sip5060.net / en es

RSS Atom

Planet SIP

November 29, 2022

• Enable Security How to perform a DDoS attack simulation
  TL;DR A DDoS simulation is a practical exercise that various organisations are capable of doing. Understand the reasons why you would want to do this, then combine custom with off-the-shelf attack tools. Follow the best practices, apply solutions and mitigation; and you can finally answer: what if we got attacked? Introduction In this post, we give an overview of how you too can perform your own distributed denial of service (DDoS) simulation exercises.

November 22, 2022

• Digium Multi-Location UCaaS and Multi-Location Connectivity Services

  Sangoma is very proud and honored to be able to service multi-location businesses with our UCaaS system and MSP services. A common dialing plan among the different physical businesses, physical phones that are tightly tied to the UC system, mobile and desktop clients to augment the desk phone, and having a CPaaS system that can enable multi-location business unique requirements to be added to our UCaaS solution has enabled Sangoma to service these businesses well with our UCaaS solutions.

  Beyond UCaaS, though, Sangoma, through its acquisition of NetFortris, now offers connectivity and security services that can be tailored to bring the best connectivity solution to the needs of the overall multi-location business and each of the specific physical buildings. It is hard to manage what is the best connectivity solution, which provider to get it all from, all the different bills, etc. That’s understandable, for sure. The IT department needs to be expert at everything, and that’s downright impossible.

  Someone like Sangoma can determine the best price, the best type of connectivity solution, and the best provider for each location and manage the network for you. You likely do not need the same bandwidth for each building, and the network provider may most likely offer a different economical service all around. Let someone else figure that all out for you and take care of all that for you.

  As your UCaaS provider, it makes sense to get all this from us. We understand the networks, and we’re monitoring the UCaaS anyway, so why not have us manage and monitor your internet connectivity as well?

  And we can also offer you SD-WAN services with this connectivity so that you can get the most efficient routing, a more stable internet (because of the use of multiple connections), and cost savings. And, of course, monitoring by Sangoma. Learn more about our MSP services here.

  The post Multi-Location UCaaS and Multi-Location Connectivity Services appeared first on Sangoma Technologies.

November 21, 2022

• Digium As a Voice Service Provider, How Has the FCC’s Updated Deadline on STIR/SHAKEN Compliance Affected Your Business?

  A few months ago, the FCC released a public notice reminding non-facilities-based “small voice service providers”, that they must implement the STIR/SHAKEN caller ID authentication framework in their Internet Protocol networks no later than June 30, 2022.

  Is this a surprise to you? Well perhaps, considering a 2 year extension was granted to small VPS (those with 100,000 or fewer voice access lines) from the original deadline of June 30th, 2021. So why the sudden change in deadline? What happened was an overwhelming amount of robocalls were observed to be originating from these small VSP from the time that deadline was announced, so much so, the FCC decided to cut the extension by 1 year, significantly moving up the deadline.

  In summary, as a small voice service provider you are no longer subject to a two year extension and must update your certifications and associated filings in the Robocal Mitigation Database (RMD) and implement the authentication framework by June 30, 2022 (which of course has passed at this point in time) or be subject to ”appropriate enforcement action” by the FCC.

  We know that it’s a lot of work, time, and money spent to become compliant. To implement STIR/SHAKEN into your voice network, you’ll likely need to provision a cost-prohibitive session border controller (SBC) or a SIP proxy, which can significantly alter the way you route traffic to your partners. This can create unexpected consequences for you, such as billing, for instance, not to mention the network maintenance and monitoring that’s required for these new points of failure.

  The deadline for compliance has already passed for non-facilities-based providers. Don’t risk waiting for the FCC to contact you and be put under extreme pressure. We have a Zero-maintenance call signing solution for you!

  VI Communication Services’ Call Signing Services help you become compliant, simply by sending your phone calls to our voice network. On our side, we will provision a dedicated server to host your unique certificate and sign calls on your behalf, using the attestation rules that you yourself configured. That’s all! No additional hardware or network maintenance required. We take care of everything for you so that you can focus on running your business. View our product slick.

  Learn more about our Call Signing Service today. We are sure it will save your business the unwanted hassle of STIR/SHAKEN compliance!

  The post As a Voice Service Provider, How Has the FCC’s Updated Deadline on STIR/SHAKEN Compliance Affected Your Business? appeared first on Sangoma Technologies.

• ng-voice Placing cloud-native solutions at the heart of private network deployments

  Private networks are steadily gaining ground as operators, enterprises and private providers set their sights on the opportunities cloud-native solutions bring about. Having a dedicated private network brings with it a new realm of possibilities, underpinned by enhanced connectivity. Add to this, the prospect of new revenue generation through better solutions, products, or offerings by the operator, enterprise, or private network provider, and arguably private networks could have several value-added benefits. 

   

  But deploying a successful private network is no easy feat—it requires the right solutions, both at the core of the network, and at the edge; the right partners, who embrace the same ways of working and strive towards a common goal; and importantly, the right application or use case. 

   

  At ng-voice, we believe that the key to private network success lies in embracing cloud-native principles. A private network—by definition—is there to give the end customer greater flexibility and agility over their connectivity solution, enabling them to push the limits of their organization and embrace new technologies such as Internet of Things (IoT) and Artificial Intelligence (AI) to increase their productivity. Moving to cloud-native principles when building and deploying a private network will help operators, enterprises, and private network operators enabling this agility and their end-customers to benefit from the many opportunities set to be unlocked by private networking.

   

  So what do these principles look like?

  First, cloud-nativity is about being cloud-agnostic. Solutions should be deployable on any infrastructure, whether private (bare metal) or public cloud. Second, solutions should embrace a CI/CD approach whereby automation is implemented throughout integration, delivery, and deployment. Third, cloud-native solutions must be scalable and adapt capacity loads accordingly, as well as provide load balancing and service discovery.

   

  Finally, continuing to put automation at the heart of cloud-nativity, such solutions must be self-healing to identify and replace failed components to maximize and maintain service availability at all times. 

   

  But cloud-nativity isn’t simply a set of principles, it’s also a culture, and a mindset. It must be embraced across the entire organization, across entire teams. In a private network scenario, where multiple partners come together to deploy a single solution, being aligned on cloud-nativity principles can bring significant benefits to the end solution and end customer.

   

  An IMS core fit for purpose

  By embracing the principles of cloud-nativity and containerization, our fully containerized cloud-native IMS solution brings to private network deployments greater scalability, being able to scale resources up or down, according to changing needs and requirements. In addition, our solution delivers increased efficiency thanks to the automation embedded in the delivery of our voice services—human intervention is significantly reduced therefore reducing the risk of disruption, and the management of voice applications is made easier and quicker.

   

  Finally, our solution is also more cost-effective thanks to our deployment model and use of cloud-native technologies. For private network deployments, in which voice is still a key requirement, being able to make cost-savings without compromising on the quality of service will be an important factor in selecting the right partner. 

   

  To find out more about ng-voice and how its fully containerized cloud-native IMS solution could be the ideal choice for your private network deployment, write to sales@ng-voice.com visit our website, or follow us on LinkedIn to know more about what we do.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Varun Jain

  Customer Solution Architect

  Publisher Bio

  Varun Jain is a Customer Solutions Architect for the Sales Team, he has over 16 years of experience in telecom industry, working for companies like Ericsson India Global services PVT LTD and NOKIA.

November 16, 2022

• WebRTC Hacks Revealing mediasoup’s core ingredients: Q&A with Iñaki Baz Castillo
  

  I interviewed mediasoup’s co-founder, Iñaki Baz Castillo, about how the project got started, what makes it different, their recent Rust support, and how he maintains a developer community there despite the project’s relative unapproachability. mediasoup was one of the second-generation Selective Forwarding Units (SFUs). This second generation emerged to incorporate different approaches or address different use cases a few years after the first generation of SFUs came to market. mediasoup was and is different. It is node.js-based, built as a library to be part of a serve app, and incorporated the Object-oriented approaches used by ORTC – the alternative spec to WebRTC at the time. Today, mediasoup is a popular SFU choice among skilled WebRTC developers. mediasoup’s low-level native means this skill is required.

  The post Revealing mediasoup’s core ingredients: Q&A with Iñaki Baz Castillo appeared first on webrtcHacks.

November 10, 2022

• Digium What are Managed IT Services?

  A managed IT service is an information technology (IT) task provided by a third-party service provider and delivered to a business customer.

  “Managed services” refers to outsourcing information technology (IT) processes and functions to improve operations and reduce expenses. It’s a way to augment your company IT staff with access to specialized expertise and not worry about the cost and complexities of hiring and staffing for 24/7/365 critical business functions.
  Managed services are ideal for companies that:

  • Rely on IT infrastructure to support their daily business operations
  • Have training or specialty gaps in their IT staff or have teams that have become bogged down in routine maintenance and cannot focus on value-generating objectives
  • Need IT budget predictability and scalability

  What are Managed IT Solutions?

   
  Businesses outsource a plethora of IT-related services to managed IT solutions providers, including:

  • Cloud Communications – This encompasses multiple communications technologies from business phone systems, VoIP calling, email, chat, video conferencing and collaboration, unified communications-as-a-service (UCaaS), virtual call centers, SIP trunking, and more.
  • Networking – A service provider typically develops, controls, and manages communication networks. Services typically offered include:
    • Internet access
    • SD-WAN for network optimization and traffic prioritization
    • Network switches
    • Wireless local area networks (LANs)
    • Wide area networks (WANs)
    • Virtual private networks (VPNs)
    • Wi-Fi and other forms of connectivity
  • Security – Cybersecurity is a specialized field with a range of services encompassing a comprehensive solution that secures an organization’s network and devices on (or off) that network. Services typically include:
    • Next-generation firewalls (NGFW)
    • Backup and disaster recovery
    • Endpoint detection and response (EDR)
    • Managed detection and response (MDR)
    • Remote monitoring and management (RMM)
    • Multi-factor authentication (MFA)
    • Unified threat management (UTM)
    • Patch management
    • Email security
    • DNS protection
    • Security awareness training

  What is a Managed IT Service Provider?

   
  In a managed service arrangement, the managed service provider (MSP) is responsible for the functionality of IT services and equipment for the client, who typically pays on a monthly retainer basis.

  Companies that offer managed services are called managed service providers (MSPs). MSPs are third-party companies that remotely manage IT infrastructure and systems. Small and medium businesses (SMBs), nonprofits, government agencies, and enterprises across various industry verticals leverage MSPs to deploy and manage technology solutions.

  Typically, an MSP delivers applications and management services through the Internet under a contractual service-level agreement (SLA). The SLA details qualitative and quantitative performance metrics that govern the MSP and customer engagement.

  Key Benefits of Managed IT Service Providers for Businesses

  • Reduced technology costs
  • Domain expertise
  • Specialized talent
  • Scalability
  • Emerging tech know-how
  • Future-proof environments

  MSPs handle complex or repetitive tasks required to maintain a client’s IT infrastructure and typically are engaged in managing the following activities:

  • Sourcing and managing IT infrastructure
  • Delivering managed communications and collaboration services
  • Offering technical and software training and support
  • Sourcing and managing security solutions
  • Managing client user accounts in applications and portals
  • Handling contract management for underlying technology vendors
  • Assisting with compliance and risk management
  • Managing third-party contractors
  • More

  Why Outsource to a Managed IT Service Provider?

   
  Businesses of all sizes typically offload the management of select IT services for these key reasons:

  • Issue-Resolution Ownership – MSPs working with you in an ongoing capacity are incented to focus on preventing problems and quickly address issues to continue to win your business each month.
  • Solution Stability – MSPs provide 24/7/365 monitoring and proactive maintenance, which means they can respond to issues quickly and head off system failure and downtime in advance.
  • Predictable Costs – Expenses fit neatly into monthly payments, eliminating the need for significant capital outlays to deploy services. Likewise, you never get an unforeseen bill for something that breaks.
  • Infrastructure Modernization – MSPs go beyond just fixing your existing systems. They provide recommendations and create migration plans for upgrades to new and modernized versions of your underlying network infrastructure components while keeping them up to date and in alignment with your technical and business objectives.

  Ready for Worry-Free Managed IT for Your Business?

   
  Sangoma makes it painless to access a complete suite of managed networking, security, and business communications solutions customizable to your organization’s unique needs.

  The post What are Managed IT Services? appeared first on Sangoma Technologies.

• Jitsi Low-latency conference streaming to very large audiences

  Jitsi today supports life-streaming conferences to large audiences through our Jibri tool – this tool renders all the media from the conference, and forwards it to a streaming service such as YouTube.

  This approach works, but it has limitations.  In addition to being computationally expensive, it also introduces substantial latency to the media.  This can be a problem when interaction is needed between the participants in the conference and the audience, for example for a text-based question-and-answer session.

  This article will describe a new approach to live-streaming media, which uses Jitsi’s builtin functionality, without transcoding, to reach potentially very large audiences with latency comparable to that of a live conference.

  Overview

  The basic approach to media distribution for this solution is straightforward – simply forward media to all the audience members in the same way that they are forwarded today to conference participants – i.e. as individual RTP streams over WebRTC.  This can re-use Jitsi’s existing well-tested technology to distribute the media and have it arrive at receivers and be played out to viewers.

  The challenge, of course, is to scale Jitsi’s back-end services so they can support sending media to very large numbers of viewers, potentially in the hundreds of thousands or more.  The rest of this article will discuss some of the architectural enhancements we need to make to Jitsi to support this.

  The first insight that will make this possible is to realize that in a streaming scenario, while the conference’s active participants need to know that they are being watched by an audience, they don’t need to know all the audience members’ identities or presence in real-time; nor do the audience members need to know about each other.  Thus, the system can be modified such that presence information about individual audience members is not sent to other conference participants, or to unnecessary parts of the backend; this reduces the amount of signaling traffic substantially.

  The second substantial change that we are making to the backend is to be able to have more sophisticated topologies for the Jitsi Videobridges to relay media among them.  Currently, when more than one Jitsi Videobridge is used in a conference (in Jitsi’s Octo/Relay technology), the bridges are connected to each other in a full mesh.  This topology minimizes the latency for media, but would not scale to very large conferences, where e.g. hundreds of thousands of participants might need several hundred bridges.  If every bridge in such a conference were connected to every other one, the bridges could be overloaded just sending media out.

  Instead, we are developing technology that can arrange bridges into more elaborate topologies.  In particular, our plan for very large conferences is to still have the conference’s active participants be connected to bridges which are arranged in a mesh; but the audience members would then be connected to bridges whose interconnection forms a tree extending from various nodes of the core mesh, so that the core media servers would only need to send media out to a limited number of connections to the audience’s bridges, which would then be forwarded out to the audience, possibly relaying through multiple bridges on the way.

  

  Finally, changes need to be made for the signaling servers used by the Jitsi back-end.  While information about audience members only needs to be propagated to selected back-end infrastructure servers, information about a conference’s active participants needs to be forwarded to the entire audience.  The existing XMPP servers that the Jitsi back-end uses aren’t designed for this level of load.  Thus, we are developing solutions such that this participant information can be mirrored from one XMPP server to another, allowing each server to handle only a manageable number of client connections while still getting the information to the entire audience quickly.

  Stay tuned!

  Your personal meetings team.

  ---

  Author: Jonathan Lennox

  The post Low-latency conference streaming to very large audiences appeared first on Jitsi.

November 08, 2022

• Digium UCaaS as PBX Replacement: Part 2

  In my last blog, I wrote about a customer just wanting basic PBX features from “25 years ago” and whether it was possible to buy a business phone system today that would be able to effectively replace one of these older systems.

  The answer is “of course you can get a phone system” that handles the PBX feature requirements from 25 years ago. And it will do exactly what you want it to do, and are used to doing, in terms of calling and call routing and audio conferencing and voice mail, etc. And it can still be on-premises if you wish, but it can also run in the cloud. And you can use a handset just like your current system has. If this is what you want, we have it.

  But it will also come with other features, or the ability to add these features, because that is what many customers want today:

  • Chat
  • Presence
  • Video calling
  • Mobility (Calling to and from your smartphone and laptop)
  • Integrations to CRM systems
  • Ability to customize via adding applications (such as notification apps)

  So don’t be confused and don’t be afraid to upgrade because of the marketing buzzwords used today. You’ll have all your old features, but you’ll be able to use these new features as well. For instance, the mobility feature allows your business phone number to follow you around on your laptop and Smartphone – it will make you “look bigger” to your customers since you’ll be reachable more easily.

  Upgrade so you don’t put your business at risk because of a potentially failing old system. Come talk to us and we’ll be happy to help. PBXs are there today, just in different clothing.

  The post UCaaS as PBX Replacement: Part 2 appeared first on Sangoma Technologies.

• ng-voice ng-voice is now present in Budapest, Hungary

  We at ng-voice are excited to announce the opening of our new hub in the beautiful city of Budapest, Hungary. We are at an exciting point in the development of ng-voice: we have grown our team, expanded our client base, and started to further increase our global reach with the opening of our office in Budapest. 

   

  Our newly opened hub will initially host a dedicated support team and will be led by Emanuel Nemeti. The support team is responsible for responding quickly to any possible incident and guaranteeing a great customer experience with our fully containerized cloud-native IMS and its components. 

  

  Dedicated support team in Budapest, Hungary

  Emanuel, who joined us as support lead in Budapest, has 18 years of experience in management in EMEA, APAC, and US regions, offering quality service and support to companies all over the globe. He said “It’s is a great challenge to set up a new hub and team for ng-voice in Budapest. I’m excited to be working with talented engineers to provide fast and reliable responses to any impacting incident and deliver the best possible experience for our clients, monitoring all deployed solutions and proactively investigating alerts observed within the solution”. 

   

  We are thrilled with this achievement and we look at this new location as a significant milestone in our history. To learn more about our history and team, you can visit our about us page. 

  

  

  Khaled Amirian

  Employer Branding & Internal Marketing Specialist

  Publisher Bio

  During his academic and professional career, his curiosity to learn different business functions such as HR and marketing allowed him to gain valuable insights. Khaled aims to provide unique perspectives on topics in digital marketing and HRM. His interests in the digital world helped him become a key community member among Esports player.

November 03, 2022

• Digium Business Voice+ Named Cloud Computing Product of the Year by Cloud Computing Magazine

  We proudly announce that Business Voice+ was named the Cloud Computing Product of the Year Award, presented by Cloud Computing Magazine.

  Business Voice+ is Sangoma’s pure cloud deployment platform. Designed for businesses who want peerless call quality, communications flexibility, and exceptional system support, Business Voice is the perfect, zero-hardware option. With Business Voice, your business can leverage the power of a complete, end-to-end system from an intuitive, browser-based interface.

  The Cloud Computing Product of the Year Award honors vendors with the most innovative, practical, and beneficial cloud products and services deployed within the past year.

  Learn more about Business Voice+!

  The post Business Voice+ Named Cloud Computing Product of the Year by Cloud Computing Magazine appeared first on Sangoma Technologies.

October 31, 2022

• Digium UCaaS and the Education Industry: Equip Your School with Cutting-Edge Communications

  With Sangoma’s Education Solutions, School is Never Out for the Summer

  Education requires total commitment, and for good reason. After all, it involves nothing less than preparing young people for lifelong personal and professional success. Considering the stakes, school systems should prioritize high-quality and worry-free communications, but all too often they face challenges implementing and supporting the latest in telephony. Let’s explore why.

  Barriers to High-Quality School Communication

  School administrators are often confronted with funding shortfalls and end up scrapping IT investments. If that isn’t bad enough, many schools don’t have a permanent IT professional on staff, which means critical communications infrastructure goes unmaintained and improvements fall to the wayside.

  On top of this, user-friendliness inhibits the successful implementation of next-generation communications systems. Educators need systems they can easily pick up and run with, especially given the fact that “13.8 percent of U.S. teachers are either leaving their school or the profession altogether.” With this in mind, it’s clear that successful systems can’t require a steep learning curve. Educators need a solution that lets them focus on what matters most: teaching! 

  Thankfully, there is a solution that overcomes these not-so-insignificant barriers: Unified Communications as a Service (UCaaS). 

  What is UCaaS?

  Educators require an easy way to interact with parents, administrators, students, and coworkers. Many schools have answered that call by discarding existing telephony for cutting-edge voice over internet protocol (VoIP) solutions that pair high-quality voice with unified communication (UC) tools to create UCaaS systems. Uniting technologies like voice, video conferencing, instant messaging, email, SMS, and fax into a single platform, UCaaS is an affordable and customizable system that adapts to the needs of any school network. It can also have hugely positive implications for an organization’s overall effectiveness and culture, with recent survey data showing UCaaS translating to better productivity for 72% of respondents, higher collaboration for 91%, and faster problem solving for 88%.

  Ditch “Old-School” Methods

  “Parent notes” are a critical tool for keeping parents informed, but how often are they left in backpacks, found on the floor of the bus, or worse – eaten by the dog? With UCaaS in an educator’s corner, teachers can ditch these types of archaic communication methods in favor of crystal-clear voice or high-resolution video. Whether it be a one-on-one call with a co-worker or student, or a group video conference with parents, the flexibility maximizes the effectiveness of a school’s messaging by supporting whichever channel works best for the stakeholders involved. And this is just one example; the possibilities are practically endless when technology is on your side. 

  User-Friendly, Affordable Communications are as

  Easy as 1, 2, 3

  As a seasoned IT vendor successfully equipping schools with the best communication solutions for years, Sangoma has discovered an ideal way forward. By striking a much-needed balance through “must have” features while also remaining affordable, we ensure that schools will never be “out for the summer” or any other season when they work with us. 

  “It looks like we are saving about $400 a month so far,” said Sadie O’Brien, IT director for the Shiocton School District, after deciding to transition to [Sangoma] Switchvox.

  By eliminating up-front costs, Sangoma UC expertly walks the fine line between offering advanced communication features without straining an institution’s IT funding. Additional savings are gained from low annual fees, and the solution operates through an all-inclusive pricing model. This fixed, consistent, subscription-style billing structure fits comfortably within school system budgets. 

  What’s in it for You?

  Sangoma UC doesn’t just solve problems created by sparse technology budgets, it also addresses the administrative challenges faced by these institutions. The system can be administered via a single computer connected to the network – with no coding required. Everything is geared toward lowering the learning curve and easing the burden for education professionals right from the get-go. Let’s take a closer look at how it can impact some of the primary stakeholders within a given school district: 

  IT Professionals: IT support staff gain major advantages with Sangoma UC in that it requires no special software, hardware, or license keys – meaning there’s nothing to download or install. The entire system can be managed through a single pane of glass with customizable views and widgets. With a subscription-based model, dealing with lengthy updates or cumbersome maintenance becomes a thing of the past, instead transitioning to the vendor’s responsibility. 

  Teachers: The typical teacher is overworked and overwhelmed, meaning that any technology they use must always help, never hinder. Sangoma UC is simple and intuitive enough that teachers can simply pick it up and immediately start taking advantage of its mobility features, dedicated conference rooms, and more. 

  Administrators: Administrators within school districts have a lot on their plates – from tracking absences, to managing calls from parents and staff, to sending out alerts and emergency messages. Sangoma streamlines these workflows considerably with a full suite of easy-to-learn features, such as IVR, auto attendant, receptionist console, mobile and desktop apps, and RAY BAUM compliance.

  Move Education into the Future with Sangoma

  As a 100% web-based system, Sangoma UC centralizes communications and ensures access to all messages, applications, and tools, regardless of where users are or what device they’re using. 

  Having equipped more than 1,000 schools, we’re well aware of the communication challenges faced by school districts. This includes chronic problems with funding, adequate IT support, and the pressing need for high-quality anytime/anywhere connections between students, teachers, and parents. However, through our UCaaS system, schools can equip themselves with cutting-edge communications that provide comprehensive benefits for less time and effort. 

  Want to learn more about Sangoma and how it can transform your district? Download our free eBook today!

  The post UCaaS and the Education Industry: Equip Your School with Cutting-Edge Communications appeared first on Sangoma Technologies.

• Enable Security Celebrations, presentations and new VoIP security tools
  Welcome to a jam-packed edition of RTCSec newsletter for October. What have we this month? In this edition, we cover: This very newsletter is one year old! We’re looking for freelance pentesters to join us This time, 12 years ago in VoIP security incidents (Sality botnet scanning) Upcoming and past presentations of interest at TADSummit, CTI-Summit, Blackhat & ClueCon WebRTC security news: the “most secure VoIP” award and censorship busting New VoIP security tools and workshop by Jose Luis Verdeguer (Pepelux) And various security advisories, and other reports of concern RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

October 26, 2022

• Enable Security RTCSec newsletter is one year old!
  Roughly a year ago, we sent out the first RTCSec newsletter and have been doing so every month. Each time, we have covered more and more of our favourite topics, VoIP and WebRTC security. And now, it has become our primary way of keep up to date with what is happening, and our most regular publication too. If you are not yet subscribed, do so at https://rtcsec.com/subscribe. The next one is out in a few days!

October 25, 2022

• Digium UCaaS as PBX Replacement: Part 1

  Yes, there are still business systems called “PBX’s” out there. These are on-premises business phone systems that basically just did calling in and out of a building, offered voice mail, could perform an audio conference call, could forward a call, and had a some ‘advanced” calling features like ring groups, or sending group messages (i.e. recording a message, and then sending it to a group of people – like an email but you recorded the email), or call screening. The phone system that ran the business if you will.

  And they ruled the roost at one time. You learned many of the intricacies of these systems to be the most effective communicator out there, augmenting your email with these phone systems features.

  These systems are out there still. Not all have been upgraded yet. But they are old, and many of these systems are even out of maintenanace. Still chugging along…until they are not….
  As VoIP marched on and the internet networks became faster, other communication modes such as chat and video entered the fray, and the need to have the systems on-premises dissipated. Today’s UCaaS systems were born.

  And with it it came newfangled terminology. No more analog and digital. Seats, bandwidth, Unified Communications, trunking, hosted, cloud, multi-tenant, single-tenant, collaboration, single sign-on, UCaaS, mobility, and CPaaS are now typical words used.

  But this doesn’t mean the requirements of the PBXs of 25 years ago are different. The need to have a phone system that “runs the business” is still there. And I’ve had some prospects / customers kind of wondering what is going on – “can’t we just get a phone system?”. And these prospects have not upgraded since it’s kind of confusing to them. They want to, because they know the “chugging along” at some point will simply stop, but they don’t want to make a mistake, or buy something they won’t be able to work well.

  The answer is “of course you can get a phone system”. I’ll talk about this more in my next blog.

  The post UCaaS as PBX Replacement: Part 1 appeared first on Sangoma Technologies.

• WebRTC Hacks How Cloudflare Glares at WebRTC with WHIP and WHEP
  

  WebRTC blackbox reverse engineering experts Gustavo and Fippo take a look at Cloudflare's new WebRTC implementation, how Cloudflare uses the new WebRTC-based streaming standards WHIP and WHEP, and the bold pronouncement that they can be a replacement to open source solutions.

  The post How Cloudflare Glares at WebRTC with WHIP and WHEP appeared first on webrtcHacks.

• ng-voice Understanding 3GPP

  When it comes to developing new telecom technologies, there are hundreds of different factors to consider. Yet one crucial aspect of this process that cannot be overlooked is ensuring compliance with industry standards.

  About 3GPP

  The 3rd Generation Partnership Project (3GPP) is a collection of organizations that develop and recommend standards for the telecommunications industry. 

   

  The collective was initially formed in December 1998 when the European Telecommunications Standards Institute (ETSI) partnered with other standard development organizations to evolve the new technologies for the third generation (3G) of cellular networks. Since its formation, 3GPP has developed the most widely used 3G standard, as well as global fourth-generation (4G) and fifth-generation (5G) standards. 

   

  Technology engineers are advised to follow these principles when developing their products. The global technical specifications ensure compatibility between components because those standards are governing how those different systems and devices are built around the globe.

   

  The adoption of SIP by the 3rd Generation Partnership Project (3GPP) as a call control protocol was a major milestone for the standardization world as the IMS architecture became the first SIP-based standard commercial system, setting the guideline for following developments. Driven by the demand for multimedia communication services, the industry had to search for an efficient way to deploy those services in the existing and new networks. Wireless telecommunication operators and vendors had to adapt quickly, enabling a rapid introduction of IP and SIP services into their network through the IMS. The standardization effort has been driven by the 3GPP in close work with the Internet Engineering Task Force (IETF) to ensure the harmonization of standards.

   

  SIP standards set the baseline for the creation of CSCF and other functional elements in the IMS network, ensuring the interoperability of various network elements (UE, CSCF, etc), defining basic communication rules between the elements, and setting the guidelines for interconnecting with other network architectures. The standard body comprises the standards for data plane, user plane as well as session control in the SIP network.

  Why is it important for vendors to be standards-compliant

  There are a number of reasons why observing 3GPP principles is beneficial to vendors and operators alike, these include:
  

  Interoperability: 

   

  Operators will often look to integrate different technologies from multiple sources and vendors. Adhering to 3GPP’s standards allows vendors to incorporate best-in-class methodologies, processes, and engineering specifications, ensuring that the technologies required by operators all ‘speak the same language’ and can effectively integrate with one another. 

   

  Importantly, while 3GPP encourages companies to adhere to a specific standard, it does not stifle innovation or differentiation in the market as no limit is placed on how vendors develop and incorporate software together. 

  
  

  Scalability: 

   

  Talking of scalability, by meeting the standards set out by 3GPP, vendors, and operators can avoid a ‘rip and replace’ approach to existing infrastructure, making the deployment process faster and more cost-effective for all involved. Developing technologies in such a way that they’ll easily fit in with existing systems and can be easily adapted depending on growing subscriber bases, also allows for greater scalability as operator networks change and evolve. 

  
  

  Global reach: 

   

  The ability of customers and businesses to use their devices in multiple countries can also be attributed to the principles developed by 3GPP. Through these standards, network equipment can be manufactured and operated around the world, with no restrictions on usage – a huge development for the industry and a crucial factor for operators seeking scalability beyond their home borders.

  Going one step further

  The above factors are crucial to operators. However, the benefits of standardization go a step further and encourage greater collaboration across the industry. Technology developers are all working towards the common goal of furthering innovation in telecommunications, and by following the same standards and developing interoperable solutions, this can be done collectively, for the future of the industry. 

   

  ng-voice’s cloud-native IMS VoLTE / VoNR solution is standard-compliant, ensuring that it follows the principles laid out by 3GPP and can be integrated alongside other vendor technologies. 

  To find out more about our cloud-native voice solution, contact our team at: sales@ng-voice.com or learn more here. 

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Andrii Pogrebennyk

  Software engineer and team lead

  Publisher Bio

  After years of experience in VoIP in Ukraine and Austria, Andrii joined ng-voice as a Software Engineer and is using his vast knowledge of telco-specific protocols and Kamailio programming to further develop our fully cloud-native and standard-based IMS core.

October 20, 2022

• ng-voice A5G Networks and ng-voice partner to deliver cloud-native 4G and 5G solutions to enterprises

  The strategic partnership makes it easier to deploy and manage end-to-end public and private network solutions

  October 20th, 2022 | Berlin, Germany

   

  ng-voice, leading provider of a fully containerized and cloud-native IMS solution for the telecom market, and A5G Networks, a leader in distributed and autonomous 4G, 5G, and WiFi converged packet Core Software for private and public networks, today announced a strategic partnership that will make LTE and 5G networks more accessible and easier to deploy for enterprise customers. ng-voice’s fully containerized cloud-native IMS combined with A5G’s cloud-native autonomous packet core will simplify the development of new features, deployment, and management of a complete network reducing time-to-market and resource requirements.

   

  The market for private networks is currently growing rapidly. In many countries, spectrum is now being awarded not only to MNOs and MVNOs but also to enterprises to deploy private networks, especially to support IoT use cases. Cloud-nativity, in these cases, is key to unlocking the full benefits of connectivity, making networks more flexible, agile, and cost-efficient. The partnership aims to target this market globally with end-to-end cloud-native network solutions.

   

  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR. ng-voice’s solution is cloud-and-infrastructure-agnostic, with highly automated deployment and operation processes, flexibility and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint.

   

  The vision of A5G Networks is to enable and accelerate the upcoming transition to distributed and autonomous mobile network of networks for hybrid and multi-cloud deployments. Its unique IP helps realize significant savings in capital and operating expenditures, reduces energy requirements, improves quality of user experience, and accelerates adoption of new business models. A5G Networks will enable deployment of enterprise private networks, connected car networks, new public mobile networks and play a pivotal role in upcoming smart city projects.

   

  According to Kaitki Agarwal, Founder, President, and CTO of A5G Networks, Inc “5G is a powerful innovation platform, which combined with cloud-nativity has the power to transform the way mobile networks are deployed and operated. This strategic partnership with ng-voice takes us one step further in providing a truly cloud-native network solution and helping enterprise customers unleash their networks’ full potential. We are thrilled to partner with a like-minded company such as ng-voice.”

   

  David Bachmann, CEO of ng-voice, “being fully containerized and cloud-native, our IMS integrates perfectly with A5G’s portfolio, allowing enterprises to deploy VoLTE and VoNR with a high level of automation and resource-efficiency, resulting in more flexibility, agility, and cost-savings. We are very excited about this partnership and hope to keep pushing to deliver the most innovative cloud-native network solutions to the market”. 

  About ng-voice

  ng-voice GmbH is committed to building the next generation of 100% software-based mobile networks, combining DevOps with telecommunications expertise. ng-voice’s fully containerized and cloud-native IMS core is scalable, flexible, and easy to deploy and manage, offering communication service providers and enterprises of any size innovative voice services on LTE/5G networks.

   

  Follow ng-voice:

  LinkedIn: www.linkedin.com/company/ngvoice

  Twitter: twitter.com/ngvoice

  Web: www.ng-voice.com

  Email: info@ng-voice.com

   

  Press contact for ng-voice

  Barbara Silva – barbara@ng-voice.com

  About A5G Networks

  A5G Networks Inc. is a leader and innovator in enabling autonomous networks of Networks and brings deployment flexibility, energy savings and cost reductions for enterprises and service providers. The company is headquartered in Nashua, NH, USA with offices in Pune MH, India. To learn more about A5G Networks, visit www.a5gnet.com

   

  Follow A5G Networks, Inc.

  Linkedin: linkedin.com/company/a5gnet 

  Twitter: twitter.com/A5gNetworks

  Email: info@a5gnet.com

   

  Press contact for A5G Networks

  PR@a5gnet.com

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

October 11, 2022

• Digium Let’s Revisit Hot Desking

  Back in June, I wrote a blog about hot desking. And I wrote at the time “But is hot desking of a physical phone an obsolete concept with Unified Communications? Does it even need to be in RFPs anymore? Because with UC, you can make and take phone calls with your work extension from your computer, or from your smartphone, via a UC client. I can do that no matter where I sit in the office.”

  Now, 4 months later, I got an email from a reader asking if I wanted to take that back because with the return to the office, many companies are going to hybrid models. Hybrid, to many, in addition to working both in the office and at home, means there are fewer offices. Because companies have downsized the physical space to save money.

  And now when you show up to the actual office, instead of going to a specific office or cubicle, you might just have to go find a place to sit. And so the phone at the “place to sit” is not hard wired with your extension. What I wrote is still valid and maybe even more-so if this is what hybrid means.

  What I will acknowledge, though, is that maybe there are some specific jobs where the company wants you on a deskphone, instead of on your smartphone, or the UC app. Security issues, for instance might come into play. So yes, I can see this being a part of RFPs with a hybrid environment if the use demands a physical phone while at the office.

  But if the UC client is used when working from home, what’s the difference if you are at home or in the office? Mobility is mobility. That’s all I’ll say.

  The post Let’s Revisit Hot Desking appeared first on Sangoma Technologies.

• WebRTC Hacks Post-Peak WebRTC Developer Trends: An Open Source Analysis
  

  WebRTC had its peaks during the pandemic, but how is it doing now? Did all those new projects die, putting the community back at pre-pandemic “normal” levels or is WebRTC still going strong? I built and analyzed a dataset from over a million GitHub’s events since 2019 to help answer are there many new WebRTC-related repos, how many new users is WebRTC attracting, is the community coding as much as it used to, how are new API's like Insertable Streams and WebCodecs doing?

  The post Post-Peak WebRTC Developer Trends: An Open Source Analysis appeared first on webrtcHacks.

October 06, 2022

• ng-voice Sustainability in the telecommunications industry – challenges and opportunities

  Nowadays, it’s difficult to ignore the words sustainability, climate action, or carbon neutrality—and quite rightly so. 

   

  According to data from this 2021 BCG report, as an industry, telecoms generate 1.6% of all carbon emissions (almost 90% of which comes from Scope 3 emissions). Indeed, the overall ICT sector which comprises telecoms is responsible for 3-4% of all global emissions, and shockingly, equating to twice the levels of the aviation industry. If left unmanaged, the telecoms industry could be responsible for up to 14% of global CO2 emissions by 2040. This will only grow as data demands increase and consumers own more devices. This is forcing severe conversation about sustainability and net zero ambitions amongst service providers and vendors. 

   

  In an attempt to remedy the impact telecoms has on our planet, the industry — led by the GSMA — has set ambitions to transform itself to reach Net Zero carbon emissions by 2050. The GSMA is also encouraging the industry to think about how operators can support the United Nations’ Sustainable Development Goals (SDGs), by embedding these into their overall corporate social responsibility (CSR) strategy and prioritizing relevant goals that will see them have the greatest impact. In fact, some major operators are now leading the change by adopting SDGs as a key part of building a greener future and helping society thrive.

   

  So as mobile data continues to grow, legacy networks are being shut down and more 5G networks are deployed, how can the industry curb its impact on carbon emission and on our planet? One option is to look at more resource-efficient software solutions, such as cloud-native software. 

  How does sustainability relate to cloud-native solutions?

  A report by Accenture suggests that migrating to the cloud would lower the IT Industry’s Carbon Emissions to an equivalent of taking 22 million cars off the road, apart from resulting in 30-40% total cost of ownership (TCO) savings.

   

  As the first fully containerized and cloud-native IMS in the market, our solution’s resource footprint is dramatically lower than that of traditional legacy solutions — which not only presents a huge OPEX saving for our customers but also proves to be a more sustainable and energy-efficient option. 

   

  To learn more about our cloud-native IMS solution and how it could contribute to reducing your network’s overall resource footprint, contact our team at: sales@ng-voice.com or click here to find out more.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

October 04, 2022

• Digium Sangoma Announces Several Executive Appointments Including Chief Financial Officer Transition

  MARKHAM, Ontario, Oct. 03, 2022 (GLOBE NEWSWIRE) — Sangoma Technologies Corporation (TSX: STC; Nasdaq: SANG) (“Sangoma” or the “Company”), a trusted leader in delivering cloud-based Communications as a Service solutions for companies of all sizes, today announced several executive appointments to help position the company for ongoing growth.

  Mr. Larry Stock, the Company’s former Chief Corporate Officer, has been appointed Chief Financial Officer effective October 3, 2022. He succeeds Mr. David Moore, who is transitioning into the role of EVP, Corporate Development, to lead Sangoma’s merger and acquisition efforts. And Mr. Jamie Minner has been named Sangoma’s new Chief Revenue Officer.

  “I would like to congratulate Larry, David and Jamie on their new executive appointments,” said Bill Wignall, Sangoma’s President and Chief Executive Officer. “With David’s contributions to our growth over several years, his deep knowledge of Sangoma, and his M&A experience, we are counting on him to lead our acquisition efforts. Larry’s appointment as CFO is one of the many steps we are taking to deepen our executive team, in order to prepare for our continued growth as a dual-listed public company. And I am very confident that Jamie will really drive that growth, in his new role as Sangoma’s CRO.”

  Larry Stock was the CFO of Star2Star when it was acquired by Sangoma in March 2021 and prior to that, had a 22-year career at Jabil (NYSE: JBL), a company with over $20 billion in revenue, where he held a number of executive finance and leadership roles including Chief Audit Executive, Divisional Chief Financial Officer, VP of Risk & Assurance, and Chief Risk Officer. David Moore has been with Sangoma for over a decade in his capacity as Sangoma’s CFO, contributing to the company’s exceptional progress. And Jamie Minner joined the Sangoma family through the NetFortris acquisition, prior to which he held executive sales and leadership roles in the cloud communications industry for over 20 years with such companies as TPx Communications, Momentum Telecom, Comcast, and Cbeyond.

  About Sangoma Technologies Corporation
  Sangoma Technologies is a trusted leader in delivering value-based Communications as a Service (CaaS) and Managed Service Provider (“MSP”) solutions for businesses of all sizes. Sangoma’s cloud-based communication services include Unified Communication (UCaaS) business communications, Contact Center as a Service (CCaaS), Video Meetings as a Service (MaaS), Collaboration as a Service (Collab aaS), Communications Platform as a Service (CPaaS), Trunking as a Service (TaaS), Fax as a Service (FaaS), Device as a Service (DaaS), and Access Control as a Service (ACaaS). In addition, Sangoma offers a full line of communications Products, including premise-based UC systems, a full line of desk phones and headsets, and a complete connectivity suite (gateways/SBCs/telephony cards). Sangoma’s products and services are used in leading UC, PBX, IVR, contact center, carrier networks, office productivity, and data communication applications worldwide. Sangoma is also the primary developer and sponsor of Asterisk and FreePBX, the world’s two most widely used open-source communication software projects.

  Sangoma Technologies Corporation is publicly traded on the Toronto Stock Exchange (TSX: STC) and Nasdaq (Nasdaq: SANG). Additional information on Sangoma can be found at: www.sangoma.com.

  CONTACT: Sangoma Technologies Corporation
  Samantha Reburn
  General Counsel
  (905) 474-1990 ext. 4134
  sreburn@sangoma.com

  The post Sangoma Announces Several Executive Appointments Including Chief Financial Officer Transition appeared first on Sangoma Technologies.

September 30, 2022

• François Marier Upgrading from chan_sip to res_pjsip in Asterisk 18

  After upgrading to Ubuntu Jammy and Asterisk 18.10, I saw the following messages in my logs:

  WARNING[360166]: loader.c:2487 in load_modules: Module 'chan_sip' has been loaded but was deprecated in Asterisk version 17 and will be removed in Asterisk version 21.
  WARNING[360174]: chan_sip.c:35468 in deprecation_notice: chan_sip has no official maintainer and is deprecated.  Migration to
  WARNING[360174]: chan_sip.c:35469 in deprecation_notice: chan_pjsip is recommended.  See guides at the Asterisk Wiki:
  WARNING[360174]: chan_sip.c:35470 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Migrating+from+chan_sip+to+res_pjsip
  WARNING[360174]: chan_sip.c:35471 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Configuring+res_pjsip
  

  and so I decided it was time to stop postponing the overdue migration of my working setup from chan_sip to res_pjsip.

  It turns out that it was not as painful as I expected, though the conversion script bundled with Asterisk didn't work for me out of the box.

  Debugging

  Before you start, one very important thing to note is that the SIP debug information you used to see when running this in the asterisk console (asterisk -r):

  sip set debug on
  

  now lives behind this command:

  pjsip set logger on
  

  SIP phones

  The first thing I migrated was the config for my two SIP phones (Snom 300 and Snom D715).

  The original config for them in sip.conf was:

  [2000]
  ; Snom 300
  type=friend
  qualify=yes
  secret=password123
  encryption=no
  context=full
  host=dynamic
  nat=no
  directmedia=no
  mailbox=10@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  
  [2001]
  ; Snom D715
  type=friend
  qualify=yes
  secret=password456
  encryption=no
  context=full
  host=dynamic
  nat=no
  directmedia=yes
  mailbox=10@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  

  and that became the following in pjsip.conf:

  [transport-udp]
  type = transport
  protocol = udp
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  
  [2000]
  type = aor
  max_contacts = 1
  
  [2000]
  type = auth
  username = 2000
  password = password123
  
  [2000]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  direct_media = no
  mailboxes = 10@internal
  auth = 2000
  outbound_auth = 2000
  aors = 2000
  
  [2001]
  type = aor
  max_contacts = 1
  
  [2001]
  type = auth
  username = 2001
  password = password456
  
  [2001]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  direct_media = yes
  mailboxes = 10@internal
  auth = 2001
  outbound_auth = 2001
  aors = 2001
  

  The different direct_media line between the two phones has to do with how they each connect to my Asterisk server and whether or not they have access to the Internet.

  Internal calls

  For some reason, my internal calls (from one SIP phone to the other) didn't work when using "aliases". I fixed it by changing this blurb in extensions.conf from:

  [speeddial]
  exten => 1000,1,Dial(SIP/2000,20)
  exten => 1001,1,Dial(SIP/2001,20)
  

  to:

  [speeddial]
  exten => 1000,1,Dial(${PJSIP_DIAL_CONTACTS(2000)},20)
  exten => 1001,1,Dial(${PJSIP_DIAL_CONTACTS(2001)},20)
  

  I have not yet dug into what this changes or why it's necessary and so feel free to leave a comment if you know more here.

  PSTN trunk

  Once I had the internal phones working, I moved to making and receiving phone calls over the PSTN, for which I use VoIP.ms with encryption.

  I had to change the following in my sip.conf:

  [general]
  register => tls://555123_myasterisk:password789@vancouver2.voip.ms
  externhost=myasterisk.dyn.example.com
  localnet=192.168.0.0/255.255.0.0
  tcpenable=yes
  tlsenable=yes
  tlscertfile=/etc/asterisk/asterisk.cert
  tlsprivatekey=/etc/asterisk/asterisk.key
  tlscapath=/etc/ssl/certs/
  
  [voipms]
  type=peer
  host=vancouver2.voip.ms
  secret=password789
  defaultuser=555123_myasterisk
  context=from-voipms
  disallow=all
  allow=ulaw
  allow=g729
  insecure=port,invite
  canreinvite=no
  trustrpid=yes
  sendrpid=yes
  transport=tls
  encryption=yes
  

  to the following in pjsip.conf:

  [transport-tls]
  type = transport
  protocol = tls
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  cert_file = /etc/asterisk/asterisk.cert
  priv_key_file = /etc/asterisk/asterisk.key
  ca_list_path = /etc/ssl/certs/
  method = tlsv1_2
  
  [voipms]
  type = registration
  transport = transport-tls
  outbound_auth = voipms
  client_uri = sip:555123_myasterisk@vancouver2.voip.ms
  server_uri = sip:vancouver2.voip.ms
  
  [voipms]
  type = auth
  password = password789
  username = 555123_myasterisk
  
  [voipms]
  type = aor
  contact = sip:555123_myasterisk@vancouver2.voip.ms
  
  [voipms]
  type = identify
  endpoint = voipms
  match = vancouver2.voip.ms
  
  [voipms]
  type = endpoint
  context = from-voipms
  disallow = all
  allow = ulaw
  allow = g729
  from_user = 555123_myasterisk
  trust_id_inbound = yes
  media_encryption = sdes
  auth = voipms
  outbound_auth = voipms
  aors = voipms
  rtp_symmetric = yes
  rewrite_contact = yes
  send_rpid = yes
  timers = no
  

  The TLS method line is needed since the default in Debian OpenSSL is too strict. The timers line is to prevent outbound calls from getting dropped after 15 minutes.

  Finally, I changed the Dial() lines in these extensions.conf blurbs from:

  [from-voipms]
  exten => 5551231000,1,Goto(2000,1)
  exten => 2000,1,Dial(SIP/2000&SIP/2001,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  
  [pstn-voipms]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _1NXXNXXXXXX,n,Dial(SIP/voipms/${EXTEN})
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _NXXNXXXXXX,n,Dial(SIP/voipms/1${EXTEN})
  exten => _NXXNXXXXXX,n,Hangup()
  exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _011X.,n,Authenticate(1234)
  exten => _011X.,n,Dial(SIP/voipms/${EXTEN})
  exten => _011X.,n,Hangup()
  exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _00X.,n,Authenticate(1234)
  exten => _00X.,n,Dial(SIP/voipms/${EXTEN})
  exten => _00X.,n,Hangup()
  

  to:

  [from-voipms]
  exten => 5551231000,1,Goto(2000,1)
  exten => 2000,1,Dial(PJSIP/2000&PJSIP/2001,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  
  [pstn-voipms]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@voipms)
  exten => _NXXNXXXXXX,n,Hangup()
  exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _011X.,n,Authenticate(1234)
  exten => _011X.,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _011X.,n,Hangup()
  exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _00X.,n,Authenticate(1234)
  exten => _00X.,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _00X.,n,Hangup()
  

  Note that it's not just replacing SIP/ with PJSIP/, but it was also necessary to use a format supported by pjsip for the channel since SIP/trunkname/extension isn't supported by pjsip.

• Enable Security DDoS workshop at TADSummit, toll fraud via MS Teams Direct Routing and WebRTC news
  This month brings us yet another crammed newsletter all about real-time communications security. So without further ado, welcome to the RTCSec newsletter for September 2022! In this edition, we cover: An upcoming open position at Enable Security and what we’re brewing for 2023 Our talk at TADSummit 2022 and the DDoS workshop Commentary about OpenSIPS Summit and Kamailio World Details about how MS Teams Direct Routing may lead to toll fraud Abuse of the exec modules in Kamailio and OpenSIPS WebRTC related news, about CVE-2022-2294, coturn, Scanbox malware and Cloudflare And much much more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.
• François Marier Setting up a JMP SIP account on Asterisk

  JMP offers VoIP calling via XMPP, but it's also possibly to use the VoIP using SIP.

  The underlying VoIP calling functionality in JMP is provided by Bandwidth, but their old Asterisk instructions didn't quite work for me. Here's how I set it up in my Asterisk server.

  Get your SIP credentials

  After signing up for JMP and setting it up in your favourite XMPP client, send the following message to the cheogram.com gateway contact:

  reset sip account
  

  In response, you will receive a message containing:

  • a numerical username
  • a password (e.g. three lowercase words separated by spaces)

  Add SIP account to your Asterisk config

  First of all, I added the following to my /etc/asterisk/pjsip.conf:

  [transport-udp]
  type = transport
  protocol = udp
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  
  [jmp]
  type = registration
  contact_user = 5554561000
  transport = transport-udp
  outbound_auth = jmp
  client_uri = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
  server_uri = sip:jmp.cbcbc7.auth.bandwidth.com:5008
  
  [jmp]
  type = auth
  password = three secret words
  username = 5554561000
  
  [jmp]
  type = aor
  contact = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
  
  [jmp]
  type = identify
  endpoint = jmp
  match = jmp.cbcbc7.auth.bandwidth.com
  
  [jmp]
  type = endpoint
  context = from-jmp
  dtmf_mode = rfc4733
  disallow = all
  allow = ulaw
  allow = g729
  auth = jmp
  outbound_auth = jmp
  aors = jmp
  rtp_symmetric = yes
  rewrite_contact = yes
  send_rpid = yes
  timers = no
  

  and for reference, here's the blurb for my Snom 300 SIP phone:

  [2000]
  type = aor
  max_contacts = 1
  
  [2000]
  type = auth
  username = 2000
  password = password123
  
  [2000]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  mailboxes = 10@internal
  auth = 2000
  outbound_auth = 2000
  aors = 2000
  

  I checked that the registration was successful by running asterisk -r and then typing:

  pjsip set logger on
  

  before reloading the configuration using:

  reload
  

  Create Asterisk extensions to send and receive calls

  Once I got registration to work, I hooked this up with my other extensions so that I could send and receive calls using my JMP number.

  In /etc/asterisk/extensions.conf, I added the following:

  [from-jmp]
  include => home
  exten => s,1,Goto(2000,1)
  

  where home is the context which includes my local SIP devices and 2000 is the extension I want to ring.

  Then I added the following to enable calls to any destination within the North American Numbering Plan:

  [pstn-jmp]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
  exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@jmp)
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
  exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@jmp)
  exten => _NXXNXXXXXX,n,Hangup()
  

  Here username is my bwsip numerical username. When calls are placed, this gets automatically swapped in by my real JMP phone number, but Bandwidth appears to require its users to use their username in there caller ID string.

  For reference, here's the rest of my dialplan in /etc/asterisk/extensions.conf:

  [general]
  static=yes
  writeprotect=no
  clearglobalvars=no
  
  [public]
  exten => _X.,1,Hangup(3)
  
  [sipdefault]
  exten => _X.,1,Hangup(3)
  
  [default]
  exten => _X.,1,Hangup(3)
  
  [internal]
  include => home
  
  [full]
  include => internal
  include => pstn-jmp
  exten => 707,1,VoiceMailMain(10@internal)
  
  [home]
  exten => 2000,1,Dial(PJSIP/2000,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  

  Firewall

  Finally, I opened a few ports in my firewall by putting the following in /etc/network/iptables.up.rules:

  # SIP and RTP on UDP (jmp.cbcbc7.auth.bandwidth.com)
  -A INPUT -s 67.231.2.13/32 -p udp --dport 5008 -j ACCEPT
  -A INPUT -s 216.82.238.135/32 -p udp --dport 5008 -j ACCEPT
  -A INPUT -s 67.231.2.13/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
  -A INPUT -s 216.82.238.135/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
  

September 27, 2022

• Digium Sangoma Announces Shipment of Its One Millionth Desk Phone

  

  Wow, we just shipped our one millionth phone! Over 10 years ago, Sangoma (and Digium) decided that having a seamless end-to-end Unified Communication system was important. And at that time, end to end system meant just the phone and the UC systems. So, we decided to release our own phones.

  These days, a UC system includes Sangoma’s UCaaS service (or on-premises version), the desk phone, mobile and desktop client software, Sangoma’s collaboration-as-a-service client (TeamHub), and Sangoma’s video meetings service (Sangoma Meet).

  The UC industry has come quite a long way in 10 years, but the phone is still part of the system, especially for brick-and-mortar businesses. And we are proud to serve all of these customers.

  As I said in the press release about this news, “Many of our customers use both desk phones as well as our mobile and desktop clients to communicate. And since we manufacture our own desk phones and develop our own cloud communications software, we are able to provide deep integration between our phones and our cloud communications services, in a way that other phone manufacturers or UCaaS companies simply cannot do. This kind of integration has contributed to the successful growth of this important product line at Sangoma, differentiating us from our competitors and leading to this one-million-unit milestone.“

  So, thank you to all the users of these phones, the distributors who fulfilled these phones, and the resellers who put our solutions into the end-user businesses. Let’s count the next million.

  The post Sangoma Announces Shipment of Its One Millionth Desk Phone appeared first on Sangoma Technologies.

September 25, 2022

• François Marier Using a Let's Encrypt TLS certificate with Asterisk 16.2

  In order to fix the following error after setting up SIP TLS in Asterisk 16.2:

  asterisk[8691]: ERROR[8691]: tcptls.c:966 in __ssl_setup: TLS/SSL error loading cert file. <asterisk.pem>
  

  I created a Let's Encrypt certificate using certbot:

  apt install certbot
  certbot certonly --standalone -d hostname.example.com
  

  To enable the asterisk user to load the certificate successfuly (it doesn't have permission to access the certificates under /etc/letsencrypt/), I copied it to the right directory:

  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  

  Then I set the following variables in /etc/asterisk/sip.conf:

  tlscertfile=/etc/asterisk/asterisk.cert
  tlsprivatekey=/etc/asterisk/asterisk.key
  

  Automatic renewal

  The machine on which I run asterisk has a tricky Apache setup:

  • a webserver is running on port 80
  • port 80 is restricted to the local network

  This meant that the certbot domain ownership checks would get blocked by the firewall, and I couldn't open that port without exposing the private webserver to the Internet.

  So I ended up disabling the built-in certbot renewal mechanism:

  systemctl disable certbot.timer certbot.service
  systemctl stop certbot.timer certbot.service
  

  and then writing my own script in /etc/cron.daily/certbot-francois:

  #!/bin/bash
  TEMPFILE=`mktemp`
  
  # Stop Apache and backup firewall.
  /bin/systemctl stop apache2.service
  /usr/sbin/iptables-save > $TEMPFILE
  
  # Open up port 80 to the whole world.
  /usr/sbin/iptables -D INPUT -j LOGDROP
  /usr/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables -A INPUT -j LOGDROP
  
  # Renew all certs.
  /usr/bin/certbot renew --quiet
  
  # Restore firewall and restart Apache.
  /usr/sbin/iptables -D INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables-restore < $TEMPFILE
  /bin/systemctl start apache2.service
  
  # Copy certificate into asterisk.
  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  
  # Commit changes to etckeeper and restart asterisk.
  pushd /etc/ > /dev/null
  /usr/bin/git add letsencrypt asterisk
  DIFFSTAT="$(/usr/bin/git diff --cached --stat)"
  if [ -n "$DIFFSTAT" ] ; then
      /usr/bin/git commit --quiet -m "Renewed letsencrypt certs." letsencrypt asterisk
      echo "$DIFFSTAT"
      /bin/systemctl restart asterisk.service
  fi
  popd > /dev/null
  

September 23, 2022

• François Marier Encrypted connection between SIP phones using Asterisk

  Here is the setup I put together to have two SIP phones connect together over an encrypted channel. Since the two phones do not support encryption, I used Asterisk to provide the encrypted channel over the Internet.

  Installing Asterisk

  First of all, each VoIP phone is in a different physical location and so I installed an Asterisk server in each house.

  One of the server is a Debian stretch machine and the other runs Ubuntu bionic 18.04. Regardless, I used a fairly standard configuration and simply installed the asterisk package on both machines:

  apt install asterisk
  

  SIP phones

  The two phones, both Snom 300, connect to their local asterisk server on its local IP address and use the same details as I have put in /etc/asterisk/sip.conf:

  [1000]
  type=friend
  qualify=yes
  secret=password1
  encryption=no
  context=internal
  host=dynamic
  nat=no
  canreinvite=yes
  mailbox=1000@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  

  Dialplan and voicemail

  The extension number above (1000) maps to the following configuration blurb in /etc/asterisk/extensions.conf:

  [home]
  exten => 1000,1,Dial(SIP/1000,20)
  exten => 1000,n,Goto(in1000-${DIALSTATUS},1)
  exten => 1000,n,Hangup
  exten => in1000-BUSY,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-BUSY,n,Hangup
  exten => in1000-CONGESTION,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-CONGESTION,n,Hangup
  exten => in1000-CHANUNAVAIL,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-CHANUNAVAIL,n,Hangup
  exten => in1000-NOANSWER,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-NOANSWER,n,Hangup
  exten => _in1000-.,1,Hangup(16)
  

  the internal context maps to the following blurb in /etc/asterisk/extensions.conf:

  [internal]
  include => home
  include => iax2users
  exten => 707,1,VoiceMailMain(1000@mailboxes)
  

  and 1000@mailboxes maps to the following entry in /etc/asterisk/voicemail.conf:

  [mailboxes]
  1000 => 1234,home,person@email.com
  

  (with 1234 being the voicemail PIN).

  Encrypted IAX links

  In order to create a virtual link between the two servers using the IAX protocol, I created user credentials on each server in /etc/asterisk/iax.conf:

  [iaxuser]
  type=user
  auth=md5
  secret=password2
  context=iax2users
  allow=g722
  allow=speex
  encryption=aes128
  trunk=no
  

  then I created an entry for the other server in the same file:

  [server2]
  type=peer
  host=server2.dyn.fmarier.org
  auth=md5
  secret=password2
  username=iaxuser
  allow=g722
  allow=speex
  encryption=yes
  forceencrypt=yes
  trunk=no
  qualify=yes
  

  The second machine contains the same configuration with the exception of the server name (server1 instead of server2) and hostname (server1.dyn.fmarier.org instead of server2.dyn.fmarier.org).

  Speed dial for the other phone

  Finally, to allow each phone to ring one another by dialing 2000, I put the following in /etc/asterisk/extensions.conf:

  [iax2users]
  include => home
  exten => 2000,1,Set(CALLERID(all)=Francois Marier <2000>)
  exten => 2000,2,Dial(IAX2/server1/1000)
  

  and of course a similar blurb on the other machine:

  [iax2users]
  include => home
  exten => 2000,1,Set(CALLERID(all)=Other Person <2000>)
  exten => 2000,2,Dial(IAX2/server2/1000)
  

  Firewall rules

  Since we are using the IAX protocol instead of SIP, there is only one port to open in /etc/network/iptables.up.rules for the remote server:

  # IAX2 protocol
  -A INPUT -s x.x.x.x/y -p udp --dport 4569 -j ACCEPT
  

  where x.x.x.x/y is the IP range allocated to the ISP that the other machine is behind.

  If you want to restrict traffic on the local network as well, then these ports need to be open for the SIP phone to be able to connect to its local server:

  # VoIP phones (internal)
  -A INPUT -s 192.168.1.3/32 -p udp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.1.3/32 -p udp --dport 10000:20000 -j ACCEPT
  

  where 192.168.1.3 is the static IP address allocated to the SIP phone.

• François Marier Connecting a VoIP phone directly to an Asterisk server

  On my Asterisk server, I happen to have two on-board ethernet boards. Since I only used one of these, I decided to move my VoIP phone from the local network switch to being connected directly to the Asterisk server.

  The main advantage is that this phone, running proprietary software of unknown quality, is no longer available on my general home network. Most importantly though, it no longer has access to the Internet, without my having to firewall it manually.

  Here's how I configured everything.

  Private network configuration

  On the server, I started by giving the second network interface a static IP address in /etc/network/interfaces:

  auto eth1
  iface eth1 inet static
      address 192.168.2.2
      netmask 255.255.255.0
  

  On the VoIP phone itself, I set the static IP address to 192.168.2.3 and the DNS server to 192.168.2.2. I then updated the SIP registrar IP address to 192.168.2.2.

  The DNS server actually refers to an unbound daemon running on the Asterisk server. The only configuration change I had to make was to listen on the second interface and allow the VoIP phone in:

  server:
      interface: 127.0.0.1
      interface: 192.168.2.2
      access-control: 0.0.0.0/0 refuse
      access-control: 127.0.0.1/32 allow
      access-control: 192.168.2.3/32 allow
  

  Finally, I opened the right ports on the server's firewall in /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3/32 -p udp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p tcp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p udp --dport 10000:20000 -j ACCEPT
  

  Network time synchronization

  In order for the phone to update its clock automatically using NTP, I installed chrony on the Asterisk server:

  apt install chrony
  

  then I configured it to listen on the private network interface and allow access from the VoIP phone by adding the following to /etc/chrony/conf.d/asterisk-local.conf:

  bindaddress 192.168.2.2
  allow 192.168.2.3
  

  Finally, I opened the right firewall port by adding a new rule to /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3 -p udp --dport 123 -j ACCEPT
  

  Accessing the admin page

  Now that the VoIP phone is no longer available on the local network, it's not possible to access its admin page. That's a good thing from a security point of view, but it's somewhat inconvenient.

  Therefore I put the following in my ~/.ssh/config to make the admin page available on http://localhost:8081 after I connect to the Asterisk server via ssh:

  Host asterisk
      LocalForward localhost:8081 192.168.2.3:80
  

  Allowing calls between local SIP devices

  Because this local device is not connected to the local network (192.168.1.0/24), it's unable to negotiate a direct media connection to any other local (i.e. one connected to the same Asterisk server) SIP device. What this means is that while calls might get connected successfully, by default, there will not be any audio in a call.

  In order for the two local SIP devices to be able to hear one another, we must enforce that all media be routed via Asterisk instead of going directly from one device to the other. This can be done using the directmedia directive (formerly canreinvite) in sip.conf:

  [1234]
  directmedia=no
  

  where 1234 is the extension of the phone.

September 22, 2022

• ng-voice ng-voice and Casa Systems partner to deliver truly cloud-native network infrastructure solutions to service providers and enterprises | September 2022

  22 September 2022 – ng-voice, leading provider of fully containerized and cloud-native solutions for the telecom market, announced today a partnership with Casa Systems, a leader in physical and cloud-native infrastructure technology solutions. The partnership will deliver fully cloud-native solutions to mobile network operators (MNOs), mobile virtual network operators (MVNOs), and enterprise customers worldwide.

   

  ng-voice’s fully containerized, Kubernetes-based IMS core combined with Casa’s 4G/5G multi-access core solution will simplify deployment and management of public and private networks reducing time-to-market and resource requirements.  

   

  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR.  Its key benefits include being infrastructure-agnostic, with highly automated deployment and operation processes, flexibility and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint. 

   

  “At Casa Systems, we build disruptive, innovative solutions that deliver new levels of performance, flexibility, and scalability required for next-generation networks,’ said Gibson Ang, Vice President of Technology and Product Management, Casa Systems. “We’re excited to partner with ng-voice, a leader in IMS core technology, to expand our portfolio of end-to-end cloud-native network solutions and introduce new revenue-generating opportunities to our customers.” 

  Our partnership with Casa Systems

  “Our partnership with Casa Systems provides a unique pre-integrated and certified alternative for service providers and enterprises seeking true cloud-native, microservices-based solutions,” said David Bachmann, CEO, ng-voice. “Our joint end-to-end fully containerized and cloud-native network solution can equal a smaller resource footprint, reduced cost, and greater value for our customers, unlocking true future-proof competitive advantages. We’re delighted to partner with a company that has the same mission to provide a disruptive solution to the market.”

   

  To know more about ng-voice’s partnerships, please get in touch on sales@ng-voice.com.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

September 20, 2022

• ng-voice The potential of 5G SA – how is it set to impact the industry?

  The arrival of 5G has been an exciting development in the telecoms space, with operators across the globe already rolling out the technology to enhance their services and offerings. But now even greater excitement is building as operators set their sights on true 5G – 5G Standalone (or 5G SA). So, what exactly is 5G SA and what opportunities does it unlock?

   

  5G SA uses the 5G NR (5G New Radio) access network on a 5G network core, unlike non-standalone 5G, which uses a 5G NR access network overlaid on an existing 4G LTE network core. 

   

  The widespread use of 5G SA has myriad benefits, including:

  • The complete reliance on a 5G core unlocks the benefits of true 5G, namely improved bandwidth and speed of connection for end-users
  • Increased ability to scale and enhanced spectral efficiencies
  • Ultra-low latency, contributing to an overall more seamless experience for end-users

  Critically, 5G SA will act as a key driver in the monetization of 5G, allowing telcos to recoup their investment into the new network by enabling new use cases for the entire sector, including:

  • Private networks – private, 5G SA networks benefit from resilience, security, and autonomy. 
  • IoT – 5G SA is ideal for meeting Critical IoT requirements, providing flexible edge computing, reliability, and supporting Network Data Analytics.
  • Network slicing – enabling new revenue opportunities through vertical applications such as smart manufacturing.

  With the Ericsson Mobility report highlighting that the 5G SA rollout will double by the end of 2022 and that within 5 years, 5G SA-compatible devices will account for nearly half of all mobile subscriptions, it’s crucial that we understand what its impact is going to be on the industry. 

   

  The current global rollout 

  Across the globe, we’re beginning to see operators rolling out 5G SA to deliver a fully 5G experience to end users. In 2021, Vodafone Germany launched a 5G SA network, with 1000 antennas in 170 cities and municipalities, and plans to deploy a fully-SA network by 2023. Late last year, Telia launched its 5G SA core in Finland, with the service being initially available to selected users in around 20 areas across Finland. 

   

  Many other EMEA operators have plans to launch 5G SA networks this year, including Telenor Denmark, Orange, Vodafone Spain and Vodafone UK, with the latter launching a commercial pilot trial of 5G SA last year. 

   

  However, despite this development and proliferation of 5G SA, there is still a vast number of operators who are without plans to roll out the technology and are lagging behind. This could be for a variety of reasons, however, the fundamental challenge operators face is integration.

   

  Integration of 5G SA is challenging, and it requires new infrastructure and architecture, rethinking operations, embracing cloud-nativity principles, and a software-centric approach. This entirely new way of thinking and operating could be holding telcos back from investing in 5G SA, however, the benefits it will bring and the use cases it unlocks are set to outweigh the challenges of implementation.  

   

  To unlock the true benefits of 5G SA, being cloud-native is key. Moving to a fully cloud-native infrastructure can add additional benefits to the already enhanced service, including flexibility and fast deployment, with lower costs.

   

  5G SA and VoNR

  When talking about the rollout of 5G SA, we cannot do so without thinking about voice services. The rollout of 5G SA will give rise to VoNR, seeing less reliance on VoLTE as more and more devices become 5G SA-compatible. 

   

  VoNR has many benefits for end-users, including enhanced voice quality and preventing fallback onto 4G networks, which improves the overall quality of call experience. 

  VoNR will form a key part of operators’ 5G SA journey, but it’s crucial that operators consider the quality and capabilities of their current IMS core solutions, to provide a service that fulfills customer needs and expectations. 

   

  At ng-voice, we offer a VoLTE/ VoNR solution that is truly cloud-native and fully containerized. Our cloud-native IMS is the first 100% containerized and Kubernetes-based fully-fledged IMS solution in the market. With the smallest container sizes, a high level of automation, and minimal use of resources, our IMS is scalable, flexible, cost-efficient, and easy to deploy and manage.

   

  To find out more about why our solution is right for you, contact our team at: sales@ng-voice.com or learn more here.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Varun Jain

  Customer Solution Architect

  Publisher Bio

  Varun Jain is a Customer Solutions Architect for the Sales Team, he has over 16 years of experience in telecom industry, working for companies like Ericsson India Global services PVT LTD and NOKIA.

September 15, 2022

• Digium Sangoma’s New Logo

  Sangoma is constantly evolving. And with it, our logo is evolving along with us.

  

  When we purchased Digium in 2018, we made a change to our logo and at that time, incorporated part of the Digium logo. But since that time, we’ve purchased VoIP Innovations, Star2Star, and now NetFortris. We are a different company since 2018, and we figured it was time for our logo come along. While our logo has changed, we still have the same pride and commitment to Asterisk (and FreePBX). Nothing has changed in that regard.

  What has changed is we’ve now grown into being a world-class Communications as a Service provider with over 70% recurring revenue. And through our partners we serve businesses ranging from SMBs to multi-location regional and national retail chains. It’s been truly awesome to have been part of this growth.

  And while we are probably most associated today with UCaaS and it’s nice to get accolades from Gartner and Frost and Sullivan about UCaaS, we also offer cloud services that complement UCaaS – Contact Center, Video Meetings, Collaboration, MSP services, CPaaS / Applications, Desktop as a Service, Access Control and Fax for example. We offer a wide range of Communications-as-a-Services, one we think is the broadest in the industry.

  And so we wanted to incorporate some kind of cloud element into our logo – to always have that in the background when people come to our website, when we’re presenting, etc. Because that’s who we are and who we will continue to be. We are also a strong company in many ways – fiscally, determined, intrepid – and that steel blue color is meant to evoke that.

  Welcome to the new logo.

  The post Sangoma’s New Logo appeared first on Sangoma Technologies.

• ng-voice Employee Spotlight | Vividha Singh, VP of Quality Assurance and Security

  We at ng-voice are excited to bring to you our first blog for Employee Spotlight. In this series we interview our top talents, sharing with you their experience and insights working at ng-voice. 

   

  For our first #EmployeeSpotlight blog post, we had the opportunity to speak to our VP of Quality Assurance and Security, Vividha Singh, who showed us her amazing journey in the telecom industry and how she went from being a technical member of the team to Vice-President at ng-voice. Vividha also touched upon her role, achievements, and how she built a talented team on two different continents.

  Vividha Singh at ng-voice | Employee Spotlight

  Tell us a bit about yourself, your career before you joined ng-voice, and what is your role at ng-voice now

   

  I am Vividha Singh and I’m responsible for ng-voice’s testing infrastructure, guaranteeing the stability and reliability of our core components. I have been working in the telecom industry for most of my career. I studied Electronics and Telecommunication for my bachelor’s and telecommunications has always been part of my journey. For about 6-7 years I worked as a technical leader in my previous company before joining ng-voice. One of my current roles is to build test solutions such as test set-ups as well as execute them. 

   

  Why did you join ng-voice?

   

  After moving to Germany, I came to know about ng-voice, a start-up with a lot of exciting work and I saw this as an opportunity to build myself in terms of my leadership qualities and get to see end-to-end product development which you can’t find in larger organizations.

   

  What’s the unique part of working here?

   

  At ng-voice, you are not limited to one part of the product and you can see how it developed from scratch, delivered to the client, how it’s in use, and see it in the real world. The visibility of your contribution is really exciting to see and that’s what is unique about working at ng-voice. 

   

  What have been your most significant accomplishments at ng-voice?

   

  When I joined ng-voice, I was the second member of the testing team. I was fortunate to be given the opportunity to work on building a team and hire talented people to get the quality of the product to the next level. I got the chance to build and manage teams in two different geographic locations, a team in Germany and a team in India which I consider to be my biggest achievement. 

   

  What advice do you give prospective candidates and people starting their career at ng-voice?

   

  If you are passionate about learning and working with the latest technology, software, and latest open source technologies then ng-voice is the right place for you. It is also important that you are self-motivated to learn about innovation, and cloud-nativity as we always aim to pioneer new technological areas and this is always exciting to me. 

   

  Any final words?

   

  The journey has been very exciting to me as I’ve seen a lot of growth not only from my personal experience but also from how the company has grown. It’s very heartwarming to see how you and the company have evolved together. 

  
  Vividha’s journey at ng-voice has been an extraordinary one, a journey of challenges, growth and personal achievements. With ng-voice, you can start writing your path by joining our talented team. Take a look at our careers page and find a role that is suitable for you.

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Khaled Amirian

  Employer Branding & Internal Marketing Specialist

  Publisher Bio

  During his academic and professional career, his curiosity to learn different business functions such as HR and marketing allowed him to gain valuable insights. Khaled aims to provide unique perspectives on topics in digital marketing and HRM. His interests in the digital world helped him become a key community member among Esports player.

August 31, 2022

• Enable Security SIP ALG exploit hits Realtek SDK, our Attack Platform and holidays
  In the summer time, the weather is hot … August is usually a slow month in our part of the world and a good time to take a holiday and relax a bit. We tried that for ourselves and found out that the rumors are true, holidays are not overrated. But, we didn’t stop for too long because, actually, we have news! In this edition, we cover: Our news about the Enable Security Attack Platform and Gasoline v2 Buffer overflow in Realtek’s SIP ALG affecting many many routers (CVE-2022-27255) More router exploitation leading to SIP credentials leakage (Arris / CVE-2022-31793) TLS ALPN identifier for SIP SELinux policies and Kamailio/OpenSIPS And more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

August 30, 2022

• Digium UCaaS & the Concept of “One-stop-shopping” for Other Required Communications Services

  Over the summer, I’ve written a few blogs about the Frost and Sullivan whitepaper called “Modern Cloud Communications Empower the Hybrid Workforce�. This will be my final blog about it. One other part of that whitepaper talked about Unified Communications and then about other communication services beyond just UC.

  Organizations adopting unified communications-as-a-service (UCaaS) show strong preference for one-stop shopping. They choose to purchase an array of correlated services from their cloud private branch exchange (PBX) provider:

  • 91% integrated meetings and messaging
  • 88% cybersecurity solutions
  • 88% device as a service
  • 85% SIP trunking
  • 84% MPLS
  • 82% SD-WAN
  • 78% integrated contact center
  • 42% calling plans

  This is really interesting since this has been Sangoma’s strategy for a long time!

  

  We have everything Frost and Sullivan writes about in our chart above. The three to the right on the chart (managed SD-WAN, managed network connectivity, and managed security) were obtained via our acquisition of NetFortris in March of this year.

  And that’s how I’ll end this blog series. Frost and Sullivan validating our strategy.

  To download the full Frost and Sullivan whitepaper to learn more about this, please go here.

  The post UCaaS & the Concept of “One-stop-shopping� for Other Required Communications Services appeared first on Sangoma Technologies.

August 29, 2022

• Digium Maximize Profitability and Boost Collaboration with Communications-as-a-Service (CaaS)

  Grow Business Benefits with a Full Suite of Customizable CaaS Solutions from Sangoma

  Communication is the lifeblood of every business, and thanks to recent technological innovations, global disruptions, and shifting market demands, virtual environments are essential for effective communication in the modern workplace. More companies are turning to the cloud to improve remote and hybrid collaboration, introduce new customer service channels, and lower IT costs. To explore what CaaS offers, download our new, free eBook today!

  Why CaaS?

  The key to achieving a seamless experience in the cloud is integration. Navigating between multiple applications, platforms, and cloud providers is cumbersome and creates silos that hinder communication and add complexity. Disparate systems also introduce security risks and associated costs to protect every application and device. Without integration, simply doing business is a recipe for profit loss.

  Gain a Competitive Advantage with a Complete CaaS Portfolio

  Communications-as-a-Service (CaaS), also called Unified Communications-as-a-Service (UCaaS), brings together voice, video, presence and chat, conferencing, virtual desktop, and other applications to create a simplified, interconnected environment where every communication tool works together effectively.

  With CaaS, companies can create and customize a secure, seamless digital workspace that improves collaboration and maximizes profitability with no hidden costs – all from a single cloud provider.

  CaaS Deployments for Any Business

  Whether an organization needs a single solution or a full suite, Sangoma’s end-to-end CaaS portfolio can address business communication needs and provide the right hardware and accessories to maximize performance and productivity. Customizable and comprehensive, Sangoma’s platforms offer flexible deployment options, secure integrations, and unified applications accessible from any device.

  With Sangoma’s one bill, one vendor approach, organizations no longer need to devote time and energy to navigating multiple cloud vendors with their own policies, procedures, and workflows. When businesses partner with Sangoma, they enjoy a reliable, consistent partnership with expert support when and where they need it.

  Collaboration Solutions

  Effective communication tools help companies collaborate effectively, which improves employee morale, productivity, and long-term profitability. Thankfully, Sangoma’s CaaS solutions are geared specifically toward enhancing collaboration amongst on-site and off-site teams, regardless of how they operate.

  Business Phones, Hardware, and Communities

  In addition to its many software and as-a-Service products, Sangoma stands apart from other providers by offering an array of hardware, phones, and other devices to support business goals. What’s more, Sangoma maintains an open-source community to help small businesses, enterprises, government agencies, and other organizations create and deploy communications apps.

  Businesses are constantly evolving, and with these additional services, Sangoma can act as a trustworthy, end-to-end partner as companies’ technology needs grow and change.

  Read More: Download our brand-new, free eBook to explore all that CaaS can do for your business

  The post Maximize Profitability and Boost Collaboration with Communications-as-a-Service (CaaS) appeared first on Sangoma Technologies.

August 25, 2022

• ng-voice My 1st month as a DevOps Engineer at ng-voice: Sara

  Who am I?

  My name is Sara Fattouh, and I am going to tell you my story of joining the ng-voice cloud-native team as a DevOps Engineer. I am an informatics engineer, I moved from Budapest, but I am originally from Syria.

   

  After my graduation, I worked as an assistant teacher at the University of Aleppo, where I was responsible for preparing and teaching functional materials in software engineering. I worked in Syria for 2 years as a software engineer, then I was awarded a scholarship to pursue my studies in Budapest, Hungary. While I was a master’s student, I joined Nokia as a trainee, after that, I was offered a full-time position as a software engineer.

  Why did I join ng-voice?

  DevOps engineers have a diverse and unique soft skill set as well as technical skills which are closely linked to the knowledge of the DevOps toolset: coding, and scripting.

   

  I joined ng-voice to embrace and adapt quickly to new responsibilities and I am eager to develop these skills to contribute to the mission of ng-voice: build a fully cloud-native IMS for the market.

  

  Getting settled in a new city

  When I arrived I had a lot of tasks to complete during my first few days, but with the team’s assistance, I was able to obtain a bank account and ‘Anmeldung’ very fast, I started receiving the mail in bulk. It’s Germany, no wonder

   

  I also joined a badminton group to keep the same habit I started in Budapest, playing badminton weekly and making new friends from different backgrounds.  It’s not a secret that in large German cities, finding an apartment is hard for everyone, not only for foreigners. The housing market in Hamburg is quite competitive, but knowing where to look will make your search easier.  There are a lot of real estate websites where new advertisements are published very frequently. I hope that these websites can help me find a suitable apartment to rent shortly.

  My experience as a DevOps Engineer at ng-voice so far

  I had a great time traveling to Germany and joining ng-voice as the staff was accommodating, especially during the visa application process. I traveled from Budapest, spent a 10 days vacation in Berlin, and finally made it to Hamburg. 

   

  On my first day, everyone was very welcoming and I liked every piece of my starter kit which was waiting for me on my desk. A nice onboarding specialist guided me through and helped me with the first steps to settling in the new city. What impressed me from the first day is the high organization, the accuracy, and good documentation of the tasks, not to forget the transparency among the employees. I’ve had a nice experience working at ng-voice in Hamburg overall. Everyone is easy to approach, friendly, and highly responsive. What I like the most about my teammates is how cooperative and eager to help they are.

   

  As a new joiner to ng-voice, I am proud, happy, and eager for more!

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Sara Fattouh

  DevOps Engineer

  Publisher Bio

  Sara Fattouh is an informatics engineer who joined the ng-voice cloud-native team as a DevOps engineer. She was previously an assistant teacher at the University of Aleppo, and worked for Nokia as a trainee before joining the company full-time.

August 16, 2022

• Digium Considerations for a Unified Communications Prem to Cloud Migration

  Some companies are considering the transition from an on-premise unified communication system to a UCaaS system. There could be various reasons, ranging from the age of the prem system, to not wanting to manage the on-site system anymore (manually update the system, etc.), to it being part of your company’s strategy to move as much support systems to the cloud, to you are growing and you want your system to scale better and support remote offices.

  No matter what, there are considerations.

  One consideration is are the features the same? Some UC features are “easier” in an on-prem system, and some features are older and maybe not available on a newer UCaaS system (fax, analog phones anyone?, hot desking/hoteling for example) so if you have some favorite features or key older technology to support, make sure you ask.

  Or maybe you’ve built some of your business processes to work with the on-prem system very tightly. Make sure you ask about that and don’t assume it will work.

  Also, maybe you already paid for your phones, so does the UCaaS system support the phones you have already invested in?

  And you should create a plan once you’e decided to do it. Make sure there is a transition period where the prem system and the cloud system are both there, and start the data migration (voice mails, etc.) first. Then there are the applications that interface to the phone system that need to be migrated over as well. And make sure your network can support this.

  If you are considering a migration, Sangoma is here to help you. Give us a call. We offer both on-premise and cloud Unified Communication systems, and have literally helped migrate hundreds if not thousands of businesses from prem to cloud.

  The post Considerations for a Unified Communications Prem to Cloud Migration appeared first on Sangoma Technologies.

• ng-voice I deployed ng-voice’s cloud-native IMS over a 10 minute coffee break

  As telcos look for new ways to compete in the market and release new products and services to their subscribers, agility, efficiency and speed is vital. In this blog, we’ll explore the process of deploying our cloud-native IMS solution and the critical role that automation plays in the process. 

   

  Picture this:

  It was around 1 am…the time when most people are asleep. For me, however, this time means low network traffic and the perfect time to perform upgrades on network functions providing critical services. 

  I watched my laptop screen closely, hoping to avoid finding any issues during the upgrade process of a Call Session Control Function (a network function in the IMS). There was no room for error, as one mistake could impact millions of subscribers. I wanted simpler, better, faster….

  The above was a common experience in my past working career. However, you will be glad to know that there is a positive outcome. 

  A few months ago, I surprised myself by deploying ng-voice’s IMS over a coffee break. I ran a few commands using Helm, got my coffee, and before I knew it, in less than 10 minutes, the entire IMS solution was deployed in ng-voice’s lab. The summary of this breakthrough is one keyword: cloud-nativity.

   

  Understanding cloud-native principles

  Cloud-nativity is more than just deploying software in the cloud. It is a broad term that incorporates many capabilities. At ng-voice, there are several key cloud-native principles that we adhere to:

  • Infrastructure-agnostic: The IMS core can be deployed on any cloud or bare metal thanks to Kubernetes-based container architecture
  • Balances load: The solution provides load balancing and service-discovery
  • Self-healing: Active monitoring to identify and replace failed components to maintain availability 
  • CI/CD: Automation throughout the integration, delivery and deployment pipelines
  • Automatic scaling: Recognizes load continuously and adapts necessary capacity accordingly

  So, how do these principles work together to enable our IMS solution to be so easily deployed?

  ng-voice’s software is based on a greenfield microservices design, meaning that the system is developed from scratch without the restrictions of legacy infrastructure. This allows us to provide a truly personalized solution, avoid the constraints of monolithic software and ensure we can leverage small-sized containers to maximize efficiency and scalability. 

   

  We also prioritize using a DevOps approach from the start, which encourages faster, more streamlined development and deployment. A crucial part of our DevOps approach is ensuring efficient software lifecycle management through the CI/CD pipeline, bringing developers and IT operations teams together to deploy software more efficiently. The diagram below outlines how our CI/CD pipeline works:

  

  Although it’s possible to manually execute each of the above steps of the CI/CD pipeline, the true value of CI/CD pipelines is realized through automation. With automation as the backbone, the threat of human error is minimized, and a constant process for the testing and release of software can be maintained. 

  Benefits to MNOs, MVNOs, and Private Networks

  Automation brings several benefits to the telecoms industry by deploying cloud-native solutions:

  • Cost-effectiveness: Automation reduces the time to manage and deploy applications thereby maximizing efforts. This is of particular benefit to MVNOs, as they typically have smaller economies of scale, so maximizing their return on investment is critical
  • Increased efficiency:  Through end-to-end automated pipelines, features and software updates are ready for delivery faster and deployed faster. Pre-defined scripts and pipelines ensure that quality is reached in an optimal timeline
  • Scalability: By introducing an automated, cloud-native solution, network operators of all sizes can deploy new services and products quickly and simply, to meet changing subscriber demands and compete in the market. Furthermore, ng-voice’s IMS can be automatically scaled based on traffic demands

  While the benefits are clear, how do they translate in a real-life setting? Here we bring two different deployment use cases.

  Use case 1: Google Cloud

  The deployment of our IMS solution in the Google Kubernetes Engine (GKE) is a clear example of just how much difference automation can make. GKE provides a managed environment for deploying, managing, and scaling containerized applications using Google infrastructure. The GKE environment consists of multiple applications, grouped together to form a cluster, managed by Kubernetes. If one application goes down and another needs to start, Kubernetes will interact with the cluster to ensure this can effectively take place. 

  Deploying ng-voice’s IMS core in the GKE is extremely simple. We recently timed one of our Cloud Engineers and it took under ten minutes to carry out the following steps: 

  1. Install Kubernetes cluster of 3 nodes
  2. Add docker  repository credential to the default namespace
  3. Deploy all of  the network functions using Helm file in one command
  4. Glance back at your laptop and you’ll see that all the components are up and running, ready to connect to your core network
  5. Sit back and enjoy your calls!

  Use case 2: Bare metal 

  But deployment in the GKE isn’t the only environment that showcases the benefits of our solution. These can also be seen in a bare metal environment too. 

  1. The deployment kicks off with the host provisioning stage, of which the timeline depends on the customer
  2. From here, host preparation takes up to fifteen minutes
  3. In another fifteen minutes, the Kubernetes cluster is created
  4. The final step, which is installing the network functions, can be in five to ten minutes per network function
  5. The IMS core is up and running in a bare metal environment

  To find out more about why our fully automated, cloud-native voice solution is right for you, contact our team at: sales@ng-voice.com or learn more here.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Elijah Indarjit

  Customer Solution Architect

  Publisher Bio

  Elijah has vast experience in the industry working for companies such as Vodacom South Africa and Vodafone Turkey.

  In his previous roles, Elijah deployed VoLTE interconnected networks and developed a Core network strategy and evolution, resulting in better service quality for customers.

  Elijah brings his skills in IMS, Packet Core, Voice Core, and QoS to ng-voice to design solutions and evolve our portfolio based on customer needs.

August 09, 2022

• Digium What is UCaaS?

  Introduction

  Unified Communications as a Service (UCaaS) is a cloud-based solution that integrates communication features, applications, and services into one cohesive platform. By moving to a UCaaS platform, businesses can utilize the cloud’s mobility and scalability while reducing costs and increasing productivity. This article will go over what Unified Communications as a Service really means (and why it matters).

  What is UCaaS

  UCaaS is a term that refers to unified communications as a service. It’s an umbrella term for different communications services, including video conferencing and collaboration tools such as SangomaMeet and TeamHub.

  Businesses can utilize the cloud’s mobility and scalability by moving away from legacy components such as on-premise PBX systems. Additionally, most UCaaS systems enable your business phone number to be used by your smartphone and your laptop, enabling employees to work remotely very effectively.  By moving to a UCaaS platform, companies can save on upfront costs by deploying a pay-as-you-go approach to their business communications. The monthly cost of a UCaaS platform is usually lower than the monthly maintenance and service costs associated with on-premise systems, and there is no capital expenditure required for hardware or software purchases.

  Furthermore, with UCaaS, you don’t need to worry about purchasing new hardware or software every time you want to add new features; instead, you simply upgrade your subscription plan to gain access to new capabilities!

   

  Features of a UCaaS Platform

  A UCaaS platform has several features that make it stand out from other types of business phone systems. Let’s look at a few of the most important ones:
  

  • • Presence: This feature allows you to see which users are currently logged into the system and where they’re located in relation to your office, so you can call them when needed. It also displays indicators, such as, Do Not Disturb, Active, and Out of the Office.  
    • Mobility: The mobility feature allows you to stay connected regardless of your location. Through your office extension, you can make and receive calls, chat, and more with a softphone application on any device with an internet connection—a smartphone or tablet, for example—no matter where they are located as long as they have an internet connection. So you can work from home or from a remote location and still be able to use your office phone number!
    • Collaboration: Collaboration tools are designed specifically for sharing information among team members within one organization; these include chat rooms where people can type messages back-and-forth using text whenever needed instead of calling each other individually over the phone.
    • Unified Messaging: With unified messaging, users can manage many types of messages from a single application and switch communication modes on demand.
    • Video Conferencing: Stay connected with multiple users with conferencing. Conferencing allows a group of users to meet and speak via voice and/or video from multiple locations. This option is also available to outside organizations, partners, or clients. 

  UCaaS Benefits

  UCaaS offers a competitive advantage to businesses by reducing the number of independent tools, platforms, and solutions. It can streamline communications for organizations, regardless of size or industry. Because UCaaS integrates and optimizes all interactions, team collaboration and productivity are significantly improved, and the engagement of sales prospects, vendors, and customers. UCaaS facilitates: 

  • Increased collaboration between teams and departments
  • Improved security through centralized management of various communications devices and apps
  • Reduced costs due to the consolidation of messaging platforms into one centralized service
  • Reduced IT overhead since the cloud subscription enables security and other updates to be done by the cloud service, not by you.

  Why it Matters

  Businesses rely on communication tools to stay productive and competitive, and when it comes to motivating employees and increasing productivity, integrating communication tools empowers workers to handle multiple tasks quickly and efficiently. By integrating communications into one platform, companies can improve team collaboration and productivity while reducing costs. Brighten your future and improve your business communications with Sangoma’s UCaaS solutions and full-suite communication suite: (list products here?) 

  

   

  The post What is UCaaS? appeared first on Sangoma Technologies.

July 29, 2022

• Enable Security WebRTC 0day, FreePBX not Asterisk attacks and talks at MCH2022
  It is the end of the week as well as July and the RTCSec newsletter is in your inbox eagerly waiting to give you all the educational entertainment you need throughout the weekend! In this edition, we cover: Our TADSummit talk and SIPVicious PRO details FreePBX exploitation and confusing reports Remote coverage of the talks at the Dutch hacker camp CVE-2022-2294 - the vulnerability in the WebRTC project Vulnerabilities in Matrix, BigBlueButton, JunOS and more Tweet of the month on VoIP phone hardware hacking RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

July 28, 2022

• Digium How to Deploy or Migrate to UCaaS the Smart Way

  Let’s face it: launching a UCaaS (Unified Communications as a Service) system from scratch can seem pretty daunting. This type of cloud phone system incorporates many different types of communication / collaboration services to help your business succeed. Whether you’re talking about voice, video, messaging, meetings, presence or team-based collaboration, they’re all traditionally available as options.

  And while the hallmark of a UCaaS environment is its ability to bring together all of these elements, there are many (frequently overwhelming) considerations you have to make on the back end to determine if and how it can work for you. Then, there are past investments. Over the years, many businesses like yours have spent significant time and money toward implementing many traditional communication and collaboration options that are now outdated for the modern landscape.

  Previous choices, however, should not complicate matters when considering when, how and why to make that jump to an all-encompassing UCaaS infrastructure.

  Choose the UCaaS for YOUR Needs

  In most cases, your provider may be able to handle the dirty work for you. The key is to select the specific features and elements that your organization needs, and see what sorts of deployment options are available from the host.

  So … whether you’re starting out from scratch or migrating to a full-on – or even hybrid – UCaaS environment, most of this rollout involves the streamlining and automation of a la carte options.

  Consider Scalability …

  Communications and collaboration options abound, but are not all necessary in every business case. From a UCaaS perspective, it can be scaled as necessary, with features added or taken away in an a la carte fashion as your organization’s needs change. In other words, UCaaS allows you to establish custom communications infrastructure exactly as you need while also supporting future growth initiatives.

  For that reason, you should carefully evaluate the options and capabilities made available to you by the various providers, weighing them against your own unique needs.

  … While Embracing Flexibility

  One of UCaaS’ best traits is how optimal it is for remote and telework environments. This cloud-based system can be deployed across many different types of communication channels and devices. The flexibility it extends to YOUR deployment, however, should run so much deeper.

  In particular, focus on factors such as extending customer communications channels and streamlining CRM services with these options.

  Assessing Reliability

  With flexibility comes the need for reliability, a factor that can largely be out of many organizations’ control. Sadly, the stability of a UCaaS is largely tied to the state of your – and your remote workers’ – internet connection, as well as the relative strength of the service provider and UCaaS architecture that it provides.

  In most cases, the smart move is to choose a deployment that guarantees virtually unlimited uptime and availability, as well as geo-redundancy for better backup integrity. Many vendors claim accessibility to these. Reading customer and peer reviews, however, can often tell a different story.

  Focus on Real Time

  UCaaS users tend to be the most productive when they can communicate and collaborate consistently in real time, as if seated in the same room as one another.

  Weigh Cost Versus Benefit

  Like most extensive software deployments, the price tag will almost always play a factor. Choose a UCaaS system that gives you the most proverbial “bang for your buck,” weighing the critical features that you need against the feasible cost of their implementation.

  While it’s often good to take a chance, gaining access to the most sought-after features and elements for the lowest-available cost is almost always prudent.

  Have you considered the numerous features, capabilities and benefits that come as part of a comprehensive Sangoma UCaaS deployment? Visit www.Sangoma.com or call (877) 344-4861 for more information.

  The post How to Deploy or Migrate to UCaaS the Smart Way appeared first on Sangoma Technologies.

• Jitsi Enhanced noise suppression in Jitsi Meet

  For a while now Jitsi Meet has been using the RNNoise library to calculate voice audio detection scores for audio input tracks and leveraging those to implement functionality such as “talk while muted” and “noisy mic detection”. However, RNnoise also has the capability to denoise audio.

  In this article we’ll briefly go through the steps taken to implement noise suppression using RNnoise in Jitsi Meet.

  What’s RNNoise anyway?

  RNNoise, as the authors describe it, “​​combines classic signal processing with deep learning, but it’s small and fast”, this makes it perfect for real time audio and does a good job at denoising.

  It’s written in C which allows us to (relatively) easily use it on the Web by compiling it as a WASM module, that combined with a couple of optimizations gets us noise suppression functionality with very little added latency.

  Working with Audio Worklets

  Previously Jitsi Meet processed audio using ScriptProcessorNode which handles audio samples on the main UI thread. Because the audio track wasn’t altered and we simply extracted some information from a copy of the track, performance issues weren’t apparent. With noise suppression the track gets modified, so latency is noticeable, not to mention that any interference on the main UI thread will impact the audio quality, so we switched to audio worklets.

  Audio worklets run in a separate thread from the main UI thread, so samples can be processed without interference. We won’t go into the specifics of implementing one as there are plenty of awesome resources on the web such as: this and this. Our worklet implementation can be found here.

  Webpack integration

  Even though using an audio worklet looks fairly straightforward there were a couple of bumps along the road.

  First off, and probably the most frustrating part was making them work with webpack’s dev server.

  Long story short, the dev server has some neat features such as hot module replacement and live reloading, these rely on some bootstrap code added to the output JavaScript bundle. The issue here is that audio worklet code runs under the AudioWorkletGlobalScope’s context which doesn’t know anything about constructs like window, this or self, however the aforementioned boilerplate code makes ample use of them and there doesn’t seem to be a way to tell it that the context in which it’s running is a worklet.

  We tried several approaches but the solution that worked for us was to ignore the dev server bootstrap code altogether for the worklet’s entry point, which can be configured in webpack config as follows:

  module: { rules: [ ...config.module.rules,
              { test: resolve(__dirname, 'node_modules/webpack-dev-server/client'),
                loader: 'null-loader' } ] }

  That took care of the dev server, however production webpack bundling also introduced boilerplate which made use of the “forbidden” worklet objects, but in this case it’s easily configurable by specifying the following output options:

  output: { ...config.output, globalObject: 'AudioWorkletGlobalScope' }

  At this point we had a working worklet (pun intended) that didn’t break our development environment.

  WASM in audio worklets.

  Next came adding in the RNnoise WASM module. Jitisi uses RNnoise compiled with emscripten (more details in the project: https://github.com/jitsi/rnnoise-wasm). With the default settings the WASM module will load and compile asynchronously, however because the worklet loads without waiting for the resolution of promises we need to make everything synchronous, so we inline the WASM file by passing in  -s SINGLE_FILE=1 to emscripten and we also tell it to synchronously compile it with -s WASM_ASYNC_COMPILATION=0. With that in place everything will be loaded and ready to go when audio samples start coming in.

  Efficient audio processing.

  Audio processing in worklets happens on the process() callback method in the AudioWorkletProcessor implementation at a fixed rate of 128 samples (this can’t be configured as with ScriptProcessorNodes), however RNnoise expects 480 samples for each call to it’s denoise method rnnoise_process_frame.

  To make this work we implemented a circular buffer that minimizes copy operations for optimal performance. It works by having both the buffered samples and the ones that have already been denoised on the same Float32Array with a roll over policy. The full implementation can be found here.

  To summarize, we keep track of how many audio samples we have buffered, once we have enough of them (480 to be precise) we send a view of that data to RNnoise where it gets denoised in-place (i.e. no additional copies are required). At this point the circular buffer has a denoised part and possibly some residue samples that didn’t fit in the initial 480, which will get processed in the next iteration. The process repeats until we reach the end of the circular buffer at which point we simply start from the beginning and overwrite “stale” samples; we consider them stale because at this point they have already been denoised and sent.

  The worklet code gets compiled as a separate .js bundle and lazy loaded as needed.

  Use it in JaaS / using the iframe API
  

  If you are a JaaS customer (or are using Jitsi Meet through the iframe API) we have added an API command to turn this on programmatically too! Check it out.

  Check it out!

  In Jitsi Meet this feature can be activated by simply clicking on the Noise Suppression button.

  

  Since in this case a sound file is probably worth more than 1000 words, here is an audio sample  demonstrating the denoising:

  Original audio:

  
  

  Denoised audio:

  ---

    Your personal meetings team.

  Author: Andrei Gavrilescu

  The post Enhanced noise suppression in Jitsi Meet appeared first on Jitsi.

July 26, 2022

• ng-voice Mert tells us about his experience joining ng-voice’s team

  Hello! My name is Mert and I am going to tell you about my experience joining ng-voice. I am 27 years old, and I come from Istanbul, Turkey. At the beginning of my career, I worked as a Software Engineer for two years and have been working as a DevOps Engineer for over a year. I recently started my new role and joined the ng-voice team as a DevOps Engineer in the Hamburg office.

  My experience arriving to ng-voice’s Hamburg office

  Overall, my experience arriving in Germany and to ng-voice went really smoothly as I got a lot of help from the team, especially with my Visa process. When everything was set up, I just took a week’s vacation to move to Hamburg and start knowing this new city so I could start at ng-voice on May 15th.

   

  On my first day, my nice starter kit was waiting for me at my desk and everyone was very welcoming. I had the fortune of starting the very same day as our new Onboarding specialist, so it was very nice to have her help during my first weeks.

  
  I met my teammates and then started my technical onboarding, it was really nice as everything from my team and others was documented, so I was able to finish it in 2 weeks and got hands on my first task which I completed by June.

  

  
  Getting settled in a new city

  I needed to get a lot of things done on my first days and with the help of the team, and because I did a lot of previous research (Personal blogs and videos), I managed to get my SIM Card, bank account, and my Anmeldung in just 3 days.

  
  As I did a lot of research before coming to Germany, I knew I had to start looking for an apartment before I got to Hamburg, so I did. From Istanbul, I searched, created my cover letter (Bewerbungsunterlagen), refreshed and refreshed the best websites for apartment search, applied for apartments, and finally, I had an apartment by the time I got to Germany.

  My experience at ng-voice so far

  Overall, my experience at ng-voice in Hamburg has been great. I like living by the water (it’s just like the canals in Istanbul), I arrived with the great summer weather and found a great place to live. The people at ng-voice are really open-minded, I love working with my team and I am excited to learn and exchange experiences with them.

  
  For the near future, I’m eager to start my A1 German course in august as part of the benefits ng-voice gives to us as employees in Germany. This will help me adapt to the city and practice my German, as I continue focusing on my development as a DevOps Engineer at ng-voice.

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Mert Dogan

  DevOps Engineer

  Publisher Bio

  Mert Dogan is a DevOps Engineer for the Cloud Native Team at ng-voice. He has over 3 years of experience as a Software and DevOps Engineer, working for companies like SAP and Trendyol Group (Alibaba) in Turkey.

July 21, 2022

• Digium 10 Things Organizations Should Look for in Cloud-based Mobile Access Control

  In an earlier blog, we wrote about how cloud-based Mobile Access Control is disrupting the market at break-neck speed. Nowadays, savvy small and medium-sized businesses (SMBs) have discovered that cloud-based systems can deliver benefits for workplace security just as they do for business phone systems and communication tools. In fact, data shows that nearly 40% of end users have already deployed wireless door locks as part of their access control solution.

  There’s no doubt that users today demand seamless digital experiences, and cloud-native mobile access controls certainly help organizations satisfy these needs. Gaining quick access to doors, elevators, and turnstiles with a simple tap or swipe can make a big difference to users. And since most employees already have a smartphone on them at all times, it makes perfect sense. What’s more, administrators can more easily manage frequent activities such as adding or revoking privileges for new and departing employees or providing guest access. It’s a win-win!

  Like any technology, however, not all solutions are made equal. To ensure organizations get the most bang for the buck, we’ve put together the top ten things they should look for when considering different solutions. Let’s explore below:

  Innovative, All-in-One Solutions

  You’re likely already familiar with access control systems. But while legacy systems are cumbersome, requiring lag time to collect and distribute access components, cloud-based systems are quick and efficient, particularly when dealing with multiple job sites. Cloud-native controls are all-inclusive, including wireless door locks, sensors, software and controllers, which lets organizations implement a complete smart office system in one fell swoop.

  Easy Onboarding & Control

  Frequent tasks like onboarding employees or removing access can be tedious and time-consuming for a system administrator. But, on the other hand, cloud-native access control lets organizations automate processes for greater speed and efficiency. Administrators can also save time and effort with a system that can be controlled from the palm of their hand – from adjusting configurations to reviewing events. If the unlikely scenario occurs where an employee shows up without their phone, administrators can even remotely unlock the doors.

  User-friendly Mobile Apps

  With today’s access control systems, there is no need to purchase technology like key fobs. Instead, employees access their office through a designated mobile app, which works well considering that 93% of the U.S. population currently uses smartphones. Most people these days are already accustomed to conducting business with their personal devices: such as paying bills, sending money or verifying their identity – making it an easy learning curve. Within an app, employees can view the status of each door and swipe a small button to open it. The system then automatically resets the door status and logs the activity through the cloud.

  Flexible Access

  Administrators should be able to effortlessly add users, assign different permissions and access levels, or move access privileges to a different job site. Following installation, they should also enjoy significant flexibility in terms of how their employees enter their job site, as the system can work seamlessly – whether a business chooses to deploy a mobile app or distribute more traditional access control technology like cards or fobs.

  Cost-effective

  Adopting a completely wireless access control system, also referred to as Access Control as a Service (ACaaS), is typically an affordable option for businesses concerned with security. Cost-savings come from the system being quite simple to install and configure – never exceeding four hours! Oftentimes, ACaaS can leverage a business’s existing infrastructure, like using already-installed locks, which eliminates the need for extra wiring and their associated costs.

  Complete Workplace Security

  There is no need to fret about cybersecurity when implementing cloud-native access control. Seek out ACaaS technologies that use encrypted cloud-based technology to authenticate employee devices and activity. The system’s integrity is further enhanced by existing smartphone safety technology like facial and fingerprint recognition. Modern access control solutions are “contactless,” which also contributes to overall workplace safety. These systems reduce the need to touch key cards, fobs and door readers – reducing the spread of contagious contaminants.

  Integrated or Standalone Installation

  You’ve probably already realized that ACaaS is flexible enough to work well for any operation, even with pre-existing security setups. Whether you or your customer wants a fully wireless ACaaS solution or would prefer to seamlessly build upon previously installed infrastructure, it’s all possible with modern access control.

  Remote Management

  Administering modern access control technology should be done independent of location and from any connected device. Talk about the perfect option for the hybrid workforce! Whether in-office, at home or on the road, admins should have complete visibility into their system and total control over who’s accessing the office – all from their mobile phone.

  User Directory Integration

  Having an access control system that integrates with a user directory is a must. It allows for the intuitive configuration of user permissions, the establishment of groups and enables automatic provisioning via emails sent to users’ mobile devices.

  Smart & Secure! Smart Office Solutions from Sangoma

  Sangoma SmartOffice brings the best of advanced access control to users’ smartphones. Nearly every business has security considerations; yet many lack advanced access control. Employees may have a key or fob to get into the building, but this falls far short from the efficiency, security and affordability of Sangoma SmartOffice.

  Managed entirely through the convenience of the smartphone, SmartOffice operates over Wi-Fi or cellular connections to physically open locks. And since it is integrated with the Sangoma unified communications (UC) system, administrators can access user directory information to easily manage users, groups, and permissions for office access and the PBX from any location.

  Sangoma Cloud service powers SmartOffice, ensuring that every user and every action is properly authenticated within the system. Seeing as the solution also uses employee smartphones, SmartOffice integrates common mobile security features like password protection. These security protections work together seamlessly to guarantee only certified persons have access to the premises.

  Finally, as businesses grow, so too will SmartOffice. There is no limit to the number of wireless doors or mobile users that can be included. No matter how a company develops over time, SmartOffice can remain the foundation of its operational security.

  Want to explore improving your company’s security with SmartOffice? Contact us today!

  The post 10 Things Organizations Should Look for in Cloud-based Mobile Access Control appeared first on Sangoma Technologies.

July 19, 2022

• Digium Why Collaboration Tools Are Important

  In my last blog, I discussed “digital channels”, one of which are collaboration tools. Let’s take a closer look the importance of collaboration tools. Just take a look at this graphic.

  We’ve all been using collaboration and messaging tools as we’ve been working remotely. Or maybe we’ve been using them anyway since we work in a distributed workforce. For sure, I can say productivity is enhanced by messaging someone, and sharing documents.

  Frost and Sullivan feels the same way. As the whitepaper says: “Communications provide the connective tissue among diversified workforces—across departments, project teams, job roles, work locations and worker generations. Enabling a collaborative work environment can considerably strengthen employee bonds, enhance morale, improve the customer journey and drive workflow efficiencies.

  And this is why Sangoma has invested quite a bit in our own collaboration platform, TeamHub, which is part of our UC platforms. While an essential part of UC is certainly the smartphone and laptop business phone number mobility aspect, it is becoming increasingly apparent that collaboration and video meetings also now need to be part of the essential to UC offering. And if you are getting these from different vendors, you don’t truly have an integrated UC platform.

  To download the full Frost and Sullivan whitepaper to learn more about this, please go here.

  The post Why Collaboration Tools Are Important appeared first on Sangoma Technologies.

July 14, 2022

• Digium Envision it. Enable it. Control it. Wholesale SIP Trunking Lets Businesses Work Their Way

  There’s no doubt video conferencing and remote working have garnered a lot of attention over the last few years. Despite this, SIP-based voice services are still critical for businesses that are responsible for high volumes of call traffic. And because the SIP protocol enables internet-based telephony services to integrate with data networks and cloud-based services, businesses can build a more robust unified communications system.

  Wholesale SIP trunks are scalable and configurable on-demand connections for MSPs and ITSPs that wish to provide or sell hassle-free, high-value services to employees and customers. What’s more, those who manage communications for call centers and enterprise businesses can work directly with a SIP Trunk Provider or an MSP/ITSP to keep their organizations running seamlessly as they change or grow.

  Here are just a few of the benefits of Wholesale SIP Trunking and what you should look for when selecting a vendor:

  Flexibility is Key! Easily Curate Your Offerings

  If you’re responsible for procuring carrier services, wholesale SIP trunking provides freedom of choice so you can curate your offering, unlike retail SIP trunking with bundled offerings. SIP-related services can be selected à la carte and packaged together to deliver SIP services across geographically dispersed locations.

  Look for solutions with a single point of entry with wide coverage. We can’t stress this enough! Plus, avoid providers that require large minimum spending, carrier negotiations, or contracts to maintain. Flexibility enables you to deliver or achieve a high-performance unified communications network that creates value for businesses.

  Whether you’re an enterprise customer, ITSP or MSP, seek out a complete set of SIP trunking features to meet your requirements.

  Instantly Take Control of Day-to-Day Functions

  At the end of the day, flexibility and ease of use are worth their weight in gold. When selecting a vendor for wholesale SIP trunking services, ensure their solutions allow you to instantly take control of provisioning SIP trunks; adding, deleting or modifying services; porting local numbers; and managing billing and account changes.
  What’s more, look for vendors offering back-office access via a self-service portal or API so you can easily respond to shifting business requirements, adapt to new market conditions, and capitalize on new opportunities.

  Seek Out Turnkey Solutions

  Large enterprises use wholesale SIP trunking for their own purposes unlike ITSPs and MSPs that need to create offerings to sell to retail customers. MSPs should choose a solution they can trust to be ready on time and function with minimal disruption and risk. Having completed hundreds of deployments, Sangoma turnkey solutions and processes have proven to be reliable.

  Turnkey solutions will include all the service offerings the provider chooses, as well as hosted billing, wrapped together – fully integrated, complete, and ready to operate.

  The key benefits of turnkey solutions are:

  • Services that are easy to choose, configure and maintain
  • Reduced costs
  • A utility model lets you pay for what you use
  • Business continuity and resiliency
  • Fraud preventions
  • Texting
  • 911 Emergency services
  • Gets you up and going fast
  • Consolidated infrastructure
  • Hosted billing to handle number porting, billing, tax calculations, reporting and compliance (for service providers)
  • Self-serve portal (branded for the MSP)

  Achieve Your Vision

  Our wholesale SIP trunking team is focused on client satisfaction and helping you achieve your business goals. We respond quickly, give you professional advice, and ensure that every interaction with us is a great experience.

  Are you in an urgent situation? We can help you get up and running in under a day. Here’s a case study of a one-day turnup.

  If you have questions or need additional information, we have an extensive base of resources that are accessible to you, including subjects such as the Modern Approach to SIP trunking or why we’re The Leading Wholesale SIP Trunking Provider.

  Get in touch with a specialist or request a free demo!

  
  https://carrierservices.sangoma.com/request-a-quote/

  Useful information specific to enterprise customers or service providers:

  
  Break the Boundaries of Typical SIP Trunking Service Providers
  7 Reasons Why Your Enterprise Needs Wholesale SIP Trunking
  9 Reasons Why You Need to Sell Wholesale SIP Trunking

  The post Envision it. Enable it. Control it. Wholesale SIP Trunking Lets Businesses Work Their Way appeared first on Sangoma Technologies.

July 11, 2022

• WebRTC Hacks Calculating True End-to-End RTT (Balázs Kreith)
  

  Balázs Kreith of the open-source WebRTC monitoring project, ObserveRTC shows how to calculate WebRTC latency - aka Round Trip Time (RTT) - in p2p scenarios and end-to-end across one or more with SFUs. WebRTC's getStats provides relatively easy access to RTT values, bu using those values in a real-world environment for accurate results is more difficult. He provides a step-by-step guide using some simple Docke examples that compute end-to-end RTT with a single SFU and in cascaded SFU environments.

  The post Calculating True End-to-End RTT (Balázs Kreith) appeared first on webrtcHacks.

July 06, 2022

• Enable Security SIPVicious PRO experimental now supports STIR/SHAKEN and 5 new tools
  We just made two builds available to our SIPVicious PRO members. One is called the stable build, while the other is the experimental build. The v6.0.0-beta.5 stable build includes a large number of fixes, much better (or sane) defaults and full coverage of SRTP throughout the toolset. The experimental version is where the excitement is. Our members now have access to 5 new tools that we find useful in our work:

July 05, 2022

• Digium Your UC / UCaaS Platform Needs “Digital Channels”

  Frost and Sullivan has written a white paper called “Modern Cloud Communications Empower the Hybrid Workforce”. It’s an interesting paper all around. To download the full paper, please go here. In the meantime, I picked 4 interesting parts of the paper to write a little bit about and I’ll do that in the next four blogs I write.

  So, let’s get to the first topic. One concept Frost and Sullivan writes about is the impact of the pandemic on IT and what IT must do in terms of supporting employees going forward. Obviously (or maybe not so obviously depending on your point of view), a hybrid work remote / work at the office is here to stay.

  How do you function as the best “team” in this kind of environment? By now, we’ve all gotten used to video meetings and collaboration messaging tools. And continuing those are important for sure. But Frost and Sullivan argues that there needs to be “more”, and integrating digital channels to deal with not only remote employees, but customers (who now have also been exposed to messaging tools) wanting to connect with you digitally is critical for success.

  The paper goes into this in much more detail, but the takeaway I have from reading this is collaboration tools, and other types of “digital channels” that work both with employees and reach out to customers will be critical. Like I said above, to download the full paper, please go here.

  The post Your UC / UCaaS Platform Needs “Digital Channels” appeared first on Sangoma Technologies.

June 30, 2022

• Enable Security SIPVicious PRO out with 2 releases, ransomware and participation in the survey
  The sun is shining (at least on this part of the hemisphere), new exploits and builds are published and everything is good. Welcome to the June edition of RTCSec! In this edition, we cover: Our news: presenting at TADSummit in November and releasing two new SIPVicious PRO versions The Open-Source Telecom Software Survey which needs filling up Ransomware attacks using Mitel’s VoIP appliances as an entry-point Carrier related issues, including Syniverse compromise and call forwarding trick Vulnerabilities that were fixed in Sofia-SIP (FreeSWITCH), pjsip, Mitel phones and VitalPBX and much much more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

June 29, 2022

• ng-voice What pride month means to us at ng-voice

  Happy Pride Month to all the amazing people in the community & supportive allies!

   

  With this celebratory time coming to an end we would like to share what we have been up to this Pride Month and how we are building up on our initiatives in support of the LGBTQ+ community in our company!

   

  We at ng-voice believe that Pride Month should not be a 1-month window to praise ourselves for being accepting of others, to then forget about this essential part of a more inclusive work environment for the next 11 months. Instead, we believe that this is a reminder and an opportunity to evaluate our DEI (Diversity, Equity, and Inclusion) initiatives and make them stronger. Since last year’s Pride Month, we have tripled in size and with this rapid growth, our need for internal reflection has increased with every new team member we welcomed. 

   

  Our team is diverse in every possible way – not just our areas of expertise are vastly different, but also our cultural and ethnic backgrounds as well as Gender identity & Sexual orientation, and we celebrate that. But cherishing diversity requires constantly looking at our internal processes and actively committing to intentional changes we would like to make. 

   

  With that in mind, we took a very pragmatic approach and selected a group of actions that could be easily implemented, and that have a significant impact on strengthening our culture and creating an inclusive environment for the LGBTQ+ community. And by sharing our experience at ng-voice, we hope to incentivize other SMBs (Small and Medium Businesses) like us to take action and continuously find new ways to foster inclusion in their companies.

  

  Here are some cool new initiatives we implemented during this Pride Month

  Firstly, we aimed to create a safe space for our LGBTQ+ team members and allies to share news, fun content, and experiences as well as support one another – so we did – we call it “The Rainbow Roomâ€�. With this internal communication channel, we began our second mission: to raise more regular awareness and maintain visibility for the LGBTQ+ community and assure that LGBTQ+ content does not disappear once Pride Month is over. For starters, we will be sharing a queer good news article of the month and start the bi-weekly Rainbow-Media Round for Movie, TV Show or Book recommendations (of course with queer vibes only).  

   

  We also reviewed our internal HR & Recruiting Processes where the candidate details we collect and personnel files were updated, especially to include non-binary individuals. We are updating our recruiting and internal communication platforms, including the option to add pronouns.

   

  To assure that in our cross-national & cross-functional spaces matters of Diversity become more prevalent and visible, we will make sure to allocate a permanent slot in our Townhall meeting, which happens about once a month, to raise awareness and give visibility to DEI topics. 

   

  And we are also looking forward to being part of external Pride events with the team in the cities where we are present (which in our case happen in late July or early August)!

   

  The best part of being a member of the ng-voice team is that diversity & inclusion are not buzzwords. We hire diverse people from all around the globe. We never shy away from teaching one another new things & expanding our horizons. We are curious and listen to those that have new and different perspectives to share.

   

  This month I am incredibly proud to be a part of a team that makes everyone feel welcome and is committed to not just growing in numbers, but also growing into a more diverse and accepting company. 

   

  To know more about our company culture and career opportunities, please visit our careers page. 

  

  Lara Brzezinski

  Onboarding specialist

  Publisher Bio

  Lara Brzezinski is part of the ng-voice team as an Onboarding Specialist who is passionate about People, Leadership, Training & Development and Project Management.

  She holds a BBA from Hult International Business School in London – Management Major and has worked in the Management Consulting & FinTech Industry.

June 27, 2022

• ng-voice ng-voice’s fully cloud-native IMS recognized as the Best VoLTE Solution at the CCGA 2022

  ng-voice’s IMS  recognized as the Best VoLTE Solution

  ng-voice is proud to announce that it has been awarded the Best VoLTE Solution Recognition Award within the 6th annual CC-Global Awards (CCGA) which took place on 23rd of June in Berlin, bringing together global operators and partners to celebrate innovative achievements in the industry.

   

  The CC-Global Awards (CCGA) recognizes innovations and achievements among telecom wholesale operators and ecosystem partners around the globe. The awards competitors were judged by a panel of telecom analysts and experts from the industry.

  

  ng-voice’s VP of Sales and Partnerships, Qawa Darabi, mentions that “we are honored to be recognized by the Carrier Community Awards for the Best VoLTE Solution, as we are dedicated to continuously delivering the most innovative, containerized and cloud-native IMS solution in the market to our customers and partners.” 

   

  We would like to thank the judging panel for this recognition, and our customers, partners, and amazing team for the support. We would also like to congratulate our fellow winners for their achievements. 

   

  If you want to learn more about the Best VoLTE Solution, get in touch at sales@ng-voice.com and download more information about our IMS Solution here:

  Please fill in your contact information and download an overview of our company and solutions:

  First & Last Name

  Email Address

  Company

  Phone Number

  By submitting this form, you agree to receive future emails from ng-voice.

  Download

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Kathrin Hißner

  Content/Digital Marketing Specialist

  Publisher Bio

  With her marketing and design background, as well as her experience in brand and communications management, Kathrin brings her unique skills to ng-voice. As a digital marketer, Kathrin supports our growth strategy by increasing the visibility of our brand to potential customers.

  She enjoys working on information visualization and infographic design.

June 21, 2022

• Digium The Benefits of a Managed Security / Unified Threat Management Service

  Before discussing the benefits of a managed security service for your business, let’s discuss what threats we are talking about. As an IT manager for your business, you are likely worried about attacks on your corporate network in the form of viruses, spam, phishing attempts, malicious content, unapproved website access where “bad” files can be accessed, etc.

  So how to do something about this and manage this better? Maybe you can tackle different parts of this by adding virus checkers or spam filtering or defending against network attacks, for example. But that tactic, while addressing specific areas, that tactic would leave some vulnerabilities, and you’d have to manage each area yourself anyway. It might become complicated, and you wouldn’t have everything covered. You’d cover what you thought was necessary or what you had the budget to cover.

  So how can you best tackle addressing all kinds of threats to your network economically? That’s how Unified Threat Management came to be – a single device to be put in place that inspects the incoming data – looks at packet headers, looks for known virus/malware, etc., and identifies these threats to an administrator.

  And that’s great. But what if you are a larger company with many locations. It starts to get even more complicated. The next step would be to get help – have a managed service help you do this, or maybe even manage this for you. While a unified threat management device might be put at your location, or if you have multiple locations placed at each location, you could have someone manage this for you. Or you could decide you don’t want any devices on-prem, and all of this can also be done via the cloud.

  Either way, someone could help you manage this. An expert team of people would work with you to set up profiles, help you figure out whether an all-cloud solution could work for you, and potentially fully manage your threat management system or co-manage it with your team. And Sangoma, through our acquisition of NetFortris, provides managed security to companies of all sizes.

  The post The Benefits of a Managed Security / Unified Threat Management Service appeared first on Sangoma.

• WebRTC Hacks The Ultimate Guide to Jitsi Meet and JaaS
  

  A full review and guide to all of the Jitsi Meet-related projects, services, and development options including self-install, using meet.jit.si, 8x8.vc, Jitsi as a Service (JaaS), the External iFrame API, lib-jitsi-meet, and the Jitsi React libraries among others.

  The post The Ultimate Guide to Jitsi Meet and JaaS appeared first on webrtcHacks.

• ng-voice Mariela shares her 1st month experience at ng-voice

  I am Mariela Rivero, originally from Bolivia and I’ve been living in Hamburg for about 4 years. I’m writing this article to share how the experience of my first month working at ng-voice GmbH has been like.

  Who am I?

  I’m a psychologist with training in ACT therapy, a basis in tech recruitment, and a passion for languages and technologies. I got my bachelor’s degree in Psychology in Bolivia and finished vocational training in Office Management here in Hamburg. I consider myself to be a very empathetic, organized, and adaptable person. I also thrive in situations where a „problem-solving“ mentality is required.

  

  
  Why did I join ng-voice?

  I stumbled upon ng-voice while looking for job opportunities in the IT field. Ng-voice immediately caught my attention for two reasons: it seemed a very innovative telecom company: the implementation of a cloud-native IMS was a totally new concept to me. Not only that – but also its values aligned perfectly with mine; an inclusive, multicultural startup with a hybrid work model and a happy work environment.

  My experience at ng-voice so far

  Right from my very first day, my colleagues received me with such enthusiasm; it really made me feel appreciated and comfortable. We had a welcome lunch to get to know each other and my onboarding buddy gave me a tour of the office. During my first onboarding week, I have been given a rounded and comprehensive picture of the history, team structure of the company and the IMS solution we offer. 

  After meeting all of my colleagues, I got to confirm my previous perception about ng-voice; its organizational values of ownership, trust, and teamwork, provide an ambiance of content on a daily basis.  Because I’m managing every administrative process in both Hamburg and Berlin (something that I find awesome, thus I get to be around people all the time), you’ll certainly always see me around the office. To sum up, my first month has been an incredible experience and I’m looking forward to many more to come.

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Mariela Rivero

  Office Manager

  Publisher Bio

  Mariela Rivero is the office manager of ng-voice, she’s a psychologist with training in ACT therapy, a basis in tech recruitment, and a passion for languages and technologies.

  Her empathy, organization, and adaptability make her thrive. You will always see her around in our Hamburg or Berlin’s offices.

June 17, 2022

• Jitsi A stepping stone towards end-to-end encryption on mobile

  It has been a while since our first release of end-to-end encryption for the web app and ever since we have tried to enhance and improve it. One of these enhancements was the introduction of The Double Ratchet Algorithm through libolm and automatic key negotiation.

  

  Each participant has a randomly generated key which is used to encrypt the media. The key is distributed with other participants (so they can decrypt the media) via an E2EE channel which is established with Olm (using XMPP MUC private messages). You can read more about it in our whitepaper.

  Even though the actual encryption/decryption API is different on web and mobile (“Insertable Streams” vs native Encryptors/Decryptors), the key exchange mechanism seemed like something that could be kept consistent between the two (even three, considering Android and iOS different) platforms. This took us to the next challenge: how can we reuse the JS web implementation of the double ratchet algorithm without any major changes, while also keeping in mind the performance implications it might have on the mobile apps.

  Since our mobile apps are based on React Native the obvious solution was to wrap libolm so we could use the same code as on the web, but not all wrappers are created equal.

  The “classical” approach – using Native Modules

  

  Source: talk by Lorenzo S.

   

  There are three major drawbacks while using this approach:

  1. Performance – the communication through the bridge can be quite slow and it also requires some very specific data as parameters that would be converted to JSON (serializable, WritableArrays, etc).
  2. Lots of glue code is required, both on Android and iOS. Also, every future change will have to be implemented both in Java and ObjC.
  3. Since there are two different threads that run the native and the JS code, the bridge methods are asynchronous, this means that offering synchronous APIs is not possible (without using sync methods, but that is discouraged as it kills performance).

  The first issue might not have had such a major impact on this specific use case, since the key exchange happens not too frequently. The fact that every change has to be implemented twice is very likely to be a problem in the future, while the last issue, the asynchronicity of the bridge methods is definitely a showstopper since it would break the consistency of the web and mobile interfaces.

  JavaScript Interface – JSI

  JavaScript Interface (JSI) is a new layer between the JavaScript engine and the C++ layer that provides means of communication between the JS code and the native C++ code in React Native. Since it doesn’t require serialization is a lot faster than the traditional bridge approach, in addition to allowing us to provide a performant sync API.

  

  Source: talk by Lorenzo S.

   

  As we’ll show in the what follows, it also solves the other two problems the classical approach poses, the implementation has to be done/modified only once (most of the time, since some glue code is still required) and, most importantly, the native methods called thought JSI can be synchronous.

  Android

  The first challenge was to find the proper way of initializing the C++ libraries and exposing the so-called “host functions” (these are C++ functions callable from the JS code).

  For this we took advantage of the mechanism for native modules and the way they are initialized by the RN framework, thus creating OlmModule.java and OlmPackage.java. OlmPackage is just a simple ReactPackage that has as native modules OlmModule.

  OlmModule.java

  Within the lifecycle of this ReactContextBaseJavaModule, the actual magic happens: loading the C++ libraries and exposing the necessary behavior to the JS side.

  The C++ library is loaded inside a static initializer.

  Exposing the host functions to the JS is done in the initialize method of the OlmModule, through the JNI native function nativeInstall. This method is implemented in cpp-adapter.cpp, where, besides some JNI-specific code, the jsiadapter::install is called, where the host functions will actually be exposed. It is here where the Android-specific glue code ends, the jsiadapter being platform agnostic, used, as we’ll show, by the iOS as well.

  iOS

  We also used the iOS native bridge mechanism for initialization, but here the implementation is even easier: Olm.h and Olm.mm contain the module, where, in the setBridge method, jsiadapter::install is called, exposing the host functions.

  Exposing the host functions

  As stated above, both Android and iOS specific code ends up calling the platform agnostic jsiadapter::install method. It is here where the C++ methods are exposed, i.e. JS objects are set on jsiRuntime.global with methods that call directly into the C++ code.

   Object module = Object(jsiRuntime);
   //…add methods to module
   jsiRuntime.global().setProperty(jsiRuntime, "_olm", move(module));

  This object will be accessible on the JS side via a global variable. For our use case only one object is enough, but it is here where as many objects as necessary can be exposed, without having to change any of the platform specific code.

  Adding methods to the exposed object

    auto createOlmAccount = Function::createFromHostFunction(
        jsiRuntime, PropNameID::forAscii(jsiRuntime, "createOlmAccount"), 0,
        [](Runtime &runtime, const Value &thisValue, const Value *arguments,
           size_t count) -> Value {
          auto acountHostObject = AccountHostObject(&runtime);
          auto accountJsiObject = acountHostObject.asJsiObject();
  
          return move(accountJsiObject);
        });
  
    module.setProperty(jsiRuntime, "createOlmAccount", move(createOlmAccount));
  
    auto createOlmSession = Function::createFromHostFunction(
        jsiRuntime, PropNameID::forAscii(jsiRuntime, "createOlmSession"), 0,
        [](Runtime &runtime, const Value &thisValue, const Value *arguments,
           size_t count) -> Value {
          auto sessionHostObject = SessionHostObject(&runtime);
          auto sessionJsiObject = sessionHostObject.asJsiObject();
  
          return move(sessionJsiObject);
        });
  
    module.setProperty(jsiRuntime, "createOlmSession", move(createOlmSession));

  Two methods are exposed: createOlmAccount and createOlmSession, both of them returning HostObjects.

  HostObject

  It’s a C++ object that can be registered with the JS runtime, i.e. exposed methods can be called from the JS  code, but it can also be passed back and forth between the JS and C++ while still remaining a fully operational C++ object.

  For our use case, the AccountHostObject and SessionHostObject are wrappers over the native olm specific objects OlmAccount and OlmSession and they contain methods that can be called for the JS code (identity_keys, generate_one_time_keys, one_time_keys etc. for AccountHostObject, create_outbound, create_inbound, encrypt, decrypt etc. for SessionHostObject).

  The way this methods are exposed from C++ to JS is again through host functions, in the HostObject::get method:

   

  Value SessionHostObject::get(Runtime &rt, const PropNameID &sym) {
   if (methodName == "create_outbound") {
      return Function::createFromHostFunction(
          *runtime, PropNameID::forAscii(*runtime, "create_outbound"), 0,
          [](Runtime &runtime, const Value &thisValue, const Value *arguments,
             size_t count) -> Value {
            auto sessionJsiObject = thisValue.asObject(runtime);
            auto sessionHostObject =
                sessionJsiObject.getHostObject<SessionHostObject>(runtime).get();
            auto accountJsiObject = arguments[0].asObject(runtime);
            auto accountHostObject =
                accountJsiObject.getHostObject<AccountHostObject>(runtime).get();
            auto identityKey = arguments[1].asString(runtime).utf8(runtime);
            auto oneTimeKey = arguments[2].asString(runtime).utf8(runtime);
  
            sessionHostObject->createOutbound(accountHostObject->getOlmAccount(),
                                              identityKey, oneTimeKey);
            return Value(true);
          });
    }
  }

  Example:

  const olmAccount = global._olm.createOlmAccount();
  const olmSession = global._olm.createOlmSession();
  olmSession.create_outbound(olmAccount, “someIdentityKey”, “someOneTimeKey”);

  As shown, global._olm.createOlmAccount() and global._olm.createOlmSession() will return a HostObject. When calling any method on it (create_outbound in the example) the HostObject::get method will be called with the proper parameters, i.e. the Runtime and the method name, so we use this method name to expose the desired behavior.

  Note that the calling HostObject can be fully reconstructed on the C++ side,

    auto sessionJsiObject = thisValue.asObject(runtime);
    auto sessionHostObject =
      sessionJsiObject.getHostObject<SessionHostObject>(runtime).get();

  Parameters can also be passed from JS to C++, including other HostObjects:

    auto accountJsiObject = arguments[0].asObject(runtime);
    auto accountHostObject =
      accountJsiObject.getHostObject<AccountHostObject>(runtime).get();
    auto identityKey = arguments[1].asString(runtime).utf8(runtime);
    auto oneTimeKey = arguments[2].asString(runtime).utf8(runtime);

  Fully consistent interface

  As mentioned from the very beginning, keeping the web and mobile interfaces consistent was the main goal, so, after implementing all the necessary JSI functionality, it was all wrapped into some nice TypeScript classes: Account and Session.

  Their usages are shown in the example integration that comes with the SDK:

    const olmAccount = new Olm.Account();
    olmAccount.create();
    const identityKeys = olmAccount.identity_keys();
  
    const olmSession = new Olm.Session();
    olmSession.create();
    olmSession.create_outbound(olmAccount, idKey, otKey);

  This is the exact same API that the olm JS package exposes. Mission accomplished!

  Next steps

  Implementing this RN library that exposes the libolm functionality is just a piece of the bigger mobile E2EE puzzle. It will be integrated in the Jitsi Meet app and used for the implementation of the E2EE communication channel between each participant, i.e. for exchanging the keys.

  Key generation

  Since the WebCrypto API is not available in RN, we have to expose a subset of the methods for key generation (importing, deriving, generating random bytes) and again we plan to do it through JSI.

  Turn out the olm library contains these methods, so it is possible we’ll expose them in the react-native-olm library.

  Performing the actual media encryption/decryption

  WebRTC provides a simple API that allows us to obtain the same result that we do on the web with “insertable streams”: FrameEncryptorInterface and FrameDecryptorInterface, in the C++ layer.

  The encryptor is to be set on an RTPSender, while the decryptor on the RTPReceiver and they will basically act just as a proxy for each frame that is sent/received, making it possible to add logic for constructing/deconstructing the SFrame out of each frame that is sent/received.

  The fact that this code will run on the native side is of major importance, since the performance issues caused by the communication between the JS and native would be major in this case, since those operations would have to be done many times a second, for each frame, probably making the audio and video streams incoherent.

  The only operations that will be done from the JS side is the enabling of the E2EE, as well as the key exchange steps. We will have to expose the methods for setting the keys for the AES-GCM from the JS to the native FrameEncryptors and FrameDecryptors, most likely using the JSI path.

  Oh hey there vodozemac!

  While we were busy working on this the good folks over at Matrix have created* vodozemac, a new libolm implementation in Rust and it highly recommends migrating to this SDK going forward. At the moment it only provides bindings for JS and Python, while the C++ is still in progress. We’ll keep a close eye here and update to vodozemac after we have all the pieces in place.

  Get it!

  You can start tinkering with it today, here is the GitHub repo.

  ---

    Your personal meetings team.

  Author: Titus Moldovan

   

  The post A stepping stone towards end-to-end encryption on mobile appeared first on Jitsi.

June 15, 2022

• WebRTC Hacks Meet vs. Duo – 2 faces of Google’s WebRTC
  

  A very detailed look at the WebRTC implementations of Google Meet and Google Duo and how they compare using webrtc-internals and some reverse engineering.

  The post Meet vs. Duo – 2 faces of Google’s WebRTC appeared first on webrtcHacks.

June 13, 2022

• Jitsi Bridge cascading with geo-location is back

  Back in 2018 we first released cascaded bridges based on geo-location on meet.jit.si. Then in 2020 as we struggled to scale the service to handle the increased traffic that came with the pandemic we had to disable it because of the load on the infrastructure. And now it’s finally back stronger and better!

  In this post we’ll go over how and why we use cascaded bridges with geo-location, how the new system is architectured, and the experiment we ran to evaluate the new system.

   

  Why use cascaded bridges?

  We want to use geolocation for the usual reason – connect users to a nearby server to optimize the connection quality. But with multiple users in a conference the problem becomes more complex. When we have users in different geographic locations, using a single media server is not sufficient. Suppose there are some participants in the US and some in Australia. If you place the server in Australia, the US participants will have a high latency to the server and an even higher latency between each other – their media is routed from the US to AU and back to the US! Conversely if you place the server in the US the Australian participants have the same issues.

  We can solve this by using multiple servers and having participants connect to a nearby server. The servers forward the media to each other. This way the “next hop” latency is lower, and so is the end-to-end latency for nearby endpoints.

  

   

  Architecture

  There are many new things in our backend architecture!

   

  1. JVB pools

  We used to have shards consisting of a “signaling node” and a group of JVB (jitsi-videobridge, our media server) instances. In order to make bridges in different regions available for selection, we just interconnected all bridges in all shards. And this is exactly what broke when we had to scale to 50+ shards and 2000+ JVBs.

  In the new architecture JVBs are no longer associated with a specific shard. A “shard” now consists of just a signaling node (running jicofo, prosody and nginx). We have a few of these per region, depending on the amount of traffic we expect. Independently, we have pools of JVBs, one pool in each region, which automatically scale up and down to match the current requirements.

  In addition we have “remote” pools. These are pools of JVBs which make themselves available to shards in remote regions (but not in their local region). For example, we have a remote pool in us-east which connects to signaling nodes in all other regions. This separation of “local” vs “remote” pools is what allows us to scale the infrastructure without the number of cross-connections growing too much

  As an example, in the us-east region (Ashburn) we have 6 signaling nodes (“shards”) and a pool of JVBs available to them. This is the us-east “local” pool. We also have multiple “remote” JVB pools connected to the shards — one from each of the other regions (us-west, eu-central, eu-west, ap-south, ap-northeast, ap-southeast). Finally, we have a us-east “remote” JVB pool connected to shards in all other regions.

   

  

   

   

  2. Colibri2 and secure octo

  In late 2021 we completely replaced the COLIBRI protocol used for communication between jicofo and JVBs. This allowed us to address technical debt, optimize traffic in large conferences, and use the new secure-octo protocol.

  In contrast to the old octo protocol, secure-octo connects individual pairs of JVBs. They run ICE/DTLS to establish a connection, and then use standard SRTP to exchange audio/video. This means that a secure VPN between JVBs is no longer required! Also, we can filter out streams which are not needed by the receiving JVB.

   

  3. Region-group selection

  In the experiments we ran in 2018 we found that introducing geo-located JVBs had a small but measurable negative effect on round-trip-time between endpoints in certain cases. Notably endpoints in Europe had, on average, a higher RTT when cascading was enabled. We suspected that this was because we use two datacenters in Europe (in Frankfurt and London) and many endpoints have a similar latency to both. In such cases, introducing the extra JVB-to-JVB connection has almost no impact on the next-hop RTT, but increases the end-to-end RTT between endpoints.

  To solve this problem we introduced “region groups”, that is we grouped the Frankfurt and London regions, as well as the Ashburn (us-east) and Phoenix (us-west) regions. With region groups, we relax the selection criteria to avoid using multiple JVBs in the same region group.

  As an example, when a participant in London joins a conference, we will select a JVB in London for them. Then, if a participant in Berlin (closer to Frankfurt than London) joins we will use that same JVB in London instead of selecting a new one in Frankfurt.

  Experiment and results

  The new meet-jit-si infrastructure allowed us to easily perform an experiment comparing the case of no bridge cascading (control), cascading with no region groups defined (noRG) and cascading with region groups (grouping us-east and us-west, as well as eu-central and eu-west). We had 3 experimental “releases” live for a period of about two weeks, with conferences randomly distributed between them and the main release. We measured two things: end-to-end round trip time between endpoints and round-trip-time between an endpoint and the JVB it’s connected to (next-hop RTT).

  By and large the results show that cascading works as designed and the introduction of region groups had the desired effect.

  With cascading we see significantly lower end-to-end RTT in most cases. When the two endpoint are in the same region:

  

  When the two endpoints are in different regions we see a slight increase when region groups are used, but the overall effect of cascading is positive.

  

   

  The next-hop RTT is also significantly reduced with cascading. Overall we see a 29% decrease (from 223 to 158 milliseconds) when the endpoint and server are (were) on different continents.

  

   

  You can see the full results here.

  The post Bridge cascading with geo-location is back appeared first on Jitsi.

• ng-voice ng-voice at the MVNOs World Congress

  ng-voice is proud to have exhibited at this year’s MVNO World Congress in Berlin, Germany on the 8th and 9th of June. The MVNOs World Congress is a great opportunity for the MVNO community to find out about the new trends in the market, meet the key players in the business, and transform virtual operator capabilities in the digital era through expert insights.

   

  Almost 2 years after the 2020 virtual edition, we at ng-voice were excited to return to this global event this time with a face-to-face format, and be able to meet everyone once again

  

  Informa provided an amazing environment for our industry to reconnect. The event took place in Berlin, which is itself an amazing location. In recent years, the city has become the fastest-growing start-up hub in Germany and is particularly attractive to new businesses in the creative and tech industries seeking to open new markets. And since Berlin is also one of ng-voice’s locations, we were feeling even more at home.

   

  ng-voice brought to the MVNOs World Congress our fully containerized and cloud-native IMS core – the first and most containerized IMS core in the market. We exhibited at the MVNOs World Congress at booth 24. As part of our team of delegates, we had our CTO and Founder Carsten Bock, our VP of sales Qawa Darabi and Barbara Silva our Head of Marketing. 

   

  The event also had a very interesting conference agenda with keynote speakers from the most relevant players tapping into a variety of topics like the trends, challenges, and opportunities for MVNOs. 

   

  According to Barbara Silva, our Head of Marketing, “this is a very important event for the MVNO segment. It is a unique opportunity to meet with potential customers and partners, reunite with established players and meet newcomers from around the globe. It is very exciting for us to have our brand present and showcase the benefits of a fully cloud-native VoLTE/ VoNR solution to this audience”. 

   

  To know more about the MVNOs World Congress in Berlin 2022, visit the webpage. And get in touch with our team at sales@ng-voice.com to know more about our fully containerized and cloud-native solutions.

  

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Roi Gomez

  WS-Marketing

  Publisher Bio

  After finishing his Masters Degree in Marketing and Political Comunication, Roi joined ng-voice to assist the marketing team by further generating brand awareness through marketing initiatives.

   

June 07, 2022

• Digium Is telephone Hot Desking really needed anymore?

  Before we get to that question, and why I even asked it in the first place, we need to define what hot desking is. Hot desking is going to the office and sitting where you want. Maybe your company doesn’t have assigned offices or cubes, and you go in. And remember, people, if we’re going to live in this hybrid work from home / go into the office 2 or 3 times a week, companies will start doing this. Count on it. And if you don’t like it, go in every day to claim your space. The company can take a smaller footprint at the physical location since everyone isn’t there every day. So you sit wherever. But you need your office phone number, so when you get calls on the phone at the physical location you sit at, they are phone calls for you.

  In terms of communications, which I write about, this means taking your phone number to wherever you go sit. And if there is a physical phone at the place you sit, that means you need to log in somehow and tell the phone system that you are at that place and that the physical phone at that place should be using my company phone extension.

  Putting this feature into a Unified Communication system is not the simplest thing. We have multiple Unified Communication systems, and some support hot desking, and some do not. If an RFP comes in with hot desking requirements, we can respond positively with one of our systems.

  But is hot desking of a physical phone an obsolete concept with Unified Communications? Does it even need to be in RFPs anymore? Because with UC, you can make and take phone calls with your work extension from your computer, or your smartphone, via a UC client. I can do that no matter where I sit in the office, from any hotel room, from my patio at my house, or from the Giants game (which I have done). So there is built-in hot desking with modern Unified Communications systems. But if you still need it for physical phones, we can do that too.

  The post Is telephone Hot Desking really needed anymore? appeared first on Sangoma.