Rogers announces HSPA+. Wireless data at 21 Mbps

I was talking with a client yesterday about Rogers and he mentioned that Rogers recently announced a new high speed data network called HSPA+ (High Speed Access Plus) was being introduced to Canada. It’s true !

Starting in August, Rogers will increase its download speed to 21 Mbps in the Toronto area, and will quickly expand to other cities in Canada in the coming months. Rogers is the first carrier in North America to launch HSPA+. These speeds are significantly greater then the speeds offered by both Bell and Telus, and will catapult Rogers in the cell / data race in Canada. 21 Mbps is significantly greater then the speeds I am getting off my DSL connection at home (3 Mbps down), and even faster then we’re getting at Digitcom (8 Mbps). And these are both wired connections.

Bell recently started an ad campaign showing how their services are less then Rogers – and you get more bandwidth and cell time for less $’s.

Not only is Rogers the only carrier in Canada that can sell the Apple iPhone, but, now has wireless speeds that dwarf Telus and Bell’s. Funny how that doesn’t show up in the Bell ad !

Alcatel Lucent report profit of $19.7 Million

Not much profit for a Multi Billion dollar corporation, BUT, at least they are now profitable. They have had a loss for the last 9 consecutive quarters, ironically, their first profit comes in the midst of a recession. Alcatel Lucent, created in a merger between Alcatel from France, and Lucent from the US in 2006, is one of the world’s largest Telecom companies. (Incidentally, Lucent split into Avaya and Lucent in the early part of this decade). Hopefully this is a positive sign of things to come, not just from Alcatel Lucent, but, from the Telco space in general

Road Warriors Beware – you will never escape your office phone ! Is that good ?

One X Mobile

You will never escape your office phone. Is that good ? I guess that depends on when you ask me !

One of my favorite (and loathed at the same time) telecom features is mobile twinning. At Digitcom we sell and support a few different phone systems, and on my desk I happen to have an Avaya IP Office 5420 digital set. The phone, and phone system support a feature called Mobile Twinning, sometimes known as Extension to Cellular, One X Mobile, or a variation of sorts …

Essentially, when you call my desk set my cell phone rings at the same time. When I answer my cell phone my desk set stops ringing, and when I answer my desk set my cell phone stops ringing. If I answer my cell phone I can go back to my desk, press my “twinning” button, and pick the call back from my cell to my desk. AND, if I answer the call on my cell I can hit “**”, and enter another extension to transfer the caller to another extension in the office. I use this feature all the time – it’s essentially changed the way I work, both from within the office, and especially, out of the office. I bring this up because I’m just getting back from a short vacation and for the first few days I left my office desk set on TWIN mode. Much to my wife’s dismay I answered some work calls on my cell, and needless to say, I had to call into the office after the first few calls to “untwin” my desk / cell (by the boss’ orders).

It wasn’t that long ago that Digitcom sold in building mobile solutions. Although we still do sell in building IP Dect and mobile type solutions, we are selling much less now that twinning is available. Avaya’s in building solution is the IP Dect. This solution, for 5 base stations, 5 sets, could sell for $7,000 or more once you install, cable … Alternatively, you could purchase a license with Avaya (called One X Mobile) at $80 / user, press your mobile button on your desk phone, and MAGIC, they both ring simultaneously. No wiring, no base stations, no installation. The only downside though is that you are now using your cell air time.

Of course there are other ROAD WARRIOR options and these include: soft phones, remote desktop connectivity, IP desk sets, VPN phones … and I will review these in a separate BLOG at a later date. In the mean time, my cell is ringing and I gotta go !

More: Isabelle Guis, who leads the Avaya Product Marketing and Go-To-Market efforts in the Small & Medium Enterprise space, just wrote a really great blog titled: How small businesses can empower their teleworkers.

The Nortel fiasco continues – what took so long for the Cdn. Government to wake up ?

What on earth took so long for the Canadian Federal Government and RIM to wake up and realize that Canada’s prized telecom assets were up for grabs ? The Nortel bankruptcy fiasco has been going on for 7 months. Nokia Siemens offer for the CDMA business was made 2 months ago, and RIM and the Government decide at the last minute, almost after the point where it is too late, to make an issue of these assets.

I’m figuring that both Tony Clement, and Jim Balsille are both smart business minded individuals and savvy negotiators; Both well aware of the deadline, both well aware of the consequences of selling these assets to a foreign firm, yet, both decided to leave this discussion to after Friday’s deadline. Assuming that both are smart, and knew what they were doing, I suspect that these discussions were purposely left until the deal was closed, and winning firm decided.

Now that Ericsson has won the auction: What is RIM looking for ? What is the Federal Government looking for ? I suspect they are both trying to wring some concessions from Ericsson.

RIM could be looking for some of the tax losses, R&D tax credits, or, most likely, patents.

The Government – they want to guarantee jobs of course, but, they probably don’t want to provide the $300 Million EDC loan to Ericsson – the same loan guarantee they offered to Nokia Siemens. Ericsson is asking for it. Now, how can the Government get out of it ? And in the mean time, Ericsson is asking for Canadian money to finance Canada’s assets. You don’t think part of Nortel belongs to Canadians ? Think again. We should add up how many $’s Nortel has received over the last century – R&D tax credits, EDC loans, payments; This isn’t just a Canadian company – it’s partially a company belonging to Canadians.

These last minute poker tactics might work, but, at what expense ? Change the rules enough and Ericsson might walk. Where does that leave us ? What other Canadian company can come to the table when / if Ericsson walks ?

On a completely unrelated topic, I’m typing this email on a airplane on my way back from Denver. The lady in the seat sitting next to my 11 year old son is watching a very inappropriate movie. My son keeps looking over (I’ve now switched seats with him), but, my question is: shouldn’t the airlines better screen this public content ?

How to lock down your border router in order to avoid security breaches

This is a guest post posted by one of Digitcom’s Cisco techs and is of a more technical nature. The discussion is on How to lock down your border router in order to avoid security breaches
Cisco Premier

Cisco Premier

These tips are very important to follow, especially on routers that are on the border between the external and internal network. Here are some tips that I’ll put in bullet form to make it easier to read. I’m doing this in parts because it’s quite a lengthy process to lock down your router….IF you’re not using SDM (which does a one step lockdown). Here is the first part:

* Shut down any unused interfaces. What’s the point of leaving them “up” if you know they are not being used? It’s just one less thing someone trying to breach your network can try. Just make sure that the interface is indeed not being used….otherwise you might start getting phone calls asking you why a branch office is down. Go to the selected interface and type shutdown.

* Turn off cdp. – Have you ever taken a look at a “show cdp neighbours detail” output? It provides quite a bit of interesting info….two of which are dangerous for unauthorized users to know….IP address and what kind of IOS version the router is using. All this person has to do is Google for vulnerabilities and the ios version they saw in the output and use that to their benefit. You can disable CDP either globally on the router or by interface. I suggest disabling it globally. Use it if you have to troubleshoot something but do not leave it running 7 days a week 365 days a year, 24 hours a day. To disable it globally, enter in config mode and type no cdp run or disable it in the interface you wish with no cdp enable.

* Turn off bootp – In config mode type no ip bootp server.

* Turn off tftp download of boot network and host files – You don’t want your router picking up unwanted configs form anyone that has set up a tftp server do you? In config mode type no service config.

* Turn off tcp small servers – There are tons of ways to get a router to stop…one of them with the chargen attack. This can get your router’s CPU running to 90 percent or more. This is just ONE of the attacks that can be done to the router if the small services are enabled. Turn off all tcp and udp small services. Most of them are not even used anymore anyways….so go ahead and do that. In config mode type in no service tcp-small-servers and do the same for UDP with no service udp-small-servers in config mode.

* Turn off ftp service if your router’s IOS has this functionality. Do the no ftp-server enable command in config mode.

* Turn off tftp services. To disable the tftp service on your router do the no tftp-server command in config mode.

* Turn off ntp on unwanted interfaces. For disabling on the interface do the ntp disable command.

If you do want to have remote connectivity to the external interface you should, first, disable telnet and enable SSH. To do this follow the steps below

* Start in global configuration mode and give your router a hostname.
* Create a DNS domain
* Generate the SSH key with the crypto key generate rsa command
enable AAA with aaa new-model. Then create a username and password with the username (name) password 0 (password) command
* Configure SSH maximum authentication retried before the connection is cut off. This is done by issuing the following command: ip ssh authentication-retries 3.
* Have the connection timeout if inactive for a certain amount of time (in this case 60 seconds) with the ip ssh time-out 60
* Go into line configuration mode and type transport input SSH
Then connect with Putty to your router`s IP address and test it out. You should get a pop up message from Putty talking about the new encryption keys for you to use. Just click on ok and a prompt should come up on the terminal asking you for your credentials.

Well, this just about covers basic security lockdown for your border routers. You might not want to do all of this on your internal routers since some of these services are needed for internal operations. One thing though……always use SSH to connect to your devices.

Next week we’ll be discussing border router security a little more in-depth with the Cisco IOS firewall feature set.

The dismantling of a Telecom Giant – Poof – Ericsson takes a slice out of Nortel

One more candle down. And Canada won’t be celebrating. A shame really. Nortel has been Canada’s Telecom’s gem for decades, and not that long ago, Canada’s business gem. Now they are almost gone; Quite the fall from glory. They had a market cap of $350 billion just 10 years ago, and now, POOF.

Well, business is business, and I don’t want to lament on the outcome. Nortel has unfortunately been a victim of their own demise, and now it looks like Ericsson will end up with Nortel’s crown jewel – the CDMA business, which they acquired through a court monitored auction on Friday for $1.13 Billion. There were 3 bidding firms: Nokia Siemens, Matlin Patterson, and Ericsson. $1.13 Billion was almost double the initial offer made by Nokia Siemens, which demonstrates that there is value in Nortel’s assets. It seems like Ericsson came out of left field – they weren’t even mentioned until very late in the auction process. Ericsson and Nortel were aggressive competitors with Nortel the predominant North American CDMA player. This will certainly help Ericsson solidify their position in the market.

The next candle to fall will be the Enterprise business. Avaya submitted their initial bid last Monday for $475 Million, and there will no doubt be more bids.

Avaya IOC Council meeting in Denver – definately headed in the right direction

I just finished 2 days of meetings at the Avaya office in Denver. I sit on the Avaya IOC advisory council which is comprised of approx. 15 dealer principals that get together approx. every 6 months to review Avaya product, direction, thoughts, and general best practices. I left the meeting very encouraged and motivated.

avaya_logoAlthough I am sworn to secrecy and certainly can’t share product or company direction, what I can say is that Avaya is definitely headed down the right path. The Avaya folks were extremely passionate, knowledgeable, and had an excellent sense of the product, their position in the market, and the where they needed to go to keep both the company, and their products at the top. One of the other by-product benefits is that you get to share ideas with other like-minded dealer principals. Looking forward to the next meeting – it certainly helps that it will probably be in Florida in January.

I now get to relax for the next few days and take in some of the Colorado outdoors; horseback riding, white water rafting, and mountain climbing.

Will the New iPod Touch Jump-Start VoIP?

There’s growing speculation that Apple could soon introduce a new iPod Touch with a microphone and 64GB of memory (Andy Abramson has a good blog post about it.)

If, in fact, this materializes, it would have a huge impact on VoIP usage by potentially adding millions of new users overnight.

A VoIP-friendly iPod Touch will drive more users to applications such as Skype and Truphone, and likely see new players such as Google Voice enter the market.

For many people, a voice-enabled iPod Touch will be the perfect companion for a cell phone. They woudl use the iPod Touch to listen to music, watch videos, play games, engage with social media (Facebook, Twitter), and make phone calls when they’ve got good Wi-Fi access.

An iPod Touch with VoIP will also be a nice fit for people who want more than just an iPod (music, videos) but don’t need an iPhone and the associated data plans that go along with it.

To make the iPod Touch even more irresisistable, all Apple needs to do is add a camera.

For more thoughts on a new and improved iPod Touch, check out Wired and TechSpot, which suggests it could revitalize the iPod portfolio and possibly cannibalize iPhone sales.

Avaya’s new web based call center app – Customer Call Reporter. A “paradigm shift” in call center Apps

I recently had an opportunity to spend some time with the new Avaya CCR (Customer Call Reporter) call center reporting (real time and historical) package.

On first glance I really like what I saw – impressive for a “controlled release” version. One of the biggest improvements is ease of installation and deployment. Instead of the usual delta server with CCC which could take upwards of 4 hours to load (or longer), the new CCR is an entirely web based application which loads, and configures in 1 to 2 hours . The web piece will of course simplify future management, debugging, upgrading, and supporting of CCR. And best of all, the app worked on my Mac. This is the 2nd all-new application that was not available before IPOffice’s release 5 software, the other being One-X Portal.

The Mac thing is not something non Mac users will appreciate of course, but, I’m always forgoing programs because they just don’t work on a Mac.

Entering information info the web browser was very quick and responsive, and, quite surprisingly, I used the app for about 1 hour and it didn’t crash!! The review is really based on 1 hour of play time, and I will write an update in a couple of weeks once we have installed our first client site, and I have had more time to play with CCR.

Like its predecessor, CCR will provide real time monitoring for both Supervisors and Call Center Agents. The Supervisor can program up to 3 real time views of their call center, and the agent can log in, select a Supervisor, and then view the stats for themselves and the queues that they are a member of. Apparently it is possible to set-up 100 variations of queue and agent stats, but I only entered 10.

Like CCC, CCR will support alarm monitoring, and these alarm stats are viewable in the historical reporting.

The historical reporting is also browser based – it works really well. You drag the report from the left hand side of the screen into the report type, choose your filters, hours… and VIEW. Although the system only shows 6 reports on the left hand side, it is possible (apparently) using the filters to produce 100 different reports.

One shortcoming is the inability to report call center stats across multiple IP Offices. This will be coming in a future release.

Overall, CCR is definitely a step in the right direction. The world is moving to cloud computing, HTML, browsers, and this product follows in those steps.

Hacking proxy servers, corrupting DNS. What to watch out for in VoIP security

A client asked me a question on VoIP security so I thought I would address the basics on the topic in a BLOG post.

The purpose of this blog is not to make the reader an expert on security issues, but to raise awareness on the issues of VoIP hacking, denial of service, and ‘sniffing’. In addition, one other area of concern is in the area of SIP trunking. A quick explanation: SIP trunking lets you bypass the public switched telephone network (PSTN) and use your Internet connection to link to a VoIP service provider. Unfortunately, given the open nature of SIP endpoints, there are tools out there for attacking SIP endpoints. Both SIP trunks, and SIP endpoints need to find a way behind the network firewall.

The traditional PSTN network was designed based on trust – only a real phone company had a phone switch. No authentication is done on information from other switches – even things like caller ID. That is why the PSTN network is quite secure. Certainly, there are issues like toll fraud; however, the PSTN network is accessed via DTMF (dual tone multi-frequency – i.e. touch tone). The VoIP world, which also uses DTMF, is also accessed through the network – a much harder element to control.

In a SIP mode, call routing is partially controlled by the DNS. Is it possible to corrupt the DNS? Under certain circumstances, it isn’t that hard to do. By creating fake DNS entries it is possible to reroute the call to go via an intercept station. Moreover, link eavesdropping and DNS attacks are straightforward. The task is easier here; proxies don’t (usually) move around. VoIP providers are high-value targets since they process many calls.

Is it possible to hack the VoIP proxy servers? Certainly — why not? Conventional phone switches can be (and some are) hacked, but there is a big difference: the attacker can speak a much more complex protocol to a SIP switch than to a PSTN switch, which means they are more vulnerable. It is hard to do too much damage with just a few touch-tones! It is hard to hide an IP address. Why? Because the legitimate recipient sees the sender’s source IP address, and this leaks location data.

Again, the purpose here is not to make the you an expert on VoIP security issues, but merely to raise awareness of these issues and ensure that they are addressed as part of the network and security design. In addition, keep in mind as you assess which direction you wish to head in that the security issues in the VoIP world are much greater in the SIP trunking, and SIP endpoint side, i.e. the hosted PBX and Hybrid mode (which I will address in another BLOG posting). VoIP endpoints connected to an internal traditional circuit switched phone system where all phones sit behind the firewall does not carry the same security risk since these IP-based endpoints must be VPN tunneled into the network. This is an IMPORTANT POINT TO REMEMBER!