(c) SIP, Unified Communications Apps & Cloud Communications Forum

July 25-2014 - Issue #254


Selling SIP, Unified Communications Apps & Cloud Communications Forum provides thought leadership on SIP, Unified Communications Apps, Lync CEBP Apps, Cloud Communications, 

OTT-Over The Top Apps from SIP Trunk Providers, Network Providers, Microsoft, Facebook, Google, Apple and other Communications, Mobile, Contextual-Intelligence and other communications companies.

Microsoft Lync is a trademark of the Microsoft Corporation.  


700+ Companies

Twitter Scoreboard for Tech
60 Companies in Lync alone
How do you score against your competitors?
More than 700+ companies are listed and more added all the time.







The Twitter Team was formed to help customers gain and retain Twitter followers but more importantly help customers achieve their sales and marketing goals via Twitter.


We have provide proven "actionable" performance gains in terms of revenue, reduced sales cycle, improved customer satisfaction and "thought leadership" to name a few of the benefits.

Click on image to get help and more details on The Twitter Team.






We can help in developing webinars, customer studies, social media and sales, marketing

for  Lync, unified communications, cloud and other tech.


Click here



Add Ad Here 

click here for rates. 




Enabling Technologies is a premier Microsoft Lync Voice Partner as Microsoft Unified Communications Partner of the Year for 2009, 2010 and 2012 with over 1,000 UC Deployments.














To help prevent your organization from such attacks at the network perimeter, the security filter for the Microsoft Lync Server 2010, Edge Server monitors sign-in attempts and enforces account lockout at the network perimeter.  


Lync Protocols Poster

This is NOT a Microsoft Tag or QR Code, it is a very cool Lync Protocols Poster. 







Your suggestions, ideas and wish list for Microsoft Lync Server and Client.  This message is not supported or paid for by Microsoft.     



more than 3,000 Free animated tutorials in tech at   


For advertising and other marcom options,

Click here  

or call 303-594-1694






Jobs - Help Wanted - Situations Wanted 

Send them and we will post them.


Enabling Technologies is hiring - click here for jobs





Join Our Mailing List


Welcome to the SIP, UC Apps & Cloud Communications Forum  


<<<<<<<Check out our new Twitter Scoreboard for Tech - with Twitter as one of the new metrics for customer interaction and support, many new surveys indicate that people go to your Twitter account before they go to your website.  Because gaining followers is a voluntary one, it is a good measure of "good will" you have in the marketplace you serve.  If you are missing or miss-categorized, let me know and we will fix. 


https://origin.ih.constantcontact.com/fs179/1102578441475/img/2773.jpgAre you on Twitter?   Follow us @techtionary and we will follow you back and if you need help Twittering click on the image for the Twitter Team. 




Lync SharePoint SmartCard Security Link 

Smartcard issues are on the rise as companies like Target seek to prevent "never happen again" hack attacks and users seek to protect themselves again loss, disruption in their banking and identity theft. The key point is that smartcard technology is being mandated which will shift the blame to the retailer or others not the banks. If you remember the Target attack came via the credit card swipe POS-point of sale device not through the backdoor to their IT systems.  https://origin.ih.constantcontact.com/fs179/1102578441475/img/2832.jpgSmart cards are really designed to reduce credit card counterfeiting not fraud. According to CNBC, "Smart cards are far more secure than traditional credit cards, which store account information-unencrypted-on a magnetic stripe. These next-generation cards encrypt and store that data on an embedded microchip that generates a new code for each transaction. So even if your credit card number is stolen, it's nearly impossible for a criminal to create a counterfeit card."  This does not make them fraud-proof just more fraud resistance like differences in fire-resistant and fire-proof can be significant.  


https://origin.ih.constantcontact.com/fs179/1102578441475/img/2826.jpgAccording to many security experts, a 2-4 Level security system based on where you are, something you have, something you know and something you do is still an important step.  From AGAT and their LyncShield addresses many of these security concerns and more.  Many organizations with high security requirement use smart card or token for network login. In these networks, users do not have a username and password for Active Directory. SharePoint Access Control allows the usage of SharePoint without the need to manage Active Directory credentials. With the dedicated login solution, the user logs into the Access Portal, authenticates with his smart card from his network computer and creates dedicated SharePoint credentials for use on the mobile device/ external laptop / desktops.


As they point out, many organization that use a smart card or smartcard for login do not have a username and password for Active Directory. The AGAT LyncShield allows usage of Lync without the need to manage AD credentials. With the dedicated login solution, the user logs into the Access Portal authenticating with their smartcard from their network endpoint and creates dedicated SharePoint credentials for use on their mobile device.  Click on image for website.https://origin.ih.constantcontact.com/fs179/1102578441475/img/2827.jpg

Active Directory Account Lockout Guard

Account lockout can be a result of two scenarios:

- User has changed the Active Directory password but did not change the device settings, so the device keeps trying to authenticate with the old password. An attacker that has the username (without the password) tries to login several times SharePoint Shield solves this issue by blocking false attempts at the gateway level. Publishing SharePoint to the internet exposes your network to Dos (denial-of-service) and brute force attacks. These can cause your network to become unavailable and cause significant business damage. The SharePoint Shield blocks these attacks on the gateway level by configuring a block failed login policy thus blocking the attack attempts from reaching the Active Directory.

Device Registration Options

- SharePoint Access Control for Two Factor Authentication

- SharePoint Access Control supports various enrollment options:

- Two-factor authentication using the smartphone as something you have and the password as something you know.

- Self-service access portal to support two-step registration of users.

- Admin auditing and control tools for approving devices.

Multiple enrollment options

The Two Factor Authentication is available for specific third-party SharePoint clients

- Automatic Registration - A device is registered the first time a user connects to SharePoint. Once registered

- SharePoint Access Control then verifies during subsequent synchronizations that the operation is in fact performed from the registered device. Any attempt to connect with the user's credentials from a different device will be blocked.

Key Benefits

Access Control - Two Factor Authentication - This option employs a tighter security approach that requires the user to first register on a dedicated Access Portal and then connect within a short period of time (defined in portal configuration) in order to complete registration.

Admin - LyncSharePoint Shield includes an admin website "Access Portal" for tracking the user registration process, approving blocked users, deleting users, changing registration site settings and more. For enterprise installations with multiple domains, the admin site can be managed separately for each domain, allowing each helpdesk to manage the users in its domain.

User Experience   

Smartphones and personal computers can connect to Microsoft Lync server using the Lync client. While connected sensitive information is exposed requiring the organization to take precautions. Companies realize that securing Lync connectivity is as important as securing remote access, since smartphones can be used as a tunnel into the corporate network. Lync Shield is specifically designed to address the complex security needs of today's mobile enterprise.  


Bottom-line - Forget timid hackers when these storm troopers take aim at Lync it won't be for access to toll it will be to access corporate data for gain or pain.  Either way expect the worst with BYOD as they are really just like POS devices giving hackers a way into your bank account 



 Lync Seamless PBX Integration via CSTA 

https://origin.ih.constantcontact.com/fs179/1102578441475/img/2831.jpgRecently ShoreTel announced Lync PBX integration via CSTA-Computer Supported Telephony Applications server.  Click on logo for article.  As they say, "This enables end users in organizations that have already deployed Microsoft Lync to continue using Microsoft Lync, while taking advantage of the rich functionality in the ShoreTel UC system."

- Remote Call Control: Once integrated with the ShoreTel UC system through the ShoreTel CSTA Server, the Microsoft UC client can control any telephone (analog or IP) connected to the ShoreTel system and trigger telephone calls by clicking on the contact name in the Microsoft UC client.  Also supports Lync screen popup for incoming Shoretel calls.
- Telephony Presence: A Microsoft UC user can now display telephony presence in addition to instant messaging (IM) status to all their contacts, including those in outside organizations federated with them. RCC-enabled Lync users can now "pin" their contacts and call them as soon as they receive notification that they have become available.

Background on CSTA-RCC

RCC-Remote Call Control also known as third-party call control is provided by CSTA-Computer Supported Telephony Applications.  CSTA was developed by the European Computer Manufacturers Association (ECMA) and subsequently was formally standardized by the ITU-T, incorporating the Switch-to-Computer Applications Interface (SCAI).

CSTA is an OSI protocol stack that provides an open system interface to a PBX-Private Branch eXchange, ACD-Automatic Call Distributor or CO-Centrex central office switching.  CSTA uses, among other technologies, SALT-Speech Application Language Tags specification and its SMEX-Simple Messaging Exchange element, telephony call control capabilities in MSS-Microsoft Speech Server to allow a developer to create sophisticated telephony-based speech applications that can exploit both basic call control services such as ANI-Automatic Number Identification (caller ID) and DNIS-Dialed Number Identification Service (800), using the included basic call controls, or extended call control services, to create custom call controls. 
Click on the image for an animated tutorial from Lyncopshere


This is just one example of CSTA.  For example, the Lync-OIP program is designed to provide PBX implementation/integration in the following configurations:
1 - Standalone via gateway
2 - Standalone via direct SIP
3 -  Co-existence via dual forking      
     - Direct SIP + PBX is qualified against Microsoft Dual-forking specification
4 - Co-existence via dual forking with RCC-Remote Call Control      
     - PBX supports Dual forking plus RCC-Remote Call Control and       
    - CSTA-Computer Supported Telephony Application

Bottom-line - Why throw out what you like but add the features you want.  This gives you both so no need to "rip and replace."



One Last Look Office 365 Gets a Voice and Certainty Real CYA 


https://origin.ih.constantcontact.com/fs179/1102578441475/img/2820.jpgO365 aka Office365 and almost anything else in the cloud is certainly rage.  Many are still hanging on the fence waiting for Microsoft to add voice to O365 because it makes sense. 
My analysis is that Microsoft would answer that question with this answer -

If you want 0365 with voice, get Skype.

According to Microsoft, "Office 365 is the fastest growing business in Microsoft's history. One out of four enterprise clients owns Office 365 and in the past 12 months we've seen a 150 percent increase in SMBs adopting Office 365." At the same time, despite the incredible growth of cloud technologies, according to IDC (Successful Cloud Partners, 2013), hybrid solutions are expected to dominate the market for the next few years: https://origin.ih.constantcontact.com/fs179/1102578441475/img/2819.jpg"Buyers intend to selectively source more IT capability in the public cloud but will also focus on keeping a significant portion of their assets on premise."


AudioCodes One Box 365 gives your O365 a voice and much more.  Certainly put as much as you like in the cloud with a great price-competitive PBX for the SMB, branch and many other business configurations.    


Get Serious About Office Staff Safety

Not with standing cable cuts and other cloud outages, there are too many disasters, fires, storms, violence and other situations where you must-have  a backup plan for the safety of staff and key equipment.  AudioCodes has a real solution with HA-high availability aka DR-disaster recovery with their One Box 365 hybrid solution, providing a one-stop shop for all the critical hardware, software and services required for a successful Lync voice implementation.  



Combining multiple Lync Server roles, gateway and SBC functionality in one single elegant appliance, it comes complete with Lync certified IP phones, an Active Directory Domain Controller and a dedicated user interface for easy migration provisioning and configuring for Lync users. Through this pre-integration of components, AudioCodes One Box 365 simplifies and accelerates the installation, enabling quick bring-up for enterprise voice services utilizing Office 365 licensing.


Other Highlights:

- AudioCodes One Box 365 delivers end-user productivity and voice services, including SIP trunking and service quality level monitoring

- Part of the AudioCodes One Voice for Lync offering

- Powered by AudioCodes Session Border Controllers (SBC), which are certified by a wide variety of leading SIP Trunk service providers worldwide

- Leveraging AudioCodes Session Experience Manager, business customers can monitor the quality of SIP trunk services and voice quality across their enterprise deployments

- One-Stop shop, including Lync qualified IP Phones, greatly simplifies deployment and support of cloud-based services.

Bottom-line - Putting nearly everything except yourself in the cloud seem inevitable.  Contact center staff, apps and many other functions will all go to the cloud.  However, when real storm clouds hit and you are faced with no IT cloud you will need to have a way to CYA for real.



#NotOneMore - IM Voice - Broadcast Alerts - Personal Alarms - Group Chat


If you are in Boulder or can come, please do. 






As the need to protect staff, students, customers, visitors and others increases, there is a corresponding need for mobile apps to add some level of notification and emergency communication.  iPeerSafe is a personal and peer safety and social networking alert and chatting app allowing users to add text, images and audio recordings for iPhone, iPad or iTouch.


Key features:

- Personal Panic Alarm with posting text, images, color-coding priorities and audio recordings to Facebook, Twitter, email and emergency calling


- Broadcast Alert with text, images, audio recordings and color-coded highlights to all users in same school


- Class Assignment feature for class work projects and collaboration as well as teacher-student chatting


- School/college peer, group, parent and global chatting


https://origin.ih.constantcontact.com/fs179/1102578441475/img/2696.png - Journal-Diary - private and shareable notepads on Twitter, Facebook, Linkedin, Instagram and Email as well as doodlepad graphics tool


- Weather from local area


- Calendar with more than 70 icons to indicate type of meeting and reminders  


Please visit http://ipeersafe.com/ for tips, applications and ideas.





Bottom-line - I have completed  a brief exploration of findings in research in more than 30 citations regarding both real and online safety dealing with other persons of potentially harmful and deadly threats including bullying and cyberbullying.   







Click here  for Top-10 Tips for Personal & Peer Safety in School, Business, Campus and Public Settings.





Need help with a Microsoft - Unified Communications channel sales and marketing communications strategy

click on image. 


Follow us on Twitter


Click on Linkedin logo to join group.












 Today, Lyncosphere - "Lync Visualized" is released.

Click on image for Lyncosphere (uses Flash)


After a lot of beta testing and feedback this new microsite that is designed for indepth explanations and explorations of Lync by providers of Lync solutions and applications. 

Here are some view comments: 


"Lyncosphere is an innovative way to help sales, channel and end users "see" how Lync works. This really helps me engage with customers faster and get solutions understood by all the decision-makers."

                              - Matt Jolly - Senior Support Engineer Vology.com


"Lyncosphere visualizes how Lync works and helps you understand which 3rd party Lync solutions are available to provide additional functionality to your Lync environment." 

                              - Rui Maximo - CEO Lync-Solutions.com


"This is a very good - well done indeed, it would be of great use to both channel partners and end users evaluating Lync."

     - Douglas GreenPublisher, TelecomReseller/Usernews Publications - The World's Leading News Source for Unified Communications, Collaboration and Cloud  www.telecomreseller.com 



https://origin.ih.constantcontact.com/fs179/1102578441475/img/2477.jpgSecurity Issue - Restricting Remote Access to Only Corporate-Issued Computers



Corporate security policies require employees to use only corporate-issued computers to connect to the corporate network. Personal devices aren't permitted to connect to internal resources. How can I enforce security policies for users connecting to Lync Server from a sanctioned computer?



By configuring the Security Edge Filter and Security Web Filter to block NTLM authentication requests as well as restricting authentication requests from only authorized Active Directory domains, the Security Filters prevent users from connecting to Lync Server from a non-corporate issued computer at the network perimeter.



Lync Server when published to the Internet are susceptible to many types of attacks. Without a solution such as the Security Edge Filter and Security Web Filter, user accounts can easily be locked out in Active Directory Domain Services, passwords can be brute-forced, internal Lync Server resources can be consumed unnecessarily by DDoS attacks, Lync meeting attendees can be hacked by cross-site scripting (XSS) attacks, and many more attacks (SOAP, XML, etc) as shown in the following figure.  



With the Security Edge Filter and Security Web Filters, attacks can be blocked at the network perimeter as illustrated in the following diagram.




Solutions to Distributed Denial of Services (DDoS) and other Hacker Attacks


Why are DDoS attacks disruptive to your organization?   

Here are the most common reasons:

- Each failed authentication attempt counts in Active Directory Domain Services as a failed login and locking out the account in Active Directory Domain Services.  

- It becomes trivial for a remote attacker to lock out any of your Active Directory user accounts if the attacker knows (or can guess) the account name.  

- No credentials or privilege is required to mount a DDoS attack.  

- Locked-out Active Directory user accounts often generate the largest number of support calls to IT.  

- DDoS attacks can represent a substantial disruption to users when employees are unable to reach the resources they need to do their work while internal Lync Server resources are under attack.  

- Organizations that allow employees to remotely sign in to Lync Server from the Internet can be susceptible to password brute-force attacks.


https://origin.ih.constantcontact.com/fs179/1102578441475/img/2472.jpgSecurity Edge Filter is an application layer firewall for Lync Server. It augments the Edge Server by enforcing a soft lockout at the network perimeter to prevent account lockouts at the Active Directory Domain Services. Security Edge Filter tracks failed sign-in requests and block further sign-in attempts before the Active Directory lockout limit is reached. The Security Edge Filter protects the SIP traffic. 


The benefits are:

- Security Edge Filter provides an additional tier of account security.  

- Security Edge Filter prevents password-guessing by blocking authentication attempts after the number of failed authentication attempts reaches a threshold.  

- Even when the account is locked out by the Security Edge Filter at the network perimeter, the user can still sign in to Lync Server from within the corporate network or through a VPN. As a result, the DDoS risk is substantially mitigated, with minimum inconvenience.


- Security Edge Filter can enforce that remote users to sign in from a corporate-issued computer. By blocking NTLM authentication, external users are forced to sign in by using TLS-DSK authentication. It requires that a client certificate be installed on the user's computer when it's connected to the corporate network.


Security Web Filter is a Web application firewall for Lync Server Web Services. It protects the Lync HTTPS traffic traversing the reverse proxy. Similar to the Security Edge Filter, it protects against DDoS attacks by enforcing a soft lockout in the network perimeter. The Security Web Filter monitors Web traffic originating from the Internet for potential attacks. In addition to Lync Web traffic, the Security Web Filter can monitor authentication traffic from external Exchange and SharePoint users. 


The benefits are:  

- Security Web Filter provides an additional tier of account security, safely locking out the account at the network perimeter without locking out the account inside the corporate network.   

- Security Web Filter prevents password-guessing on the extranet by blocking authentication attempts for that account after the number of failed authentication attempts reaches a threshold.   

- Security Web Filter monitors external traffic for XSS attacks, SOAP attacks and XML attacks, and blocks those requests at the network perimeter.


- The enterprise edition of the Security Web Filter allows the administrator to block unauthorized Lync mobile devices from signing in to Lync Server.  

- When combined with the enterprise edition of the Security Edge Filter, the lockout policy and logging can be centralized with both products in a SQL database.



Top-10 Tips for #Hast Tags 


Click on image for complete article






Certified Training - Affordable, Available, Actionable & Tax Deductible 


WebRTC-SIP Certification, Social Media Contact Centers, Sales Professionals and Business

Custom and Complete SIP Professional Certification Program




Certified SIP Professional and Senior Certified SIP Technical Professional Testing Now Available


Click on image for details.  TECHtionary is proud to announce the availability of two SIP certification testing and online, online and webinar training programs.  The CSP-Certified SIP Professional certification is designed to review and test general and some technical knowledge with 50 questions.  The Senior Certified SIP Technical Professional (SCSTP)  examination is designed to test advanced technical skills in SIP. The exam consists of 70 multiple choice and true-false questions.  Both tests are designed to help in planning, design, implementation, network assessment as well as security, diagnostics and troubleshooting. 


Some though certainly not all of the topics on the Senior Certified SIP Technical Professional examination include: CODEC, DSP, Clipping, dipping, Queuing Delay, Network Propagation, Serialization, Buffer Delay, Fragmentation, Interleaving, Voice Payload, HSRP, Adaptive Jitter Buffer, Oversubscription, Voice Activity Detector, White Noise, Comfort Noise, Noise Detectors, MOS, E-model, Nyquist-Shannon, Framing, PCM, ADPCM, DSP, CODEC sampling, Transcoding, Tandem encoding, Echo, Echo Loss, Short Tail, Hybrid, SNR, CNR, RFI, Crosstalk, Shared Neutrals, RTCP-XR, SRTP, MD5, CMP, POE, 802.1P, ALG, MSRP, IMS, WebRTC-Apps, SALT, SAML, Voice XML, RPC, BICC, ISUP, IP Multimedia Subsystems and other topics. 




If you need iPhone, iPad, Android or Windows phone apps custom built for your business applications or new ideas, we have proven experience and U.S. based product/project management.  Click on image for more. 






Follow us on Twitter

TECHtionary Knowledge Source


Click here for TECHtionary -- World's First and Largest Animated Library on Technology with more than 3,015 animated tutorials.



Lync is a Trademark of Microsoft.  Unified Communications Apps & Cloud Communications Forum is an independent forum.

Advertising, Exhibiting, Training and other Marcom Programs, call 303-594-1694 or click here.

The User Forum provides classroom and webseminar training as well as a non-production environment for those IT departments without additional equipment, budget or time.  This allows planners and users to test ideas, dial in and dial back out, IM file transfers, remote desktop sharing, video conferencing, run scenarios, review logs, break linkages and learning about new telephony features and network access.  The User Forum is also designed for both the system integrator/consultant who wants to learn about tech without having to build their own system as well as the enterprise customer who doesn't have the time, resources or knowledge to develop one.  Coming soon, User Forum Labs are designed to be "hands-on" or "over-the-shoulder" with experts available for Q&A and classes for feature-specific review.
About User Forum
The User Forum is a vendor-independent laboratory environment designed for learning, technical guides, knowledge resources and online "live" services.  The User Forum provides planning, project management, consulting, training, case studies, white papers, speaking engagements, market/customer research, network planning and other services. 
Click here to contact.

(c) User Forum - all rights reserved.



SIP, Unified Communications Apps & Cloud Communications Forum | 2525 Arapahoe E-4-313 | Boulder | CO | 80302