Dipping Your Toes into the SIP Stream

SIP copy

There are surprises and there are surprises.

For instance, I like it when I come home after a long day at work to find that my wife made dinner reservations at my favorite Saint Paul restaurant – W. A. Frost. I also like it when I finish my tax returns and discover that I don’t owe thousands of dollars in unpaid taxes.

I’ve also had the less-fortunate variety several times and can do without that kind of excitement.

One thing is certain: I don’t like getting surprised at work. Those surprises generally involve more toil, looking foolish, ending up with less money, putting in longer hours, or all of the above. The looking foolish part happened to me recently, but instead of moping about it, I decided to use it as a teaching tool.

This article originally appeared on SIP Adventures and is reprinted with permission.

I recently began working with a company and their carrier on adding SIP trunks to an Avaya PBX. Unfortunately, I was brought into the project late in the game and quite a bit of discussion had already occurred. Perhaps I was told all the details or perhaps I was not, but the result was that I was under a few false assumptions about what the customer wanted and what the carrier was set to deliver.

Specifically, it turned out that yes, SIP trunks were being deployed, but the customer wasn’t actually set up to work with direct SIP. That carrier, which happens to be Verizon, was providing the SIP, but the SIP was terminating on a Cisco 2911 router configured as a SIP-to-PRI gateway. So, SIP to the demark point and ISDN to the customer’s communications system.

It’s no wonder that I couldn’t get straight answers about session border controllers and session managers. There weren’t any and the customer wasn’t about to deploy them.

Now, if I were an unscrupulous sales guy, I might try and tell the customer that he was making a bad decision and up-sell him on equipment that he wasn’t ready to deploy, but thankfully I am neither a sales guy nor unscrupulous. Instead, I embraced this as a viable solution that will serve the customer well until he is ready to move a little deeper into SIP.

There are situations where SIP — at least total SIP immersion — is not the best answer. A business may have a number of good reasons why it wants to dip its toes into the SIP stream, but it wants to do so in a measured and controlled manner. It wants to reap some of the benefits of SIP, but is fully conscious of what it can and cannot afford.

This particular business has an Avaya system that has been kept up-to-date on software and hardware, but is still predominately TDM. They understand the benefits of VoIP, but haven’t invested in a VoIP-ready network. Additionally, the nature of this business is not one that has Ethernet cables where they are needed for telephony. Although antiquated by today’s standards, analog and digital telephones are still in wide use by many businesses. This business needed a compelling reason to change and until they got it, things were staying put.

Still, they wanted to take advantage of some of the benefits of SIP and SIP trunks are a great place to start. They can eliminate many of their costly ISDN trunks, create a better business continuity strategy, consolidate networks, and take the first step towards what may ultimately be a much larger leap into SIP.

Related article: Wow, I Can Do That with Unified Communications?

Baby Steps

So, the idea of bringing in those SIP trunks, running them through a SIP-to-PRI gateway, and terminating T1s on their existing line cards is a perfectly good choice. One day they may decide to take things a little further, but other than having to re-purpose a fairly inexpensive Cisco router, they haven’t thrown good money at bad.

Later on, they can move those SIP trunks away from the 2911 to an SBC without having to completely redesign their SIP solution. SIP is flexible enough to support quite a few of these transition solutions. That Cisco router could just as easily have been one of the many SIP-to-TDM gateways offered by AudioCodes.

In the end, my surprise turned out just fine. Granted, I was a little confused for a while, but that’s nothing new. Once I understood what was what, I was able to assist Verizon with their implementation questions and get the customer rolling down the road to SIP.

That’s the kind of work surprise I can deal with.

Related Articles:

A Business-First Approach to Digital Transformation

In part I of this series, we explored the definitions of Digital Transformation, IoT, and Smart Enterprise.

Digital transformation goes beyond normal organizational evolution. It is a metamorphosis enabled by new sources of information and new ways to interact with an organization’s eco-system. It’s said that “necessity is the mother of invention”—meaning we are satisfied with the status quo until some external force motivates us to change. An evolutionary breakthrough requires an external force that threatens organisms’ very existence—they must adapt or die. The Ice Age was a massive external force that caused many organisms to change. Likewise, today digital transformation is forcing change in businesses. And note that today’s external forces behave more like an incoming meteor than a slow-moving glacier. Slow evolution will not work here.

Over the last three decades, we have seen organizations change with the Information Age. The Data Warehouse phase illustrated valuable information existed in operational financial data that could be used to improve efficiencies within organizations. While working for EMC (now DellEMC), I had a lot of conversations with customers about building storage infrastructures for data warehouses. When sizing a storage infrastructure, knowing how much data is going to be written and how long the data will be stored is required. I was always amazed at how little guidance was provided to IT organizations from the sponsoring Business Unit as to the amount of data needed to be stored in the warehouse. The BU didn’t know what data they were going to collect, nor did they have any idea how long the data would need to be stored. We were often faced with sizing a project to collect everything and keep it forever. Bottom line: the BU didn’t have a clear set of objectives and believed if they didn’t jump on the data warehouse bandwagon, they would be destined to fail.

I am of the opinion that many organizations today are facing similar situations with IoT. Amara’s Law states, “We tend to overestimate the effect of a technology in the short run and underestimate the effect in the long run.” Gartner’s research methodology, based on Amara’s Law, portrays its curved Hype Cycle in five phases. We may never know exactly where we are on the Hype Cycle—we can only tell where we were. For example, we can’t identify the peak until we see a decline.

I think we are somewhere on the left-ascending slope with inflated expectations and believe we have yet to reach the peak. I also consider the trough is an industry phenomenon and one that individual organizations don’t necessarily have to experience. It is the old story of missing goals: was the goal too high and, therefore, unattainable or was the goal appropriate and execution was faulty? Accurate goals are predicted by experiences. New technologies, by their nature, are hard to accurately predict since we don’t have the experience to base the prediction upon.

A Digital Transformation Game Plan

Just because we are early in the hype phase doesn’t mean organizations shouldn’t be investing in IoT, but they should think business first and technology second. For example, when data warehouse customers approached their projects with a clear set of business challenges and objectives in mind, their projects were more successful than those who led with technology. This doesn’t mean that organizations that started with technology first weren’t eventually successful; they just spent more time and resources getting there.

A smart enterprise is one that looks at their place in the world today, seeks to understand how their environment is changing, determines how they need to evolve, and looks to technology, people, processes and data to determine how to reach their goals. As I point out in my blog about data loss, if you defined yourself in the 80s as being in the record business, you had a short life expectancy. But, if you defined yourself as being in the music business and were able to take advantage of the digital transformation at the time, your brick and mortar storefront could have evolved into a worldwide enterprise. As history showed, it was the new businesses that profited from the digital music industry emergence.

An Illustrative Example

Let’s take a look at a couple of anonymous hoteliers—Property A and Property B. Both properties are full-service five-star providers catering to business and leisure travelers. Both are seeking to improve their on-premises guest experiences. Marketing at Property A has determined their customers want star treatment. Their customers are looking for a high-touch experience, where the staff and employees know their names and can anticipate their every need (based on past experience). Property B determined their customers want a fully-automated experience—minimizing staff interaction, while maximizing guest independence. Both organizations:

  • Set clear objectives
  • Identified the loyalty app on their guests’ smart phones as the key to providing the desired guest experience

When a guest arrives at the front desk at Property A, the concierge greets them by name with their room reservation already pulled up on the console. The guest’s loyalty phone app identified the guest with the property’s wireless location-based service, prompting the guest’s photo to be displayed on the concierge’s console. When the guest stepped up the desk, the concierge selected the correct picture to get the guest’s information displayed on the screen. To the guest, it appears the concierge personally recognized them like they were a sports or entertainment star.

When a guest arrives at Property B, the guest’s loyalty phone app signals the wireless location-based service that the guest has arrived. The guest is checked into the hotel automatically. The guest room number and electronic key is pushed to the app on the phone and the guest goes directly to their room without ever talking to property personnel. The app may even provide turn-by-turn directions for the guest to get to their room in order to avoid asking for directions.

Both properties are similar with two different business goals. Looking at the two solutions from the Internet of Everything (IoE) perspective presented in part one of this series:

  • IoT: In these examples, an app on the smart phone is the networked device.
  • Data: The high-touch model requires photos of the guest and/or their family members. Property B needs to tie PCI information to the app with requisite data protection requirements.
  • Processes: These solutions need to tie the new functionality into the existing systems. If these properties belong to chains, how will information be updated and shared with the other properties. Will data be replicated locally on-demand when guests book a reservation? How long will it take for data to be updated? If the guest books a reservation from the parking lot or cab, will the data be ready when the guest walks into the lobby?
  • People/Personnel: Property A needs to train the desk clerks and other personnel that are expected to provide the star treatment to guests. Sensitivity training on how to handle the guest accompanied by a woman that does not look like his wife would be valuable. Property B personnel need to be trained how to respond when the app doesn’t work correctly and how to interject themselves into the process with minimal impact and maximum efficiency to the guest.

For more about digital transformation in hospitality, read the Avaya blog Five Ways Hotels Can Build a Successful Digital Strategy.

IoT and other emerging technologies, like artificial intelligence, are providing the capability to respond to environmental pressures and business opportunities in significantly new ways. I propose that while everyone will be successful with IoT (eventually) or become extinct, the enterprises that start with business requirements first and apply technology (old and new) second, will become smart sooner and last longer.

What’s Your Ransomware Reaction Plan?

Ransomware is nothing new, but like Distributed Denial of Service Attacks (DDOS), over time it has evolved in its prevalence, sophistication and impact. New techniques in social engineering and methods of compromise are creating new vectors that attackers can leverage quite effectively. The damage can also be quite extensive with the three major impacts being:

  • Encryption of corporate and/or personal data:

    Typically these are important documents and data on the resident system after a cross infection to other systems.

  • Encryption of secondary and tertiary data:

    As other systems are infected these are often servers and backup resources.

  • Disclosure/Destruction (or threat of) prior to or during restoration attempts:

    If there is an attempt to circumvent the ransom, data is destroyed or disclosed to the public.

Additionally, the variety and evolution of ransomware has significantly increased as well. This is making it more difficult for traditional malware detection mechanisms to detect and react in time (much like the flu virus that constantly morphs its outer proteins to avoid the detection of the immune system). Let’s take a look at some of the major categories of ransomware:

  • CryptoLocker/Cryptowall:

    These two are similar in code base with Cryptowall evolving out of CryptoLocker. During the first six months of 2014, Cryptowall earned an estimated $1 million.

  • CTB-Locker:

    This code, discovered in 2014, distinguished itself by the use of TOR-based (dark web) server control and automated bitcoin methods.

  • TorrentLocker:

    An evolution of CryptoLocker.

  • Locker:

    Began to spread in 2016 using mass distribution channels.

  • TeslaCrypt:

    In 2015, this ransomware encrypted various types of files including online games. It’s very difficult to remediate.

This is a very limited list. Each category has several offshoots that provide for a rich jungle of each code type. The actual list would go on for pages.

Non-file-based attacks are also increasingly becoming more prevalent. First discovered in 2014, this is where the direct manipulation of systems registry and memory allow for the ability to place malware in a manner that is quite undetectable by traditional file-based anti-virus methods. It sacrifices resiliency for stealth. The code does not survive a reboot, but it doesn’t have to.

Once the access is gained the damage is done. Typically the covert encryption of data occurs very fast after code residency, but encryption is not the only method. Sometimes data may be extracted and held for ransom. The data might be email threads, web histories, internal corporate documents, etc. There may also be a C2 channel for infiltration or exfiltration. So the problem of ransomware is indeed multidimensional. It has multiple methods and can impact both corporations as well as individuals.

So the question is, “What can be done”? I call attention back to my Advanced Persistent Threat blog series. The use of micro-segmentation in a well thought out manner is the first key approach. While some users may be affected, it is important to realize that the propagation must be contained. Above all, important critical data should be separated from the compromised end point by several degrees. At a high level these relate to a good solid white-listed security demarcation between micro-segments as well as threat detection intelligence at these demarcations to pick out any anomalies in traversing traffic.

But we can’t ignore the human dimension. We are the weakest link in the chain. I hate to bang on the users again—but, after all, I’m a user as well, right? We all are. Do individuals in our organizations understand what the proper security policy is? Do our organizations have a policy for ransomware and more importantly do we have a reaction plan?

Avaya has been working with various security partners to evolve SDN Fx into a true open ecosystem for secure network communications. By utilizing stealth network topologies, hyper-segmentation and elasticity, many of the hurdles to a secure infrastructure can be eased. It also makes it much more difficult for malicious code and C2 channels to propagate and become established. This is particularly true if the micro-segmentation design is well aligned with well-designed security demarcations. This powerful combination can result in the service chaining of individual communities of interest into defined and coordinated security inspection points. We will talk about this in my next blog where I explore the importance of visibility to a proper security practice. Until then, stay secure!

Digital Transformation, the IoT, and the Smart Enterprise

I was given the title “Smart Enterprise” for a presentation at #AvayaEngage 2017. The presentation abstract mentioned Digital Transformation and the Internet of Things (IoT), two very hot topics in socialized media that I hoped the audience would find interesting and educational. To start, I took a fundamental look at these two key terms. A side effect of social media is that hot terms get bandied about by bloggers, analysts, and product marketers until definitions become so bloated with possibilities, a common meaning is difficult to distill. I wanted my audience contemplating how they could make their enterprise smart and not trying to figure out my definitions of these terms.

I began with Digital Transformation, defined by Wikipedia as “digital usages [that] inherently enable new types of innovation and creativity in a particular domain, rather than simply enhance and support the traditional methods.” I also looked at other definitions but this one resonated with me since I believe all of the hype around Digital Transformation justified a significant definition: Digital Transformation is not just another step in the information age, it is an evolutionary breakthrough.

Necessity has been credited as the mother of invention. A darker corollary is that organizations change when faced with external challenges, particularly ones that threaten their existence. At times, we expend much effort to change and then sit back and relax. The problem is that we might relax too long and don’t realize the rest of the environment continued to change, or we see the change, but fail to respond. Brick-and-mortar retail is a great example of the environment changing faster than organizations can respond—both Sears and Macy’s were still counting their 2016 holiday revenue when they announced more store closings.

It was a little tougher to find a concise definition of The Internet of Things (IoT). Breaking the phrase down into its components:

  • The internet is a vast global network
  • A thing could be anything or everything (which sounds a lot like a circular definition)
  • Dictionary.com provides several definitions for thing. One of them is “anything that is or may become an object of thought”

Therefore, the IoT is anything we can think of that is interconnected by some form of network.

As Avaya’s Jean Turgeon wrote in his IoT Chronicles blog, the IoT is a “vast topic.” Therefore, I propose the following working definitions of IoT:

  • New classes of devices that have not traditionally integrated data network connectivity
  • Networked devices with fundamentally new capabilities

I added the second definition to include smart devices (phones). Today, mobile phone advertisements don’t talk about call quality. Instead, they focus on camera resolution and stabilization or attachments such as lenses and VR capabilities. Phones have become a portable computer platform, enabling data collection and communication, a basic premise of the IoT.

This brings us to my presentation title: Smart Enterprise. Enterprises can become “smart” in many ways. In the realm of Digital Transformation and the IoT, there are three key components:

  1. Internet of Everything: Organizations need to look broader than just the things connected to the network. The Internet of Everything (IoE) consists of data, people, things, and processes. Organizations need to look at the entire ecosystem of their IoT projects. What data is available? What data is needed? What data needs to be retained? How will automation be implemented based on the data? Where do people fit into the processes? How are people’s jobs being affected—simplified, enabled, replaced?
  2. Business First: Don’t try to “keep up with the Jones’.” Don’t think that since everybody is doing IoT, you also need IoT to stay competitive. When thinking about digital transformation and threats to survival, it’s easy to get caught up in change for the sake of change. Start with business needs and then determine how to apply IoT technology, rather than looking for some place to apply the technology. (More on this in part two of this blog series.)
  3. Safe and Sane: A quick internet search shows the phrase Safe and Sane is usually used in reference to fireworks or driving. Both are rewarding endeavors with significant risk. I think it’s appropriate when discussing the deployment of IoT-based projects. IoT may be the key to organizational survival, but it greatly expands an organization’s threat surface, the area targeted by hackers.

New competitors are popping up every day. Furthermore, intelligent and aggressive antagonists are trying to gain value from our data. These are real threats to organizations’ survival. In efforts to change organizations, we can’t allow others to gain access to networks or data.

Gartner predicts that IoT will be the source of 25% of Enterprise attacks by 2020. We’ve seen a few already, including the Target stores hack via their HVAC system and the Distributed Denial of Service (DDOS) via CCTV cameras. (For more about DDOS, see the recent blog from Avaya’s Ed Koehler.) IT organizations are caught between the needs of the business and the need to protect data and infrastructure.

Enterprises must get smarter to survive. Data and control provided by IoT can enable a digital transformation. In upcoming parts of this blog series, I will examine how to build a network infrastructure to enable a safe and sane approach to IoT projects.