channel failure, a sure sign that your PRI is out of service.   If you have not yet done so,  you should get with your carrier and set this up as many carriers require that this feature be programmed into their central office switches and is not something that can be easily done on demand.   This should be configured in advance of a real system failure, and always on line, ready for use!

EtherSpeak Inc,  always the innovator and at this point a “senior citizen”  in the SIP service community,  is now offering an intriguing disaster recovery product free of initial charge!    Throughout June, you can add a three channel SIP trunk, 100 minutes of talk time and a Virtual DID number for absolutely no cost!   EtherSpeak was among the first providers to interconnect with ShoreTel systems, for example, without the need for a Boarder Controller.   They simply built a private IP-sec site to site  tunnel, from your system to their soft-switch.  This is a huge savings in both money and aggravation!    This is an extraordinary value and eliminates any excuse for not implementing a disaster recovery plan to assure telephone calling services in the event your PRI goes down!   Simply work with your carrier to have your main telephone number call forwarded to the virtual DID number provided by EtherSpeak and callers will never know your PRI failed!   Calls will ring in over the SIP trunk and be handled by the ShoreTel like any normal phone call.   Clearly, you only have three circuits, but EtherSpeak will be happy to increase the number of circuits.  In fact, you might find that SIP is really all you need and you might just migrate over to EtherSpeak as your main provider!

The adoption rate of SIP technology,  by both large and small enterprises, is staggering!  Once the domain of only the true geek,  today SIP is a very reliable, cost effective and  viable alternative to traditional copper circuits.    The EtherSpeak disaster recovery package is not only a prudent business continuity move,  but it will allow you to get comfortable with SIP.   Remember a PRI commits you to 23 paths regardless of how many you actually need.  If you need 30 talk paths, the only way to get that capacity with PRI is to contract for a second 23 talk path circuit!  SIP enables you to purchase exactly what you need and you may even be able to “burst” upwards if special circumstances require more talk paths!   Truth be told, your carrier is most likely delivering your PRI over a SIP trunk anyway!  As the cost of maintaining copper lines has continued to escalate, carriers have been slowly migrating over to soft switches that bring SIP trunks to the customer premise.  Using an Integrated Access Device or IAD,  the SIP trunk is then  converted back to a PRI for hand off to your PBX.    If you have a ShoreTel T1/PRI switch you can re-purpose that switch by converting it for use as a DSP resource to support your SIP trunks, so your original equipment investment is protected.

We are not sure what you have to lose?   Free installation, no additional equipment, free virtual number and 100 free minutes of talk time?    Let the boss know you are thinking and taking actions in the best interest of protecting the business and get with the good folks at EtherSpeak by clicking here and taking advantage of this free offer!

Free Tools for Network Monitoring and VoIP assessments!

Posted on by DrVoIP

A network assessment and a trouble shooting effort are differentiated only by a matter of time an the level of urgency.   Effective network administration means that you are always troubleshooting and always proactively looking for anomalies that can negatively impact the quality of service on your network, trash your voice and video communicates;  and compromise the confidentiality and integrity of your data!   A network assessment should be a proactive, around the clock activity of monitoring bandwidth utilization, network throughput, jitter, latency and access.    This is the  process of monitoring the “health” of your network and it is the base line on which we can determine “normal” and set traps and alarms for “abnormal”.    Without a base line trend for our network, the only way we would recognize a network problem, is when the users population, beats a path to your door!

When we find an anomaly in our network, a change in the normal trend of traffic and utilization we move into the “who done it” mode.  It is no longer useful to know that bandwidth utilization has now exceeded our historically documented level of “normal”.   We need to know what protocol is using the bandwidth,  what ports are generating the traffic and what is the legitimacy of the traffic.  This requires a different set of tools than that which you might use for “health check” related monitoring activities.  This is often where we see the difference between “freeware” tools and software solutions that have a hard dollar acquisition cost and a subscription maintenance cost.   Bandwidth, Jittery and Latency is one set of measurements.   Protocol analysis and simulations an entirely different set of issues.

There are a variety of free tools that can help you setup monitoring for the purpose of “health checks”.   Generally, you will want to setup a dedicated “network monitoring” server.   Again, there are all kinds of tools on available for this purpose.   We recommend that you set up a dedicated monitoring sever, and that you make use of Centos or some other Linux distribution, as most of the serious network tools are written for Unix based machines.   For example Cacti,  Nagios, Munin  and Zabbix are all very powerful health monitoring solutions, with very active community support and software extensions.   For those of you who prefer working on Windows platforms, you might consider downloading XAMP for windows!   Lets not forget that we have wireless components in our network and we strongly recommend the Xirrus Wifi Inspector be added to your tool kit, though it is only available for Windows.

Most of your key hardware components, including your network switches, routers and firewalls have embedded tools for analysis.   For example, seeing that a particular segment of a network is breaching historical bandwidth utilization standards, we can then drill down by inspecting the individual ports of an Ethernet switch.  We want to be on the look out for collisions, duplex mismatches, congestion and drop packets!  This can be nailed down to a specific network port and that will significantly reduce the scope of our investigation.     At this point we want to take a look at what protocols are running on the network and for this we need more specialized tools.   We urge you to have  WireShark  and or Microsoft Network Monitor available and that you be very comfortable in setting it up and also interpreting the information presented.  CISCO IOS has a number of advanced tools that can simplify your life.  For example, NBAR or network based application recognition, can identify protocols between network segments.  Netflow is also a core CISCO analysis tool that many of the freeware programs are built around.   Solarwinds will allow you to download and run a fully functioning version of its Netflow analysis tool for 30 days and it covers J-Flow, and other vendor versions of Netflow.  Understanding what Protocol is eating up your network bandwidth is an essential debugging step in your network analysis!

Most experienced network administrators will tell you that when it comes to trouble shooting, nothing replaces command line directives.   As that great Yogi Berra would say; “ You can observe so much by watching”.    Make liberal  basic iCMP commands of ping, traceroute and arp and also NetStat for machine specific path analysis.  A useful desktop tray tool for machine specific analysis is NetWork also free for the download.  On your Unix machines you can run the command line “iftop” which will show bandwidth utilization by IP and port.    There are also a number of online network tools and free downloads that can help you trouble shoot issues.   These would include IPChicken for determining what IP address you are presenting to the outside world; and angry IP port scanner.

A first time network assessment will looking at all of the above metrics but will also include physical level checks, and simulations of what future VoIP traffic might look like.    DrVoIP publishes a VoIP Network Assessment and readiness checklist that is available for free download in your membership portal!   Send an email request to DrVoIP and request a sample Statement of Work for a Network VoIP readiness assessment and we will send you one.

At the end of the day, a VoIP deployment will be as good as the network it is build on!  It is all about the network!