SIP, Unified Communications Apps & Cloud Communications
- Issue #234
Unified Communications Apps & Cloud Communications Forum provides
thought leadership on SIP,
Communications Apps, Lync CEBP Apps, Cloud Communications,
Top Apps from SIP Trunk Providers, Network Providers, Microsoft,
Facebook, Google, Apple and other Communications, Mobile,
Contextual-Intelligence and other communications companies.
Lync is a trademark of the Microsoft Corporation.
can help in developing webinars, customer studies, social media
and sales, marketing
unified communications, cloud and other tech.
SIP Endpoints for voice paging,
notification, safety, and security
Visual and Audible Alerting products provide attention-getting
notification of important telephone activity such as call ringing,
in-use status, message waiting indication, paging, and more. Solutions
are available for analog, SIP and other technologies.
integrated point-of-entry doorphone and security intercom solutions for
business and institutional applications. The doorphone solutions permit
visitors to ring one or more telephones in a building for a hands-free
conversation. Visitors may be allowed entry using door release
Regis University's School of
Computer & Information Sciences (SCIS) delivers Bachelor's and
Master's degrees, and certificates in various computing and information
fields. Degrees provide a comprehensive background on computing theory,
as well as, hands-on experience using computers to solve problems
Technologies is a premier Microsoft Lync Voice Partner as Microsoft
Unified Communications Partner of the Year for 2009, 2010 and 2012 with
over 800 UC Deployments.
for Microsoft Lync Unified Communications
prevent your organization from such attacks at the network perimeter,
the security filter for the Microsoft Lync Server 2010, Edge Server
monitors sign-in attempts and enforces account lockout at the network
This is NOT a
Microsoft Tag or QR Code, it is a very cool Lync Protocols
suggestions, ideas and wish list for Microsoft Lync Server and
Client. This message is not supported or paid for by
advertising and other marcom options,
Jobs - Help
Wanted - Situations Wanted
Send them and
we will post them.
Technologies is hiring - click here for jobs
the SIP, UC Apps & Cloud Communications Forum
a few years now, actually since the intro of Lync I have wondered why
MSFT has done so little to actively promote Lync. Certainly
they use partner events and other specific marcom efforts to spread
the word. Actually Cisco, Avaya, ShoreTel and others do very
little national advertising to drive sales. Yet over the past
few years the marcom team at Skype has been carefully and skillfully
crafting their platform as a social media platform. Now
they are doing this with the fashion industry with Victoria Beckham
and others. They
seek Skype Ambassadors - Become a Skype Brand Ambassador Ready
to share your extraordinary talent with a larger audience? Let us
know how you could collaborate with Skype to showcase your skills. If
selected, you could co-create a moment with us and represent your
passion on the global stage. This is very exciting when you think of
UC as a USC -
unified social communications tool. Strategically
makes Skype an effective competitive against Facebook and others
though not necessarily Twitter which faces no competition so far.
UC to be more effective for a global audience needs to be more
social with more complex media and more social as the context of the
audience and not just traditional business meetings.
you on Twitter? Follow us @techtionary
and we will follow you back.
Click on Linkedin logo to
Lync-Skype-Office 365 Off
IMHO the most exciting part of LyncConf14 was the presentation on
Lync-Skype-Office 365 or rather as Skype takes the lead on this is
what I call it Skype-E for Skype Enterprise. The reason is
global customers know Skype they don't know Lync. MSFT will
finally smash them together a new UI will emerge probably in 1-2
years to simplify their product offering. The best news is they have
some of the fundamental technologies working demonstrating Skype to
Lync calls. It appears that the Silk CODEC will emerge as that
is the primary CODEC and has the potential to accommodate the widest
possible range of bandwidth options especially as those in rural or
remote areas or where mobile service is limited. Here is the
architecture for Skype-Lync-Office365:
Click on the image for
larger version. Here are some of the details:
Some of the key elements of UC are
already there including encryption and security and while file/screen
sharing are not there, all you need to do is change your app for
Skype-to-Skype or Lync-to-Lync for full functionality.
Chats, voice (Silk) and Video (H.264) calls between Skype and Lync
Encryption with TLS and sRTP
NAT Traversal with Stun/Turn/Ice
is a chart comparing various CODECs - click on image for details:
Bottom-line - Some would certainly argue that
enterprise users may get confused but as it was pointed out in the
keynote presentation by Gurdeep Pall, the vast majority of the work
already knows Skype so just tell users to use it instead of
Skype-Lync SDN Explored
I constantly do every day is seek new approaches to the UC-challenge.
When I saw this article by Ajay, I dug deeper into what he was
taking about. Click on this image for the entire article but
here are the highlights with his permission.
popularity of BYOD, the ever-growing number of mobile devices, and
the increased use of applications such as telepresence, Skype and Microsoft Lync
challenge the ability of IT networks to deliver consistently
high-quality user experiences across unified wired and wireless
access networks. With so much traffic from so many sources going to
so many different devices, just understanding the traffic is
difficult. Consistently ensuring performance for the most critical
applications is even more so. SDN-enabling the WLAN helps to address
vendors such as Microsoft provide SDN APIs, giving WLAN vendors
information to provide better tools for network monitoring, issue
diagnosis, and application-specific quality of service (QoS). With
OpenFlow enabling WLAN controllers and integrating similar
capabilities, WLAN vendors can help IT enforce QoS for these
on image for link to Lync SDN API.
lacking in most articles are applications. Here is a cool one
he suggested. "One example of an application that would
benefit from unified SDN implementation is the communication between
the operating staff and floor nurses at a hospital via "nurse
nurses are mobile and the nursing station is static, audio and video
communication results in heavily shifting wired and wireless traffic
loads, sometimes degrading the quality of the voice and video
the image for more technical details on Meru solutions. He added,
"From its central vantage point on the network, through utilization
of application- and network-generated northbound and southbound APIs,
an SDN-enabled WLAN controller can optimize QoS at both ends,
creating a higher-quality experience for both the fixed and mobile
Here is a
little from Meru about SDN. The goal of SDN is to offer a framework
that provides an abstraction to enable broad management of data flows
throughout a network from a single control point. Elements of an SDN
solution would be an SDN controller that acts as a service point between
SDN applications and the wired/wireless network (see above)
and OpenFlow-enabled network components (i.e., switches, controllers,
access points, routers, gateways, etc.)
Bottom-line - SDN is underlying technology used
to support higher layer UC features like chat/IM, sharing and others.
However, as both lower layer solutions meetup via API with
higher layer functionality improved QoS, security and feature
performance can result.
Skype-Lync Hookup via SRTP
to Simon Bisson, "There's another bonus to version 2 of
Lync/Skype federation: support for encrypted conversations. You'll be
able to secure conversations with TLS or sRTP, making it possible to
use Skype and Lync in regulated businesses; letting medical and
financial services allow customers to call in via Skype while
ensuring that they meet their PCI and HIPAA requirements."
Click on image for his entire article.
you all know how much I focus on security and totally believe
in the next SIP-wave of security attacks coming in the form of
"call jacking." The use of SRTP may give this
solution added importance as enterprises get hacked via SIP.
Here is the graphic of the concept:
details of the SIP session, such as the type of media, codec, or
sampling rate, are not described using SIP. Rather, a SIP message
contains a description of the session, encoded in some other protocol
format. One such format is the SDP-Session Description Protocol (RFC
2327). Within the SDP message are descriptions such as Session
Description Protocol Security Descriptions (SDES) for authentication
and encrypted media streams used with SRTP-Secure Real-time Transport
Protocol (RFC-3711). Click
on image for animated presentation.
is referred to as a "profile" or extension of RTP/RTCP and
provides security services for both protocols. SRTP is also a
"bump or shim (wedge) in the stack" referring to the
OSI-Open Systems Interconnection Model implementation. That is, SRTP
resides between RTP-Real-time Transport Protocol and RTCP-Real-time
Transport Control Protocol found Application Layer 7 and UDP-User
Datagram Protocol in Transport Layer 5. SRTP works by intercepting or
"bumping" RTP packets and then forwards an equivalent SRTP
packet on the sending side, and intercepts SRTP packets and passes an
equivalent RTP packet up the stack on the receiving side. The
"key" to SRTP is the Authentication Tag and the Master Key
Identifier. The Authentication Tag provides authentication of the RTP
header and payload. That is, if both encryption and authentication
are applied, encryption is applied before authentication on the
sender side and conversely on the receiver side. The MKI-Master Key
Identifier identifies the master key from which the session key(s)
were derived that authenticate and/or encrypt the particular packet.
SRTP uses two types of keys: session keys for the content and master
keys like the lock on your door.
Bottom-line - Skype-Lync hookup is a "must
have" feature play by Microsoft to be in the new-UC game at all.
IM is the prime feature in the new UC and Facebook-WhatsApp
hookup is a game-changer. If reports (click on image) are true
that WhatsApp will have voice in hardly a month, this makes them the
new "big dog" in the UC fight and with the 1.3B Facebook
members puts their reach to probably 1.6+B (compensating for dups)
though I ask - why bother adding voice when IM is the new key feature
for all devices. Seriously who talks on the telephone anymore
certainly not gen-Y.
One Last Look
SIP Must-Have Specialized Endpoints
of the most challenging phone installations "got-yas" is
the back dock, manufacturing floor, unattended lobby, staff or
special door access, security room and so many others. You can't
really say SIP, Lync or any other UC solution fits into the world
place until you have solved the difficult phone install.
Here are some cool and high-quality solutions to help you and
your customers out.
are seven advantages of SIP over ATA based solutions. In an IP
environment, legacy loud ringers and paging systems can end up hard
wired behind ATAs. That might make sense when legacy products are
pre-existing, working well, and vendor supported. But there are
significant advantages to deploying an all-in-one IP solution. The
Algo 8180 eliminates the need for an ATA, offering new capabilities
for performance, scalability, and user experience. Endpoint
visibility on the network simplifies administration and installation
is as easy as connecting the RJ45 jack to your POE switch.
1. Web Interface
and make changes to the 8180's configuration any time using an
intuitive web interface. No need to be physically at the device.
2. Ambient Noise Compensation
8180 microphone listens to ambient noise and automatically adjusts
output volume. Perfect for variable environments like workshops,
classrooms, and cafeterias.
3. Effective Ring Tones
more shrill high frequency ring sounds. Choose from effective
wideband preloaded WAV files, or upload your own ring tone effective
in your environment or unique to your business.
4. Multicast for Scalability
8180 can generate a multicast audio stream to additional network
connected 8180s for ring, page, or notification. No central amplifier
or paging server required.
5. Paging, Loud Ringing and Notification
8180 is a multi-capable speaker, serving effectively as a paging,
loud ringing and notification device. Eliminate several devices with
one capable endpoint.
8180 microphone supports talkback in page mode for two way
communication and verification.
7. Simple All-in-One Solution
8180 performs all of its functions as a single unit, eliminating the
complication of multi-component solutions and associated wiring.
Bottom-line - SIP is applicable to nearly all
endpoint environments with these high-quality cost-effective
One Last Look Lync Customer
Leading US Manufacturer reduces IM
search and discovery process to minutes instead of weeks with Instant
Technologies' HR Auditor solution
Customer: A leading US manufacturer of
more than 2,500 products that power, connect and protect computers
and other electronics. The company has been manufacturing Power
Protection & Adapter and Cable Solutions including UPS Systems,
KVMs, PDUs, Inverters, Surge Suppressors, Power Strips, Cooling &
Challenge: The customer runs on an Active
Directory Microsoft environment and utilizes Lync for its IM
platform. While their chat environment is not considered a critical business
application, the data communicated is important from a legal and
compliance standpoint. When recently asked by the legal department to
perform search and discovery on specific chat logs and keywords, it
took two IT staff members two weeks to query the data
and find the relevant information needed. The customer quickly
realized an improved method for chat search and discovery was
Solution: Instant Technologies' HR
Auditor for Microsoft Lync
Results: Regulatory Compliance and
HR Auditor solution enables the customer to automate their internal
IM logging and archiving needs, therefore streamlining the search and
discovery process to save valuable time. The ability to grant non-IT
users access to perform their own investigations frees up valuable IT
security resources to tackle more pressing business issues. Due to
the intuitive interface, only basic training is needed before
authorized non-IT users are performing relevant chat searches for
their specific legal and compliance projects.
Customer Quote: "We have realized immediate
time savings with HR Auditor. With this solution, a 15-hour discovery
process using a SQL report template was cut down to 15 minutes using
HR Auditor for Lync." Senior Network Engineer.
image to start free 30 day trial of HR Auditor.
Provides keyword and role-based search and discovery
Direct departmental access to internal and external IM
Ease of use-- 30 minute install and simple search
interface based on user, date range or keyword
Information locked in Lync Archives becomes actionable and
valuable business assets
Technologies specializes in developing innovative, high-value IM
applications for eDiscovery and contact center enablement. Products
are designed to improve organizational security and operational
efficiency with a focus on ease of use and installation, modular
deployment and integration with enterprise-class platforms and social
networks. Instant Technologies is a Lotus Advanced Business Partner
and a Microsoft Silver ISV Partner based in Portsmouth, NH.
Today, Lyncosphere -
"Lync Visualized" is released.
image for Lyncosphere (uses Flash)
a lot of beta testing and feedback this new microsite that is
designed for indepth explanations and explorations of Lync by
providers of Lync solutions and applications.
are some view comments:
"Lyncosphere is an innovative
way to help sales, channel and end users "see" how Lync
works. This really helps me engage with customers
faster and get solutions understood by all the decision-makers."
Matt Jolly - Senior Support Engineer Vology.com
"Lyncosphere visualizes how Lync works and
helps you understand which 3rd party Lync solutions are available to
provide additional functionality to your Lync environment."
Rui Maximo - CEO Lync-Solutions.com
"This is a very good - well done indeed,
it would be of great use to both channel partners and end users
GreenPublisher, TelecomReseller/Usernews Publications - The
World's Leading News Source for Unified Communications, Collaboration and
Security Issue - Restricting Remote Access
to Only Corporate-Issued Computers
security policies require employees to use only corporate-issued
computers to connect to the corporate network. Personal devices
aren't permitted to connect to internal resources. How can I enforce
security policies for users connecting to Lync Server from a
configuring the Security Edge Filter and Security Web Filter to block
NTLM authentication requests as well as restricting authentication
requests from only authorized Active Directory domains, the Security
Filters prevent users from connecting to Lync Server from a
non-corporate issued computer at the network perimeter.
Server when published to the Internet are susceptible to many
types of attacks. Without a solution such as the Security Edge Filter
and Security Web Filter, user accounts can easily be locked out in
Active Directory Domain Services, passwords can be brute-forced,
internal Lync Server resources can be consumed unnecessarily by DDoS
attacks, Lync meeting attendees can be hacked by cross-site scripting
(XSS) attacks, and many more attacks (SOAP, XML, etc) as shown in the
Security Edge Filter and Security Web Filters, attacks can be blocked
at the network perimeter as illustrated in the following diagram.
Solutions to Distributed Denial of
Services (DDoS) and other Hacker Attacks
Why are DDoS attacks disruptive to your
are the most common reasons:
Each failed authentication attempt counts in Active Directory Domain
Services as a failed login and locking out the account in Active
Directory Domain Services.
It becomes trivial for a remote attacker to lock out any of your
Active Directory user accounts if the attacker knows (or can guess)
the account name.
No credentials or privilege is required to mount a DDoS
Locked-out Active Directory user accounts often generate the largest
number of support calls to IT.
DDoS attacks can represent a substantial disruption to users when
employees are unable to reach the resources they need to do their
work while internal Lync Server resources are under
Organizations that allow employees to remotely sign in to Lync Server
from the Internet can be susceptible to password brute-force attacks.
Security Edge Filter is an application layer firewall
for Lync Server. It augments the Edge Server by enforcing a soft
lockout at the network perimeter to prevent account lockouts at the Active
Directory Domain Services. Security Edge Filter tracks failed sign-in
requests and block further sign-in attempts before the Active
Directory lockout limit is reached. The Security Edge Filter protects
the SIP traffic.
- Security Edge Filter provides an additional tier of account
Security Edge Filter prevents password-guessing by blocking
authentication attempts after the number of failed authentication
attempts reaches a threshold.
Even when the account is locked out by the Security Edge Filter at
the network perimeter, the user can still sign in to Lync Server from
within the corporate network or through a VPN. As a result, the DDoS
risk is substantially mitigated, with minimum inconvenience.
Security Edge Filter can enforce that remote users to sign in from a
corporate-issued computer. By blocking NTLM authentication, external
users are forced to sign in by using TLS-DSK authentication. It
requires that a client certificate be installed on the user's
computer when it's connected to the corporate network.
Security Web Filter is a Web application firewall for
Lync Server Web Services. It protects the Lync HTTPS
traffic traversing the reverse proxy. Similar to the Security Edge
Filter, it protects against DDoS attacks by enforcing a soft lockout
in the network perimeter. The Security Web Filter monitors Web
traffic originating from the Internet for potential attacks. In
addition to Lync Web traffic, the Security Web Filter can monitor
authentication traffic from external Exchange and SharePoint
Security Web Filter provides an additional tier of account security,
safely locking out the account at the network perimeter without
locking out the account inside the corporate network.
Security Web Filter prevents password-guessing on the extranet by
blocking authentication attempts for that account after the number of
failed authentication attempts reaches a threshold.
Security Web Filter monitors external traffic for XSS attacks, SOAP
attacks and XML attacks, and blocks those requests at the network
The enterprise edition of the Security Web Filter allows the
administrator to block unauthorized Lync mobile devices from signing
in to Lync Server.
When combined with the enterprise edition of the Security Edge
Filter, the lockout policy and logging can be centralized with both products
in a SQL database.
Tips for #Hast Tags
Click on image for complete article
Certified Training -
Affordable, Available, Actionable & Tax Deductible
Social Media Contact Centers, Sales Professionals and Business
Custom and Complete SIP
Professional Certification Program
Certified SIP Professional and Senior Certified
SIP Technical Professional Testing Now Available
is proud to announce the availability of two SIP certification
testing and online, online and webinar training programs. The
CSP-Certified SIP Professional certification is designed to review
and test general and some technical knowledge with 50
questions. The Senior Certified SIP Technical Professional
(SCSTP) examination is designed to test advanced technical
skills in SIP. The exam consists of 70 multiple choice and true-false
questions. Both tests are designed to help in planning, design,
implementation, network assessment as well as security, diagnostics
though certainly not all of the topics on the Senior Certified SIP
Technical Professional examination include: CODEC, DSP, Clipping,
dipping, Queuing Delay, Network Propagation, Serialization, Buffer
Delay, Fragmentation, Interleaving, Voice Payload, HSRP, Adaptive
Jitter Buffer, Oversubscription, Voice Activity Detector, White
Noise, Comfort Noise, Noise Detectors, MOS, E-model, Nyquist-Shannon,
Framing, PCM, ADPCM, DSP, CODEC sampling, Transcoding, Tandem
encoding, Echo, Echo Loss, Short Tail, Hybrid, SNR, CNR, RFI, Crosstalk,
Shared Neutrals, RTCP-XR, SRTP, MD5, CMP, POE, 802.1P, ALG, MSRP,
IMS, WebRTC-Apps, SALT, SAML, Voice XML, RPC, BICC, ISUP, IP
Multimedia Subsystems and other topics.
If you need
iPhone, iPad, Android or Windows phone apps custom built for your
business applications or new ideas, we have proven experience and
U.S. based product/project management. Click on image for
Click here for TECHtionary
-- World's First and Largest
Animated Library on Technology with more than 3,015 animated
is a Trademark of Microsoft. Unified Communications Apps &
Cloud Communications Forum is an independent forum.
Advertising, Exhibiting, Training and
other Marcom Programs, call 303-594-1694 or click here.
The User Forum provides classroom and webseminar training as well as a non-production
environment for those IT departments without additional equipment, budget
or time. This allows planners and users to test ideas, dial in and
dial back out, IM file transfers, remote desktop sharing, video
conferencing, run scenarios, review logs, break linkages and learning
about new telephony features and network access. The User Forum is
also designed for both the system integrator/consultant who wants to
learn about tech without having to build their own system as well as the
enterprise customer who doesn't have the time, resources or knowledge to
develop one. Coming soon, User Forum Labs are designed to be
"hands-on" or "over-the-shoulder" with experts
available for Q&A and classes for feature-specific review.
About User Forum
The User Forum is a vendor-independent laboratory environment designed
for learning, technical guides, knowledge resources and online
"live" services. The User Forum provides planning,
project management, consulting, training, case studies, white papers,
speaking engagements, market/customer research, network planning and
here to contact.
(c) User Forum - all rights reserved.