Technology Viewpoints

General comments about the industry, technology and vendor products.


Home | Client Case Studies | Information | August 2014

Structured Cabling

Overview

The cabling systems are the foundation of all the IT platforms. Even though they are the first technology to be installed in a new build they are often an after thought. Fit-out companies will be contract to install a cabling system with little of no reference to the technologies that it will support. All cabling systems look good before the patching is installed.

Enclosure

In too many cases the cable patch outlets are installed in the cheapest 600mm wide cabinets with no provision for horizontal let alone vertical cable management.

patching nightmare

One of the most important aspects of cabling is not the Cabling Standard but the enclosures and their layout. In too many cases the cable patch outlets are installed in the cheapest 600mm wide cabinets with no provision for horizontal let alone vertical cable management. 600mm cabinets are the minimum required to mount 19" equipment and panels, but a patching system needs space around the sides for the vertical fall of the patch cables, allowing free access to the equipment.
Therefore at least 800mm wide cabinets must be used for cabling system. There should be an horizontal cable management strip after each outlet panel and around active equipment. Vertical cable mangement strips should be on both sides of the cabinet. Panduit do some very nice cable management systems.
Another problem is that some installers do not leave enough slack on the cable runs beneath, or above, the cabinet. There should be enough cable slack to re-mount any outlet panel at the top or bottom of the cabinet. This will also allow for limited cabinet moves.


Cabling Standards

There are 3 standards in use today; Category 5e, Category 6A and Category 7.
Generally, Cat5e is suitable for most deployments. Cat6A has a higher performance and is often the system of choice but the cables are considerably thicker than Cat5e, which can cause problems where the cable trunkimg is limited.
Which ever system is installed there should be post installation cable survey of all the outlets using a reputable test tool such as those from Ideal, Fluke and Agilent

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Network Management Systems

Overview

The NMS is the key to ensuring networks are reliable, are maintained correctly and are developed ahead of the end-user requirements. Many think of NMS just as an alerting system but its real value can be extracted by using it to create graphs of trends in CPU, disk, RAM, Internet, etc usage. These graphs can be used as supporting documentation when presenting upgrade proposals to the management. Graphs are easy to understand and to talk around.

HP Openview has been the de facto standard in the industry for sometime, however, it is vastly expensive and there are other more cost effective solutions. Products provided by SolarWinds and IPSwitch may be considered and NAGIOS is an Open Source project that is well regarded.
Windows environments will often have deployed SCOM and tried to expand it beyond the Windows server infrastructure into both the Linux and network worlds. It can be done but its not for the faint hearted and it takes time. It must however be remembered that the cost and time scales of the implementation will be significant and its not unusual for a deployment to take 6-man months of initial development and require at least 4-man days a month to keep running for a 500 node system.

We have had good experience with IPSwitch's Whatsup versions up to 14, with 16 being the current release (2013) and with NAGIOS.

The management of virtualised systems using a generic SNMP management platform is proving to be very difficult at present as vendors focus on their own proprietary and chargeable systems.
SolarWinds and Quest provide applications that plug into the virtual hosts and/or guests to supplement the virtual platform management tools.
NSClient++ is another server/guest based application that will report back to NAGIOS.
The main disadvantage is that these plugins are another service that needs to be tested, installed, patched and otherwise maintained as part of the server infrastructure. They often also present horrendous security holes in to the server infrastructure, especially those that permit the management system to interrogate and control the servers. Where possible Microsoft's WMI should be used with a non-login service account.

When deploying management systems there is often a disagreement between the systems and network teams about whether there should be any overlap. It is our view that the Network tool should see everything. In the event of an event having visibility of the servers and their condition can often speed resolutions. However, it will increase the number of nodes and services being monitored. In our experience overlapping systems do not significantly impact the systems being monitored.

NAGIOS

NAGIOS is a very powerful solution and there are hundreds of plugins available for it though one would normally only deploy a few. See NagiosPlugins and Nagios Exchange.
Typically one installs a LAMP server on a CentOS or Ubuntu Linux distribution. One installs the base NAGIOS system, then a configuration tool such as NCONF that uses MySQL to store all the configuration items and generates the configuration files for NAGIOS. The last component is normally the graphical front end. Two popular GUIs are PNP4NAGIOS and NagVis. Since this GUIs are simple Apache web sites; it is possible to have many such front ends displaying the same data to suit individual needs. Naturally the system management may become cumbersome if this gets out of hand.

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Virtualisation

Overview

While the author is not a Virtualisation specialist, the subject plays a very key part in modern infrastructures. Many of the issues found within virtualised environments are down to poorly configured networking. There also can be structural challenges as the virtualised platform takes on fundamental network functions; eg. Virtual Switching and Firewalls. The cooperation between the teams is vital. In particular the Trunking and interface failover has to correctly defined are care taken to ensure our old friend STP doesn't bite.

At the time of writing (2013) there are two main contenders in the field: Microsoft HyperV and VMWare. Other players such as Parallels and Xen have dropped by the wayside and the Linux fraternity such as Redhat have created their own Red Hat Enterprise Virtualization.

The HyperV story is a good one especially on price when comparing HyperV on costs against the full versions of VMWare. However the true comparison is with the 'free' ESXi which does very much the same as HyperV.

An often overlooked reason for going virtualised is for failover and the full version of VMWare Vsphere5 is a well matured product with loads of facilities such as VMotion and Site Recovery Manager. Also third-party suppliers such as Virtual Sharp offer even better control over the failover and recovery modes of VMware.

Microsoft have bundled HyperV into Windows Server 2008 R2 to provide even more of an incentive to use it. This will probably develop into another Microsoft vs Novell style battle. VMWare may appear expensive but again the deployment and man-power skills costs will be more significant.

One of the significant arguments against virtualisation has been with specific applications servers such as Microsoft Exchange and SQL, and for other high power, high frequency trading applications. The argument has been that either the CPU power delivery by the virtualisation or the I/O offered by the underlying SAN infrastructure is degraded.
It is the author's belief that these issues can normally be tuned out of the system and the advantages of system failover and recovery even in a one host one guest configuration are significant.

Virtualisation Infrastructure

Even in small deployments getting the infrastructure components right matters as a failure or degradation in one part will effect all the rest.

Servers: At least 3 are required even in a small installation and while most deployments will have multiple multi-core CPUs, more often than not its the memory capacity and performance that will limit the service.
For effective failover and guest migration a SAN of some kind is necessary but some have installed SSD for rapid host startup and for swap files and guest images.

Disk System: This normally has the biggest impact on the system. A SAN can be the most expensive part of the virtualisation platform and have the biggest impact on performance. There are many technical arguments for and against the common performance measure (I/O), none of which are discussed here, but in principle more is better. Another simple maxim is that more spindles means more throughput. SATA drives were seen as the way forward for low cost and high data volumes. However there have been problems and this drives should be left in the desktops or archive storage. Any disk array should be made of SAS disks and SSDs.

There are at least 4 ways to connect your disk farm to your virtualisation hosts:

  • Windows SMB
  • iSCSI
  • Fibre Channel (FC)
  • Fibre Channel over Ethernet (FCoE)

The first shouldn't not be used except in extremis.

iSCSI, is relatively new in relation to Fibre Channel and is very common for newer and smaller systems. It runs over Ethernet networks; typically 1 or 10Gbps, and uses a full TCP/IP stack that some argue is is main downfall. The TCP/IP stack is highly versatile but can introduce latency and that is a major issue in SANs that want less than 5ms. This is what FCoE hopes to address.
iSCSI is relatively cheap to implement as almost any modern Gigabit network switch will work. Ideally the switch should support Jumbo Frames, though many system run successfully without this.
When the data transfer rates are very high and the packet rate on one or more switch ports may exceed the capabilities of the ASIC memory buffers and packets are dropped. Because this is a hardware failure; the packets don't 'get into the switch' and aren't logged . The only evidence is very poor disk performance at the server application and the SAN management reporting errors and lost packets (5-10%). Network Sniffers will show significant levels of retransmissions. This happens in one of the world's most deployed stackable switch that has shared and limited size ASIC buffers. In these cases the solution is to deploy switches that have significant ASIC memory pools such as the S60 from Force10. This eats into the budget and cost effectiveness of iSCSI.

Fibre Channel was designed for storage networking and doesn't have the protocol overhead associated with iSCSI. It was originally 2 and 4Gbps but now is available in 8 and 16Gbps, but in most cases bandwidth is not the limitation storage latency is and FC is very low latency transport system. The main concern often is one of cost and of training.

Firstly, the servers do not come with FC cards and each host will require at least 2 FC NICs from the likes of QLogic or Emulex and others. Then you will need a Fibre Channel Switch from the likes of Cisco or Brocade. Further if your infrastructure will have site to site SAN to SAN replication you may also need FC/IP gateways or iSCSI interfaces. VMWare now can provide replication at the host level negating the need for the Replication licenses.
Training should not be overlooked as the syntax of FC switches is different to LAN switches

Fibre Channel over Ethernet is an attempt by the Fibre Channel community to challenge the rise of iSCSI, by removing the dependency on FC networking components and running the FC protocol directly on the Ethernet. The has at least in theory a significant advantage over iSCSI. The ANSI standard was only published in May 2010 so this still relatively new.

This field is worth a lot of money and there are many players and niche developers in the market. The main enterprise players are EMC, NetApp, Hitachi and IBM. The middle ground is held by Dell Compellent, Dell Equallogic, HP Lefthand and HP 3Par. Other players out there are Coraid and a VMWare integrated product Tintri designed for high volume VDI deployments.

More than any technologies its all about finding the right partner and 'right-sizing' your vendor and partner. If you're a 10 man shop with a £20K budget there is no point going to one of the big-iron vendors. Also its very important to identify at an early stage the fork lift points for the product you're interested in. Don't agree to wonderful £/GB disk prices in advance. 3 years down the road when capacity prices are in pence per PB you'll regret it.

Probably the most important feature of any SAN is how easy is it to manage on a day to day basis, provisioning, maintenance, call home and what does the nitty gritty engineering CLI look like. You can save a fortune if your day to day operators can use it after half a days instruction from the Integrator. You may also be surprised at how few of these systems have detailed SNMP MIBS.

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

WAN Optimisation

Overview

With the ever increasing number of data centre operations; whether private or part of a Cloud service, office to datacentre communications are subject to significant latency proportional to the data path distance between devices. WAN Optimisers attempt to reduce the apparent delay by learning the data transmitted over the link and caching repeating patterns and sharing the cache between the Optimizer peers. When ever it sees a cache pattern it sends a cache index rather than the data string itself. The remote end reconstructs the true packet and send sit on. They also provide local TCP/IP acknowledgement so the server doesn't have to wait for the ACK packet to come back form the remote site. The devices have very large disk caches (either SAS disks or SSD) and usually large RAM and powerful CPUs.

The Downsides

Since they handle all the traffic on a link they become vital to the business. Most Optimisers have a failsafe option so that if the box crashes or loses power a simple relay allows traffic to pass through. However in many cases the latency across the link makes it unviable without the Optimiser. Also tracking problems using Network Sniffers can give the engineer a misguided impression because they are looking at a reconstructed data stream at one end and the original at the other; that during a problem may not be the same.

Invariably the solution to a problem is to restart the Optimiser service and in severe cases installing new firmware; alll at the same time as the business howling about the lack of service. However we generally can't live without them

The Market

Over the last 5 years several vendors have disappeared. Riverbed's SteelHead is till the market leader and is in the top right of Gartner's Magic Quadrant where they are joined by a relative newcomer to Europe Silver Peak and Bluecoat Systems. Other major players that appear to be struggling in this market as Cisco with their WAAS product that benefits mainly from their customer base and branding rather than the products competence, and F5 who sell a product on the back of their Big Iron load balancers.

Riverbed

Riverbed's SteelHead is the preferred product here in Europe; however there are significant concerns that the prospective customer must be wary of. Firstly their pricing strategy appears irrational and a product that appears to be prohibitively expensive can be acquired at more reasonable prices elsewhere or with a little persuasion. Secondly, their RiOS firmware releases are almost as numerous as Cisco's and can be seriously flawed. The jump from 6.5.1 to 6.5.4 for SMB2 support was particularly painful. The current version is 8.6.0a; the 'a' fixing a problem with E-mail Alerts. Since all the Steelhead models run the same code have a pair of small 250 or 550 running on a DSL link to test.

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Cisco Future

Overview

We have known Cisco, here in UK since the days when Chernikeef in Sunbury on Thames, and now part of Dimension Data, became the first Cisco reseller in UK and possibly Europe. Cisco have been there every step of the way for almost every development in networking. There have always been competitors and its quite an impressive list of companies that have fallen by the wayside or consumed by a more successful organisation. Including two of the founders of modern networking DEC and 3Com; the later whose management appeared to have no idea for a decade before being consumed by HP (having already absorbed DEC via the Compaq acquisition.

Over the years Cisco have produced a number of lemons and/but convinced us to use them; the Lightstream Catalyst kludge 8500; the Catalyst 4000-4003 kludge 4006; Call Manager V1; to name but a few. But generally Cisco are the Internet (with help from Juniper) and the backbone of the Enterprise and to the tune of the 'Star Spangled Banner' - well done and thanks.

Cisco covers the majority of the network and telecommunications bases and has the major market share in many. IT managers can successfully source most of their IT infrastructure, including server blade infrastructures from Cisco.

  • LAN Switching - Dominant position with nearly 75% of the US$16billion market
  • DataCentre Switching - Strong position in a US$8billion market with Nexus, but healthy competition from Alcatel-Lucent, Arista, Brocade, Extreme and Juniper as network managers care more for functionality than brand.
  • Enterprise Routing - Dominant position with nearly 75% of the US$1billion market, with the remainder shared between HP, OneAccess, ADTRAN and Huawei whose market share is growing over 75% year on year.
  • Internet Service Routing - Strong position with over 30% of the US$3.5billion market, with Huawei in second place with about 15%, the remainder include Alcatel-Lucent and Juniper.
  • Blade Enclosures - Have made major advances into teh enterprise space with their UCS and Flexpod solutions, but its all too unweildy for all but the largest institutions.
  • Voice - Strong position but with significant competition mainly from Avaya and a growing one perhaps from Microsoft Lync
  • Dealerboards - no presence
  • Videoconferencing - Dominant as recent acquisition of Tanberg leaves only Polycom as competition
  • SOHO - Minor presence with acquisition of Linksys, but behind the likes of Netgear, D-Link and Belkin

The interesting company in all this is Huawei, who used to make 'clones' of Cisco kit, and now make almost everything in the networking and telecommunications market and a lot more.
They are now very much reliant on their own Intellectual Property. In the last 10 years they have made serious inroads into the telecommunications market; circuit, packet and mobile networks, especially at the access layer.

Huawei are now making a concerted effort into the enterprise space and the posturing of US politicians and regulators may struggle to stop it. The growth of network and telecommunications the Asia Pacific will benefit Huawei more than others. Their layer 3 LAN switch product line out performs and undercuts that of Cisco.

As more corporate network engineers realise how good these products are technically and the finance departments become aware of the cost savings, there may be a tsunami of the scale that swept Novell out of the network server market.

Another factor that may affect Cisco is path taken by the Cloud power house; Google and social media company; Facebook. These organisations with their massive data centres have invested in software rather than hardware routing. SDN is gathering strength and the Open Network Foundation was created to form standards and promote interoperability.

Cisco in the LAN and Data Centres product stream have made significant progress with the new Nexus range, developed by the team that gave us the MDS Multi layer Fabric Switches so often seen supporting Fibre Channel networks. The much loved but bug ridden and allegedly single threaded IOS probably should have been retired a decade ago but no one had the courage to do so. The number of versions of the software for each product is mind-blowing and must be unmanageable. The code also grew massively in size for example 12.1 code might be 2MB and the 12.4 code for the same product may be 24MB.
Nexus Operating System; NOS has been crafted to look like IOS at the command line but is a different beast. The reports from the field are positive.
But will it be in time and will the products be keenly proceed to prevent Huawei from taking the business?

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Network Security Firewalls

Overview

Firewalls are on most business networks but in many cases they don't defend all the points of ingress or threat and in the vast majority of cases they're not managed or monitored. Except for the larger organisations most firewalls are installed and forgotten until that is they get in the way. Management and Log review is and remains a major challenge for effective security. Only Checkpoint and Palo Alto are in the top right box of Gartner's Magic Quadrant for Enterprise Firewalls, but we are often looking for something a little less rarified.

Cisco ASA

The Cisco ASA series is a typical product that gets installed everywhere because they're cheap, especially when compared to the Checkpoint, Juniper and Palo Alto products. However, it management and monitoring is rudimentary using the ASDM and monitoring the ASDM log is futile. Cisco used to have MARS an expensive and now expired product. Cisco recommend 3rd party products including HP ArcSight, TibCo LogLogic, netForensics, RSA, SenSage, Splunk. All of these are enterprise class products at significant additional cost, though Splunk has a free offering that can store up to 1GB of data (not long). The only products that are feasible for the SMEs are Sysloggers. The basic product doesn't have its signatures or firmware updated and the real inspection engine is a daughter card that double the cost of the base unit

These units have their place a simple filters on Internet access points with real firewalls behind them and or as VPN termination points (aka Cisco VPN3000) on a firewall DMZ. The ASA series supports VPN on a stick where the terminating VPNs can be configured to talk to each other through the hub ASA.

Juniper

Juniper bought the Netscreen security company many years ago. The current security product line is quiet confusing and seems to overlap. The traditional firewalls are the Secure Services Gateway (SG) series and the SSG5 (old Netscreen 5GT) is a home user product, through the SSG140 and SSG320 that are suited to reasonable size businesses and high bandwidth lines. The SSG20 is special as it can be provisioned with wireless. All the SSG series operate with same operating system and can managed through the same web GUI, the inbuilt log viewing is OK but a Syslogger is more useful. There is a central manager NSM designed for Enterprises.

The SRX Services Gateways series is similar to the SSG series but have added UTM which is an application aware inspection technology.

Fortigate

Fortinet was created by engineers leaving Netscreen as Juniper bought them. The Fortigate product line tended to follow the Netscreen line but the current product range looks highly developed. We have only direct experience with the older equipment. The units come in a variety of models that offer WiFi and DSL connectivity. The FG/FWF-40 and 60C models are ideally suited for most SMEs and are feature rich and very competitively priced. They can be configured from the command line, Web GUI or the FortiExplorer Windows application. Logging is internal or one of several Fortinet Log Management systems.

Checkpoint

Checkpoint is our firewall product of choice. We have been recommending FW-1 since v4.1 through to the current R75. We have used both the Secure Platform (SPLAT) Redhat Linux based distribution and the UTM-1 appliances. They appear expensive but the SmartDashboard et al management suite that comes with every unit is worth every penny. The 'Software Subscription' annual renewal costs are also expensive, especially if you have IPS 'blade' that is the component that provides the very/too extensive and granular Unified Threat Management features. The low end UTM-1 boxes are a disappointment when disassembled and you realise you're looking at a low end Laptop motherboard (SIMM RAM on either side) and a desktop grade Seagate IDE drive. We'd expect better but the part of the cost is the included software and these boxes are limited by system performance and not Checkpoints traditional limited by protect nodes license. These units are shipped with system configuration that impacts CPU performance that is completely wrong. Correcting this enables a low end UTM-1 device to run FW-1, VPN-1 and IPS blades that was our standard deployment.

Although the licensing remains Checkpoints traditional number of protected nodes based; that has ridiculous jumps in numbers and thus cost, SPLAT is the best platform for real power and for multiple interfaces. Even if you do stay with the single CPU Core license.
In our experience you have to doing something mental to max out a single core. A Dell, HP or IBM server platform with multiple quad port NICs is ideal.

The SmartDashboard (Policy Editor)and SmartView (Log Viewer) are still industry leaders and technically illiterate users will feel comfortable with them (Read Only!)in a very short space of time. The older UTM component SmartDefense (a Checkpoint oxymoron) has been replaced since R72 will the IPS blade that is very good.

There have been reports and demonstrations available on the web by Palo Alto staff that suggest that 'illegal' traffic can easily circumvent a Checkpoint firewall, while would always be blocked by their product. These may well be valid though its difficult to verify without a thorough audit of the test procedure and policies in place.

Palo Alto

Palo Alto are the new brash kid on the block. When they emerged they claimed all manor of achievement having designed their security platform from ISO Layer 7 (Application Layer) down; rather than the tradition firewall building up from ISO Layer 3 (Network Layer) using some version of IPCHAINS. However in practice they managed to get a lot of the basic systems wrong and they were very overpriced.

Palo Alto have sorted out the gremlins and have adjusted their pricing. Although we have yet to get our hands on one; several of our clients have been running them for over a year with very positive feedback.

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Network Security Wireless

Overview

Every office needs wireless access to at least the Internet if not also to internal systems for both Internal employees and guests. Something that was put in a convenience becomes mission critical when a multi-million dollar investment proposal is being streamed over the Internet via the WiFi in the boardroom. In the major of cases this is provided by one or more standalone WAP's and are configured to have SSID that identifies the business. It doesn't matter if its configured not to Broadcast this name or not as every wireless packet connecting to the WAP contains the SSID in clear (and many Windows devices broadcast out for every SSID they have configured to see if they are there too) so any WiFi Sniffer will pick up the SSIDs. We recommend not using anything to do with the company or its name in the SSID.

The next issue is the security passphrase. Most installers have gone away from using no security, WEP or the first version of WPA that are trivial to break, especially with a modern laptop. But even the second generation WPA2 which is much stronger is still exposed to a truth that the WAP is left on 24x7 365 days/year and the Pre-Shared Key / passphrase isn't changed from one year to the next. They are also normally conveniently short to make it easier for the users. There is no lockout for incorrect attempts and invariably no logging or monitoring. The WAP is accessible from floors above and below and probably outside. Also for convenience it may be plugged into the local LAN inside the firewall.

Often Guest WiFi is provided using a consumer grade wireless broadband router with trivial authentication. Your CFO and accounts team will love talking to the authorities and possible the press, about the Internet activities on the companies broadband!

Ideally all WAP's should be separated from Internal networks and Internet, by a firewall, unless the user access goes through some form of 2-factor authentication and VLANing. Proper centrally managed systems are the way to go but the major players like Aruba and Cisco have scared away many SMEs with their prices and complexity. Other vendors such as Ruckus and perhaps surprisingly HP have some very competitive products.

Even if you don't have a centralised system the passphrase should be changed at least every 6 months and it should be long and memorable; addresses, words from art posters anything longer than 14 characters.

While mentioning HP; they have a product that they have singularly failed to market properly in UK, the MSM317MSM317 Access Device. This device replaces a standard UK MK style cable outlet faceplate taking a single PoE feed and presenting 1 x PoE, 4 x 10/100BaseT and an IEEE 802.11b/g WiFi radio that supports up to 16 SSIDs and associated VLAN's. A relatively cost effective controller is also available; MSM720 Access Controller that supports 10 MSM317s with the standard license (expandable in 10s to 40).

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Voice Dealerboards

Overview

Despite the advances in Office telephone systems traders like the look and feel of the traditional traders Dealerboards. As a niche market the margins are high and systems can require significant investment. In the mod 2000s one of our clients installed one of the industry leading systems for about 60 staff. The back end system; the main processing, communications and line termination was over £40,0000 and each board was about £4,000. That's a significant investment to handle a few broker lines and hoot $amp; hollers. The main suppliers of Dealerboard systems include; BT, IPC, Etrali (now owned by Orange). In recent years other parties have come into this lucrative marker including Mitel, IP Trade and Speakerbus. These newer players have come to market with more cost effective and often feature rich solutions. The back ends systems are often a fraction of the cost of the traditional vendors and make use of telephony standards such as SIP that enhance interoperability with other systems.

Speakerbus iTurret

We have had direct experience recently with a Speakerbus deployment, that was in this instance integrated with an Avaya environment. The broker lines are handled by simple CAS/E1/ISDN30 SIP gateways at c£3,0000 each and each turret is also c£3,000. Each turret acted as an Avaya SIP handset and connected to each broker line by joining multicast groups. The management interface is a dream.

IPC Broker Line Service

Traditional dealing systems are/were connected to each other using private wires using a number of tradition telephony circuits and technologies. Originally, if your office needed 40 lines; 40 copper wire circuits were patched between your system, the telephone exchanges and the brokers. 5 Lines to brokers at Yelwoc Prime Financial meant 5 separate circuits. Eventually the brokers changed to using CAS and ISDN30 (UK/EU) where a single line could carry up to 20(US) or 30(UK/EU) voice channels. However if you wanted to talk to Yelwoc Prime Financial there had to have at least one CAS/ISDN230 circuit between the sites and if not we had to agree on a carrier; timely and expensive.

IPC have a EVS-Private Lines service that is good value, has really quick circuit provisioning turnaround (so quick they must pride themselves in stitching up the business voice engineers) and with great customer support to resolve communications issues. Each EVS client has ISDN30 lines between them and EVS. Provided there is capacity on the lines and your correspondent party is on EVS too; its a same day if not same hour delivery. All the world's Brokers and major financial institutions and most Hedge Funds are on it. Its also a GLOBAL service in most, if not all, financial centres. Highly Recommended

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX

Asterisk - The Open Source PBX

Overview

Asterisk was created by Mark Spencer while still at University in 1999 and it was soon released into the Open Source community. He went on to found Digium the major commercial entity and driving force behind Asterisk. There are literally thousands of developers and many more script wizards constantly developing and improving the system. Over the years Asterisk has moved through several bundles; Asterisk@Home, Trixbox and now 'PBX in a Flash'.

So why would anyone wish to support their business on an Open Source telephone system? Especially given the low cost offerings from major vendors: Avaya IP Office, Cisco Unified Communications Manager Express, Mitel. All produce small business products that are off the shelf, installable and supportable from a large number of partners throughout the world. Consideration might be made for the products in the tier below these such as: Fonality who used to provide an Asterisk bundle (Trixbox), Digium who are the 'fathers' of Asterisk, Aastra who make a range of products that are often used with Asterisk, and Shoretel.

All the above you would have installed and supported by third-parties. Going for a self-install Asterisk solution (normally a specific bundle) is a major decision and although it can appear to make savings, it might not be as much as you thought. The platform/server and the handsets will still be a capital expenditure. Man time will still be required. Savings are made in licensing, 3rd party installation and maintenance charges. Installing Asterisk yourself is about have control and choices with the phone system.

Before you start on a real system Plan and Practice. While it can be simple some awful errors can be made that are really difficult to resolve once the system is in production.
Nerd Vittles is an absolutely brilliant site that discusses the whole subject in detail and gives clear instructions. The platform of choice at the time of writing is PBX in a Flash, that permits various versions of the base asterisk to be installed.
Version 1.8 is the established release; version 10 should be avoided, version 11 is considered to the release of choice. Also avoid 64-bit and virtualised versions for any loaded system.
Establish a sensible extension plan that will allow your business to grow; if possible match with the external telephone number range. Ensure that it will not interfere with any 'special' extensions. External telephony may be provided by ISDN2, ISDN30 or SIP Trunks. Although the latter is quicker and cheaper; not requiring ISDN cards, the quality is still better on the ISDN lines and the cards can provide a clock sync source that can help stabilise some codecs and voice recording.

Top | Structured Cabling | Network Management | Virtualisation | WAN Optimisation |  Cisco Future  
Network Security Firewalls | Network Security Wireless | Dealerboards | Open Source PBX