Alex Desberg

Tuesday, 25 January 2005 11:49

VoIP -- the true digital phone

Voice over Internet Protocol (VoIP) is quickly being adopted for business communication and cutting-edge home users who are willing to let go of their phone company. This next generation of phone services allows you to replace your traditional landline phone with one that connects over the Internet using a broadband or other high-speed technology.

Conventional phones work on the Public Switched Telephone Network (PSTN). VoIP service connects you to the PSTN through your Internet connection. Of course, as with any new technology, there is a cutting-edge factor that requires intestinal fortitude when adopting it.

One advantage of VoIP is that traditional telephone companies are jumping on the bandwagon. AT&T is marketing a VoIP package with a high-quality level of service. And New Jersey-based Vonage is a VoIP provider that is quickly becoming the ubiquitous brand name for VoIP or digital phones. Most providers are also offering Local Number Portability (LNP), which allows people to change service providers without losing their phone numbers.

The technology of the IP phone is fairly simple. The parts include equipment or software at the customer site; a high-speed network such as DSL, a T-1 line or a cable modem; a feature-rich server that adds services such as voicemail, directory and PBX features; and a connection to the PSTN.

The benefits

Industry experts estimate that only 2 percent of broadband households subscribe to VoIP services, but the growth potential seems promising.

With new technology, the greatest benefits are gained by early adopters. If you switch now and let the market mature, costs are just under $30 per phone number, with significantly lower costs for long-distance calling plans than those for conventional phone systems offer. And, as competition grows, pricing and usage standards will be rewritten.

The catch is trying to figure out which fledgling VoIP companies will stay in business for the long haul.

The drawbacks

Residential users continue to be able to only hook up one or perhaps two phones in their home that must be physically located near the cable modem or DSL connection. Under current capabilities, the standard VoIP connection is not a "whole house" solution.

And, you may get some chatter on the line, usually when the local network gets busy. The technology is improving to prioritize the voice traffic on networks over basic Internet usage.

VoIP does demand a certain Quality of Services (QoS) on the network to achieve business-class service. The nature of Internet traffic is always changing and improving, so this problem will be solved as the industry matures.

The future

The biggest issue facing VoIP is legislation. Will this new service ultimately be controlled by the Federal Communications Commission or the Public Utilities Commission? That's one of the most important questions.

As the FCC is trying to sort through 51 separate regulatory commissions with different interpretations of how to tax, authorize and monitor VoIP service providers, FCC Chairman Michael Powell says he will try to gain regulatory control of the new service from the states because to thrive as a business, the technology needs a single, easy-handed regulator.

The FCC proposal will start from scratch with as few VoIP regulations as possible, he says. His goal is not to just modify current regulations. The bottom line is that heavy regulation will stifle innovation and perhaps limit desirable services by unintentionally throwing up barriers for VoIP.

Powell says state resistance may be caused by public utilities commissioners trying to defend their turf rather than trying to encourage new services.

Alex Desberg manages communications for several organizations owned by Doylestown Communications Inc., including Bright.net NE and Ohio.net Internet Providers, the local telephone and cable company in Doylestown, Ohio, and a soon-to-be-launched Competitive Local Exchange Carrier that will offer VoIP services to markets throughout Ohio. Reach him at adesberg@ohio.net.

Tuesday, 21 December 2004 11:26

People, procedure and technology

There are three keystones that create a solid foundation for a safe network -- people, procedure and technology -- and it is necessary to have all of these factors in place.

Internet security risk is evolving at an alarming pace. Hackers no longer need vast programming knowledge to cause severe damage. Hacking tool kits are easy to find online and come complete with a how-to manual. Spyware, malware, smart viruses, bot viruses and phishing scams are marching their way across our corporate networks and through our e-mail, forcing IT professionals to scramble for patches and fixes.

Even hindsight would not have helped, as some of these threats have little or no resolution. Even worse, as stated in The Wall Street Journal, "Increasingly, viruses are becoming part of the modern criminal's toolbox."

People

One of the biggest vulnerabilities networks face is the people who use them. There is a saying that, "A good education is the best prevention." Support from upper-level management in a corporation is critical to the success of any security program.

Management should also be knowledgeable about any current security issues. For years, IT professionals have been scolding novice users on the use of the network when they could have been educating them on how to be part of the security solution.

Education is a low-cost alternative that can alleviate risks within any network. Rather than keeping users in the dark, IT professionals should be enlightening them through education about new risks such as phishing scams, which lure you in by posing as a bank requesting that you update your information via e-mail.

Many common vulnerabilities go undetected because they are holes in applications that are attacked by hackers to bring down your network. Virus propagation, e-mail viruses and education on attack techniques help users understand how they can prevent your network from being attacked.

Procedures

Along with education, setting policies and standard operating procedures is necessary.

* Set expectations for users, vendors and visitors that access your network.

* Screen or segment visitors from your network.

* Do not allow outside machines (laptops, PDA, etc.), which are not subject to your scrutiny or control, to use the network. Most networks do not have countermeasures for a computer that gets connected behind the firewall.

* Allow your users a way to report incidents immediately, without repercussions.

* Create a written policy so users have an understanding of acceptable Internet usage.

* Control your liability by having users acknowledge in writing that adverse or unexpected things can happen while using a network or the Internet.

Technology

Technology is the last key part of creating a solid security base for your network. The following are ways of maintaining your technology knowledge.

* Become familiar with the four pillars of network security -- firewalls, VPNs, antivirus software and intrusion detection systems.

* Investigate potential risks and test your procedures. Don't depend on the hardware or software alone.

* Enlist help for things beyond your expertise; a misconfigured security device or software program can be more dangerous than none at all.

* Monitor activity in front of and behind your security devices.

These three keystones of Internet security combine to create a layered security model that is tough and resilient to new security risks as they are unleashed. Proactive network security begins with good security policies and proper implementation of these policies.

You need to be knowledgeable of the current and updated viruses, hackers, cyberterrorists, malicious insiders and worms. Also, having modern technology is vital in providing the necessary protection against risks to your network.

Alex Desberg (adesberg@i-trap.net) is the director of marketing for I-Trap Internet Security Services, www.i-trap.net. Reach him at (888) 658-8727.

Tuesday, 30 August 2005 10:56

Making VOIP pay off

What are the advantages of Voice Over Internet Protocol (VOIP) for business applications? With this emerging technology, the generic term of VOIP can mean a lot of different things. We are going to discuss VOIP from the perspective of business-grade services (not the $19 all-you-can-eat residential version). Usually this is an augmentation of or plain-old replacement for the dinosaur phone systems that live in a back closet of most businesses.

There is a large component of VOIP that is still traditional telephony. Using the Internet as an extension and transport method creates some unique advantages for VOIP technology. Using traditional Internet routing (diagram 1), individual IP telephones connect to a feature server or service provider that adds all the functionality of VOIP service including the voicemail, call routing, caller ID and any other enhancements particular to the service you purchase. Actual telephone calls that run outside the system are terminated on the same switching equipment that handles your traditional wire-line calls.

But phones used in VOIP systems do not need to be on the same network or wired directly to a hardware phone system. Since most VOIP systems are based on a per-seat structures, we are talking about a phone system that has unlimited growth potential and that does not require a massive investment in hardware, line cards or circuits from your local and long distance phone companies.

One of the fastest growing areas in VOIP is the features of hosted PBX services (private branch exchange, a generic term used for featured phone systems). Not only can standard business calls be originated and terminated by IP phones, but a host of phone systems features can be added to increase the functionality of the service to rival or exceed high-end enterprise phone systems.

With VOIP systems, you are aggregated across a large base of other users. This allows VOIP service companies to invest in systems that have any number of calling features. The advantage is that you can treat these services like subscriptions and turn them on or off as needed. These are some of the latest calling features showing up in hosted PBX services.

  • Enhanced voicemail services with Web interfaces for viewing call detail and listening to your messages through a Web browser.
  • Find me/follow me, a service made popular by creating the ability to simultaneously or sequentially ringing your various phones (office, cell, home, hotel...).
  • Selective call routing that allows you to dictate how a call is handled based on who it is (direct to voicemail or route to someone else).

Most available hosted PBX systems now include auto attendant and queuing features. These services can quickly turn a small customer service department into a fully operational call center, allowing callers to wait for the next representative or access a prompted voicemail. Although we love to hate phone systems, most callers tend to appreciate the ability to hold on the line for a live person.

Using networks and the Internet as the transport method for connecting, hosted PBX features give VOIP a distinct advantage over traditional telephony — distance.

Because any Internet-connected network has the ability to support VOIP, the Internet can quickly eliminate distances that have been an expense for wire-line phone systems. This feature enables the remote office user, telecommuter or traveler to carry his/her phone with them and set up office anywhere they have Internet connectivity.

VOIP is still in its infancy. The traditional phone companies have not embraced this new technology yet, and won’t until the business model dictates a technology shift. This allows smaller technology firms and service providers to work in the plural space to help set the standard.

Ohio.net Internet providers remains ahead of the technology curve by pioneering services for the local business markets. With a distinct advantage of being owned by a local telephone company, VOIP is the next natural offering for this 10-year-old ISP. The latest offering and service line-up can be viewed at www.ohio.net.

Friday, 30 September 2005 05:42

Using technology for philanthropic pursuits

Often, technology-based companies have a hard time using internal resources to pursue their philanthropic goals. They become pigeonholed into financial donation or volunteering time in unskilled pursuits.

However, one local Internet service provider has cultivated a relationship that is right up its technological alley. Community Voice Mail has found a partner that will ultimately benefit our area's vulnerable population.

Cleveland Community Voice Mail (cvm.org) is a support organization designed to keep people connected to the real world when they are in crisis or transition by providing them with a free voicemail box. The service may be used by the long-term unemployed, the homeless, victims of domestic violence, runaway youth, kids who age out of the foster-care system, migrant or day workers and others in need.

According to CVM, voicemail can be a huge benefit for individuals who can't afford quality phone service, or need a way for family or prospective employers to reach them. These mailboxes are accessible from anywhere and provide a traditional voicemail box with a personalized greeting.

Government data cited by the CVM calculates that there are more than 5 million U.S. households without telephone services -- not including the homeless, who may number 3 million people annually.

How does technology play into the support of CVM? CVM has been able to adapt some of the latest Voice over IP (VOIP) technology to create a scaleable service that will allow CVM to help clients in smaller metro areas and rural communities.

CVM recently transitioned its service from an antiquated voicemail system originally designed for the hotel industry to a state-of-the-art Unity Server platform created for the VOIP industry. With some philanthropic support from a local technology provider, CVM brought the new system live in a short period of time. Services that have assisted in the transition and growth of the CVM system include increased telephone capacity on fiber facilities, Internet connectivity for the system and support with number portability.

Through this technology provider/nonprofit partnership, Community Voice Mail served more than 44,000 individuals in 37 cities nationwide last year. Michael Gibbs, the local Community Voice Mail coordinator, says, "This partnership will allow us to continue to provide voicemail service to more than 55 social service agencies in Ohio. Our hope is to be able to grow this program to serve new communities and agencies throughout Ohio." Partnering brings together organizations that are starting a new trend of supporting social services through the use of technology. Included in this relationship is a historic name in communications, Doylestown Telephone Company (DTC), a rural Ohio exchange carrier that has been serving the community since 1899.

DTC President Tom Brockman and General Manager John Clarke saw a value in supporting this community-based effort and certainly had the resources to help. Clarke commented, "It was so easy to give them support. We are providing them [CVM] a home in our existing data center and adding a little expertise."

Brockman adds, "We regularly support efforts like American Cancer Society and other local initiatives, but our staff gets really excited about being involved with a project that uses our technology skills."

Ohio.net Internet Providers remains ahead of the technology curve by pioneering services for the local business markets. With a distinct advantage of being owned by a local telephone company, VOIP is the next natural offering for this ten-year-old ISP with a 106-year history of telephony. Reach Ohio.net at www.ohio.net or by contacting Alex Desberg, adesberg@ohio.net.

Wednesday, 29 June 2005 11:27

Multilayer security

When it comes to security, most networks today are like an egg -- hard on the outside and gooey in the middle. Once a hacker or exploit has penetrated the perimeter defenses, the typical network has few systems for intercepting malicious traffic and alerting administrators.

As IT managers grapple with network security in the shadow of increasingly sophisticated exploitations, many are realizing that security is a complex problem that cannot be solved with a single technology, such as an intrusion prevention system (IPS) or deep packet inspection devices. The current model of protection is evolving into a layered approach that includes a multivendor combination of hardened border appliances supplemented by intrusion detection systems.

How these systems are interrelated is very important to effective implementation. The relationship between these systems and the actual hands-on management can create hidden gaps in network security and obscure data that would otherwise indicate an attack. Intrusion detection is not enough; attack detection external to hardware systems must be part of the security fabric.

"We have found that by tempering network security systems with a professional intuition, we are able to help a new generation of network security executives understand how their networks react to evolving security threats," said John Clarke, general manager of I-TRAP Internet Security Systems. "Between actual directed attacks and automated vulnerability exploits, is has been proven that the axioms of good network management will alleviate a very high percentage of network risk. The administrators just need to know what their network is telling them. That is what we do, help them listen."

Clarke goes on to say that most organizations make large investments in appliances that monitor networks in a very isolated mode -- from the inside looking out. This can lead to questions about the validity of data being reported from gear that cannot identify whether incidences occurring are anomalies to the specific network or a new threat that is making appearances across the enterprise landscape. A new level of service that is arising in the market is verification monitoring. This is generally considered a low-cost solution, one that provides noninvasive monitoring across networks and is designed to be an extra set of eyes on a network. Although it would be nice to believe that organizations review their logs on a frequent and timely basis, the fact is most organizations don't have the resources to do it. This creates great opportunities in the small and mid-size business market for companies like I-TRAP, which can monitor networks 24/7 with supplied customer-premises equipment and provide live first-responder support to network professionals.

The math is simple to understand. Using a cost-effective outsource organization for monitoring functions allows network staffers to focus on maintenance and development. Using a monitoring service also makes it easy to track down policy violations and bandwidth hogs like spyware, peer-to-peer file sharing, unauthorized instant messaging and other possibly unwanted programs.

Started in 2002, I-TRAP was the first solution to combine an intrusion detection system (IDS) and external-to-the-firewall attack detection system for up to one-tenth the subscription price of current solutions. The I-Trap service monitors corporate network traffic for a variety of exploitations and intrusions through signature, statistics and anomaly detection. This allows network administrators to verify that security firewalls and policies are working. For more information, contact I-Trap Internet Security Services at (888) 658-8727 or www.i-trap.net.

Thursday, 24 February 2005 11:36

Outside your walls

Often one of the greatest challenges business owners have with the online component of their daily operations is the limitation created by office location. Internet access availability, service levels and cost can be a major drain on an Internet-enabled business.

One way to level the playing field is to take a look at data center co-location.

On a high level, Internet co-location is described as a company that places its application equipment (server, routers, firewalls, VPNs) in a facility hosted by a specialized Internet provider, designed for supporting servers and networking equipment. These facilities have high volume and redundant Internet connectivity, security (physical and network-based), uninterruptible power and climate control.

These are often features and services that are too large an investment for a small to medium-sized business, but without them, these Internet-enabled businesses are highly susceptible to service interruptions.

There is little or no need for most business to have their data and application servers located physically in the same place as their employees. In fact, this old-fashioned notion could be holding your company back. With the advent of Application Service Provider models, thin clients, collaborative networking and telecommuting, co-location can change the boundaries of your business.

In the past, companies have been saddled with trying to get higher Internet speeds as well as security to their in-house data centers. This is often called the "last mile" of Internet technology and is usually the most expensive. Imagine pushing your data center a few hops closer to the Internet and letting your ISP be responsible for keeping the access, power and environment up and running.

You may find that not only is it a safer place for your technology investment, but that now all you may need for your office's Internet connection is a low-cost DSL Internet connection. This could bring serious savings over a T-1 connection.

But do these facilities exist as an affordable alternative for small to medium-sized businesses?

They might be right under your nose. Co-location facilities are cropping up in many areas and configurations. With a huge surplus in downtown space previously used for manufacturing or storage, Internet providers are finding it fertile ground to segment off 1,000 feet or so with security cages, data lines and conditioned power, and go into the data hotel business.

With the ability to rent by the square foot or by U (a universal data rack measurement), businesses can get their Web, mail, exchange, application or any other kind of server on a direct connection to the Internet --all in a facility far more resilient than their own corporate offices.

Deciding where to house your equipment outside your offices is just like picking a new office. Is the building well-maintained and secure? Are the utilities up-to-date? Are there other tenants?

These are all characteristics that are as unique as your business. Large, brand-name facilities are very structured as to the services that are offered and may even have size and/or space requirements. Smaller facilities may be more willing to work with your specialized needs and be flexible on pricing. Investigate your co-location options and see if you can take a step back from your in-house data constraints.

Alex Desberg manages communications for Ohio.net Internet Providers, a statewide provider of Internet services with a product line that ranges from national dial-up with accelerators and DSL to specialized access needs including server co-location. Visit www.ohio.net for information on offerings related to your Internet needs. Reach Desberg at adesberg@ohio.net.