O'Reilly Network    
 Published on O'Reilly Network (http://www.oreillynet.com/)
 See this if you're having trouble printing code examples

Eight Tips for Migrating to Enterprise VoIP

by Ted Wallingford, author of Switching to VoIP

Over the last few years, I've helped businesses of many sizes migrate to enterprise Voice over IP (VoIP), the extensive family of equipment and software standards that replaces old-school PBX (Private Branch Exchange) phone systems with a next-generation IP network that can carry voice calls. Old-school PBX systems, and home phones for that matter, use a plane of the global network called the PSTN (Public Switched Telephone Network), but the industry is moving everything to IP, and eventually, I envision the global network having just one plane--the IP plane. One network will do data communications--the same network that does voice.

The same transformation is beginning in the enterprise, too. VoIP is displacing traditional phone systems, and leaving in its wake a single converged network plane, all IP from end to end. This fabulous network engineer's utopia shouldn't be exciting just to network engineers, though. The move to converged networks is a crucial evolutionary step in business, no less important than the move from typewriters to word processors, or from file rooms to database systems.

But, just as in the early days of PCs and the internet, the business world has pockets of resistance to enterprise IP telephony--its mindshare in the enterprise space has been hobbled because enterprise decision makers would rather prioritize further development of existing database apps and text-messaging systems (like email) than integrate new voice technologies. The day is coming, though, when it will become too expensive to operate the old legacy telephone systems, and IT managers will retire them in favor of IP-based phone networks. Sure, there may be a few ancient Executone PBX systems clinging to life in ten years, just as there are still IBM system 3390 mainframes here and there today, but the trend towards network convergence is unmistakable.

To help you keep up with this movement, I've answered the eight most frequent questions that I'm asked by prospective VoIP adopters, and offer some advice to get you started on the path to enterprise VoIP.

1. VoIP phone equipment is just too expensive; why does it cost so much?

The way you look at VoIP devices like the Cisco 7960, pictured below, probably mirrors the way you look at other enabling technologies--things like operating systems, desktop applications, and your organization's communications network itself. You're either going to see these things as either as costly expenses ($300 used on eBay for a Cisco IP phone) or a bottom-line enhancement.

Like other infrastructural technologies, VoIP has the ability to enhance productivity by increasing the performance yield of your network. When you look at it from all angles, VoIP has a very strong value proposition. Sure, an IP phone costs more than an old-fashioned digital business phone, but it enables enterprise transformation in a way the old phone cannot.

Figure 1
Figure 1. The Cisco 7960 IP phone

This is because VoIP provides a platform where you can shape voice applications to get a perfect fit for your business: a flexibility that was never possible with old-fashioned, monolithic phone systems.

It's like the difference between the old MS-DOS operating system and a modern, feature-rich operating system like Windows XP or Mac OS X. Today, there are many ways to mold the OS and its applications around a user, or around a business process. VoIP is flexible in the same way, so its cost isn't the only thing to consider. It doesn't just replace the old phone system feature for feature, it augments and surpasses the old system by empowering businesses in new ways:

Interaction between VoIP phone systems and database applications is considerably easier, because they both operate on IP networks. When an incoming call appears on your IP phone, Outlook could automatically retrieve the contact record for the caller, based on the caller ID. This way, you wouldn't have to place the caller on hold to retrieve his or her relevant data. To record the VoIP phone call, you could use a piece of PC software rather than a bulky cassette or digital recorder device. Then you could listen to your voice mail using your email program, and respond to it by email, if you prefer. The point is: comparing a traditional phone system's cost to a VoIP phone system's costs isn't a fair comparison, because it doesn't take all of these things into account.

Finally, to minimize the cost impact of a big telephony investment, consider leasing VoIP equipment like servers and quality-of-service-enabled switches instead of buying them outright. Unlike PCs, which depreciate considerably over a short time and are replaced once every three or four years, business phone systems and network gear tend to last seven to ten years before being replaced, possibly making the lease option more appealing.

Switching to VoIP

Related Reading

Switching to VoIP
By Ted Wallingford

2. I'm afraid that once I switch to a VoIP-based phone system, my E911 dialing will stop working. How can I guarantee that E911 will be available in case of an emergency?

In May, the FCC mandated that all VoIP-based telephone service providers must route emergency 911 calls just as the incumbent phone companies have done for decades. But the technology used to route those 911 calls is different than that of a traditional PBX system.

On an old-school PBX, calls to 911 are routed out the local phone company's telephone lines, and the phone company handles the rest of the work. But because VoIP protocols have no built-in provisions for emergency signaling, folks who choose a VoIP server to replace the old PBX will have to do a few things: program their phone company interface equipment to handle 911 calls properly, or adopt a 911-aware VoIP service provider to connect their VoIP server to the outside world.

It's rather a myth that E911 "doesn't work" with VoIP. But planning for 911 capability is an important step that you don't want to skip when planning your VoIP rollout.

3. I've tried a VoIP service at home, and it had some quality problems. If my business switches to VoIP, will it have the same quality issues?

Because most home broadband connections don't support Quality of Service (QoS) technology (which prioritizes voice traffic over non-voice traffic in order to optimize your calling experience), Vonage, Broadvoice, Lingo, and other residential VoIP providers can't guarantee you won't have drop-outs or disconnected calls.

This is, coincidentally, the reason most businesses who use VoIP telephone service don't use Vonage, Broadvoice, or Lingo. Instead, they use VoIP providers who can provide guaranteed Quality of Service, like the local phone company or another local or national service provider who controls not only the VoIP service, but also the data connection that pipes it to you--usually an internet T1. XO Communications, SBC, and some other large phone companies have begun offering this type of service, and it's far superior to Vonage's broadband VoIP.

You've also got to consider the Quality of Service conditions inside of your own network--if you plan to use IP phones in your private network, all of your network devices must support a common QoS provision, like the simplest and most common: IP Precedence. A qualified VoIP consultant can audit your network devices to see if they have this capability, and program them to use IP Precedence.

For larger networks, more elaborate QoS measures are available. If you want to learn how to evaluate QoS capabilities yourself, I recommend my book, Switching to VoIP, as well as Cisco's hardbound Quality of Service.

4. My telephone consultant said VoIP isn't quite "there yet." Why should I make the switch to VoIP now, instead of waiting?

Usually, when a traditional PBX reseller tells you VoIP isn't there yet, it's because that reseller isn't there yet. The VoIP technology family is ready for prime time, and the industry has made a clear shift towards VoIP--enabling all of the new models of PBX equipment. Though still high, the cost of VoIP-only equipment is dropping, and over the next decade, IP telephony will displace traditional telephony. When this happens, there won't be too many telephone consultants left asking if VoIP is "there yet."

5. I've heard that I'll have to forklift all of my network equipment in order to use VoIP in my organization. Even if I can save on telecom expenses by switching, is it really worth it to lay out a bunch of cash for new switches and routers?

The answer to this question depends on how much VoIP you plan to implement. You can save money by switching your phone service to VoIP, while keeping your in-house PBX in the legacy realm for a few more years. You may also save money and gain features by migrating your in-house digital phones over to an all-IP Ethernet network. Sometimes, you'll save money with one approach, but not with the other. One under-hyped aspect of IP telephony is that you can migrate "a little at a time."

If you plan to go "all the way" (that is, IP phones on your LANs replacing all your organization's legacy phones), your networking equipment will need to be up to snuff. Switches and routers need to support quality of service (QoS) measures--special protocols whose goal is to ensure that the quality of VoIP phone calls never suffers because of a computer virus or spam swamping your network's capacity. The first step to figuring out how much new networking equipment you need, if any, is to audit the capabilities of your network's routers and switches. Such an audit will reveal the cost of converging your network and allow you to better justify (or rule out) a switch to VoIP.

6. Some people have told me I can save my company money by implementing an open source phone system like Asterisk or SipX, but I'm concerned about the security and stability of open source software. Are open source phone systems really comparable to the big commercial ones?

Many enterprise telecom admins don't even realize that a plethora of highly stable, open source telephony software exists. Ask a typical IT manager what he thinks of when you say "free VoIP software," and he'll probably tell you, "Skype," which is neither open source nor (completely) free. In response, I'll suggest a turnkey solution based on Asterisk, say. But since open source solutions have been stigmatized as insecure, unstable, and unsupported, the reflex reaction of my clients is, "Whoa, don't try to put that on my network."

Caution is helpful, but paranoia is unwarranted. If you have a qualified consultant or hands-on engineer build and maintain your PBX on a well-hardened Linux or BSD server, your phone system's central nervous system can be at least as stable as an old-school PBX chassis, and perhaps more so. With a reasonable amount of failover provisioning--i.e., hot-swappable hard disks (or a diskless, flash-based server) and redundant power supplies--a soft-based PBX can yield even higher hardware availability than a traditional commercial PBX system.

But all of this is academic, though. In order for an open source PBX solution to be stable, robust, and reliable, it needs to be built and maintained by a qualified support staff. That's a truth that applies to all phone systems, old and new, open source or commercial. Whether or that staff is in-house depends on how you do business, which leads me to question #7.

7. I've heard VoIP-based phone systems need a special skill set to support. Once I have migrated my phone system to VoIP, how much internal expertise is needed to maintain it?

If you think that supporting a VoIP-based enterprise phone system is going to be easier than supporting that trusty old AT&T Merlin, think again. The only characteristic of converged networks that makes then easier to support is the fact that they're entirely IP-based. There are no legacy protocols and interfaces to support like there are on a legacy phone system. Besides, that AT&T Merlin will never have the integration potential or future-proof personality of a VoIP system.

The challenge, then, is finding and retaining the expertise needed to support VoIP. Ultimately, VoIP skills will be standard issue with every IP network engineer. But today, the concept of convergence may be as foreign to a Cisco guy as it is to an old-school telephone support guy. As a consultant, I rarely encounter clients who have the in-house skillset to build a VoIP phone system from the ground up. They may have the legacy equipment knowledge, and they may have IP networking folks, but we're at an inconvenient nexus right now where good, fundamental IP telephony knowledge is just hard to find.

Without question, the availability of VoIP skills in the marketplace at this point is low. This may be at least partly to blame for the slow pace of enterprise VoIP adoption up until the last few years. Standards have been refined, and the first generation of VoIP expertise, which surrounded the outmoded H.323 protocol, has diminished. H.323 is being replaced by SIP, the signaling standard that has come to dominate the VoIP service provider business. Indeed, the Cisco IP telephony certifications of a few years ago are about as valuable today as that old, yellowing NetWare 3 certificate. Things have been changing quickly.

There is still much refinement yet to come from VoIP system manufacturers, too. SIP, the primary VoIP signaling standard supported by Avaya, Cisco, and the rest, continues to evolve, so the system you implement today will no doubt be patched, upgraded, or completely replaced by the time the standard is as mature as SMTP or the World Wide Web. The support expertise requirements will continue to change, too. The moral of this story is: keep your skills up to date or hire somebody who will.

8. I'm concerned that my VoIP telephone calls may be less secure than traditional phone calls, and that ill-intentioned hackers may be able to listen in while I talk. How to I prevent snooping?

It's probably easier to secretly listen in on somebody's PSTN-borne calls than on their VoIP calls. To snoop a PSTN call, all you need is a modified handset and access to a cross-connect point on the line where the call is happening. But to snoop the internet, where access control is tight and tends to be monitored a lot more closely than the neighborhood phone company's above-ground wiring block, the conditions must be very conducive to snooping.

First, you need software that can intercept and decipher VoIP codecs. Second, you need that software running on a host that's in the midstream of the call--on the receiver's end, on the caller's end, or on a PBX server in the middle. You need physical access to the IP "loop" carrying the call, to say nothing of the encryption measures that are available to fight snooping today.

The point is, snooping VoIP isn't really all that easy without privileged access to the VoIP network. Indeed, the VoIP blogs are abuzz right now with talk of how difficult it's going to be to comply with the FCC's mandate to allow wiretaps so that the FBI can snoop calls. This type of thing becomes infinitely more complex in the world of VoIP, where encoding schemes, encryption, and tunneling can make clandestine call monitoring nearly impossible.

Ted Wallingford is lead consultant and co-founder of Best Technology Strategy LLC, and is the author of O'Reilly Media's Switching to VoIP and VoIP Hacks.

Return to the O'Reilly Network

Copyright © 2009 O'Reilly Media, Inc.