Epygi Rep to Offer Instruction at South African Computer Faire
SVT Consulting and Sales Force Europe to present technology seminars

As the South African representative for Sales Force Europe, Schalk van Tonder will present seminars on a variety of VoIP related topics during the 30th Computer Faire, May 21-23. Related topics will include wireless broadband, IPTV, VOD, data retention, fixed/mobile convergence, media convergence and security.

Those attending the sessions can expect an interactive style of delivery with live demonstrations and opportunities for Q & A.

Anyone planning to attend should RSVP to:
svtconsulting@svt.co.za.
Online: www.salesforceeurope.com.
Fax: +27 86 667 7667.

Avanzada 7 to Host VoIP Tech Breakfast in Madrid
Topic: Making a profit selling VoIP as a package
May26 9:30am to 1 pm at the Hotel VILLAMADRID

Avanzada 7, Epygi’s distributor in Spain, will be hosting a seminar geared to IT resellers and dealers as well as managing directors and heads of sales of telecom companies. The topic of selling VoIP packages to businesses with up to 200 people will be discussed by industry leaders, including Epygi.

Presenters will introduce attendees to a package solution that includes Quadro IP-PBXs from Epygi, IP telephones from Thomson and voice-quality Internet services from VozTelecom. "IT and telecoms dealers will find this VoIP Package for small and medium sized businesses easy to sell and install as it offers the customer everything in one order," said Nacho Cabreras, Managing Director of Avanzada 7. "Whether the customer wants to update their whole phone system or just add VoIP to what they already have, the dealer will be able to fulfill their needs quickly and at a competitive price."

After introductions from Avanzada & Epygi, Thomson and VozTelecom will deliver brief talks and open a Q&A session in Spanish. Breakfast will be served to all attendees. To reserve a space people should contact Guillermo Ruiz at Avanzada 7 (+34- 902 024 577, sales@avanzada7.com).

Spanish Language Pack Now Available for the Epygi Quadro IP PBXs
Epygi distributor Avanzada 7 promotes the technology to 3.3M small businesses in Spain

Epygi’s Quadro IP-PBXs are now available with voice prompts and system management computer screens (GUIs) in Spanish. Increasing demand in Spain and Latin America made it clear that the new interface would be a welcome addition.

Avanzada 7, Epygi’s value-added distributor in Spain, has selected the Quadro IP-PBXs to be the telephone system they offer for offices with up to 100 staff and multi-site organizations. The equipment has all the facilities normally seen in large company PBXs, including a complete range of security features and the ability to greatly reduce the cost of long distance and international calls.

“Avanzada 7 provides resellers with a complete Spanish VoIP package to sell to their customers,” said Nacho Cabrera, Managing Director of Avanzada 7. “By including IP phones and a contract with an Internet telephony service provider (ITSP), we enable dealers to supply a complete VoIP solution to their customers that is quick to install, user-friendly and gives excellent financial benefits.”

“There are over 3.3 million small and medium sized businesses in Spain. They and the telephony and IP technology dealers who supply them, will benefit from having the Quadros’ user interfaces and voice prompts in their own language,” said Mario Cuello, Epygi’s CEO. “This is another example of Epygi’s commitment to offer its customers the most technologically advanced VoIP solutions tailored to their needs.”

Is Your Voice Traffic Secret? Is it Safe?
Securing Your IP Voice Network from Hackers, Part Two

Part One of this article on VoIP security highlighted some of the ways this technology was vulnerable to fraudulent uses. With analysts predicting that IP PBXs will make up the bulk of business telephony sales in 2009, it is imperative that IT professionals take the necessary steps to secure a company’s phone system from without and within. This segment, Part Two, covers some of the technical aspects of these vulnerabilities and how they can be managed to better protect a network from intrusion and misuse.

To Serve and Protect
The good news is that the steps taken to secure other network applications also improve VoIP security. Keeping company servers and clients up to date with all the current patches and requiring authentication for all levels of users are crucial deterrents to break-ins.

In addition to maintaining anti-malware and ant-tampering applications, companies also need to audit user sessions and frequently monitor all activities related to network services. SIP firewalls and dedicated voice configuration will lay the groundwork for a good defense.

Where there’s Smoke, there’s a Firewall
Firewalls limit the kinds of traffic that can cross a network based on rules and policies established by their administrators. A SIP-aware firewall between the Internet and a company’s LAN dramatically reduces denial of service attacks.

Traditional network firewalls permit and deny traffic based on TCP, User Datagram Protocol (UDP) and IP header information: IP addresses, protocol types and port numbers, for example.

VoIP protocols require a lot of UDP ports, allocating them dynamically to media streams. Traditional firewalls can’t accommodate this behavior without leaving large numbers of ports permanently open for VoIP use and other misuses. Some firewalls don’t process UDP efficiently. They don’t support QoS measures that manage latency and jitter and so cause problems and drops.

SIP-aware firewalls can detect and defend against rogue SIP signaling messages, and maintain pure real time protocol media streams without adding significant latency.

Smoke Out Intruders
Segmentation of data by function ensures security as well. A dedicated VoIP server can screen out any unauthenticated users and allow only packets compatible with voice traffic. This segmentation, also known as broadcast domain, requires that specific network nodes reach each other by broadcast at the same data layer.

Improved security can also deliver enhanced QoS. SIP phones perform better when segmented to their own VLAN. (A VLAN functions identically to a physical LAN but allows for network reconfiguration through software instead of changing the actual physical location of devices on a network.)

Firewalls can then restrict traffic crossing VLAN boundaries to only necessary protocols. This compartmentalization very effectively reduces the spread of malware from infected clients to VoIP servers, especially in Windows networks. Firewalls for compartmentalized servers can function with far simpler security policies than those protecting an entire system.

Endpoint security adds an outer layer of protection in VoIP deployments. Network admission techniques like IEEE 802.1X port-based network access control provide an additional layer of authorization control, blocking devices from using a LAN or WLAN until they pass security checks.

Power to the Proxy
Application-layer gateways (or proxies) play a useful role in VoIP deployment. Integrating SSL tunnels into SIP proxies improves authentication and adds confidentiality and integrity protection to signaling between callers and their SIP proxies. (A proxy appliance stands between clients on a LAN and the Internet and applies numerous policy-based controls to Web traffic and requests before delivering content to end users. Situated behind or in parallel with the network firewall the proxy intercepts HTTP, HTTPS, FTP, IM, SOCKS and other Web protocol traffic.)

SSL connections can be chained to protect signaling traffic between SIP proxies across an organization or between organizations. Businesses that relay media streams among global and local IP addresses and ports can use proxies for voice packets (real-time transport protocol, RTP).

Some configurations process VoIP traffic preferentially, creating IPSec security associations that prioritize voice traffic over data. IPsec (IP security) is a suite of protocols for securing IP communications via mutual authentication and data encryption.

Others will filter signaling traffic and RTP media streams through a Session Border Controller (SBC). Similar to email proxy, SBCs rewrite message headers to hide private network addresses, strip unknown and undesirable SIP header fields, and restrict called-party numbers. They’re also subject to RTP policy enforcement.

Epygi Designs with Security in Mind
There is no substitute for strategic planning and vigilant supervision by the network administrator (whether on staff or outsourced). That said, Epygi products make the job somewhat easier. Epygi IP PBXs and gateways include multiple encrypted VPNs including IPSec tunnels.

They also incorporate sophisticated firewalls: intrusion detection system, NAT (Network Address Translation), policy and service-based filtering, stateful inspection and Point-to-Point Protocol over Ethernet (PPPoE, Ethernet “circuit”) connection with authentication (PAP, MS-CHAP).

The newest member of the Quadro family, the QuadroM32x, includes support for Secure Real-time Transport Protocol (SRTP), a profile of RTP intended to provide encryption, message authentication and integrity, and replay protection (another hacker tactic) to the data. Epygi customers can feel even safer from all those troublesome hackers and phreakers.

Much of the configuration necessary to add Epygi products to the network is plug-and-play. The network administrator can accomplish remote testing and VoIP diagnostics through a Web browser.

Take a Byte Out of Crime
As with traditional data, voice is an attractive target for vandals and criminals. You can make their jobs a lot harder with vigilance and attention to the right details.

MZA reports Q4 2007 Global PBX and
IP PBX Market Figures

Worldwide sales of PBX and IP PBX extensions (not including Micro PBX products) increased by 3% worldwide in th period Q4 2007 compared to Q4 2006 with more than 16 million extensions sold. IP extensions sales have risen by 21% compared to the same period in 2006, which means that global IP penetration is now running at 19%. Panasonic and Avaya lead in terms of total extensions sold, while Cisco is number one in the IP extensions marketplace in Q4 2007.

After some Y2K replacement activity, Western Europe saw volumes increase by 4% in comparison in Q4 2006, while Eastern Europe grew by 7%. Overall, the EMEA region increased by 3%. Volumes in Asia Pacific, including Japan, continue to register the highest growth in percentage terms, with increases of MZA 8% recorded in Q4 2007 compared to Q4 2006. Contrastingly the American markets recorded moderate declines of 3%.

Growth in Western Europe was due mainly to the performance of the UK as the two largest markets, France and Germany, both declined by 2%. Declines were also registered in Denmark, the Netherlands, Luxemburg and Spain. Italy, which has not seen growth for many quarters, grew by 9% in Q4 2007, as Q4 2006 was particularly poor.

IP Extensions Market
In percentage terms, growth rates in below 100 extensions market have been outpacing increases in the above 100 extensions market in terms of IP extensions sold. Quarter4 2007 continued this trend as volumes rose by 23% in the below 100 extensions market and 21% in the above 100 extensions market, this market only accounts for 26% of all IP extensions sold and the penetration rate is 9%, compared to over 30% in the above 100 extensions market. This compares to 7% and 29% in the below and above 100 extensions markets respectively in Q4 2006.

North America still accounts for the majority share of IP extensions sold at a global level, as the region represents 41% of sales. This share has, however, eroded from 47% of global sales of IP in Q4 2006. In terms of global market share, Asia Pacific has demonstrated the most momentum as their share increases to 16% up from 13% in the same period of last year. In terms of volume, this was an increase of 47%. Other significant gains were registered in Eastern Europe, which was up by 52% and Western Europe, where the growth rate is in double digits. Double digit growth rates were also recorded in the middle East and Africa and Latin America, while NorthAmerica managed a 6% increase, in spite of an overall decline in the market.

MZA
MZA provides marketing consultancy services to the telecommunications and IT industries at European and global levels. This information is based on an extract from the study, “The Global Telecommunications Market” widely regarded as the definitive study in equipment markets.