Unified Communications Apps & Cloud Communications Forum 12-13-2013
- Issue #222
Unified Communications Apps & Cloud Communications Forum is an
Independent Forum on
Apps, Lync CEBP Apps, Cloud Communications,
OTT-Over The Top Apps
from Microsoft, Facebook, Google, Apple and other Communications,
companies and technologies.
Lync is a trademark of the Microsoft Corporation.
We can help in developing webinars, customer
studies, social media and sales, marketing
unified communications, cloud and other tech.
University's School of Computer & Information Sciences (SCIS) delivers
Bachelor's and Master's degrees, and certificates in various computing
and information fields. Degrees provide a comprehensive background on
computing theory, as well as, hands-on experience using computers to
Technologies is a premier Microsoft Lync Voice Partner as Microsoft
Unified Communications Partner of the Year for 2009, 2010 and 2012 with
over 800 UC Deployments.
SIP Trunking for Microsoft Lync Unified
help prevent your organization from such attacks at the network
perimeter, the security filter for the Microsoft Lync Server 2010, Edge
Server monitors sign-in attempts and enforces account lockout at the
is NOT a Microsoft Tag or QR Code, it is a
very cool Lync Protocols Poster.
suggestions, ideas and wish list for Microsoft Lync Server and
Client. This message is not supported or paid for by
advertising and other marcom options,
- Help Wanted - Situations Wanted
them and we will post them.
Technologies is hiring - click here
to the UC Apps & Cloud Communications Forum
As you know I am a total fan of anything security, so
when I dig deeper into Lync-Solutions security
solutions, it begs the question why doesn't every Lync deployment
with or without voice use both of their products. As they
say, "Compared to the costs and impact that occurs in less than
one hour of downtime, our Lync-Solutions security products for remote
and mobile workers literally pays for the investment very quickly. We
provide critical enterprise security solutions to protect Lync Server
from DDoS attacks, XSS attacks, malicious SOAP requests, and
unauthorized mobile device access. Our Security Edge Filter and
Security Web Filter products offer network perimeter security
solutions for enterprises. These solutions protect Lync traffic from
external attacks at a cost-effective price with business-class
support services. We look forward to working with you on protecting
your business, staff, customers, and reputation." I like
their products so much that I will be helping promote as well.
Our goal is to find UCaasS, Ucoms, CEBP applications,
solutions, tech, users and other content on Google, Apple, Twitter,
Facebook, Amazon, Oracle, Microsoft Skype/Lync, Kinect,SharePoint and others. We want hear from you
about great ideas on the www-wild wild web of internet communications
and online cloud, SaaS, smartphone apps and other hot tech solutions.
Send your ideas and products anytime.
Real Presence Gets Closer
teams together in a "visual virtual office" tool where they
can see each other and work together all day as if they were in the
same physical place. Teams, departments or entire companies that work
together on information-intensive tasks requiring a high degree of
both formal and informal communication are ideally suited for
Sococo's solution. For example, geographically distributed teams,
teams in multiple physical offices, team members who work from home,
teams spread out across a physical (often large) corporate campus, or
companies that interact with partners, suppliers or customers in
different locations will all benefit from Sococo's solution where you
can get "see" via icons and then via video teleconference
interact to get the job done without traveling there. The Sococo
approach supports the idea of "moving minds, not matter."
They also have a new starter program so you can try this for free up to six employees
and includes one conference room and one break-out room. Click on
image above for website.
Real Customer Case Study - The 85-person staff
of COLA (www.cola.org), a clinical laboratory education, consultation, and
accreditation organization located in Columbia, MD, is working
remotely for three months with the help of Sococo's virtual solution
while their traditional office space is renovated. The Sococo
platform has become indispensable in the company's internal
communications with their staff, and subsidiaries. Kirk Couser, CEO
of COLA's technology solution provider, NextLOGiK (www.nextlogik.com), has found the solution to be intuitive noting,
"The experience just makes sense. The iPhone and iPad apps are
fantastic and never skip a beat. Those I am meeting with never know
if I leave my desktop and switch to a mobile device, and the clarity
is better than if I was calling from my cell phone. I actually prefer
using Sococo over making a phone call because of the quality and
convenience of locating the person(s) with whom I want to
communicate." For many who were hesitant to go completely virtual, Couser says "Sococo has made the
difference in creating a very positive experience for COLA employees
as they work virtually and has created a sense of being together.
COLA has proven it's commitment to
excellent customer service while working absent from their physical
office - and sales are at an all-time high." Shown above
is the ability for up to six people to show their own desktops at the
same time. This makes collaboration really exciting where meeting
participants can "jump in" at any time which is even easier
than a F2F meeting. Note: Cola also uses Lync but with a few improvements,
Lync could be considered optional as Sococo has all the Lync features
and many more useful onesttom-line office
can be very significant and many of Sococo's early customers range
from small to mid-sized technology companies to departments and divisions
of large organizations working on product development, service
development, operations and help desk/support. Organizations that
have adopted Sococo benefit from decreased costs by extending their
physical offices into the cloud. This capability becomes particularly
important as commercial real estate costs soar. The price of an
office per square foot are often $20-30 but can be as high as $60 to
$70 annually in top markets like San Francisco, which makes it
difficult to cost-effectively support business growth. Also, by integrating multiple disparate tools that are
typically sold separately -- such as instant messaging, video conferencing
and screen sharing -- Sococo meets the dynamic needs of a team,
department or entire company without a time-consuming and complex
installation process. Nor do users have to keep up with maintenance
fees. Our own analysis is that companies can also increase the number
of staff by often as much as 40% by allowing more flexible working
Bottom-line - I am not convinced
that Sococo has solved the office presence issue; however, it is an exciting
approach that can help many organizations with improving both
communications and collaboration. By providing an interesting tool
when people are located anywhere and that is where we are all going
to allow people to work from anywhere we want or need to. If you want
to know more about working from anywhere get the telecommuting book
(click on image).
Gets RESTed - Provisioning Sonus SBC
1000/2000 through REST & PowerShell
Since release 3.0 of Sonus
SBC 1000/2000 firmware, REST license is free of charge and you can
use it for multiple scenarios. But what is REST ?
REST APIs are provided for developers who want to
programmatically integrate the Sonus SBC 1000/2000 into their
applications, and for administrators who want to script interactions
with the Sonus SBC 1000/2000.
One of these scenarios is script provisioning that
allows you to program multiple SBCs with same parameters,
in a one shot execution instead of having to program manually one by
one each SBCs.
This is often the case when you need to deploy multiple
SBCs in a same country, creating the same routing and transformation
tables manually each time.
Bottom-line - REST is becoming the
API of choice for new unified communications applications and new
MPLS-Multi-Protocol Label Switching - Push,
Click on image
for Flash animated-audio tutorial.
To begin with, IP-Internet Protocol packets may have a
number of labels or "tags" attached to them.
MPLS-Multi-Protocol Label Switching is just one type of label. In a
Provider Provisioned Virtual Private Network known as PWE3 or PPVPN,
there may be more than one label.
Here are some terms associated with labeling: -
Push - add a label - Swap - replace the label - Pop - remove the
label. As if one label was not enough, MPLS providers may add
These labels may exist within the MPLS providers network but may be removed or
"popped" as they leave the network to the customer premise
or "edge" or LER-Label Edge Routers.
A PPVPN control module adds "pushes" labels
and determines routing via LSR-Label Switch Routers where labels may
be "swapped" as they change or cross to other networks
called AS-Autonomous Systems. The term LVC-Label Virtual Channel has
been associated with this emerging concept. As long as each
MPLS provider or AS-Autonomous System communicates the value of
QoS-Quality of Service for the label to other MPLS providers and
routes it accordingly, each carrier can determine their own labeling
system. That is, if each AS carrier routers video as video or email
as email or other known rules, then the packets will be treated with
the desired QoS.
One Last Look
WebRTC Gets Real
As you know I teach
security and have written on HIPAA, so when I see an app
that "gets real" about user security I am all
in. CafeX has a WebRTC app that allows multi-media
interactions to be recorded to address compliance requirements
for the financial services and healthcare industries, such as the Dodd-Frank Act and Health
Insurance Portability and Accountability Act. Each
communication session is encrypted, and strict policy control ensures
that customers have access only to a pre-defined pool of enterprise contacts.
Here is more on their
app. Tablets and WebRTC communications both a natural for
users but increasingly required. CafeX Thrupoint software
developer kits web programmers can build WebRTC applications that
turn the tablet into a secure, powerful unified communications (UC)
These UC tablet applications can provide single-screen
access to a host of enterprise communications and collaboration tools
including voice, video, IM and text messaging, corporate directory
access, presence awareness and CRM applications.
They add, "if your customers could communicate
in real-time with your business using any device that supports a
WebRTC-enabled browser, with no plugin or client download required.
An external user could click on your website to initiate a video chat
with a customer-facing representative inside your enterprise who is
using a high-end Cisco Telepresence unit or perhaps a Cisco Jabber
video client. CaféX enables enterprises to leverage WebRTC in
innovative ways that link into their existing contact center and
customer facing applications. CaféX's APIs for WebRTC to SIP
interworking enable IT developers to rapidly build, deploy and manage
applications that enhance customer intimacy and work in unison with
existing enterprise infrastructures. Such applications can be
extended to existing contact center, CRM and sales force automation
Bottom-line - Both web apps and
mobile apps are required in nearly every business situation.
Web apps like legacy pcs dominate for a long time to come as not all
customer demographics want or use a tablet or smartphone.
WebRTC provides "common ground" for these devices
and underlying SIP protocols. Apps like CafeX help
give users multiple means of communications and most importantly
address security key to making apps work on all
platforms and users alike.
One Last Look Lync in One Box
As from other needed apps,
Sangoma is doing what it can to put Lync "all-in-one
box." Click on image for their website.
Part 2 -
Security Concern #2 - User Accounts Locked Out
Exposing Lync Server to the Internet to allow users to
connect remotely could result in a DDoS attack, impacting employee
productivity, resource availability if my Lync Servers get hammered,
and possible brute-force attacks on passwords-not to mention higher
volume of support calls as users call in to get their accounts
unlocked so they can do their work.
account lockout at the network perimeter by using Security Edge
Filter and Security Web Filter. They shelter your internal Lync
Servers and Active Directory user accounts from DDoS attacks.
Server when published to the Internet are
susceptible to many types of attacks. Without a solution such as the
Security Edge Filter and Security Web Filter, user accounts can
easily be locked out in Active Directory Domain Services, passwords
can be brute-forced, internal Lync Server resources can be consumed
unnecessarily by DDoS attacks, Lync meeting attendees can be hacked
by cross-site scripting (XSS) attacks, and many more attacks (SOAP,
XML, etc) as shown in the following figure.
the Security Edge Filter and Security Web Filters, attacks can be blocked
at the network perimeter as illustrated in the following diagram.
Solutions to Distributed
Denial of Services (DDoS) and other Hacker Attacks
Why are DDoS attacks disruptive to
Here are the most common reasons:
- Each failed authentication attempt counts in Active
Directory Domain Services as a failed login and locking out the account
in Active Directory Domain Services.
- It becomes trivial for a remote attacker to lock out
any of your Active Directory user accounts if the attacker knows (or
can guess) the account name.
- No credentials or privilege is required to mount a DDoS
- Locked-out Active Directory user accounts often
generate the largest number of support calls to IT.
- DDoS attacks can represent a substantial disruption to
users when employees are unable to reach the resources they need to
do their work while internal Lync Server resources are under attack.
- Organizations that allow employees to remotely sign in
to Lync Server from the Internet can be susceptible to password
Security Edge Filter is an application
layer firewall for Lync Server. It augments the Edge Server by enforcing a soft
lockout at the network perimeter to prevent account lockouts at the
Active Directory Domain Services. Security Edge Filter tracks failed
sign-in requests and block further sign-in attempts before the Active
Directory lockout limit is reached. The Security Edge Filter protects
the SIP traffic.
- Security Edge Filter provides an additional tier of account
- Security Edge Filter prevents password-guessing by
blocking authentication attempts after the number of failed
authentication attempts reaches a threshold.
- Even when the account is locked out by the Security
Edge Filter at the network perimeter, the user can still sign in to
Lync Server from within the corporate network or through a VPN. As a
result, the DDoS risk is substantially mitigated, with minimum
- Security Edge Filter can enforce that
remote users to sign in from a corporate-issued computer. By
blocking NTLM authentication, external users are forced to sign in by
using TLS-DSK authentication. It requires that a client certificate
be installed on the user's computer when it's connected to the
Security Web Filter is a Web application
firewall for Lync Server Web Services. It protects the Lync HTTPS traffic traversing the reverse
proxy. Similar to the Security Edge Filter, it protects against DDoS
attacks by enforcing a soft lockout in the network perimeter. The
Security Web Filter monitors Web traffic originating from the
Internet for potential attacks. In addition to Lync Web traffic, the
Security Web Filter can monitor authentication traffic from external
Exchange and SharePoint users.
The benefits are:
- Security Web Filter provides an additional tier of
account security, safely locking out the account at the network
perimeter without locking out the account inside the corporate
- Security Web Filter prevents password-guessing on the
extranet by blocking authentication attempts for that account after
the number of failed authentication attempts reaches a threshold.
- Security Web Filter monitors external traffic for XSS
attacks, SOAP attacks and XML attacks, and blocks those requests at
the network perimeter.
- The enterprise edition of the Security Web Filter
allows the administrator to block unauthorized Lync mobile devices
from signing in to Lync Server.
- When combined with the enterprise edition of the
Security Edge Filter, the lockout policy and logging can be centralized
with both products in a SQL database.
Top-10 Tips for #Hast Tags
Click on image for
One Last Look - WebRTC App
There has been much to do about Lync and WebRTC and real
customer applications. Here is just a simple example of a
customer situation and solution that we would all like to see from
all our browsers. This is from Bruce Marler's blog post (click
on image for Bruce's blog). He points out that "WebRTC now has over 1.2
billion endpoints enabled and is rapidly being
deployed as a mechanism to bring both voice and video collaboration
downloads) and also new unique applications to the
web (and example is SoundTrap which was demo'ed by Google at the
Bruce also added, "WebRTC enables what customers
and enterprises have wanted from the web for years, real time
customer engagement combined with the ability to pass real time
contextual data to allow for a higher percentage of first call
resolution by the contact center which in turn means a higher
customer satisfaction rate."
I like this simple way of presenting a problem and
showing the solution especially a mobile solution.
Bottom-line - whether you are a
browser fan or app fan, either gives users a choice on whatever
device they have. If you have other Lync, WebRTC, UC,
smartphone or specialty device like Kindle, etc., please send them
along as partners and users alike are seeking to do more.
- Affordable, Available, Actionable & Tax Deductible
Certification, Social Media Contact Centers, Sales Professionals and
Complete SIP Professional Certification Program
Lyncosphere - "Lync Visualized" is released.
on image for Lyncosphere (uses Flash)
After a lot of beta testing and feedback this new
microsite that is designed for indepth explanations and explorations
of Lync by providers of Lync solutions and applications.
Here are some view comments:
is an innovative way to help sales, channel and end users
"see" how Lync works. This really helps me
engage with customers faster and get solutions understood by all the
Matt Jolly - Senior Support Engineer Vology.com
"Lyncosphere visualizes how
Lync works and helps you understand which 3rd party Lync solutions
are available to provide additional functionality to your Lync
Rui Maximo - CEO Lync-Solutions.com
"This is a very good - well
done indeed, it would be of great use to both channel partners and
end users evaluating Lync."
GreenPublisher, TelecomReseller/Usernews Publications - The
World's Leading News Source for Unified Communications,
Collaboration and Cloud www.telecomreseller.com
Certified SIP Professional and
Senior Certified SIP Technical Professional Testing Now Available
Certification Corporation (www.certificationcorporation.com) is proud to announce the availability of two SIP
certification testing and online, online and webinar training
programs. The CSP-Certified SIP Professional certification is
designed to review and test general and some technical knowledge with
50 questions. The Senior Certified SIP Technical Professional
(SCSTP) examination is designed to
test advanced technical skills in SIP. The exam consists of 70
multiple choice and true-false questions. Both tests are
designed to help in planning, design, implementation, network
assessment as well as security, diagnostics and
Some though certainly not all of the topics on the
Senior Certified SIP Technical Professional examination include:
CODEC, DSP, Clipping, dipping, Queuing Delay, Network Propagation,
Serialization, Buffer Delay, Fragmentation, Interleaving, Voice
Payload, HSRP, Adaptive Jitter Buffer, Oversubscription, Voice
Activity Detector, White Noise, Comfort Noise, Noise Detectors, MOS,
E-model, Nyquist-Shannon, Framing, PCM, ADPCM, DSP, CODEC sampling,
Transcoding, Tandem encoding, Echo, Echo Loss, Short Tail, Hybrid,
SNR, CNR, RFI, Crosstalk, Shared Neutrals, RTCP-XR, SRTP, MD5, CMP,
POE, 802.1P, ALG, MSRP, IMS, WebRTC-Apps, SALT, SAML, Voice XML, RPC,
BICC, ISUP, IP Multimedia Subsystems and other topics.
you need iPhone, iPad, Android or Windows phone apps custom built for
your business applications or new ideas, we have proven experience
and U.S. based product/project management. Click on image for
Click here for TECHtionary -- World's First and Largest Animated Library on
Technology with more than 3,015 animated tutorials.
Lync is a Trademark of Microsoft. Unified
Communications Apps & Cloud Communications Forum is an independent
Training and other Marcom Programs, call 303-594-1694 or click here.
The User Forum provides classroom and webseminar training as well as a
non-production environment for those IT departments without additional
equipment, budget or time. This allows planners
and users to test ideas, dial in and dial back out, IM file transfers,
remote desktop sharing, video conferencing, run scenarios, review logs,
break linkages and learning about new telephony features and network
access. The User Forum is also designed for both the system
integrator/consultant who wants to learn about tech without having to
build their own system as well as the enterprise customer who doesn't
have the time, resources or knowledge to develop one. Coming soon,
User Forum Labs are designed to be "hands-on" or
"over-the-shoulder" with experts available for Q&A and
classes for feature-specific review.
About User Forum
The User Forum is a vendor-independent laboratory environment designed
for learning, technical guides, knowledge resources and online
"live" services. The User Forum provides planning, project
management, consulting, training, case studies, white papers, speaking
engagements, market/customer research, network planning and other
Click here to contact.
(c) User Forum - all rights reserved.