sip5060.net / en es

RSS Atom

Planet SIP

March 17, 2023

• Enable Security OpenSIPS Security Audit Report is fully disclosed and out there
  It’s almost a year since the OpenSIPS project published a minimized version of our security audit report from 2022. Now, the full version has been published, with all the information intact on how to reproduce the vulnerabilities and extra details in an 80+ page report. The OpenSIPS security audit report can be found here. What is the OpenSIPS security audit? OpenSIPS is a SIP server that often has a critical security function within an IP communications system.

March 16, 2023

• Digium What You Need To Know About The Growing Complexities of Communications Taxes

  It’s definitely a great time to be a Managed Service Provider (MSP), Communication Service Provider (CSP), and Voice Service Provider (VSP), delivering managed communication services. Whether they be a seasoned provider or just starting out, the work-from-home movement has created a massive change in IT infrastructure, which means managed service providers have become very popular and are enticed to deliver more. For instance, the MSP market was valued at $242.9 billion in 2021 and is projected to reach 354.8 billion by 2026, registering a CAGR of 7.9%! This tremendous growth is pushing MSPs to continue to broaden and diversify their offerings. Still, there is a big surprise waiting for inexperienced or ill-informed providers: the increased set of communications tax complexity, obligations, and risk.

  Why are communications taxes more important than ever?

  MSPs, CSPs, and VSPs certainly understand that they are required to charge for and remit communications taxes. If you are reselling, charging, and invoicing for telecom services, such as data, voice, video, and messaging, then you’re in that camp. But what’s been happening, which has become more challenging, is that communications services have become the de facto method for delivering services from the cloud, but not only that, they’re being offered via programmable interfaces, or APIs. So now communication services are being embedded into SaaS platforms, essentially reselling data services. So the lines have become blurred, and knowing whether you need to pay communication taxes is a bit unknown. You need to ask yourself, “Is my business selling services that incorporate voice, video, or data?” If the answer is yes, then you’ll need to make sure you’re up to speed on tax compliance; otherwise, you’ll have some penalties to pay, aside from learning how to pay those taxes going forward.

  So, what are the complexities of communications taxes? And how do MSPs, CSPs, and VSPs know what taxes apply to their services and customers?

  Let’s start with general sales taxes, which apply at the federal, state, county, and city levels. Communication taxes fall under this umbrella too. From there, though, they can be very different, not just in terms of the rate and how it’s applied, but with communications taxes, there are instances of tax on tax in tearing of taxes. In many instances, the jurisdiction for communications taxes will be completely different from what you may have from a sales tax perspective. For instance, there are a lot of communication taxes that are based on school district zones, so even just establishing the jurisdiction that applies can be different. We now have a stacking of communication tax complexity over the existing complexity of sales tax. So, registering with the local jurisdiction, and collecting the tax, is one thing, but then it cascades since communications taxes have different compliance obligations. There are different registration obligations, different filing obligations, and also things like exemption management, where the forms that are needed to be filled out to be exempt from communications taxes are different from what is needed to be collected from a sales and use perspective.

  How many tax returns do you need to file as a service provider?

  This depends on two criteria: jurisdiction and types of services sold. These combined could mean filing 1,000s of compliance tax returns, especially if the provider is selling services nationwide. Voice itself is taxed heavily, as many different types of taxes are applied. Communication taxes are applied at the federal, state, and jurisdictional levels. E-911 is also similarly taxed.

  Recent Developments

  We talked a bit about the blurred lines around knowing if a business is required to pay communication taxes. On top of that, with the plethora of service providers out there, it would be unsustainably time-consuming for the government to find every business out there with communication services, find out if they are simply consuming or reselling them and dig from there. Businesses could easily fly under the radar from paying their taxes.

  The recent robocall mitigation regulations, including the STIR/SHAKEN mandate, has forced VSPs, CSPs, and MSPs to register their telecommunications business by applying for a Federal Registration Number (FRN). Now that their telecommunications business is registered with the FCC, comprehensive compliance is much more important for that business. This includes the rating, collection, and remittance of taxes, fees, and surcharges that are levied by the government in the various states, counties, and cities that they sell in, as well as at the federal level.

  Things to Consider as a Provider

  • Are there communications taxes on video conferencing and softclient calls? In general, concerning communications taxes, voice is the most comprehensively taxed. When it comes to soft clients, such as Slack, Skype, Zoom, and other collaboration tools, even peer-to-peer VoIP communication is taxed. It’s not as heavily taxed as services going through the PSTN, but VOIP to VOIP services are taxed at a lower rate.
  • How do communication taxes work when bundling products and services? This is something that is becoming prevalent as MSPs are bundling more and more services together within their offerings. This is especially true for MSP customers of Sangoma’s Wholesale Carrier Services, who pick and choose carrier service features to bundle and resell; more on that below. An MSP can bundle voice, SMS, fax, and soft clients and more, so figuring out the tax compliance for these individually sourced features is essential, as they are all taxed at different rates and dependent on the region.

  With all that there is to consider and the challenges there are to become well informed of tax compliance, it may be a good idea to pair up with experts in the field for consultation or, better yet, with a vendor having a tax engine, who can automate rating and calculations of services, based on local and service feature.

  How Sangoma’s Telecom Tax Module Can Help Providers

  As part of our wholesale carrier services hosted billing service, we have a built-in tax module that automates the calculation and collection of taxes and regulatory fees for our customers who resell our wholesale carrier services. For readers unfamiliar with our wholesale carrier services, read this blog post. What differentiates us is that we offer a complete set of wholesale VoIP services, from termination/origination, DIDs, SMS, E911, Fax, fraud detection/protection, and telecom compliance toolkits, wrapped around an intuitive portal, which includes our hosted billing platform and tax module.

  Our tax module is the “single pane of glass,” where our customers save a ton of time in tax rating and calculation for all their customers who may be dispersed nationwide using various services we resell. It consolidates taxes on all levels of government and service types. Also, as our customers expand across regions, the tax modules save them time from figuring out new tax compliance information for those areas as well.

  Tax compliance becomes more complex as products become more innovative and are offered in a less traditional fashion. For instance, voice services integrated within APIs were never something tax compliance was designed for. The natural progression is that innovation outpaces tax law but, with time, always catches up. A great example of this is with streaming services, such as Netflix or Amazon Prime, for example. When they came out on the market, communications tax compliance only applied to traditional TV services. So no taxes were applicable for a while, but communication taxes started working their way into these new innovation streaming services as time progressed.

  As an MSP, CSP, or VSP, it’s essential to understand the gray areas of communications tax compliance and be informed to avoid risks and possible penalties.

  Learn more about Sangoma’s Tax module, built into our hosted billing platform, and have your tax rating and calculations automated for you.

  The post What You Need To Know About The Growing Complexities of Communications Taxes appeared first on Sangoma Technologies.

March 14, 2023

• Digium Softclients are a Critical Component of a Unified Communications Solution

  When the day came that we all “had” to work from home, everyone learned how important a phone system client became (whether it was a mobile one, or a desktop one), because that was how we continued to talk to people and keep the business running– because our business phone number could be called, or we could call out on the business phone number – from these clients. And then the clients that integrated chat and video took center stage. Today, this is all part of a typical Unified Communication solution, including those from Sangoma.

  However, as we start to return to the office, will the importance of these clients diminish? I’ve definitely started to see articles about how especially the mobile client experience may not be the best.

  It seems unlikely that client importance will diminish. First, some form of hybrid work seems to be here to stay, as discussed in this article from Forbes. Employees will always be working remotely in some fashion, whether it is from home or from another location. Employees like it, and while there is some debate about it, it seems organization output is not impacted, though organization culture might be impacted. So, while everyone now needs to come back from the cool place they moved, they likely don’t have to go into the office every day.

  And second, just like always, technology will “solve” any problems. We saw it 20 years ago when VoIP first came on the scene. There were issues and they were overcome. And we’ll see it here as well. 5G is one technology that will certainly play a role in improving the mobile client experience.

  Getting back to the clients. So yes, they will remain even more important. And we’ll need to keep innovating them forward since they’ll remain an ever-critical part of a business communication system.

  The post Softclients are a Critical Component of a Unified Communications Solution appeared first on Sangoma Technologies.

• WebRTC Hacks Real-Time Video Processing with WebCodecs and Streams: Processing Pipelines (Part 1)
  

  WebRTC used to be about capturing some media and sending it from Point A to Point B. Machine Learning has changed this. Now it is common to use ML to analyze and manipulate media in real time for things like virtual backgrounds, augmented reality, noise suppression, intelligent cropping, and much more. To better accommodate this […]

  The post Real-Time Video Processing with WebCodecs and Streams: Processing Pipelines (Part 1) appeared first on webrtcHacks.

March 09, 2023

• Digium Exploring SD-WAN – The Advanced Evolution of Business Networks

  In today’s world, it’s imperative to have access to information from any device, anytime and anywhere. However, this has led to the growth and complexity of the networks that connect everything, making them increasingly challenging to manage.

  LANs vs WANs: A Basic Overview

  The two main types of networks are Local Area Networks (LANs) and Wide Area Networks (WANs). LANs connect devices within a local office, while WANs connect offices across different locations globally. Without WANs, businesses would be restricted to communicating within their local offices, preventing them from accessing the broader online world, the internet.

  The Emergence of SD-WAN: Next-Gen Networking

  SD-WAN, the latest evolution of WAN technology, has recently emerged as a game-changing innovation. SD stands for “software-defined,” and while the concept is not new, it has become a focal point, particularly in infrastructure and networking. SD-WAN essentially leverages software to make IT smarter, faster, and more cost-effective. It is a revolutionary way to construct and manage long-distance networks, providing better bandwidth optimization and ensuring the delivery of real-time applications with improved user experiences.

  Why, How, and What Makes SD-WAN Better?

  Traditional WANs typically have a large number of routers that communicate with each other over extended distances. Within each router is a data plane and a control plane, with the data plane holding the information transmitted or received, and the control plane determining the route the data should take. However, someone needs to program the control plane with rules on how to handle network traffic on the data plane. This is typically done by entering a series of commands into each router’s command line interface, or CLI, by a network administrator. This can be a very manual, time consuming and error prone process. For example, let’s say there is a large business with 100 locations that needs to deploy a new application across all these locations. Let’s assume that each location has one router which needs 20 new commands to implement the correct configurations for the new application. With 100 locations, that’s 2000 (20 x 100) commands and if each command took 40 seconds of time that’s roughly 22 hours of work just to deploy a single application for the business. Also, the CLI can be error prone. Imagine a mistake was made on one of those commands and having to hunt down that error or troubleshoot the application. Staff and IT resources would be impacted and could potentially paralyze the business! To overcome this tedious process, network admins will try to automate this process using programming tools and scripts, however, these tools and procedures add more layers of complexity as well as even more CLI commands with more variables that could compound existing problems.

  With SD-WAN, this process is simplified, as the control plane is centralized, where changes can be grouped and managed simultaneously across the entire WAN, from a centralized management portal. Businesses can use specific rules to automate the process and distribute configurations instantly, eliminating the complexity and errors inherent in the old manual method.

  The Benefits of SD-WAN

  One of the most significant benefits of SD-WAN is the ability to leverage broadband internet connections, reducing the need for expensive private MPLS networks, lowering costs and increasing performance. Moreover, the software-defined capabilities of SD-WAN enable network admins to change characteristics of their entire network from a central management portal, such as:

  • Moving business critical applications to a private MPLS network between locations
  • Block, or lower the priority of social media applications to improve worker productivity

  Once these rules or policies are set, they can be automatically distributed and implemented across the organization in seconds.

  So, with SD-WAN, configuring new or existing networking infrastructure is much easier than the old way of fragile command lines and manual updates.

  What does this all mean about SD-WAN?

  Here are three key takeaways for businesses regarding SD-WAN:

  Agility: SD-WAN enhances agility by simplifying network policy configuration and management.
  Performance: SD-WAN provides higher performance by leveraging multiple paths intelligently, including broadband connections.
  Cost: SD-WAN lowers IT operational costs by simplifying WAN infrastructure and providing a more efficient network.

  Managed SD-WAN: Taking It to the Next Level

  Setting up and managing a WAN has never been easier, provided that it’s software-defined. But taking it a step further, businesses can take advantage of a Managed SD-WAN, where a vendor handles the entire network for them, including deployment, maintenance, updates and technical support. To learn more about this zero-touch network infrastructure get in touch with one of our Managed SD-WAN specialists for more info.

  The post Exploring SD-WAN – The Advanced Evolution of Business Networks appeared first on Sangoma Technologies.

March 07, 2023

• Enable Security SIPVicious PRO incremental update - and Gitlab CI/CD examples
  We just pushed out a new SIPVicious PRO update to our subscribing members! This version does not include any new major features. Instead, it fixes various bugs and brings missing but necessary features to various SIPVicious PRO tools. We have the following highlights in this update: Documentation now includes realistic Gitlab CI/CD examples The RTP fuzzer in the experimental version now supports SRTP Support for new SIP DoS flood request methods The RTP inject tool can now specify the RTP’s SSRC and payload ID The SIP password cracking tool now supports closing the connection upon each attempt The SIP ping utility supports INVITE For the boring details, including a list of bug fixes, do read the release notes for v6.

February 28, 2023

• Digium The Importance of Channel Partnerships

  Channel partnerships are the way Sangoma does business. We understand the value the channel partnerships bring to Sangoma and, ultimately, to the end-user customers who need business communication solutions. As such, we work hard to ensure our channel programs bring value to our channel partners, that what we offer our channel partners is unique, and ultimately that it is worthwhile for the channel partner to invest their time with Sangoma solutions.

  If you want to learn more, a few ways are coming up where you can meet us and hear more from us:

  1. We will start some national roadshows, with our first one on March 9 in the Dallas area, up in Plano. If you are in the area, we’d love to have you attend for lunch and drinks afterward. Reserve your spot now.
  2. We will be hosting a general webinar to hear about what Sangoma offers and how we have changed over the past few years, on March 2. Click here to register.
  3. We will likely be at your favorite Telecom Services Distributor / Technology Services Distributor event as they roll their events out across the country.
  4. We will be at the channel event of the year, Channel Partners, in Las Vegas in early May. We’ll be at booth 1819.

  We’d love to meet you and show you why Sangoma would be a great option to help you service your customers with the best business communication solutions.

  The post The Importance of Channel Partnerships appeared first on Sangoma Technologies.

• Enable Security WebRTC attacks, FOSDEM'23 and security fixes
  Welcome to the February 2023 edition of RTCSec newsletter. If you are reading this on your email client, you might notice slight formatting changes - the red color of the Communication Breakdown blog and the mascot on the side. Hope that this makes it more distinguishable. Do let me know if you have feedback, by replying to this email. In this edition, we cover: A chat with Arin Sime of WebRTC.
• ng-voice ng-voice and Infosys join forces to deliver cloud-native solutions for communication service providers

  ng-voice’s fully containerized cloud-native IMS solution for VoLTE / VoNR will be part of Infosys’ SI solutions for customers who want to embrace cloud-nativity

  February 28, 2023 | Hamburg, Germany

   

  ng-voice, a leading provider of a fully containerized and cloud-native IMS solution for the telecom market, today announced a strategic partnership with Infosys, a global leader in next-generation digital services and consulting and system integration to strengthen communication service providers’ (CSPs) digital capabilities and accelerate the deployment of fully containerized and cloud-native network solutions.

   

  As part of this partnership, ng-voice and Infosys will combine their efforts to deliver cloud-native software solutions and managed services excellence while fostering innovation and delivering personalized customer experiences to ng-voice’s customers. Infosys will also offer a range of cross-industry services, solutions, and platforms that enable enterprises and CSPs to rapidly build cloud-native business platforms, helping them to drive business agility and growth.

   

  Balakrishna D. R (Bali), Executive Vice President – Global Head AI and Automation and ECS, Infosys said, “With a growing deployment base, Infosys has demonstrated a steadfast commitment to power innovation-driven growth for the telecommunications industry through digital capabilities. This collaboration is a blend of capabilities powered by Infosys Cobalt and our expertise in the domain and ng-voice’s geographical presence that fast-track adoption of cloud-native network solutions among telcos across Europe. The success of this engagement can be a real game-changer for both Infosys and ng-voice in the 5G era.”

   

  David Bachmann, CEO, ng-voice: said “This strategic SI partnership with Infosys allows us to provide truly cloud-native network solutions to help customers unleash the full potential of digitalization and develop sustainable competitive advantages. We are very excited about this collaboration.”   

   

  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR. Its key benefits include being cloud-and-infrastructure-agnostic, with highly automated deployment and operation processes, flexibility and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint.

  About ng-voice

  ng-voice GmbH is committed to building the next generation of 100% software-based mobile networks, combining DevOps with telecommunications expertise. ng-voice’s fully containerized and cloud-native IMS core is scalable, flexible, and easy to deploy and manage, offering communication service providers and enterprises of any size innovative voice services on 4G and 5G networks.

   

  Follow ng-voice:

  LinkedIn: www.linkedin.com/company/ngvoice

  Twitter: twitter.com/ngvoice

  Web: www.ng-voice.com

  Email: sales@ng-voice.com

   

  Press contact for ng-voice

  Maren Pleuss

  maren.pleuss@ng-voice.com

  About Infosys

  Infosys is a global leader in next-generation digital services and consulting. Over 300,000 of our people work to amplify human potential and create the next opportunity for people, businesses and communities. With over four decades of experience in managing the systems and workings of global enterprises, we expertly steer clients, in more than 50 countries, as they navigate their digital transformation powered by the cloud. We enable them with an AI-powered core, empower the business with agile digital at scale and drive continuous improvement with always-on learning through the transfer of digital skills, expertise, and ideas from our innovation ecosystem. We are deeply committed to being a well-governed, environmentally sustainable organization where diverse talent thrives in an inclusive workplace.

   

  Visit www.infosys.com to see how Infosys (NSE, BSE, NYSE: INFY) can help your enterprise navigate your next.

   

  Safe Harbor

  Certain statements in this release concerning our future growth prospects, financial expectations and plans for navigating the COVID-19 impact on our employees, clients and stakeholders are forward-looking statements intended to qualify for the ‘safe harbor’ under the Private Securities Litigation Reform Act of 1995, which involve a number of risks and uncertainties that could cause actual results to differ materially from those in such forward-looking statements. The risks and uncertainties relating to these statements include, but are not limited to, risks and uncertainties regarding COVID-19 and the effects of government and other measures seeking to contain its spread, risks related to an economic downturn or recession in India, the United States and other countries around the world, changes in political, business, and economic conditions, fluctuations in earnings, fluctuations in foreign exchange rates, our ability to manage growth, intense competition in IT services including those factors which may affect our cost advantage, wage increases in India and the US, our ability to attract and retain highly skilled professionals, time and cost overruns on fixed-price, fixed-time frame contracts, client concentration, restrictions on immigration, industry segment concentration, our ability to manage our international operations, reduced demand for technology in our key focus areas, disruptions in telecommunication networks or system failures, our ability to successfully complete and integrate potential acquisitions, liability for damages on our service contracts, the success of the companies in which Infosys has made strategic investments, withdrawal or expiration of governmental fiscal incentives, political instability and regional conflicts, legal restrictions on raising capital or acquiring companies outside India, unauthorized use of our intellectual property and general economic conditions affecting our industry and the outcome of pending litigation and government investigation. Additional risks that could affect our future operating results are more fully described in our United States Securities and Exchange Commission filings including our Annual Report on Form 20-F for the fiscal year ended March 31, 2022. These filings are available at www.sec.gov. Infosys may, from time to time, make additional written and oral forward-looking statements, including statements contained in the Company’s filings with the Securities and Exchange Commission and our reports to shareholders. The Company does not undertake to update any forward-looking statements that may be made from time to time by or on behalf of the Company unless it is required by law.

   

  Media contacts:

  For more information, please contact: PR_Global@Infosys.com

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

February 15, 2023

• Digium Sangoma Wholesale: Compliance-as-a-Service

  In the mid-2000’s, VoIP Innovations pioneered SIP trunking services for an emerging number of non-facilities-based, value-added resellers and managed service providers. Back then, VoIP for business-use was less common. Today, there are over 40,000 VAR’s/MSP’s and VoIP has replaced POTS lines in the large majority of businesses nationwide.

  As enterprises have all but done away with in-house telecommunications departments, these VAR’s/MSP’s have more heavily relied upon rebilling the tailored services provided by VoIP Innovations. Now known as Sangoma Wholesale Carrier Services, the legacy of innovations continues with Compliant Service Solutions for this continually growing market segment.

  Not only are clients’ technical expectations on VAR’s and MSP’s heightened, so too are the FCC’s expectations and requirements on these non-facilities-based voice service providers.

  For example, In December 2021, the FCC pushed out the Small Provider Order Fourth Report and Order pertaining to STIR SHAKEN. This order is specifically for non-facilities-based, small voice service providers to be in compliance by the revised deadline of June 30, 2022.

  Our many Compliance-as-a-Service solutions provide the tools you need to take care of your SHAKEN requirements yourself. Other compliance-related solutions include SMS Campaign Registry, e911 Dynamic Location Routing, Hosed Billing with comprehensive tax calculations, and HIPAA compliant fax solution services. We have found that the more seamlessly our products work for our VAR’s and MSP’s, the more easily they can customize their services to more profitably meet the needs of their end-users.

  As our reseller partners’ demands are ever evolving, we continue to innovate our products mix to keep up with the FCC’s more demanding requirements.

  Check out another recent blog post Brian Smiley, our VP of Wholesale, created to learn more about reselling the most trusted, best-in-industry, carrier communications services for your clients.

  If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.

  Or visit our website at carrierservices.sangoma.com. Stay tuned for more exciting, innovative offerings coming soon!

  The post Sangoma Wholesale: Compliance-as-a-Service appeared first on Sangoma Technologies.

February 14, 2023

• Digium Overall Managed SD-WAN Benefit Review

  In a December blog, I wrote at a high level about a paper from the Eastern Management Group regarding the benefits of utilizing different types of cloud services, which basically boil down to the following organizational benefits:

  • Reduced IT Effort
  • Deployment Velocity
  • Scalability
  • Business Agility

  Today, according to that paper, I will highlight just a few of the benefits of using Managed SD-WAN services. Software Defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE, and broadband internet services – to connect users to applications securely. It creates a network managed through cloud software rather than disparate hardware systems. A significant benefit of using SD-WAN is:

  • Removes the need for companies to choose between high-cost private networks or low-cost Internet connections when building corporate networks. Instead, it allows businesses to leverage affordable, widely available broadband connections to boost bandwidth and reduce redundancy. It also prioritizes mission-critical applications such as voice and video while streamlining administration and centralizing management.

  Managed SD-WAN utilizes a third party to oversee the implementation, continued monitoring, and updates of the SD-WAN service. Major benefits include:

  • Proactive monitoring – identifies issues in real time and allows the organization to take corrective action before users notice or complain
  • A managed service provider can deploy additional security solutions and keep your company up to date with the latest developments

  If you are looking for more information on Sangoma’s Managed SD-WAN offering, please go here. If you want to read the full report now, please go here.

  The post Overall Managed SD-WAN Benefit Review appeared first on Sangoma Technologies.

February 08, 2023

• Digium Sangoma Wholesale: Power of the Portal

  More than 15 years in the making, the VI Communication Services portal leads all other SIP trunk providers’ portals in the industry for features and capabilities. As VI Communications is now Sangoma Wholesale Carrier Services, our legacy of innovations continues both in network expansion and portal enhancements.

  The BackOffice Portal is our customer portal for ordering and managing DIDs. And, the end-user portal is our brandable, extensible portal for our customers to pass on some of the powerful capabilities, such as number porting, to their end-users.

  Our award-winning portal simply does more than anyone else’s. And, our industry-leading service further separates us from the competition. At Sangoma Wholesale Carrier Services, customers can always talk to a live person 24/7.

  Often emulated for its ease-of-use, our portals are unrivaled for their comprehensive capabilities.

  What else would you expect from the company known for leading the industry in innovations?

  A true multi-tenancy portal for resellers to organize multiple customer profiles, provisioning, and managing telephone numbers. Our integrated billing platform will exceed expectations for what is possible. Easily process taxes and even other carrier’s call detail records (CDR’s).

  We are so much more than just Trunking as a Service with a great portal. We are your one-stop source for the compliance solutions that you need which are integrated into our nation-wide carrier network.

  Learn about our Hosted Billing and integrated Tax Solutions. Manage SPAM and fraud before it affects your customers. Stay ahead of all the new STIR SHAKEN requirements for VoIP resellers. Keep on top of the changes with Campaign Registry for SMS. And, your customers can remain connected even in emergencies with our e911 Dynamic Location Routing solutions.

  Check out another recent blog post that Brian Smiley, our VP of Wholesale, created to learn more about reselling the most trusted, best-in-industry, carrier communications services for your clients.

  If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.

  The post Sangoma Wholesale: Power of the Portal appeared first on Sangoma Technologies.

February 02, 2023

• Digium Sangoma Wholesale: Empowering Value-Added Resellers

  VI Communications has been the carrier services division of Sangoma since being acquired in 2019. Otherwise known as Sangoma Wholesale Carrier Services, this division is integrated yet operates as an autonomous business unit.

  There is one primary reason for this autonomy. We primarily service and support the important “middleman” or value-added resellers.

  Nationwide, approximately 40,000 managed service providers typically support multiple end-customer businesses’ IT and communication service needs. We have provided wholesale services to these value-added resellers for over 15 years.

  As the wholesale arm of Sangoma, it could be perceived as competing for the same end customer. Our distribution model is designed to be trusted and complement our customers’ unique offerings and expertise.

  Our wholesale division exists to provide value-added resellers access to the best industry products and services possible at a discounted rate to service aggregators. And we follow stringent CPNI (customer proprietary network information) rules to ensure privacy and the protection our customers expect.

  Our reliably engineered network is the foundation for our product and carrier services offerings. Our award-winning BackOffice and End-Client portals with industry-leading, FCC-compliant features are offered in an a la carte manner where you only pay for what your customers use.

  Sangoma Wholesale Carrier Services continues a legacy of innovations in product development, the expansion of our core networks and technological capabilities, and value-added resellers thrive as communications service providers.

  We are so much more than just Trunking as a Service. We are your one-stop source for the compliance solutions you need, which are integrated into our nationwide carrier network.

  Learn about our Hosted Billing and integrated Tax Solutions. Manage SPAM and fraud before it affects your customers. Stay ahead of all of the new STIR SHAKEN requirements for VoIP resellers. Keep on top of the changes with the Campaign Registry for SMS. And your customers can remain connected even in emergencies with our e911 Dynamic Location Routing solutions.

  Check out another recent blog post Brian Smiley, our VP of Wholesale, created to learn more about reselling your clients’ most trusted, best-in-industry carrier communications services.

  If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.

  Or visit our website at carrierservices.sangoma.com. Stay tuned for more exciting, innovative offerings coming soon.

  The post Sangoma Wholesale: Empowering Value-Added Resellers appeared first on Sangoma Technologies.

January 31, 2023

• Digium Sangoma as a Frost and Sullivan FROST RADAR™ North American UCaaS Market Leader

  A couple of months ago, I wrote about being selected, again, for the 9th year in a row, to the Gartner UCaaS Magic Quadrant. It never gets old, just like football teams that consistently get to the playoffs! I’m pleased to announce that we’ve also been designed a Leader in the Frost and Sullivant FROST RADAR North American UCaaS Market for this year.

  It’s very nice to honored like this by key analyst companies. It makes all the hard work, by the entire company, mean something. The recognition is nice.

  We know we can’t just sit still and not innovate if we want to keep getting this recognition. The market is continually changing, and the competition changes as well. I mean who would have thought 9 years ago that video meetings and collaboration would be key features in a UCaaS platform now? But they are. Business phone systems are just different now, in a way that benefits the customers.

  Change is still coming though. If you read the report (and the report can be found here on our website), you‘ll see it mentions that “Integrated platforms delivering UCaaS, CCaaS and CPaaS are at the foundation of next-generation business communications solutions”.

  Sangoma certainly agrees with that statement and we have been driving this on our roadmaps for a while. We have or own CCaaS and CPaaS platforms, that are integrated with our UCaaS. And we are using our CPaaS to create apps that augment our UCaaS solution, whether that be with integrations to other software systems, or productivity improvement apps that supplement UCaaS.

  As Elka Popova, VP of Connected Work Research, ICT of Frost and Sullivan says “Sangoma continues to strategically augment and diversify its extensive UCaaS portfolio and partner network, more recently via the acquisition of Star2Star and NetFortris. Sangoma consistently prevails within the industry as a one-stop shop for complete communications solutions, including UCaaS, CPaaS, SD WAN and communications devices.”

  We certainly intend to continue to offer the best one-stop shop cloud communications solutions, intend to continue to innovate, and thus continue to be recognized as leaders!

  The post Sangoma as a Frost and Sullivan FROST RADAR™ North American UCaaS Market Leader appeared first on Sangoma Technologies.

• Enable Security Kamailio's exec module, SIPVicious still ringing phones and many vulnerabilities
  This new year starts off with a number of RTC security related news and we have some original content to share with you too! In this edition, we cover: Our news: The dangers of using the Kamailio exec module and our pentesting schedule Our news: Updates to the awesome RTC hacking list The Threema weaknesses paper from ETH Zurich Presentations of interest from Blackhat and Nullcon Berlin Receiving calls on your deskphone from SIPVicious - still happening!

January 26, 2023

• Enable Security Kamailio's exec module considered harmful
  Executive summary (TL;DR) The combination of pseudo-variables and Kamailio’s exec can be risky and may result in code injection. By using special SIP headers and environment variables, it becomes effortless to exploit a vulnerable configuration. We have created a Docker environment to assist readers in reproducing this vulnerability and testing solutions. Protection is tricky and the official documentation may have previously misled developers - we aim to fix that by updating the module’s official documentation.

January 17, 2023

• Digium Going to ITEXPO and AstriCon

  It’s been a while. For both an in-person AstriCon and an ITEXPO during its “rightful” time in mid-February in southeast Florida. And they are both converging and happening in a few weeks in Fort Lauderdale.

  The last time we had an in-person AstriCon was in 2019. This will be the first one since Covid. We decided to co-locate it with ITEXPO since, at the last AstriCon, we did not have members of the ecosystem (such as phone vendors that support Asterisk and FreePBX). The ecosystem exists in force at ITEXPO, so it made sense to run AstriCon as a co-located event. To register, please go to this link: https://www.itexpo.com/east/astricon.aspx

  And Sangoma will also have a booth at ITEXPO. Since the last time we did a show, we changed our logo, so you will surely notice that. Sangoma has the widest range of business-focused communication services, and we won’t be able to demonstrate all of them. But we will showcase our UCaaS platforms, phones, MSP Services, Open-Source products (Asterisk and FreePBX), and wholesale carrier services (i.e., VoIP Innovations) offerings.

  We’re looking forward to catching up with you, so please stop by our booth (617)!

  The post Going to ITEXPO and AstriCon appeared first on Sangoma Technologies.

• WebRTC Hacks coturn: No Time to Die – Q&A with new project leads
  

  New coturn project leads Gustavo Garcia and Pavel Punsky give an update on the popular TURN server project, what's new in STUN and TURN standards, and the roadmap for the project

  The post coturn: No Time to Die – Q&A with new project leads appeared first on webrtcHacks.

January 12, 2023

• Digium VI Communications is Sangoma Wholesale Carrier Services

  VI Communications is Sangoma Wholesale Carrier Services. Known initially as VoIP Innovations, Sangoma Wholesale was built on over 15 years of Trunking as a Service expertise. Sangoma Wholesale continues the legacy of innovations within its award-winning user and end-client portals.

  Sangoma Wholesale Carrier Services’ innovative solutions are industry-leading and delivered on its own reliably engineered network.

  Ideal for VoIP resellers and communication service providers, wholesale customers can buy unbundled services on an a la carte basis. A full-featured, extensible SIP Trunking platform puts number ordering, management, and provisioning all in your administration or directly into the hands of your end-users. This multi-tenant environment allows for customizable parent-child account relationships. And our integrated Hosted Billing options are popular, complementary add-on services for their ease of use.

  Sangoma Wholesale is much more than a one-stop shop for your carrier services like VoIP, SMS, fax, and video collaboration solutions. Check out our array of Compliance Solutions. Whether it is STIR SHAKEN, Tax Calculation, SMS Campaign Registration, Kari’s Law for e911 Dynamic Location Routing, or Fax solutions that meet all the requirements for HIPAA – we have what you need for resale.

  And likewise, as consumers demand heightened detection and protection from SPAM and Fraudulent calling, we have services you can trust.

  If you are attending ITEXPO Feb 14-17, please come to booth 617 to consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.

  Remember, VI Communications is Sangoma Wholesale Carrier Services.
  Visit us at booth 617 at ITEXPO or learn more at https://carrierservices.sangoma.com/.

  The post VI Communications is Sangoma Wholesale Carrier Services appeared first on Sangoma Technologies.

January 11, 2023

• ng-voice Webbing selects ng-voice to deploy their fully containerized cloud-native IMS for IoT use cases

  ng-voice will be integrated with Webbing’s offering to provide a flexible and resource-efficient IoT connectivity solution for enterprises

  January 11, 2023 | Berlin, Germany

   

  ng-voice, leading provider of a fully containerized and cloud-native IMS solution for the telecom market, today announced they have been selected by Webbing, a global MVNO connectivity provider for Enterprise Mobility and IoT, to deploy ng-voice’s fully containerized and cloud-native IMS for mission-critical and other IoT use cases. This includes eCall and bCall for automotive, emergency call systems for elevators, highways and alarms, and independent living monitoring wearables for trip or fall assistance. The joint solution will provide connectivity to Webbing’s enterprise customers in a more flexible and resource-efficient way.

  
  The market for IoT solutions is growing rapidly and many new use cases are emerging with the need for voice solutions. 4G/5G Critical IoT and Massive IoT are already around 1.7 bn connections globally and are expected to grow to ~5.0 bn in the next 5 years. To fulfill this market’s requirements, network solutions need to be highly flexible, scalable, new functionalities must be added quickly (update times of days rather than months), and consume minimal resources to reduce costs and make new use cases commercially viable. Cloud-nativity is key to meeting this market’s needs and unlocking the full benefits of connectivity.
  
  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR. Its key benefits include being cloud-and-infrastructure-agnostic, with highly automated deployment and operation processes, flexibility, and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint.
  
  Webbing has created connectivity infrastructures and platforms that enable enterprises to leverage exponential growth in connected devices and data. Webbing’s connectivity solutions deliver a global carrier network of 600+ mobile carriers across more than 200 countries that provide the best-of-class for coverage, logistics, processes, costs, security, and other features across one SIM, SKU, Invoice, and Platform. Failover capabilities ensure superior global access to reliable, high-quality internet with low latency. Enterprises receive the benefits of roaming with multiple carrier options in every country, and seamless transition between carriers, while maintaining a local experience with local breakout for low latency on a global scale. With Webbing’s eSIM solution and secured network, enterprises can easily meet regulatory requirements on communication services and data management from states and governments.
  
  According to Yoram Zerahia, CTO at Webbing: “We chose to work with ng-voice because their cloud-native IMS and responsiveness fit perfectly with our portfolio and agile mindset, providing our enterprise customers with secure, reliable, and cost-efficient communication services. It further enhances our voice solution for the automotive industry. Together, we are one step further in helping IoT customers unleash their networks’ full potential.”
  
  For David Bachmann, CEO of ng-voice: “our IMS is ideal for IoT use cases – it is highly automated, resource-efficient, and cost-effective, exactly what IoT use cases are all about. We see high dynamics in this market, and are thrilled to work with a like-minded partner such as Webbing, who is realizing the full potential of cloud-native and fully containerized voice solutions in IoT ”.
  
  

  About ng-voice

  ng-voice GmbH is committed to building the next generation of 100% software-based mobile networks, combining DevOps with telecommunications expertise. ng-voice’s fully containerized and cloud-native IMS core is scalable, flexible, and easy to deploy and manage, offering communication service providers and enterprises of any size innovative voice services on LTE/5G networks.

   

  Follow ng-voice:

  LinkedIn: www.linkedin.com/company/ngvoice

  Twitter: twitter.com/ngvoice

  Web: www.ng-voice.com

  Email: sales@ng-voice.com

   

  Press contact for ng-voice

  Barbara Silva – barbara@ng-voice.com

  About Webbing Solutions

  Webbing is a global data MVNO that delivers innovative enterprise grade, global connectivity and IoT services. Our secured network of 600+ mobile carriers across more than 200 countries, ensures superior data connectivity between businesses, people, and things wherever the device is located.
  Since our foundation in 2010, we have been developing revolutionary SIM technology, powerful management platforms and a robust global network that revolutionize data, making it relevant and actionable. Our leading-edge solutions deliver a streamlined, centralized, and scalable means of deploying and managing organizations’ global fleet of devices. For more information, visit https://www.webbingsolutions.com/ .
  
  Follow Webbing:
  LinkedIn: https://www.linkedin.com/company/webbing-inc-/

  Twitter: https://twitter.com/WebbingInc
  Web: https://webbingsolutions.com/
  Email: sales@iamwebbing.com
  
  Press contact for Webbing
  Anjel Sadiky – anjel@iamwebbing.com

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

January 03, 2023

• Digium UCaaS Futures Musings Podcast

  In December, I did a podcast with Isha Mukherjee, our Asia-Pac marketing wiz. We talked about a bunch of things, ranging from our new logo, to what happened to UC in 2022, to my thoughts on UC in 2023.

  If you want listen to whole podcast, just go here.

  For this blog, though, I just want to focus on my thoughts for UC in 2023. I encapsulated my thoughts into the term “Smart Business”. This could mean multiple things, such as making your business smarter through using UC. And I certainly see that. In the Frost and Sullivan blog from a few weeks ago, I talked about the integration of contact center, unified communications, and CPaaS. And I certainly see that moving quite far along in 2023, even bringing in some aspects of AI that’s already in the contact center towards UC. And utilizing CPaaS apps to augment the UC system, so that the UC system is “smart” for your business. In other words, it does what you need it to do.

  And that brings us to another meaning of Smart Business, which is doing business in a smart way. I think we’ll see more one-stop shopping with cloud communications in general. If there is a global slowdown, then businesses unfortunately may not be able to keep the same number of employees. There would likely be retrenchment. And this means you need to do business smarter in order to keep the same level of service, and to even grow. One way to do that, is to get your cloud communications from one provider. One bill, one place to talk to, many less headaches. Focus your people on growing the business, not the back-end that runs the business. UCaaS, Contact Center, Augmentation Apps, Collaboration, Video Meetings, and MSP services – all from one vendor, servicing you well. That is Sangoma.

  The post UCaaS Futures Musings Podcast appeared first on Sangoma Technologies.

December 22, 2022

• Enable Security Highlights from the past year and various security fixes
  Welcome to the last RTCSec newsletter of 2022! In this edition, we cover: Looking back at the past year and best wishes for the New Year Jitsi gets verification for E2EE OSS-Fuzz now testing PJSIP Vulnerabilities fixed in Drachtio, BigBlueButton, Cisco IP Phones and more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security. We cover both defensive and offensive security as they relate to Real-time Communications.

December 21, 2022

• ng-voice Knowledge sharing sessions | Creativity

  At ng-voice, we come from many different backgrounds and have various experts on our international team. Sharing knowledge helps us improve our skills and become stronger professionals, while also connecting with our colleagues and getting to know more about their experiences.

   

  Every month, one of our colleagues voluntarily shares their expertise with the team in a Knowledge Sharing session.

   

  Last month, our digital marketing specialist Kathrin Hissner hosted a virtual session on creativity and design principles and how we can use our creative skills for problem resolution within our work and everyday lives. 

   

  In this session, she explored what creativity means and how it impacts our mental processes through gamification, to make it easier to grasp complex topics. She also touched upon the rules of the game when it comes to design principles. It is important to understand these design principles as we use them every day, whether it’s on presentations, documentation, or even something more of outreach such as invitation templates. Even though these principles take time to master, keeping simple tips in mind can guide anyone and help them achieve better results in their tasks.

   

  According to Kathrin, “I volunteered to bring my experience in creativity and design to my colleagues because I think this is a topic that can benefit anyone. It is always good to step out of your comfort zone and look at other ways to explore a problem and come up with solutions. I am also very happy to work at a company that fosters this kind of interaction and helps everyone to learn and grow. I hope my colleagues enjoyed the session as much as I enjoyed preparing it, and I am looking forward to the next session.”

  
  Are you looking forward to excelling in your career and joining a team of experts that push the boundaries in the industry? You can learn more about who we are on our careers page. 

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Margareta Cucli-lane

  Talent Acquisition Lead

  Publisher Bio

  Having more than 6 years in recruitment and talent acquisition with a focus on full-cycle recruiting, employer branding, sourcing, training creation and people support, she leads the Talent Acquisition team ensuring we are bringing and growing the best talent.

December 20, 2022

• Digium Overall SaaS Benefit Review

  Sangoma recently partnered with Eastern Management Group regarding a report reviewing the end-customer benefits of Sangoma’s various Communications as a Service offerings. The full report can be found here, and it covers all of Sangoma’s Communications as a Service offerings:

  • Unified Communications as a Service – UCaaS
  • Video Meetings as a Service – MaaS
  • Collaboration as a Service CollaaS
  • Contact Center as a Service – CCaaS
  • Trunking as a Service – TaaS
  • Communication Platforms as a Service – CPaaS
  • Network Connectivity – Network Access as a Service
  • SD-WAN Managed Services
  • Security as a Service – Managed Security
  • Fax as a Service – FaaS
  • Access Control as a Service – ACaaS
  • Desktop as a Service – DaaS

  While each one of these has specific customer benefits, at a high level the value to the end-user of using any managed communications service comes down to the following:

  • Reduced IT Effort
  • Deployment Velocity
  • Scalability
  • Business Agility

  In the next couple of weeks, I will go a more in-depth into some of the Sangoma cloud services, and explore more specific end-user customer benefits of the cloud service discussed that week. If you want to read the full report now, please go here. Otherwise, stay tuned here and I’ll provide a few quick updates for you.

  The post Overall SaaS Benefit Review appeared first on Sangoma Technologies.

• ng-voice ng-voice and Nearby Computing SL partner to deliver orchestrated network solutions to service providers and private networks

  The strategic partnership will facilitate the deployment and management of end-to-end networks solutions

  December 20, 2022 | Berlin, Germany

   

  ng-voice, leading provider of a fully containerized and cloud-native IMS solution for the telecom market, and Nearby Computing SL, provider of industry-leading 5G and Edge orchestration solutions today announced a strategic partnership that will make networks more accessible and easier to deploy for communication service providers and enterprise customers. ng-voice’s fully containerized cloud-native IMS combined with Nearby One orchestration platform will simplify the deployment and management of a complete network with more agility, flexibility, and a lower resource footprint.

   

  Nearby Computing together with ng-voice can provide a complete solution that will cover the main network  domains all orchestrated using Nearby’s end-to-end cross-domain orchestration platform, Nearby One. This collaboration allows service providers and enterprises to benefit from true cloud-nativity, which will make their networks more flexible, reducing time to market and generating cost savings, and supporting several use cases. 

   

  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR.  Its key benefits include being cloud-and-infrastructure-agnostic, with highly automated deployment and operation processes, flexibility and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint.

   

  Nearby Computing’s robust portfolio of third-party applications that range from Augmented Reality to Computer Vision is designed to solve specific customer challenges at the edge that were once too costly to address including remote site access control and remote user assistance. An innovative developer framework allows service providers and enterprise customers to automate, orchestrate and deploy services at the edge using a single pane of glass for a unified edge experience.

   

  According to Saj Safir, CCO at Nearby Computing SL “5G and Edge computing, together with cloud-nativity, can unleash true innovation potential and generate sustainable competitive advantages to our customers. This strategic partnership with ng-voice will bring our Telco and enterprises customers the full potential of Edge Computing through Orchestration, automation, and 5G. We are very excited to partner with ng-voice, a company that shares our vision.”

   

  For Qawa Darabi, VP for Global sales and Partnerships at ng-voice, “being fully containerized and cloud-native, our IMS perfectly combines with the Nearby One orchestration platform, which will allow our joint customers to deploy and manage end-to-end networks with a high level of automation and resource-efficiency. We are thrilled to partner with a like-minded company such as Nearby”.     

  About ng-voice

  ng-voice GmbH is committed to building the next generation of 100% software-based mobile networks, combining DevOps with telecommunications expertise. ng-voice’s fully containerized and cloud-native IMS core is scalable, flexible, and easy to deploy and manage, offering communication service providers and enterprises of any size innovative voice services on LTE/5G networks.

   

  Follow ng-voice:

  LinkedIn: www.linkedin.com/company/ngvoice

  Twitter: twitter.com/ngvoice

  Web: www.ng-voice.com

  Email: info@ng-voice.com

   

  Press contact for ng-voice

  Barbara Silva – barbara@ng-voice.com

  About Nearby Computing

  Nearby Computing helps Telcos & Enterprise customers unleash the potential of Edge Computing through Orchestration and Automation of MEC and 5G.  The Nearby One is an orchestration platform that goes beyond market standards to manage all tiers of the network, from Cloud and Data Centre to Edge, from a single pane of glass.  Using a cross-domain approach that is fully agnostic, they are able to manage hybrid networks at scale through domain-specific orchestration and comprehensive end-to-end orchestration. The solution covers all critical elements of deployment automation – from the initial Edge node provisioning, to application on-boarding, to lifecycle management and QoS Assurance to SLA monitoring.
  
  

  The company was founded in 2018 as a spin-off of the Barcelona Supercomputing Center and operates globally from its headquarters in Barcelona, Spain.

   

  Follow Nearby Computing

  LinkedIn: https://www.linkedin.com/company/nearbycomputing/

  Twitter:  https://twitter.com/nearbycomputing 

  Web: https://www.nearbycomputing.com   

  Email: partners@nearbycomputing.com 

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

December 16, 2022

• Jitsi Self-hosting a fully-featured Jitsi Meet instance just got as easy as pie

  Hey there Fellow Jitsters!

  Have you ever considered adding telephony to your Jitsi Meet self-hosted instance?

  Up until now you only had the option to run Jigasi and deal with telephony yourself. Many of our users do this every day, but when we asked we learned that there was interest in offloading that part. Could someone else host it?

  

  Today we’re launching a new way to quickly connect to the public telephone network and offer dial-in capabilities to your users without the need for hosting and managing the entire telephony infrastructure: JaaS components. You can give it a try today!

  Are you running Jitsi Meet on a Debian instance or are you using Docker? Either way, you can opt-in for this feature and it will be automatically set up. A new JaaS account will be created for you and you’re good to… call.

  If you’re running Jitsi Meet on Debian all you need to do is to answer ‘Yes’ to this question and you will have dial-in capability on your Jitsi instance.

  

  Note: A Let’s Encrypt certificate is required and the email address used to generate the certificate will be used also for creating your new JaaS account.

  If you’re running Jitsi Meet on Docker you’ll need to set the following variables on your .env file:

  • PUBLIC_URL: the domain were Jitsi Meet runs
  • ENABLE_JAAS_COMPONENTS=1
  • A Let’s Encrypt certificate is required so do enable it too

  

  Now you can restart your setup with `docker-compose up –force-recreate`

   

  An email will be sent to you, asking you to set up a password for the JaaS admin account:

  

  From the JaaS admin console you can manage your account, see the overall activity and upgrade to another plan if needed.

  

  You’re all set up now! Let’s make a phone call! Join a call on your Jitsi Meet instance and notice how the dial-in option becomes available when trying to invite participants. You can now dial-in to one of the phone numbers provided in the list and you’ll be connected to the meeting.

  

  Get started today, a free trial is available! Please check the JaaS components website for details on pricing.

  Jigasi is the first Jitsi component offered as a service, with more to come. Stay tuned!

   

  Your personal meetings team.

  ---

  Author: Oana Emilia Ianc

   

  The post Self-hosting a fully-featured Jitsi Meet instance just got as easy as pie appeared first on Jitsi.

December 15, 2022

• ng-voice ng-voice and Google Cloud launch joint whitepaper: Automation and cloud-nativity

  ng-voice and Google Cloud launch joint whitepaper exploring the automation benefits brought by cloud-native network solutions.

  15 December 2022

   

  Advancements in technology have made it possible for telcos to deploy their services differently. With the importance of efficiency, agility, flexibility, and reliability rising, new technology can allow telcos to keep pace with these changing and increasing demands. 

   

  To explore these challenges and how cloud-native solutions can help telcos to leverage automation and unlock true competitive advantages, ng-voice and Google Cloud launch today a whitepaper called Automation and Cloud-Nativity, which can be downloaded here.

   

  Automation is a frequently used term in technology, and many providers in the wider IT space are leveraging it to improve overall service quality. In fact, more than 30% of organizations foster automation across five or more departments.

   

  For telcos who are often held back by legacy infrastructure, automation could be the answer to modernising operations and streamlining the overall deployment process. 

   

  However, automation alone does not make a modern telco. Indeed, automation must be supported and surrounded by other new technologies and approaches to really see telcos reap their rewards. Cloud-native development is one approach that aligns ideally with automation and as mentioned in this article by Nephio, this approach is critical to realizing the promise of cloud transformation.   

   

  In our whitepaper ‘Automation and cloud-nativity’, we aim to outline how cloud-nativity and automation can be used together to benefit the modern telco, by exploring:

   

  • How automation unlocks the true potential of cloud-nativity
  • The benefits of using cloud-nativity and automation hand-in-hand for both operators and subscribers
  • The importance of automation within a CI/CD pipeline. 

  Download the whitepaper

  Download here

  Get to know more about how ng-voice’s fully containerized and cloud-native IMS, which utilizes automation, can support your organization in delivering VoLTE and VoNR services in https://www.ng-voice.com/fully-containerized-cloud-native-ims/ or contacting our team at  sales@ng-voice.com.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

December 14, 2022

• ng-voice Employee Spotlight | Behnam Hooshiarkashani, VP of Cloud Services

  We at ng-voice are excited to launch our second Employee Spotlight blog. In this series we interview some of our top talents, sharing their experience and insights working at ng-voice. 

  Behnam Hooshiarkashani at ng-voice | Employee Spotlight

  Tell us a bit about yourself, your career before you joined ng-voice, and what is your role at ng-voice now

   

  Before joining ng-voice, I was a DevOps engineer working mostly with Voice over IP (VoIP). I’ve worked with this technology for over 8 years and it’s been more than 3 years now since I joined ng-voice. My journey began as a DevOps engineer then moved on to become DevOps/Cloud team lead and that’s where I started to build this amazing team around me. Now, I’m VP of Cloud Services and my main responsibilities are defining a cloud-native roadmap and being aligned with ng-voice’s product roadmap, along with leading the development of new features and working with partners such as AWS, GKE, Azure, etc. 

   

  Why did you join ng-voice?

   

  The Telecom industry was interesting for me as I was already working as a VoIP engineer.  Secondly, back then, it was a start-up, which allowed me to build something from scratch and see how the company developed and got bigger. It was also very fascinating to see how we can have a 100% containerized and fully cloud-native IMS in the market for the first time, bringing this DevOps mindset to the telecommunication industry. 

   

  What’s the unique part of working here?

   

  For me, it’s actually both the product and the people working here. I believe that our product is very unique in this industry and the reason is that it’s a completely cloud-native product. On the other hand, I like ng-voice’s culture, people, open-feedback mindset, and how we are all growing together. At ng-voice, we are not only thinking of ourselves but thinking of everyone, and how we can support each other while trying to reach one goal together. Also, I love the fact that we care about each and how ng-voice allows each person to grow through a career development roadmap like a two-way relationship.  

   

  What have been your most significant accomplishments at ng-voice?

   

  For me, it’s two things. First, technically, it was onboarding components on Kubernetes and the public cloud, which was not an easy task because telecommunication requirements are very different from normal requirements. We were able to onboard all the components on Kubernetes with the latest technology and use the public cloud for deployment. Also, for me personally, building a team from scratch was honestly one of the biggest achievements in my career. We started with a few people and looking at it now, we have people writing the processes, managing and building it to see how it’s working efficiently along with incorporating methodologies like scrum to ng-voice, and now I see many teams are using this method.  

   

  Any final words?

   

  Final words could be something we use in our team. We have a saying that goes “we work hard together, we are growing together and we will party harder together”. I believe that you cannot have excuses and success at the same time, so you have to choose one.

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Kathrin Hißner

  Digital and Content Marketing Specialist

  Publisher Bio

  With her marketing and design background, as well as her experience in brand and communications management, Kathrin brings her unique skills to ng-voice. As a digital marketer, Kathrin supports our growth strategy by increasing the visibility of our brand to potential customers.

  She enjoys working on information visualization and infographic design.

December 12, 2022

• Digium Sangoma is Recognized in the Gartner UCaaS Magic Quadrant

  Last week you may have noticed that Gartner, Inc. positioned Sangoma in the 2022 Gartner® Magic Quadrant for Unified Communications as a Service. Sangoma is one of only twelve other companies placed in 2022 and one of six to appear consecutively for the last eight years.

  

  “We are thrilled to be recognized again in this year’s Gartner UCaaS Magic Quadrant,” said Sangoma Chief Marketing and Product Officer Jim Machi. “It’s gratifying to be independently recognized for vision and execution. Sangoma has grown its position in the top tier of cloud communications companies. Sangoma offers the widest set of cloud communication services in the industry, all engineered in-house, to offer partners and customers a single-source, business-oriented cloud-native communications portfolio. UCaaS is the centerpiece of this strategy, but this complete vision goes beyond that to include CCaaS, Video Meetings as a Service, Collaboration, CPaaS, etc., so this recognition is exciting for Sangoma, our partners, and our customers.”

  To read the full report, fill out the form on this page.

  The post Sangoma is Recognized in the Gartner UCaaS Magic Quadrant appeared first on Sangoma Technologies.

December 06, 2022

• Jitsi Trust, but verify: introducing user verification

  It’s been a while since we introduced End-to-End Encryption (E2EE) over two years ago. Back then we started with a simple model consisting of a passphrase everyone needed to type and later migrated to a model with randomly generated keys per participant. Each have different characteristic and we ultimately chose to stick with the latter. Today we are introducing a missing piece in the E2EE puzzle: user verification.

  User verification was not previously possible in Jitsi Meet. Just like our core E2EE we are basing our implementation on the Matrix protocol. Matrix’s libolm / vodozemac provide a Short Authentication String (SAS) mechanism implementation which developers can use. They even have great documentation on how it works, thanks Matrix!

  So, how does it work?

  First, you’d gather in a meeting and turn E2EE on.

  

  Now you’ll see a new option for each participant in their tile menu that allows you to verify them:

  

  After choosing to verify a user a dialog will open with a list of emojis:

  .

  Wait what? Emoji? These emojis conform the SAS. They have been carefully chosen to avoid ambiguity and make the process more user friendly than comparing random numbers. You can find more information in the Matrix spec.  You must verbally compare them with the other participant and if they match, mark it as verified.

  Once a user is verified this will be reflected in the user information tooltip:

  

  At this point you can be sure that not only your data is encrypted end-to-end, but also that there is no man-in-the-middle (MITM) attach happening.

  Availability

  User verification is currently available in Jitsi Meet master and deployed in beta. It will be part of the next stable release, but expect more improvements specially in the UX front.

  Thanks

  We’d like to thank Robertas Maleckas (ETH Zurich), Prof. Kenny Paterson (ETH Zurich) and Prof. Martin Albrecht (Royal Holloway, University of London) for their work researching Jitsi Meet’s E2EE and encouragement, and Matrix for their tools, which make implementing E2EE a much better experience.

   

  ---

  Please note that we still consider our E2EE experimental and are still working on improvements. Please make sure you check out our post on how end-to-end encryption in general does NOT offer a meaningful level of trust and protection when it comes to modern meetings services.

  Your personal meetings team.

  The post Trust, but verify: introducing user verification appeared first on Jitsi.

December 01, 2022

• Jitsi Introducing whiteboards in Jitsi Meet

  Trying to explain something to someone and they just don’t get it? If an image is worth a thousand words how about a diagram? Today we’re excited to announce the availability of whiteboards in Jitsi Meet – the missing piece for all those seeking an educational meeting solution and not only!

  

  We decided to stand in the shoulders of giants on this one. The core implementation comes from Excalidraw, an excellent whiteboarding piece of software, which is Open Source, of course. We made some tweaks and adjustments to have it fit in with our vision. We seek to provide an easy to use feature that enables participants to share ideas and brainstorm without having to seek a third party solution. From now on, meeting moderators can open a whiteboard and have everyone in the call sketch away.

  

  The interface supports a number of tools and settings that keep the collaboration interesting and effective. During a meeting, changes that a participant makes locally via the whiteboard are sent to a server to then distribute those updates only to devices of other participants in the meeting. The whiteboard content can be exported as a png or svg at any time during the meeting, so all that hard work doesn’t go to waste.

  

  If you’re using meet.jit.si, you can go ahead and play with the whiteboard in your meetings right away! For those self-hosting, it can be enabled from the config file, and you’ll need to deploy this simple backend.

  As you might already know, we’re firm believers in the power of Open Source, we seek to collaborate with other communities to build solutions everyone can use and we’re excited to bring more to this feature in the future!

  Your personal meetings team.

  ---

  Author: Mihaela Dumitru

  The post Introducing whiteboards in Jitsi Meet appeared first on Jitsi.

November 30, 2022

• Enable Security DDoS simulation tutorial, WebRTC IP leak and vulnerable RTC libraries
  It is the end of November and with it, we bring some of our own publications and coverage of various advisories, papers and news items in the VoIP and WebRTC security world. In this edition, we cover: How to simulate DDoS attacks on your own Details about the new WebRTC IP leak issue Coverage of interesting talks at Blackhat and TADSummit Advisories concerning Sofia-SIP, Drachtio, PJSIP and more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

November 29, 2022

• Enable Security How to perform a DDoS attack simulation
  TL;DR A DDoS simulation is a practical exercise that various organisations are capable of doing. Understand the reasons why you would want to do this, then combine custom with off-the-shelf attack tools. Follow the best practices, apply solutions and mitigation; and you can finally answer: what if we got attacked? Introduction In this post, we give an overview of how you too can perform your own distributed denial of service (DDoS) simulation exercises.

November 22, 2022

• Digium Multi-Location UCaaS and Multi-Location Connectivity Services

  Sangoma is very proud and honored to be able to service multi-location businesses with our UCaaS system and MSP services. A common dialing plan among the different physical businesses, physical phones that are tightly tied to the UC system, mobile and desktop clients to augment the desk phone, and having a CPaaS system that can enable multi-location business unique requirements to be added to our UCaaS solution has enabled Sangoma to service these businesses well with our UCaaS solutions.

  Beyond UCaaS, though, Sangoma, through its acquisition of NetFortris, now offers connectivity and security services that can be tailored to bring the best connectivity solution to the needs of the overall multi-location business and each of the specific physical buildings. It is hard to manage what is the best connectivity solution, which provider to get it all from, all the different bills, etc. That’s understandable, for sure. The IT department needs to be expert at everything, and that’s downright impossible.

  Someone like Sangoma can determine the best price, the best type of connectivity solution, and the best provider for each location and manage the network for you. You likely do not need the same bandwidth for each building, and the network provider may most likely offer a different economical service all around. Let someone else figure that all out for you and take care of all that for you.

  As your UCaaS provider, it makes sense to get all this from us. We understand the networks, and we’re monitoring the UCaaS anyway, so why not have us manage and monitor your internet connectivity as well?

  And we can also offer you SD-WAN services with this connectivity so that you can get the most efficient routing, a more stable internet (because of the use of multiple connections), and cost savings. And, of course, monitoring by Sangoma. Learn more about our MSP services here.

  The post Multi-Location UCaaS and Multi-Location Connectivity Services appeared first on Sangoma Technologies.

November 21, 2022

• Digium As a Voice Service Provider, How Has the FCC’s Updated Deadline on STIR/SHAKEN Compliance Affected Your Business?

  A few months ago, the FCC released a public notice reminding non-facilities-based “small voice service providers”, that they must implement the STIR/SHAKEN caller ID authentication framework in their Internet Protocol networks no later than June 30, 2022.

  Is this a surprise to you? Well perhaps, considering a 2 year extension was granted to small VPS (those with 100,000 or fewer voice access lines) from the original deadline of June 30th, 2021. So why the sudden change in deadline? What happened was an overwhelming amount of robocalls were observed to be originating from these small VSP from the time that deadline was announced, so much so, the FCC decided to cut the extension by 1 year, significantly moving up the deadline.

  In summary, as a small voice service provider you are no longer subject to a two year extension and must update your certifications and associated filings in the Robocal Mitigation Database (RMD) and implement the authentication framework by June 30, 2022 (which of course has passed at this point in time) or be subject to ”appropriate enforcement action” by the FCC.

  We know that it’s a lot of work, time, and money spent to become compliant. To implement STIR/SHAKEN into your voice network, you’ll likely need to provision a cost-prohibitive session border controller (SBC) or a SIP proxy, which can significantly alter the way you route traffic to your partners. This can create unexpected consequences for you, such as billing, for instance, not to mention the network maintenance and monitoring that’s required for these new points of failure.

  The deadline for compliance has already passed for non-facilities-based providers. Don’t risk waiting for the FCC to contact you and be put under extreme pressure. We have a Zero-maintenance call signing solution for you!

  VI Communication Services’ Call Signing Services help you become compliant, simply by sending your phone calls to our voice network. On our side, we will provision a dedicated server to host your unique certificate and sign calls on your behalf, using the attestation rules that you yourself configured. That’s all! No additional hardware or network maintenance required. We take care of everything for you so that you can focus on running your business. View our product slick.

  Learn more about our Call Signing Service today. We are sure it will save your business the unwanted hassle of STIR/SHAKEN compliance!

  The post As a Voice Service Provider, How Has the FCC’s Updated Deadline on STIR/SHAKEN Compliance Affected Your Business? appeared first on Sangoma Technologies.

• ng-voice Placing cloud-native solutions at the heart of private network deployments

  Private networks are steadily gaining ground as operators, enterprises and private providers set their sights on the opportunities cloud-native solutions bring about. Having a dedicated private network brings with it a new realm of possibilities, underpinned by enhanced connectivity. Add to this, the prospect of new revenue generation through better solutions, products, or offerings by the operator, enterprise, or private network provider, and arguably private networks could have several value-added benefits. 

   

  But deploying a successful private network is no easy feat—it requires the right solutions, both at the core of the network, and at the edge; the right partners, who embrace the same ways of working and strive towards a common goal; and importantly, the right application or use case. 

   

  At ng-voice, we believe that the key to private network success lies in embracing cloud-native principles. A private network—by definition—is there to give the end customer greater flexibility and agility over their connectivity solution, enabling them to push the limits of their organization and embrace new technologies such as Internet of Things (IoT) and Artificial Intelligence (AI) to increase their productivity. Moving to cloud-native principles when building and deploying a private network will help operators, enterprises, and private network operators enabling this agility and their end-customers to benefit from the many opportunities set to be unlocked by private networking.

   

  So what do these principles look like?

  First, cloud-nativity is about being cloud-agnostic. Solutions should be deployable on any infrastructure, whether private (bare metal) or public cloud. Second, solutions should embrace a CI/CD approach whereby automation is implemented throughout integration, delivery, and deployment. Third, cloud-native solutions must be scalable and adapt capacity loads accordingly, as well as provide load balancing and service discovery.

   

  Finally, continuing to put automation at the heart of cloud-nativity, such solutions must be self-healing to identify and replace failed components to maximize and maintain service availability at all times. 

   

  But cloud-nativity isn’t simply a set of principles, it’s also a culture, and a mindset. It must be embraced across the entire organization, across entire teams. In a private network scenario, where multiple partners come together to deploy a single solution, being aligned on cloud-nativity principles can bring significant benefits to the end solution and end customer.

   

  An IMS core fit for purpose

  By embracing the principles of cloud-nativity and containerization, our fully containerized cloud-native IMS solution brings to private network deployments greater scalability, being able to scale resources up or down, according to changing needs and requirements. In addition, our solution delivers increased efficiency thanks to the automation embedded in the delivery of our voice services—human intervention is significantly reduced therefore reducing the risk of disruption, and the management of voice applications is made easier and quicker.

   

  Finally, our solution is also more cost-effective thanks to our deployment model and use of cloud-native technologies. For private network deployments, in which voice is still a key requirement, being able to make cost-savings without compromising on the quality of service will be an important factor in selecting the right partner. 

   

  To find out more about ng-voice and how its fully containerized cloud-native IMS solution could be the ideal choice for your private network deployment, write to sales@ng-voice.com visit our website, or follow us on LinkedIn to know more about what we do.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Varun Jain

  Customer Solution Architect

  Publisher Bio

  Varun Jain is a Customer Solutions Architect for the Sales Team, he has over 16 years of experience in telecom industry, working for companies like Ericsson India Global services PVT LTD and NOKIA.

November 16, 2022

• WebRTC Hacks Revealing mediasoup’s core ingredients: Q&A with Iñaki Baz Castillo
  

  I interviewed mediasoup’s co-founder, Iñaki Baz Castillo, about how the project got started, what makes it different, their recent Rust support, and how he maintains a developer community there despite the project’s relative unapproachability. mediasoup was one of the second-generation Selective Forwarding Units (SFUs). This second generation emerged to incorporate different approaches or address different use cases a few years after the first generation of SFUs came to market. mediasoup was and is different. It is node.js-based, built as a library to be part of a serve app, and incorporated the Object-oriented approaches used by ORTC – the alternative spec to WebRTC at the time. Today, mediasoup is a popular SFU choice among skilled WebRTC developers. mediasoup’s low-level native means this skill is required.

  The post Revealing mediasoup’s core ingredients: Q&A with Iñaki Baz Castillo appeared first on webrtcHacks.

November 10, 2022

• Digium What are Managed IT Services?

  A managed IT service is an information technology (IT) task provided by a third-party service provider and delivered to a business customer.

  “Managed services” refers to outsourcing information technology (IT) processes and functions to improve operations and reduce expenses. It’s a way to augment your company IT staff with access to specialized expertise and not worry about the cost and complexities of hiring and staffing for 24/7/365 critical business functions.
  Managed services are ideal for companies that:

  • Rely on IT infrastructure to support their daily business operations
  • Have training or specialty gaps in their IT staff or have teams that have become bogged down in routine maintenance and cannot focus on value-generating objectives
  • Need IT budget predictability and scalability

  What are Managed IT Solutions?

   
  Businesses outsource a plethora of IT-related services to managed IT solutions providers, including:

  • Cloud Communications – This encompasses multiple communications technologies from business phone systems, VoIP calling, email, chat, video conferencing and collaboration, unified communications-as-a-service (UCaaS), virtual call centers, SIP trunking, and more.
  • Networking – A service provider typically develops, controls, and manages communication networks. Services typically offered include:
    • Internet access
    • SD-WAN for network optimization and traffic prioritization
    • Network switches
    • Wireless local area networks (LANs)
    • Wide area networks (WANs)
    • Virtual private networks (VPNs)
    • Wi-Fi and other forms of connectivity
  • Security – Cybersecurity is a specialized field with a range of services encompassing a comprehensive solution that secures an organization’s network and devices on (or off) that network. Services typically include:
    • Next-generation firewalls (NGFW)
    • Backup and disaster recovery
    • Endpoint detection and response (EDR)
    • Managed detection and response (MDR)
    • Remote monitoring and management (RMM)
    • Multi-factor authentication (MFA)
    • Unified threat management (UTM)
    • Patch management
    • Email security
    • DNS protection
    • Security awareness training

  What is a Managed IT Service Provider?

   
  In a managed service arrangement, the managed service provider (MSP) is responsible for the functionality of IT services and equipment for the client, who typically pays on a monthly retainer basis.

  Companies that offer managed services are called managed service providers (MSPs). MSPs are third-party companies that remotely manage IT infrastructure and systems. Small and medium businesses (SMBs), nonprofits, government agencies, and enterprises across various industry verticals leverage MSPs to deploy and manage technology solutions.

  Typically, an MSP delivers applications and management services through the Internet under a contractual service-level agreement (SLA). The SLA details qualitative and quantitative performance metrics that govern the MSP and customer engagement.

  Key Benefits of Managed IT Service Providers for Businesses

  • Reduced technology costs
  • Domain expertise
  • Specialized talent
  • Scalability
  • Emerging tech know-how
  • Future-proof environments

  MSPs handle complex or repetitive tasks required to maintain a client’s IT infrastructure and typically are engaged in managing the following activities:

  • Sourcing and managing IT infrastructure
  • Delivering managed communications and collaboration services
  • Offering technical and software training and support
  • Sourcing and managing security solutions
  • Managing client user accounts in applications and portals
  • Handling contract management for underlying technology vendors
  • Assisting with compliance and risk management
  • Managing third-party contractors
  • More

  Why Outsource to a Managed IT Service Provider?

   
  Businesses of all sizes typically offload the management of select IT services for these key reasons:

  • Issue-Resolution Ownership – MSPs working with you in an ongoing capacity are incented to focus on preventing problems and quickly address issues to continue to win your business each month.
  • Solution Stability – MSPs provide 24/7/365 monitoring and proactive maintenance, which means they can respond to issues quickly and head off system failure and downtime in advance.
  • Predictable Costs – Expenses fit neatly into monthly payments, eliminating the need for significant capital outlays to deploy services. Likewise, you never get an unforeseen bill for something that breaks.
  • Infrastructure Modernization – MSPs go beyond just fixing your existing systems. They provide recommendations and create migration plans for upgrades to new and modernized versions of your underlying network infrastructure components while keeping them up to date and in alignment with your technical and business objectives.

  Ready for Worry-Free Managed IT for Your Business?

   
  Sangoma makes it painless to access a complete suite of managed networking, security, and business communications solutions customizable to your organization’s unique needs.

  The post What are Managed IT Services? appeared first on Sangoma Technologies.

• Jitsi Low-latency conference streaming to very large audiences

  Jitsi today supports life-streaming conferences to large audiences through our Jibri tool – this tool renders all the media from the conference, and forwards it to a streaming service such as YouTube.

  This approach works, but it has limitations.  In addition to being computationally expensive, it also introduces substantial latency to the media.  This can be a problem when interaction is needed between the participants in the conference and the audience, for example for a text-based question-and-answer session.

  This article will describe a new approach to live-streaming media, which uses Jitsi’s builtin functionality, without transcoding, to reach potentially very large audiences with latency comparable to that of a live conference.

  Overview

  The basic approach to media distribution for this solution is straightforward – simply forward media to all the audience members in the same way that they are forwarded today to conference participants – i.e. as individual RTP streams over WebRTC.  This can re-use Jitsi’s existing well-tested technology to distribute the media and have it arrive at receivers and be played out to viewers.

  The challenge, of course, is to scale Jitsi’s back-end services so they can support sending media to very large numbers of viewers, potentially in the hundreds of thousands or more.  The rest of this article will discuss some of the architectural enhancements we need to make to Jitsi to support this.

  The first insight that will make this possible is to realize that in a streaming scenario, while the conference’s active participants need to know that they are being watched by an audience, they don’t need to know all the audience members’ identities or presence in real-time; nor do the audience members need to know about each other.  Thus, the system can be modified such that presence information about individual audience members is not sent to other conference participants, or to unnecessary parts of the backend; this reduces the amount of signaling traffic substantially.

  The second substantial change that we are making to the backend is to be able to have more sophisticated topologies for the Jitsi Videobridges to relay media among them.  Currently, when more than one Jitsi Videobridge is used in a conference (in Jitsi’s Octo/Relay technology), the bridges are connected to each other in a full mesh.  This topology minimizes the latency for media, but would not scale to very large conferences, where e.g. hundreds of thousands of participants might need several hundred bridges.  If every bridge in such a conference were connected to every other one, the bridges could be overloaded just sending media out.

  Instead, we are developing technology that can arrange bridges into more elaborate topologies.  In particular, our plan for very large conferences is to still have the conference’s active participants be connected to bridges which are arranged in a mesh; but the audience members would then be connected to bridges whose interconnection forms a tree extending from various nodes of the core mesh, so that the core media servers would only need to send media out to a limited number of connections to the audience’s bridges, which would then be forwarded out to the audience, possibly relaying through multiple bridges on the way.

  

  Finally, changes need to be made for the signaling servers used by the Jitsi back-end.  While information about audience members only needs to be propagated to selected back-end infrastructure servers, information about a conference’s active participants needs to be forwarded to the entire audience.  The existing XMPP servers that the Jitsi back-end uses aren’t designed for this level of load.  Thus, we are developing solutions such that this participant information can be mirrored from one XMPP server to another, allowing each server to handle only a manageable number of client connections while still getting the information to the entire audience quickly.

  Stay tuned!

  Your personal meetings team.

  ---

  Author: Jonathan Lennox

  The post Low-latency conference streaming to very large audiences appeared first on Jitsi.

November 08, 2022

• Digium UCaaS as PBX Replacement: Part 2

  In my last blog, I wrote about a customer just wanting basic PBX features from “25 years ago” and whether it was possible to buy a business phone system today that would be able to effectively replace one of these older systems.

  The answer is “of course you can get a phone system” that handles the PBX feature requirements from 25 years ago. And it will do exactly what you want it to do, and are used to doing, in terms of calling and call routing and audio conferencing and voice mail, etc. And it can still be on-premises if you wish, but it can also run in the cloud. And you can use a handset just like your current system has. If this is what you want, we have it.

  But it will also come with other features, or the ability to add these features, because that is what many customers want today:

  • Chat
  • Presence
  • Video calling
  • Mobility (Calling to and from your smartphone and laptop)
  • Integrations to CRM systems
  • Ability to customize via adding applications (such as notification apps)

  So don’t be confused and don’t be afraid to upgrade because of the marketing buzzwords used today. You’ll have all your old features, but you’ll be able to use these new features as well. For instance, the mobility feature allows your business phone number to follow you around on your laptop and Smartphone – it will make you “look bigger” to your customers since you’ll be reachable more easily.

  Upgrade so you don’t put your business at risk because of a potentially failing old system. Come talk to us and we’ll be happy to help. PBXs are there today, just in different clothing.

  The post UCaaS as PBX Replacement: Part 2 appeared first on Sangoma Technologies.

• ng-voice ng-voice is now present in Budapest, Hungary

  We at ng-voice are excited to announce the opening of our new hub in the beautiful city of Budapest, Hungary. We are at an exciting point in the development of ng-voice: we have grown our team, expanded our client base, and started to further increase our global reach with the opening of our office in Budapest. 

   

  Our newly opened hub will initially host a dedicated support team and will be led by Emanuel Nemeti. The support team is responsible for responding quickly to any possible incident and guaranteeing a great customer experience with our fully containerized cloud-native IMS and its components. 

  

  Dedicated support team in Budapest, Hungary

  Emanuel, who joined us as support lead in Budapest, has 18 years of experience in management in EMEA, APAC, and US regions, offering quality service and support to companies all over the globe. He said “It’s is a great challenge to set up a new hub and team for ng-voice in Budapest. I’m excited to be working with talented engineers to provide fast and reliable responses to any impacting incident and deliver the best possible experience for our clients, monitoring all deployed solutions and proactively investigating alerts observed within the solution”. 

   

  We are thrilled with this achievement and we look at this new location as a significant milestone in our history. To learn more about our history and team, you can visit our about us page. 

  

  

  Khaled Amirian

  Employer Branding & Internal Marketing Specialist

  Publisher Bio

  During his academic and professional career, his curiosity to learn different business functions such as HR and marketing allowed him to gain valuable insights. Khaled aims to provide unique perspectives on topics in digital marketing and HRM. His interests in the digital world helped him become a key community member among Esports player.

November 03, 2022

• Digium Business Voice+ Named Cloud Computing Product of the Year by Cloud Computing Magazine

  We proudly announce that Business Voice+ was named the Cloud Computing Product of the Year Award, presented by Cloud Computing Magazine.

  Business Voice+ is Sangoma’s pure cloud deployment platform. Designed for businesses who want peerless call quality, communications flexibility, and exceptional system support, Business Voice is the perfect, zero-hardware option. With Business Voice, your business can leverage the power of a complete, end-to-end system from an intuitive, browser-based interface.

  The Cloud Computing Product of the Year Award honors vendors with the most innovative, practical, and beneficial cloud products and services deployed within the past year.

  Learn more about Business Voice+!

  The post Business Voice+ Named Cloud Computing Product of the Year by Cloud Computing Magazine appeared first on Sangoma Technologies.

October 31, 2022

• Digium UCaaS and the Education Industry: Equip Your School with Cutting-Edge Communications

  With Sangoma’s Education Solutions, School is Never Out for the Summer

  Education requires total commitment, and for good reason. After all, it involves nothing less than preparing young people for lifelong personal and professional success. Considering the stakes, school systems should prioritize high-quality and worry-free communications, but all too often they face challenges implementing and supporting the latest in telephony. Let’s explore why.

  Barriers to High-Quality School Communication

  School administrators are often confronted with funding shortfalls and end up scrapping IT investments. If that isn’t bad enough, many schools don’t have a permanent IT professional on staff, which means critical communications infrastructure goes unmaintained and improvements fall to the wayside.

  On top of this, user-friendliness inhibits the successful implementation of next-generation communications systems. Educators need systems they can easily pick up and run with, especially given the fact that “13.8 percent of U.S. teachers are either leaving their school or the profession altogether.” With this in mind, it’s clear that successful systems can’t require a steep learning curve. Educators need a solution that lets them focus on what matters most: teaching! 

  Thankfully, there is a solution that overcomes these not-so-insignificant barriers: Unified Communications as a Service (UCaaS). 

  What is UCaaS?

  Educators require an easy way to interact with parents, administrators, students, and coworkers. Many schools have answered that call by discarding existing telephony for cutting-edge voice over internet protocol (VoIP) solutions that pair high-quality voice with unified communication (UC) tools to create UCaaS systems. Uniting technologies like voice, video conferencing, instant messaging, email, SMS, and fax into a single platform, UCaaS is an affordable and customizable system that adapts to the needs of any school network. It can also have hugely positive implications for an organization’s overall effectiveness and culture, with recent survey data showing UCaaS translating to better productivity for 72% of respondents, higher collaboration for 91%, and faster problem solving for 88%.

  Ditch “Old-School” Methods

  “Parent notes” are a critical tool for keeping parents informed, but how often are they left in backpacks, found on the floor of the bus, or worse – eaten by the dog? With UCaaS in an educator’s corner, teachers can ditch these types of archaic communication methods in favor of crystal-clear voice or high-resolution video. Whether it be a one-on-one call with a co-worker or student, or a group video conference with parents, the flexibility maximizes the effectiveness of a school’s messaging by supporting whichever channel works best for the stakeholders involved. And this is just one example; the possibilities are practically endless when technology is on your side. 

  User-Friendly, Affordable Communications are as

  Easy as 1, 2, 3

  As a seasoned IT vendor successfully equipping schools with the best communication solutions for years, Sangoma has discovered an ideal way forward. By striking a much-needed balance through “must have” features while also remaining affordable, we ensure that schools will never be “out for the summer” or any other season when they work with us. 

  “It looks like we are saving about $400 a month so far,” said Sadie O’Brien, IT director for the Shiocton School District, after deciding to transition to [Sangoma] Switchvox.

  By eliminating up-front costs, Sangoma UC expertly walks the fine line between offering advanced communication features without straining an institution’s IT funding. Additional savings are gained from low annual fees, and the solution operates through an all-inclusive pricing model. This fixed, consistent, subscription-style billing structure fits comfortably within school system budgets. 

  What’s in it for You?

  Sangoma UC doesn’t just solve problems created by sparse technology budgets, it also addresses the administrative challenges faced by these institutions. The system can be administered via a single computer connected to the network – with no coding required. Everything is geared toward lowering the learning curve and easing the burden for education professionals right from the get-go. Let’s take a closer look at how it can impact some of the primary stakeholders within a given school district: 

  IT Professionals: IT support staff gain major advantages with Sangoma UC in that it requires no special software, hardware, or license keys – meaning there’s nothing to download or install. The entire system can be managed through a single pane of glass with customizable views and widgets. With a subscription-based model, dealing with lengthy updates or cumbersome maintenance becomes a thing of the past, instead transitioning to the vendor’s responsibility. 

  Teachers: The typical teacher is overworked and overwhelmed, meaning that any technology they use must always help, never hinder. Sangoma UC is simple and intuitive enough that teachers can simply pick it up and immediately start taking advantage of its mobility features, dedicated conference rooms, and more. 

  Administrators: Administrators within school districts have a lot on their plates – from tracking absences, to managing calls from parents and staff, to sending out alerts and emergency messages. Sangoma streamlines these workflows considerably with a full suite of easy-to-learn features, such as IVR, auto attendant, receptionist console, mobile and desktop apps, and RAY BAUM compliance.

  Move Education into the Future with Sangoma

  As a 100% web-based system, Sangoma UC centralizes communications and ensures access to all messages, applications, and tools, regardless of where users are or what device they’re using. 

  Having equipped more than 1,000 schools, we’re well aware of the communication challenges faced by school districts. This includes chronic problems with funding, adequate IT support, and the pressing need for high-quality anytime/anywhere connections between students, teachers, and parents. However, through our UCaaS system, schools can equip themselves with cutting-edge communications that provide comprehensive benefits for less time and effort. 

  Want to learn more about Sangoma and how it can transform your district? Download our free eBook today!

  The post UCaaS and the Education Industry: Equip Your School with Cutting-Edge Communications appeared first on Sangoma Technologies.

• Enable Security Celebrations, presentations and new VoIP security tools
  Welcome to a jam-packed edition of RTCSec newsletter for October. What have we this month? In this edition, we cover: This very newsletter is one year old! We’re looking for freelance pentesters to join us This time, 12 years ago in VoIP security incidents (Sality botnet scanning) Upcoming and past presentations of interest at TADSummit, CTI-Summit, Blackhat & ClueCon WebRTC security news: the “most secure VoIP” award and censorship busting New VoIP security tools and workshop by Jose Luis Verdeguer (Pepelux) And various security advisories, and other reports of concern RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

October 26, 2022

• Enable Security RTCSec newsletter is one year old!
  Roughly a year ago, we sent out the first RTCSec newsletter and have been doing so every month. Each time, we have covered more and more of our favourite topics, VoIP and WebRTC security. And now, it has become our primary way of keep up to date with what is happening, and our most regular publication too. If you are not yet subscribed, do so at https://rtcsec.com/subscribe. The next one is out in a few days!

October 25, 2022

• Digium UCaaS as PBX Replacement: Part 1

  Yes, there are still business systems called “PBX’s” out there. These are on-premises business phone systems that basically just did calling in and out of a building, offered voice mail, could perform an audio conference call, could forward a call, and had a some ‘advanced” calling features like ring groups, or sending group messages (i.e. recording a message, and then sending it to a group of people – like an email but you recorded the email), or call screening. The phone system that ran the business if you will.

  And they ruled the roost at one time. You learned many of the intricacies of these systems to be the most effective communicator out there, augmenting your email with these phone systems features.

  These systems are out there still. Not all have been upgraded yet. But they are old, and many of these systems are even out of maintenanace. Still chugging along…until they are not….
  As VoIP marched on and the internet networks became faster, other communication modes such as chat and video entered the fray, and the need to have the systems on-premises dissipated. Today’s UCaaS systems were born.

  And with it it came newfangled terminology. No more analog and digital. Seats, bandwidth, Unified Communications, trunking, hosted, cloud, multi-tenant, single-tenant, collaboration, single sign-on, UCaaS, mobility, and CPaaS are now typical words used.

  But this doesn’t mean the requirements of the PBXs of 25 years ago are different. The need to have a phone system that “runs the business” is still there. And I’ve had some prospects / customers kind of wondering what is going on – “can’t we just get a phone system?”. And these prospects have not upgraded since it’s kind of confusing to them. They want to, because they know the “chugging along” at some point will simply stop, but they don’t want to make a mistake, or buy something they won’t be able to work well.

  The answer is “of course you can get a phone system”. I’ll talk about this more in my next blog.

  The post UCaaS as PBX Replacement: Part 1 appeared first on Sangoma Technologies.

• WebRTC Hacks How Cloudflare Glares at WebRTC with WHIP and WHEP
  

  WebRTC blackbox reverse engineering experts Gustavo and Fippo take a look at Cloudflare's new WebRTC implementation, how Cloudflare uses the new WebRTC-based streaming standards WHIP and WHEP, and the bold pronouncement that they can be a replacement to open source solutions.

  The post How Cloudflare Glares at WebRTC with WHIP and WHEP appeared first on webrtcHacks.

• ng-voice Understanding 3GPP

  When it comes to developing new telecom technologies, there are hundreds of different factors to consider. Yet one crucial aspect of this process that cannot be overlooked is ensuring compliance with industry standards.

  About 3GPP

  The 3rd Generation Partnership Project (3GPP) is a collection of organizations that develop and recommend standards for the telecommunications industry. 

   

  The collective was initially formed in December 1998 when the European Telecommunications Standards Institute (ETSI) partnered with other standard development organizations to evolve the new technologies for the third generation (3G) of cellular networks. Since its formation, 3GPP has developed the most widely used 3G standard, as well as global fourth-generation (4G) and fifth-generation (5G) standards. 

   

  Technology engineers are advised to follow these principles when developing their products. The global technical specifications ensure compatibility between components because those standards are governing how those different systems and devices are built around the globe.

   

  The adoption of SIP by the 3rd Generation Partnership Project (3GPP) as a call control protocol was a major milestone for the standardization world as the IMS architecture became the first SIP-based standard commercial system, setting the guideline for following developments. Driven by the demand for multimedia communication services, the industry had to search for an efficient way to deploy those services in the existing and new networks. Wireless telecommunication operators and vendors had to adapt quickly, enabling a rapid introduction of IP and SIP services into their network through the IMS. The standardization effort has been driven by the 3GPP in close work with the Internet Engineering Task Force (IETF) to ensure the harmonization of standards.

   

  SIP standards set the baseline for the creation of CSCF and other functional elements in the IMS network, ensuring the interoperability of various network elements (UE, CSCF, etc), defining basic communication rules between the elements, and setting the guidelines for interconnecting with other network architectures. The standard body comprises the standards for data plane, user plane as well as session control in the SIP network.

  Why is it important for vendors to be standards-compliant

  There are a number of reasons why observing 3GPP principles is beneficial to vendors and operators alike, these include:
  

  Interoperability: 

   

  Operators will often look to integrate different technologies from multiple sources and vendors. Adhering to 3GPP’s standards allows vendors to incorporate best-in-class methodologies, processes, and engineering specifications, ensuring that the technologies required by operators all ‘speak the same language’ and can effectively integrate with one another. 

   

  Importantly, while 3GPP encourages companies to adhere to a specific standard, it does not stifle innovation or differentiation in the market as no limit is placed on how vendors develop and incorporate software together. 

  
  

  Scalability: 

   

  Talking of scalability, by meeting the standards set out by 3GPP, vendors, and operators can avoid a ‘rip and replace’ approach to existing infrastructure, making the deployment process faster and more cost-effective for all involved. Developing technologies in such a way that they’ll easily fit in with existing systems and can be easily adapted depending on growing subscriber bases, also allows for greater scalability as operator networks change and evolve. 

  
  

  Global reach: 

   

  The ability of customers and businesses to use their devices in multiple countries can also be attributed to the principles developed by 3GPP. Through these standards, network equipment can be manufactured and operated around the world, with no restrictions on usage – a huge development for the industry and a crucial factor for operators seeking scalability beyond their home borders.

  Going one step further

  The above factors are crucial to operators. However, the benefits of standardization go a step further and encourage greater collaboration across the industry. Technology developers are all working towards the common goal of furthering innovation in telecommunications, and by following the same standards and developing interoperable solutions, this can be done collectively, for the future of the industry. 

   

  ng-voice’s cloud-native IMS VoLTE / VoNR solution is standard-compliant, ensuring that it follows the principles laid out by 3GPP and can be integrated alongside other vendor technologies. 

  To find out more about our cloud-native voice solution, contact our team at: sales@ng-voice.com or learn more here. 

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Andrii Pogrebennyk

  Software engineer and team lead

  Publisher Bio

  After years of experience in VoIP in Ukraine and Austria, Andrii joined ng-voice as a Software Engineer and is using his vast knowledge of telco-specific protocols and Kamailio programming to further develop our fully cloud-native and standard-based IMS core.

October 20, 2022

• ng-voice A5G Networks and ng-voice partner to deliver cloud-native 4G and 5G solutions to enterprises

  The strategic partnership makes it easier to deploy and manage end-to-end public and private network solutions

  October 20th, 2022 | Berlin, Germany

   

  ng-voice, leading provider of a fully containerized and cloud-native IMS solution for the telecom market, and A5G Networks, a leader in distributed and autonomous 4G, 5G, and WiFi converged packet Core Software for private and public networks, today announced a strategic partnership that will make LTE and 5G networks more accessible and easier to deploy for enterprise customers. ng-voice’s fully containerized cloud-native IMS combined with A5G’s cloud-native autonomous packet core will simplify the development of new features, deployment, and management of a complete network reducing time-to-market and resource requirements.

   

  The market for private networks is currently growing rapidly. In many countries, spectrum is now being awarded not only to MNOs and MVNOs but also to enterprises to deploy private networks, especially to support IoT use cases. Cloud-nativity, in these cases, is key to unlocking the full benefits of connectivity, making networks more flexible, agile, and cost-efficient. The partnership aims to target this market globally with end-to-end cloud-native network solutions.

   

  ng-voice developed the industry’s first truly cloud-native IMS – the critical component to deploy VoLTE and VoNR. ng-voice’s solution is cloud-and-infrastructure-agnostic, with highly automated deployment and operation processes, flexibility and reliability to scale (up and down), standard compliance to 3GPP, and a minimal resource footprint.

   

  The vision of A5G Networks is to enable and accelerate the upcoming transition to distributed and autonomous mobile network of networks for hybrid and multi-cloud deployments. Its unique IP helps realize significant savings in capital and operating expenditures, reduces energy requirements, improves quality of user experience, and accelerates adoption of new business models. A5G Networks will enable deployment of enterprise private networks, connected car networks, new public mobile networks and play a pivotal role in upcoming smart city projects.

   

  According to Kaitki Agarwal, Founder, President, and CTO of A5G Networks, Inc “5G is a powerful innovation platform, which combined with cloud-nativity has the power to transform the way mobile networks are deployed and operated. This strategic partnership with ng-voice takes us one step further in providing a truly cloud-native network solution and helping enterprise customers unleash their networks’ full potential. We are thrilled to partner with a like-minded company such as ng-voice.”

   

  David Bachmann, CEO of ng-voice, “being fully containerized and cloud-native, our IMS integrates perfectly with A5G’s portfolio, allowing enterprises to deploy VoLTE and VoNR with a high level of automation and resource-efficiency, resulting in more flexibility, agility, and cost-savings. We are very excited about this partnership and hope to keep pushing to deliver the most innovative cloud-native network solutions to the market”. 

  About ng-voice

  ng-voice GmbH is committed to building the next generation of 100% software-based mobile networks, combining DevOps with telecommunications expertise. ng-voice’s fully containerized and cloud-native IMS core is scalable, flexible, and easy to deploy and manage, offering communication service providers and enterprises of any size innovative voice services on LTE/5G networks.

   

  Follow ng-voice:

  LinkedIn: www.linkedin.com/company/ngvoice

  Twitter: twitter.com/ngvoice

  Web: www.ng-voice.com

  Email: info@ng-voice.com

   

  Press contact for ng-voice

  Barbara Silva – barbara@ng-voice.com

  About A5G Networks

  A5G Networks Inc. is a leader and innovator in enabling autonomous networks of Networks and brings deployment flexibility, energy savings and cost reductions for enterprises and service providers. The company is headquartered in Nashua, NH, USA with offices in Pune MH, India. To learn more about A5G Networks, visit www.a5gnet.com

   

  Follow A5G Networks, Inc.

  Linkedin: linkedin.com/company/a5gnet 

  Twitter: twitter.com/A5gNetworks

  Email: info@a5gnet.com

   

  Press contact for A5G Networks

  PR@a5gnet.com

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

October 11, 2022

• Digium Let’s Revisit Hot Desking

  Back in June, I wrote a blog about hot desking. And I wrote at the time “But is hot desking of a physical phone an obsolete concept with Unified Communications? Does it even need to be in RFPs anymore? Because with UC, you can make and take phone calls with your work extension from your computer, or from your smartphone, via a UC client. I can do that no matter where I sit in the office.”

  Now, 4 months later, I got an email from a reader asking if I wanted to take that back because with the return to the office, many companies are going to hybrid models. Hybrid, to many, in addition to working both in the office and at home, means there are fewer offices. Because companies have downsized the physical space to save money.

  And now when you show up to the actual office, instead of going to a specific office or cubicle, you might just have to go find a place to sit. And so the phone at the “place to sit” is not hard wired with your extension. What I wrote is still valid and maybe even more-so if this is what hybrid means.

  What I will acknowledge, though, is that maybe there are some specific jobs where the company wants you on a deskphone, instead of on your smartphone, or the UC app. Security issues, for instance might come into play. So yes, I can see this being a part of RFPs with a hybrid environment if the use demands a physical phone while at the office.

  But if the UC client is used when working from home, what’s the difference if you are at home or in the office? Mobility is mobility. That’s all I’ll say.

  The post Let’s Revisit Hot Desking appeared first on Sangoma Technologies.

• WebRTC Hacks Post-Peak WebRTC Developer Trends: An Open Source Analysis
  

  WebRTC had its peaks during the pandemic, but how is it doing now? Did all those new projects die, putting the community back at pre-pandemic “normal” levels or is WebRTC still going strong? I built and analyzed a dataset from over a million GitHub’s events since 2019 to help answer are there many new WebRTC-related repos, how many new users is WebRTC attracting, is the community coding as much as it used to, how are new API's like Insertable Streams and WebCodecs doing?

  The post Post-Peak WebRTC Developer Trends: An Open Source Analysis appeared first on webrtcHacks.

October 06, 2022

• ng-voice Sustainability in the telecommunications industry – challenges and opportunities

  Nowadays, it’s difficult to ignore the words sustainability, climate action, or carbon neutrality—and quite rightly so. 

   

  According to data from this 2021 BCG report, as an industry, telecoms generate 1.6% of all carbon emissions (almost 90% of which comes from Scope 3 emissions). Indeed, the overall ICT sector which comprises telecoms is responsible for 3-4% of all global emissions, and shockingly, equating to twice the levels of the aviation industry. If left unmanaged, the telecoms industry could be responsible for up to 14% of global CO2 emissions by 2040. This will only grow as data demands increase and consumers own more devices. This is forcing severe conversation about sustainability and net zero ambitions amongst service providers and vendors. 

   

  In an attempt to remedy the impact telecoms has on our planet, the industry — led by the GSMA — has set ambitions to transform itself to reach Net Zero carbon emissions by 2050. The GSMA is also encouraging the industry to think about how operators can support the United Nations’ Sustainable Development Goals (SDGs), by embedding these into their overall corporate social responsibility (CSR) strategy and prioritizing relevant goals that will see them have the greatest impact. In fact, some major operators are now leading the change by adopting SDGs as a key part of building a greener future and helping society thrive.

   

  So as mobile data continues to grow, legacy networks are being shut down and more 5G networks are deployed, how can the industry curb its impact on carbon emission and on our planet? One option is to look at more resource-efficient software solutions, such as cloud-native software. 

  How does sustainability relate to cloud-native solutions?

  A report by Accenture suggests that migrating to the cloud would lower the IT Industry’s Carbon Emissions to an equivalent of taking 22 million cars off the road, apart from resulting in 30-40% total cost of ownership (TCO) savings.

   

  As the first fully containerized and cloud-native IMS in the market, our solution’s resource footprint is dramatically lower than that of traditional legacy solutions — which not only presents a huge OPEX saving for our customers but also proves to be a more sustainable and energy-efficient option. 

   

  To learn more about our cloud-native IMS solution and how it could contribute to reducing your network’s overall resource footprint, contact our team at: sales@ng-voice.com or click here to find out more.

  

  Share this article via:

  Share on facebook

  Facebook

  Share on linkedin

  LinkedIn

  Share on twitter

  Twitter

  

  Barbara Silva

  Marketing Lead

  Publisher Bio

  After 10 years of working for Telefonica as a Business Development and Marketing Manager, along with developing serval projects in Latin America. Barbara’s plans to connect and share her own experience in Branding and growth strategies with the readers. She enjoys talking about any topics, from Netflix series to Politics, making her a versatile and fun person to talk to.

October 04, 2022

• Digium Sangoma Announces Several Executive Appointments Including Chief Financial Officer Transition

  MARKHAM, Ontario, Oct. 03, 2022 (GLOBE NEWSWIRE) — Sangoma Technologies Corporation (TSX: STC; Nasdaq: SANG) (“Sangoma” or the “Company”), a trusted leader in delivering cloud-based Communications as a Service solutions for companies of all sizes, today announced several executive appointments to help position the company for ongoing growth.

  Mr. Larry Stock, the Company’s former Chief Corporate Officer, has been appointed Chief Financial Officer effective October 3, 2022. He succeeds Mr. David Moore, who is transitioning into the role of EVP, Corporate Development, to lead Sangoma’s merger and acquisition efforts. And Mr. Jamie Minner has been named Sangoma’s new Chief Revenue Officer.

  “I would like to congratulate Larry, David and Jamie on their new executive appointments,” said Bill Wignall, Sangoma’s President and Chief Executive Officer. “With David’s contributions to our growth over several years, his deep knowledge of Sangoma, and his M&A experience, we are counting on him to lead our acquisition efforts. Larry’s appointment as CFO is one of the many steps we are taking to deepen our executive team, in order to prepare for our continued growth as a dual-listed public company. And I am very confident that Jamie will really drive that growth, in his new role as Sangoma’s CRO.”

  Larry Stock was the CFO of Star2Star when it was acquired by Sangoma in March 2021 and prior to that, had a 22-year career at Jabil (NYSE: JBL), a company with over $20 billion in revenue, where he held a number of executive finance and leadership roles including Chief Audit Executive, Divisional Chief Financial Officer, VP of Risk & Assurance, and Chief Risk Officer. David Moore has been with Sangoma for over a decade in his capacity as Sangoma’s CFO, contributing to the company’s exceptional progress. And Jamie Minner joined the Sangoma family through the NetFortris acquisition, prior to which he held executive sales and leadership roles in the cloud communications industry for over 20 years with such companies as TPx Communications, Momentum Telecom, Comcast, and Cbeyond.

  About Sangoma Technologies Corporation
  Sangoma Technologies is a trusted leader in delivering value-based Communications as a Service (CaaS) and Managed Service Provider (“MSP”) solutions for businesses of all sizes. Sangoma’s cloud-based communication services include Unified Communication (UCaaS) business communications, Contact Center as a Service (CCaaS), Video Meetings as a Service (MaaS), Collaboration as a Service (Collab aaS), Communications Platform as a Service (CPaaS), Trunking as a Service (TaaS), Fax as a Service (FaaS), Device as a Service (DaaS), and Access Control as a Service (ACaaS). In addition, Sangoma offers a full line of communications Products, including premise-based UC systems, a full line of desk phones and headsets, and a complete connectivity suite (gateways/SBCs/telephony cards). Sangoma’s products and services are used in leading UC, PBX, IVR, contact center, carrier networks, office productivity, and data communication applications worldwide. Sangoma is also the primary developer and sponsor of Asterisk and FreePBX, the world’s two most widely used open-source communication software projects.

  Sangoma Technologies Corporation is publicly traded on the Toronto Stock Exchange (TSX: STC) and Nasdaq (Nasdaq: SANG). Additional information on Sangoma can be found at: www.sangoma.com.

  CONTACT: Sangoma Technologies Corporation
  Samantha Reburn
  General Counsel
  (905) 474-1990 ext. 4134
  sreburn@sangoma.com

  The post Sangoma Announces Several Executive Appointments Including Chief Financial Officer Transition appeared first on Sangoma Technologies.

September 30, 2022

• François Marier Upgrading from chan_sip to res_pjsip in Asterisk 18

  After upgrading to Ubuntu Jammy and Asterisk 18.10, I saw the following messages in my logs:

  WARNING[360166]: loader.c:2487 in load_modules: Module 'chan_sip' has been loaded but was deprecated in Asterisk version 17 and will be removed in Asterisk version 21.
  WARNING[360174]: chan_sip.c:35468 in deprecation_notice: chan_sip has no official maintainer and is deprecated.  Migration to
  WARNING[360174]: chan_sip.c:35469 in deprecation_notice: chan_pjsip is recommended.  See guides at the Asterisk Wiki:
  WARNING[360174]: chan_sip.c:35470 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Migrating+from+chan_sip+to+res_pjsip
  WARNING[360174]: chan_sip.c:35471 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Configuring+res_pjsip
  

  and so I decided it was time to stop postponing the overdue migration of my working setup from chan_sip to res_pjsip.

  It turns out that it was not as painful as I expected, though the conversion script bundled with Asterisk didn't work for me out of the box.

  Debugging

  Before you start, one very important thing to note is that the SIP debug information you used to see when running this in the asterisk console (asterisk -r):

  sip set debug on
  

  now lives behind this command:

  pjsip set logger on
  

  SIP phones

  The first thing I migrated was the config for my two SIP phones (Snom 300 and Snom D715).

  The original config for them in sip.conf was:

  [2000]
  ; Snom 300
  type=friend
  qualify=yes
  secret=password123
  encryption=no
  context=full
  host=dynamic
  nat=no
  directmedia=no
  mailbox=10@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  
  [2001]
  ; Snom D715
  type=friend
  qualify=yes
  secret=password456
  encryption=no
  context=full
  host=dynamic
  nat=no
  directmedia=yes
  mailbox=10@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  

  and that became the following in pjsip.conf:

  [transport-udp]
  type = transport
  protocol = udp
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  
  [2000]
  type = aor
  max_contacts = 1
  
  [2000]
  type = auth
  username = 2000
  password = password123
  
  [2000]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  direct_media = no
  mailboxes = 10@internal
  auth = 2000
  outbound_auth = 2000
  aors = 2000
  
  [2001]
  type = aor
  max_contacts = 1
  
  [2001]
  type = auth
  username = 2001
  password = password456
  
  [2001]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  direct_media = yes
  mailboxes = 10@internal
  auth = 2001
  outbound_auth = 2001
  aors = 2001
  

  The different direct_media line between the two phones has to do with how they each connect to my Asterisk server and whether or not they have access to the Internet.

  Internal calls

  For some reason, my internal calls (from one SIP phone to the other) didn't work when using "aliases". I fixed it by changing this blurb in extensions.conf from:

  [speeddial]
  exten => 1000,1,Dial(SIP/2000,20)
  exten => 1001,1,Dial(SIP/2001,20)
  

  to:

  [speeddial]
  exten => 1000,1,Dial(${PJSIP_DIAL_CONTACTS(2000)},20)
  exten => 1001,1,Dial(${PJSIP_DIAL_CONTACTS(2001)},20)
  

  I have not yet dug into what this changes or why it's necessary and so feel free to leave a comment if you know more here.

  PSTN trunk

  Once I had the internal phones working, I moved to making and receiving phone calls over the PSTN, for which I use VoIP.ms with encryption.

  I had to change the following in my sip.conf:

  [general]
  register => tls://555123_myasterisk:password789@vancouver2.voip.ms
  externhost=myasterisk.dyn.example.com
  localnet=192.168.0.0/255.255.0.0
  tcpenable=yes
  tlsenable=yes
  tlscertfile=/etc/asterisk/asterisk.cert
  tlsprivatekey=/etc/asterisk/asterisk.key
  tlscapath=/etc/ssl/certs/
  
  [voipms]
  type=peer
  host=vancouver2.voip.ms
  secret=password789
  defaultuser=555123_myasterisk
  context=from-voipms
  disallow=all
  allow=ulaw
  allow=g729
  insecure=port,invite
  canreinvite=no
  trustrpid=yes
  sendrpid=yes
  transport=tls
  encryption=yes
  

  to the following in pjsip.conf:

  [transport-tls]
  type = transport
  protocol = tls
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  cert_file = /etc/asterisk/asterisk.cert
  priv_key_file = /etc/asterisk/asterisk.key
  ca_list_path = /etc/ssl/certs/
  method = tlsv1_2
  
  [voipms]
  type = registration
  transport = transport-tls
  outbound_auth = voipms
  client_uri = sip:555123_myasterisk@vancouver2.voip.ms
  server_uri = sip:vancouver2.voip.ms
  
  [voipms]
  type = auth
  password = password789
  username = 555123_myasterisk
  
  [voipms]
  type = aor
  contact = sip:555123_myasterisk@vancouver2.voip.ms
  
  [voipms]
  type = identify
  endpoint = voipms
  match = vancouver2.voip.ms
  
  [voipms]
  type = endpoint
  context = from-voipms
  disallow = all
  allow = ulaw
  allow = g729
  from_user = 555123_myasterisk
  trust_id_inbound = yes
  media_encryption = sdes
  auth = voipms
  outbound_auth = voipms
  aors = voipms
  rtp_symmetric = yes
  rewrite_contact = yes
  send_rpid = yes
  timers = no
  

  The TLS method line is needed since the default in Debian OpenSSL is too strict. The timers line is to prevent outbound calls from getting dropped after 15 minutes.

  Finally, I changed the Dial() lines in these extensions.conf blurbs from:

  [from-voipms]
  exten => 5551231000,1,Goto(2000,1)
  exten => 2000,1,Dial(SIP/2000&SIP/2001,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  
  [pstn-voipms]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _1NXXNXXXXXX,n,Dial(SIP/voipms/${EXTEN})
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _NXXNXXXXXX,n,Dial(SIP/voipms/1${EXTEN})
  exten => _NXXNXXXXXX,n,Hangup()
  exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _011X.,n,Authenticate(1234)
  exten => _011X.,n,Dial(SIP/voipms/${EXTEN})
  exten => _011X.,n,Hangup()
  exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _00X.,n,Authenticate(1234)
  exten => _00X.,n,Dial(SIP/voipms/${EXTEN})
  exten => _00X.,n,Hangup()
  

  to:

  [from-voipms]
  exten => 5551231000,1,Goto(2000,1)
  exten => 2000,1,Dial(PJSIP/2000&PJSIP/2001,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  
  [pstn-voipms]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@voipms)
  exten => _NXXNXXXXXX,n,Hangup()
  exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _011X.,n,Authenticate(1234)
  exten => _011X.,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _011X.,n,Hangup()
  exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
  exten => _00X.,n,Authenticate(1234)
  exten => _00X.,n,Dial(PJSIP/${EXTEN}@voipms)
  exten => _00X.,n,Hangup()
  

  Note that it's not just replacing SIP/ with PJSIP/, but it was also necessary to use a format supported by pjsip for the channel since SIP/trunkname/extension isn't supported by pjsip.

• Enable Security DDoS workshop at TADSummit, toll fraud via MS Teams Direct Routing and WebRTC news
  This month brings us yet another crammed newsletter all about real-time communications security. So without further ado, welcome to the RTCSec newsletter for September 2022! In this edition, we cover: An upcoming open position at Enable Security and what we’re brewing for 2023 Our talk at TADSummit 2022 and the DDoS workshop Commentary about OpenSIPS Summit and Kamailio World Details about how MS Teams Direct Routing may lead to toll fraud Abuse of the exec modules in Kamailio and OpenSIPS WebRTC related news, about CVE-2022-2294, coturn, Scanbox malware and Cloudflare And much much more RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.
• François Marier Setting up a JMP SIP account on Asterisk

  JMP offers VoIP calling via XMPP, but it's also possibly to use the VoIP using SIP.

  The underlying VoIP calling functionality in JMP is provided by Bandwidth, but their old Asterisk instructions didn't quite work for me. Here's how I set it up in my Asterisk server.

  Get your SIP credentials

  After signing up for JMP and setting it up in your favourite XMPP client, send the following message to the cheogram.com gateway contact:

  reset sip account
  

  In response, you will receive a message containing:

  • a numerical username
  • a password (e.g. three lowercase words separated by spaces)

  Add SIP account to your Asterisk config

  First of all, I added the following to my /etc/asterisk/pjsip.conf:

  [transport-udp]
  type = transport
  protocol = udp
  bind = 0.0.0.0
  external_media_address = myasterisk.dyn.example.com
  external_signaling_address = myasterisk.dyn.example.com
  local_net = 192.168.0.0/255.255.0.0
  
  [jmp]
  type = registration
  contact_user = 5554561000
  transport = transport-udp
  outbound_auth = jmp
  client_uri = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
  server_uri = sip:jmp.cbcbc7.auth.bandwidth.com:5008
  
  [jmp]
  type = auth
  password = three secret words
  username = 5554561000
  
  [jmp]
  type = aor
  contact = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
  
  [jmp]
  type = identify
  endpoint = jmp
  match = jmp.cbcbc7.auth.bandwidth.com
  
  [jmp]
  type = endpoint
  context = from-jmp
  dtmf_mode = rfc4733
  disallow = all
  allow = ulaw
  allow = g729
  auth = jmp
  outbound_auth = jmp
  aors = jmp
  rtp_symmetric = yes
  rewrite_contact = yes
  send_rpid = yes
  timers = no
  

  and for reference, here's the blurb for my Snom 300 SIP phone:

  [2000]
  type = aor
  max_contacts = 1
  
  [2000]
  type = auth
  username = 2000
  password = password123
  
  [2000]
  type = endpoint
  context = full
  dtmf_mode = rfc4733
  disallow = all
  allow = g722
  allow = ulaw
  mailboxes = 10@internal
  auth = 2000
  outbound_auth = 2000
  aors = 2000
  

  I checked that the registration was successful by running asterisk -r and then typing:

  pjsip set logger on
  

  before reloading the configuration using:

  reload
  

  Create Asterisk extensions to send and receive calls

  Once I got registration to work, I hooked this up with my other extensions so that I could send and receive calls using my JMP number.

  In /etc/asterisk/extensions.conf, I added the following:

  [from-jmp]
  include => home
  exten => s,1,Goto(2000,1)
  

  where home is the context which includes my local SIP devices and 2000 is the extension I want to ring.

  Then I added the following to enable calls to any destination within the North American Numbering Plan:

  [pstn-jmp]
  exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
  exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@jmp)
  exten => _1NXXNXXXXXX,n,Hangup()
  exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
  exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@jmp)
  exten => _NXXNXXXXXX,n,Hangup()
  

  Here username is my bwsip numerical username. When calls are placed, this gets automatically swapped in by my real JMP phone number, but Bandwidth appears to require its users to use their username in there caller ID string.

  For reference, here's the rest of my dialplan in /etc/asterisk/extensions.conf:

  [general]
  static=yes
  writeprotect=no
  clearglobalvars=no
  
  [public]
  exten => _X.,1,Hangup(3)
  
  [sipdefault]
  exten => _X.,1,Hangup(3)
  
  [default]
  exten => _X.,1,Hangup(3)
  
  [internal]
  include => home
  
  [full]
  include => internal
  include => pstn-jmp
  exten => 707,1,VoiceMailMain(10@internal)
  
  [home]
  exten => 2000,1,Dial(PJSIP/2000,20)
  exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
  exten => 2000,n,Hangup
  exten => in2000-BUSY,1,VoiceMail(10@internal,su)
  exten => in2000-BUSY,n,Hangup
  exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
  exten => in2000-CONGESTION,n,Hangup
  exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
  exten => in2000-CHANUNAVAIL,n,Hangup
  exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
  exten => in2000-NOANSWER,n,Hangup
  exten => _in2000-.,1,Hangup(16)
  

  Firewall

  Finally, I opened a few ports in my firewall by putting the following in /etc/network/iptables.up.rules:

  # SIP and RTP on UDP (jmp.cbcbc7.auth.bandwidth.com)
  -A INPUT -s 67.231.2.13/32 -p udp --dport 5008 -j ACCEPT
  -A INPUT -s 216.82.238.135/32 -p udp --dport 5008 -j ACCEPT
  -A INPUT -s 67.231.2.13/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
  -A INPUT -s 216.82.238.135/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
  

September 27, 2022

• Digium Sangoma Announces Shipment of Its One Millionth Desk Phone

  

  Wow, we just shipped our one millionth phone! Over 10 years ago, Sangoma (and Digium) decided that having a seamless end-to-end Unified Communication system was important. And at that time, end to end system meant just the phone and the UC systems. So, we decided to release our own phones.

  These days, a UC system includes Sangoma’s UCaaS service (or on-premises version), the desk phone, mobile and desktop client software, Sangoma’s collaboration-as-a-service client (TeamHub), and Sangoma’s video meetings service (Sangoma Meet).

  The UC industry has come quite a long way in 10 years, but the phone is still part of the system, especially for brick-and-mortar businesses. And we are proud to serve all of these customers.

  As I said in the press release about this news, “Many of our customers use both desk phones as well as our mobile and desktop clients to communicate. And since we manufacture our own desk phones and develop our own cloud communications software, we are able to provide deep integration between our phones and our cloud communications services, in a way that other phone manufacturers or UCaaS companies simply cannot do. This kind of integration has contributed to the successful growth of this important product line at Sangoma, differentiating us from our competitors and leading to this one-million-unit milestone.“

  So, thank you to all the users of these phones, the distributors who fulfilled these phones, and the resellers who put our solutions into the end-user businesses. Let’s count the next million.

  The post Sangoma Announces Shipment of Its One Millionth Desk Phone appeared first on Sangoma Technologies.

September 25, 2022

• François Marier Using a Let's Encrypt TLS certificate with Asterisk 16.2

  In order to fix the following error after setting up SIP TLS in Asterisk 16.2:

  asterisk[8691]: ERROR[8691]: tcptls.c:966 in __ssl_setup: TLS/SSL error loading cert file. <asterisk.pem>
  

  I created a Let's Encrypt certificate using certbot:

  apt install certbot
  certbot certonly --standalone -d hostname.example.com
  

  To enable the asterisk user to load the certificate successfuly (it doesn't have permission to access the certificates under /etc/letsencrypt/), I copied it to the right directory:

  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  

  Then I set the following variables in /etc/asterisk/sip.conf:

  tlscertfile=/etc/asterisk/asterisk.cert
  tlsprivatekey=/etc/asterisk/asterisk.key
  

  Automatic renewal

  The machine on which I run asterisk has a tricky Apache setup:

  • a webserver is running on port 80
  • port 80 is restricted to the local network

  This meant that the certbot domain ownership checks would get blocked by the firewall, and I couldn't open that port without exposing the private webserver to the Internet.

  So I ended up disabling the built-in certbot renewal mechanism:

  systemctl disable certbot.timer certbot.service
  systemctl stop certbot.timer certbot.service
  

  and then writing my own script in /etc/cron.daily/certbot-francois:

  #!/bin/bash
  TEMPFILE=`mktemp`
  
  # Stop Apache and backup firewall.
  /bin/systemctl stop apache2.service
  /usr/sbin/iptables-save > $TEMPFILE
  
  # Open up port 80 to the whole world.
  /usr/sbin/iptables -D INPUT -j LOGDROP
  /usr/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables -A INPUT -j LOGDROP
  
  # Renew all certs.
  /usr/bin/certbot renew --quiet
  
  # Restore firewall and restart Apache.
  /usr/sbin/iptables -D INPUT -p tcp --dport 80 -j ACCEPT
  /usr/sbin/iptables-restore < $TEMPFILE
  /bin/systemctl start apache2.service
  
  # Copy certificate into asterisk.
  cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
  cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
  chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
  
  # Commit changes to etckeeper and restart asterisk.
  pushd /etc/ > /dev/null
  /usr/bin/git add letsencrypt asterisk
  DIFFSTAT="$(/usr/bin/git diff --cached --stat)"
  if [ -n "$DIFFSTAT" ] ; then
      /usr/bin/git commit --quiet -m "Renewed letsencrypt certs." letsencrypt asterisk
      echo "$DIFFSTAT"
      /bin/systemctl restart asterisk.service
  fi
  popd > /dev/null
  

September 23, 2022

• François Marier Encrypted connection between SIP phones using Asterisk

  Here is the setup I put together to have two SIP phones connect together over an encrypted channel. Since the two phones do not support encryption, I used Asterisk to provide the encrypted channel over the Internet.

  Installing Asterisk

  First of all, each VoIP phone is in a different physical location and so I installed an Asterisk server in each house.

  One of the server is a Debian stretch machine and the other runs Ubuntu bionic 18.04. Regardless, I used a fairly standard configuration and simply installed the asterisk package on both machines:

  apt install asterisk
  

  SIP phones

  The two phones, both Snom 300, connect to their local asterisk server on its local IP address and use the same details as I have put in /etc/asterisk/sip.conf:

  [1000]
  type=friend
  qualify=yes
  secret=password1
  encryption=no
  context=internal
  host=dynamic
  nat=no
  canreinvite=yes
  mailbox=1000@internal
  vmexten=707
  dtmfmode=rfc2833
  call-limit=2
  disallow=all
  allow=g722
  allow=ulaw
  

  Dialplan and voicemail

  The extension number above (1000) maps to the following configuration blurb in /etc/asterisk/extensions.conf:

  [home]
  exten => 1000,1,Dial(SIP/1000,20)
  exten => 1000,n,Goto(in1000-${DIALSTATUS},1)
  exten => 1000,n,Hangup
  exten => in1000-BUSY,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-BUSY,n,Hangup
  exten => in1000-CONGESTION,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-CONGESTION,n,Hangup
  exten => in1000-CHANUNAVAIL,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-CHANUNAVAIL,n,Hangup
  exten => in1000-NOANSWER,1,VoiceMail(1000@mailboxes,su)
  exten => in1000-NOANSWER,n,Hangup
  exten => _in1000-.,1,Hangup(16)
  

  the internal context maps to the following blurb in /etc/asterisk/extensions.conf:

  [internal]
  include => home
  include => iax2users
  exten => 707,1,VoiceMailMain(1000@mailboxes)
  

  and 1000@mailboxes maps to the following entry in /etc/asterisk/voicemail.conf:

  [mailboxes]
  1000 => 1234,home,person@email.com
  

  (with 1234 being the voicemail PIN).

  Encrypted IAX links

  In order to create a virtual link between the two servers using the IAX protocol, I created user credentials on each server in /etc/asterisk/iax.conf:

  [iaxuser]
  type=user
  auth=md5
  secret=password2
  context=iax2users
  allow=g722
  allow=speex
  encryption=aes128
  trunk=no
  

  then I created an entry for the other server in the same file:

  [server2]
  type=peer
  host=server2.dyn.fmarier.org
  auth=md5
  secret=password2
  username=iaxuser
  allow=g722
  allow=speex
  encryption=yes
  forceencrypt=yes
  trunk=no
  qualify=yes
  

  The second machine contains the same configuration with the exception of the server name (server1 instead of server2) and hostname (server1.dyn.fmarier.org instead of server2.dyn.fmarier.org).

  Speed dial for the other phone

  Finally, to allow each phone to ring one another by dialing 2000, I put the following in /etc/asterisk/extensions.conf:

  [iax2users]
  include => home
  exten => 2000,1,Set(CALLERID(all)=Francois Marier <2000>)
  exten => 2000,2,Dial(IAX2/server1/1000)
  

  and of course a similar blurb on the other machine:

  [iax2users]
  include => home
  exten => 2000,1,Set(CALLERID(all)=Other Person <2000>)
  exten => 2000,2,Dial(IAX2/server2/1000)
  

  Firewall rules

  Since we are using the IAX protocol instead of SIP, there is only one port to open in /etc/network/iptables.up.rules for the remote server:

  # IAX2 protocol
  -A INPUT -s x.x.x.x/y -p udp --dport 4569 -j ACCEPT
  

  where x.x.x.x/y is the IP range allocated to the ISP that the other machine is behind.

  If you want to restrict traffic on the local network as well, then these ports need to be open for the SIP phone to be able to connect to its local server:

  # VoIP phones (internal)
  -A INPUT -s 192.168.1.3/32 -p udp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.1.3/32 -p udp --dport 10000:20000 -j ACCEPT
  

  where 192.168.1.3 is the static IP address allocated to the SIP phone.

• François Marier Connecting a VoIP phone directly to an Asterisk server

  On my Asterisk server, I happen to have two on-board ethernet boards. Since I only used one of these, I decided to move my VoIP phone from the local network switch to being connected directly to the Asterisk server.

  The main advantage is that this phone, running proprietary software of unknown quality, is no longer available on my general home network. Most importantly though, it no longer has access to the Internet, without my having to firewall it manually.

  Here's how I configured everything.

  Private network configuration

  On the server, I started by giving the second network interface a static IP address in /etc/network/interfaces:

  auto eth1
  iface eth1 inet static
      address 192.168.2.2
      netmask 255.255.255.0
  

  On the VoIP phone itself, I set the static IP address to 192.168.2.3 and the DNS server to 192.168.2.2. I then updated the SIP registrar IP address to 192.168.2.2.

  The DNS server actually refers to an unbound daemon running on the Asterisk server. The only configuration change I had to make was to listen on the second interface and allow the VoIP phone in:

  server:
      interface: 127.0.0.1
      interface: 192.168.2.2
      access-control: 0.0.0.0/0 refuse
      access-control: 127.0.0.1/32 allow
      access-control: 192.168.2.3/32 allow
  

  Finally, I opened the right ports on the server's firewall in /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3/32 -p udp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p tcp --dport 5060 -j ACCEPT
  -A INPUT -s 192.168.2.3/32 -p udp --dport 10000:20000 -j ACCEPT
  

  Network time synchronization

  In order for the phone to update its clock automatically using NTP, I installed chrony on the Asterisk server:

  apt install chrony
  

  then I configured it to listen on the private network interface and allow access from the VoIP phone by adding the following to /etc/chrony/conf.d/asterisk-local.conf:

  bindaddress 192.168.2.2
  allow 192.168.2.3
  

  Finally, I opened the right firewall port by adding a new rule to /etc/network/iptables.up.rules:

  -A INPUT -s 192.168.2.3 -p udp --dport 123 -j ACCEPT
  

  Accessing the admin page

  Now that the VoIP phone is no longer available on the local network, it's not possible to access its admin page. That's a good thing from a security point of view, but it's somewhat inconvenient.

  Therefore I put the following in my ~/.ssh/config to make the admin page available on http://localhost:8081 after I connect to the Asterisk server via ssh:

  Host asterisk
      LocalForward localhost:8081 192.168.2.3:80
  

  Allowing calls between local SIP devices

  Because this local device is not connected to the local network (192.168.1.0/24), it's unable to negotiate a direct media connection to any other local (i.e. one connected to the same Asterisk server) SIP device. What this means is that while calls might get connected successfully, by default, there will not be any audio in a call.

  In order for the two local SIP devices to be able to hear one another, we must enforce that all media be routed via Asterisk instead of going directly from one device to the other. This can be done using the directmedia directive (formerly canreinvite) in sip.conf:

  [1234]
  directmedia=no
  

  where 1234 is the extension of the phone.