Virtual private networks (VPNs) have proven themselves to be a
cost-effective alternative to dial-up remote access and leased lines.
Traditionally, VPNs have been viewed strictly as a data-access medium, but
several vendors are aiming to change that by providing voice services
across a VPN. Usually (but not necessarily) based on a hosted model, voice
VPNs allow you to quickly add more services such as unified messaging, one
number follow-me, presence detection, and more. Voice VPNs can be
categorized into two main categories: voice VPNs offered by service
providers (hosted model) and CPE-based voice VPNs.
HOSTED VOICE VPNs
Service provider-offered voice VPNs allow both telecommuters and local
workers to access voice services via an IP connection, usually a data T1
or data frame relay connection for local workers and dial-up or broadband
cable/DSL for telecommuters. The voice service offered by the service
provider is often termed IP-Centrex, thus named because of the services
similarity to traditional PSTN-based Centrex. In traditional PSTN Centrex,
all of the call handling intelligence (call forwarding, transfer,
conference, etc.) was managed at the central office (CO) -- the users
phones were just dumb endpoints. Similarly, with voice VPNs, the
service provider handles all of the call handling intelligence and once
again, the users phones are dumb endpoints.
Subscribers can access voice VPN services through one of two methods.
The first method is by simply utilizing a soft-phone which converts the
users voice into VoIP packets using either the SIP or H.323 protocols.
The second method (a more popular choice) allows the subscriber to utilize
a traditional hardware-based phone connected to a VoIP gateway. Typically
the gateway is located at the subscribers premises to translate from IP
to analog (or digital) format for connecting telephones.
Some hosted voice VPN solutions have even taken a hybrid approach that
still allows for an existing customer premises PBX to co-exist. For
example, Cisco has a card that you can insert into one of their routers
that maps H.323 IP traffic into the T1 protocol for connecting to a PBXs
T1 card. In this scenario, the service provider simply provides the voice
trunk lines via IP (as well as data services), but with no advanced IP
Centrex-type features. Instead, the CPE-based PBX handles the complex call
features. In this scenario, customers can leverage their existing
investment with their PBX, while also leveraging the cost savings
associated with having a single service provider offer both voice and data
access.
Also, some voice VPN service providers offer what is termed on-net
to on-net calling. That is, if you are calling a phone number of a
person who is also a subscriber to the service providers voice
services, the service provider will often carry the voice call for free.
Companies with several branch locations can certainly benefit from this
feature.
CPE-BASED VOICE VPNs
While all the hype in the marketplace is about service provider-based
voice VPN solutions, CPE-based solutions are often a great alternative. In
this scenario, a telecommuter can use either a soft-phone or an SIP/H.323
SOHO gateway for connecting analog, ISDN, or proprietary digital phones.
(Cisco Systems has such a SOHO gateway product, thanks to their
acquisition of Komodo Technology, who produced H.323 and SIP-based SOHO
gateways.) Once the customer has a device (software or hardware) for
converting voice into IP packets, the IP packets traverse a network to a
VoIP gateway device sitting next to the corporate PBX. The VoIP gateway
device then interfaces with the corporate PBX which grants the
telecommuter remote voice access to the corporate PBX.
I should also point out that SOHO VoIP gateways are not exclusively for
CPE-based voice VPN solutions. In fact, several service providers offering
voice VPN services use these SOHO VoIP gateways at the subscribers
premises for converting voice into IP packets and then handle the call
intelligence on the service provider network. I can envision cable
broadband providers offering these SOHO VoIP gateways for free to their
Internet subscribers in exchange for a one-year voice services commitment.
Besides Ciscos SOHO VoIP gateways, there are several companies
offering SOHO VoIP gateways for remote voice capabilities. MCK
Communications (www.mck.com) has a
hardware gateway sitting next to the corporate PBX and a small hardware
unit located in the telecommuters location. Teltone (www.teltone),
on the other hand, has hardware at the customer premises to connect to the
corporate PBX, but offers a soft-phone for telecommuters.
In order for voice VPNs to have a successful deployment, I believe
there are four key elements that must be examined:
1) Management and provisioning. Service providers want a system
that allows them to quickly roll out new services, and can easily perform
additions or removals of subscribers as well as changes in services for
individual subscribers.
2) Service level agreements (SLAs), class of services (CoS), and
quality of service (QoS). Before subscribers sign onto any service
provider offering voice VPN services, they are going to require SLAs.
Unfortunately, SLAs are often not worth the paper they are printed on and
customers still have a hard time believing them. (Does anyone offer SLA
monitoring services?) Offering several levels of CoS gives the customer or
subscriber flexibility to add or remove services on an as-needed basis.
Subscribers want the foreknowledge that if they choose a particular
service provider for voice VPN services, they can grow with the service
provider and add features and functionality quickly and easily. QoS is an
obvious requirement for voice VPNs. Several standards take direct aim at
improving QoS, including DiffServ and setting the TOS bits at the customer
premise, and the MPLS standard at the core of service providers
network.
3) Reporting. Developing technology for technologys sake has
gotten many companies into financial trouble. Profitability must be the
driving factor in developing or employing any technology. Thus, voice VPN
solutions should offer comprehensive reporting for determining how a
particular service will affect the network and viewing which services are
generating the most bang for the buck.
4) Security. Some voice VPNs do not perform any encryption on
the packets. They utilize industry standard VoIP protocols such as SIP or
H.323. One reason for this is that encryption adds packet overhead, and
therefore more latency. However, encrypting voice is often a non-issue;
usually the last leg/mile is from the service provider to the customer.
Once the voice packets are on the service providers privately managed
network, your voice packets are reasonably secure. Just as a comparison,
expecting your service provider to encrypt the voice packets would be like
asking your local PSTN company to encrypt your home analog phone line.
VOICE VPN VENDORS
There are several companies offering voice VPN solutions. What follows is
a sampling of such vendors.
Adirtech
www.adirtech.com
Adirtech markets their voice VPN solution as a TIE line replacement that
seamlessly links legacy PBXs between offices. Their voice VPN solution
provides branch office connectivity, an alternative to expensive PSTN tie
lines that allows customers to place calls between corporate headquarters,
remote offices, and branch offices over the voice VPN. Their solution also
offers direct-dial long distance to add off-net calling functionality.
Service providers can offer worldwide call termination over existing
remote POPs or by partnering with other service providers for global
termination.
Adirtech has another voice VPN solution called the Broadband VoIP
Application, which is a VoIP solution for delivering local telephone
service over hybrid fiber-cable and other broadband networks. It allows
broadband operators to offer telephone service in addition to their
existing data services.
Clarent
www.clarent.com
Clarent offers several products in the VoIP realm which fall under the
voice VPN umbrella. Clarent is fairly unique in that they offer an
end-to-end solution that spans the network from its core (softswitch
technology) to the edge with VoIP software and hardware (VoIP gateways) to
connect to PBXs and phones. Most competing products that I have seen are
focused on the core or the edge, but not both.
Clarents NetPerformer is an enterprise solution that enables
businesses to deliver PSTN quality voice services over existing frame
relay, ATM, or IP infrastructures. Clarent NetPerformer combines voice and
fax transport into a single platform. NetPerformer manages the various
types of telephony traffic while simultaneously providing for excellent
voice quality. Clarents cell-based QoS prioritization technology helps
ensure that all voice and data entering the NetPerformer is prioritized by
protocol.
Cplane
www.cplane.com
Cplane doesnt directly provide the technology to deliver voice VPNs,
but they offer provisioning, activation, and QoS tools, which voice VPN
service providers may find useful. In fact, delivering Internet access,
VoIP, fax, and other enhanced services can increase revenues, but offering
multiple services with different requirements on a converged IP backbone
can make service activation a nightmare and delivery of SLAs nearly
impossible.
Cplanes Ignite IP-Bandwidth, based on the CPLANE IgnitionControl
system, completely automates service activation, from bandwidth
provisioning to packet filter control and QoS/CoS management. Its
high-level interface gives you total control of your networks resources
and allows you to rapidly define and instantly activate the services your
customers will pay for. Open APIs provide easy integration into your
Operations Support Systems (OSS) environment. Using XML-based service
level specifications, Ignite IP-Bandwidth allows you to define value-added
service profiles, independent of underlying network resources, which can
be stored as templates for activation on demand.
One of the key features of Cplanes solution is that it models your
network resources, ensuring that SLAs can be met even before a new service
is rolled out. The product can calculate the ROI on services and figure
out which services are making money. Cplane told me that they are
currently on trial with three carriers. I asked Simon Crosby, chief
strategy officer and founder of Cplane, how his company is different from
his competitors. He responded, Nobody is really looking at this from a
holistic perspective. That is, what happens when the service touches the
network? There are plenty of people all about activating and automating,
but no one seems to be looking at what happens when it touches the
network.
He continued, And how do you know youre getting the best value as
it relates to that service? If you dont have that view, how can you
ensure you are going to keep customers happy with SLAs that are
meaningful? This is not about buying new hardware, but getting the most
out of the hardware you have. Were driving time and cost out of the
equation and driving revenue opportunities into the equation. Again were
allowing the maximum value from what they have. Its really hard how to
figure out the intersection of the services and the network. We have
several people here with PhDs who helped create complex mathematical
algorithms to calculate the effect of a new service on a network.
Cplane has another product called Ignite VPN that supports both IPSec
and MPLS-enabled IP VPNs. Unlike other VPN provisioning systems, it not
only automates complex time-consuming service creation and activation
tasks, it also optimizes the performance of that service across your
multi-vendor network resources. CPLANE Ignite VPN supports network
elements Cisco, Juniper, Riverstone, and Checkpoint. Cplane offers
multiple VPN model support, including both customer-based IPSec VPNs and
provider-provisioned MPLS RFC 2547bis VPNs.
DialPad
www.dialpad.com
Dialpad, a true pioneer in the Internet telephony industry and best known
for their consumer-based PC-to-PSTN solution, announced an enterprise VoIP
solution at Internet Telephony Expo last fall. Their solution includes
partnerships with Clarent and Cisco on the hardware side as well as
partnerships with Genuity, Akamai, and Level 3 on the networking side.
Dialpads Enterprise Access works with the leading firewall
manufacturers, supports multiple protocols, and interoperates with most of
the major PBXs. It supports multiple forms of IP connectivity including
fractional T1 to full OCx and from 10BaseT to Gigabit Ethernet. Dialpad
claims that Enterprise Access can save businesses 3060 percent on their
total communications costs.
Equant
www.equant.com
Voice VPNs and their advantages sound great, but is anyone really
deploying and selling them? You bet. Equant offers IP VPN services based
on MPLS (Multi-Protocol Label Switching) technology and utilizing
Netcentrexs products to offer converged services such as their voice
VPN offering called Equant VoIP for IP VPN. Equant IP VPN also enables
universal access to network resources for both fixed-site and mobile
users. Launched in August 1999, they claim to be the industrys first
MPLS-based IP VPN solution, currently deployed in more than 125 countries.
Customers include APL, APL Logistics, and Yazaki Corporation, all of whom
benefit from Equant VoIP for IP VPN, a fully managed and integrated
solution for voice, video, and multimedia applications over IP for
cost-effective communication with worldwide office sites.
Longboard
www.longboard.com
LongBoards Realtime Communications Services combines a next-gen
feature/application server with a platform for creating new services and
integrating third-party applications. The Realtime Applications Server
enables service providers to offer hosted communications services
(including voice VPNs) to their enterprise customers. The Realtime
Applications Server allows service providers to build best-of-breed
telecommunications systems, using the network components from vendors that
best meet their needs. The networks are comprised of softswitch gateways
and/or Class 5 switches. In addition, Longboard utilizes SIP to integrate
SIP-compliant real-time applications from various vendors into a single
telecommunications solution.
The services supported on the current release of the platform include
Web-enabled CLASS-5 features, subscriber self-provisioning, rules-based
call processing, real-time call management, presence management based on
user-selected communities of interest, and PIM Integration (e.g.,
Outlook). Also, the Realtime Application Server can be integrated with the
service providers OSS/BSS systems using the LongBoard Realtime OSS
Interface using APIs based on the CORBA and Java standards.
NetCentrex
www.netcentrex.com
NetCentrex offers next-generation networking products and network-based
applications for VoIP, mobile, and standard PSTN networks, enabling
service providers to build converged networks and to offer network-based
multimedia services for the consumer and enterprise markets. NetCentrex
offers a comprehensive solution targeting service provides that
incorporates such technologies such as ACD, IVR, ICR (Intelligent Call
Routing), PBX, CTI, Web, and VoIP. Their solution facilitates
next-generation services by providing a service creation and execution
platform as well as customizable applications that allow service providers
to offer revenue-generating services.
The companys products include a multi-protocol softswitch and media
server, application development and execution platforms, and applications
for multimedia contact centers, voice VoIP VPNs, IP Centrex services, and
residential telephony. It is important to note that NetCentrex products
are based on a fault-tolerant NEBS-compliant environment for scalability
and reliability. NetCentrexs Call Control Server (CCS) provides
intelligent network services for VoIP endpoints and supports multiple VoIP
protocols including H.323, MGCP, and SIP, TCAP and INAP. CCS provides call
control, routing, and value-added functions such as protocol translation,
network optimization and network connectivity. Additionally it acts as an
application platform for feature-rich services provided by NetCentrex or
third-party applications.
NetCentrexs VoIP Virtual Private Network product is a value-added
application for service providers that allow the VoIP backbone network to
replace leased telephony lines between corporate sites. VoIP VPN is based
on the sophisticated routing functions provided by the CCS Routing Engine.
VoIP VPN and CCS provide a full multi-tenant platform including
centralized management and customer provisioning. VoIP VPN functionality
includes voice intranet, short private dial plans, single stage dialing,
remote access, virtual local extensions, voice extranet communities, and
least cost routing for off-net calls.
Nortel Networks
www.nortel.com
Nortel is jumping onto the voice VPN bandwagon with their Centrex IP
product. This solution is unique in that it is designed for customers
using an existing Nortel 500 switch. Protocol conversion takes place by
adding a special gateway card into the Nortel 500. An external server runs
gatekeeper software to handle addressing and authentication of client
devices. This solution allows service providers to extend the Nortel 500
into the VoIP world using a familiar vehicle -- DMS Centrex. In this
model, call intelligence can be handled by the customer premises Nortel
500 switch, or the customer can utilize the IP Centrex features offered by
the service provider (which also provides the voice trunks via IP.)
Virtela Communications
www.virtela.com
Virtela has a comprehensive product suite including Virtela VPN, a
complete portfolio of IP VPN services that enables secure and reliable
communication of data, voice, and video traffic. Virtelas VirtelaVoice
solution utilizes VoIP to enable customers to have secure inter-office
voice communication with branch offices, remote workers, and business
partners throughout the world. Virtela leverages their platform solution
called IPSF (IP Service Fabric) infrastructure to optimally route VoIP
traffic across redundant IP backbones, resulting in business-class voice
performance. The company implements traffic prioritization, ensuring that
VoIP traffic is guaranteed to transit even heavily congested VPN tunnels.
VirtelaVoice solutions are backed up by network and application SLAs.
VirtelaVoice enables enterprise users to take advantage of advanced voice
features including voice mail via e-mail, interactive call centers, and
Web-initiated conference calls.
VocalTec
www.vocaltec.com
Vocaltecs voice VPN solution is managed and billed by the carrier and
integrated with the customers existing corporate dialing plans. The
VocalTec voice VPN solution can also be used to resolve conflicts in
shorthand dialing plans that may otherwise arise when remote offices or
campuses are tied together for the first time. Corporations with remote
offices and campuses benefit from carrier and service provider voice VPN
services by tying together distant employees, departments and divisions at
lower costs while retaining or extending convenient dialing plans.
VocalTecs CPE gateways (Gateways 4 and 8) support four or eight analog
lines and deliver voice over VPN to small branch offices of global
corporations. VocalTec has been using its voice VPN solution among seven
branch offices in the United States, Israel, Germany, Hong Kong,
Singapore, China, and Japan. Every VocalTec employee has a voice VPN card
with access numbers to each of these offices with his/her own personal
access code.
The Rest
There are several other companies offering various bits and pieces to the
voice VPN puzzle. Softswitch and media server manufacturers (such as Nuera,
Sonus, Sylantro, and VocalData) are particularly important. Using a
softswitch, along with provisioning and administration software, a service
provider can deploy voice VPN services.
Netergy Networks (www.netergynetworks.com)
also plays a role in hosted voice applications with their iPBX product,
which is a hosted PBX solution. Congruency is yet another interesting
company offering hosted voice applications and enhanced services.
Congruency has built the majority of its network infrastructure on its
own, comprising not only application servers and gatekeepers, but the
applications themselves, including voice mail and IP Centrex features.
Congruency even developed an H.323 IP phone, the i.Picasso 6000, which
features a 5.7-inch HTML-enabled full color touch-screen to help simplify
call management, personalize visual content and view Web content.
CONCLUSION
For years, carrier networks have enjoyed the substantial benefits of
converged voice and data. Now the customer is starting to benefit from
converged services and applications, which allow for greater flexibility
and control over the services they require. With Web-based provisioning,
customers can quickly add, change, or remove services, and even add
additional phone lines very quickly. In fact, since it is IP-based, adding
additional phone lines is often as simple as going to a Web provisioning
page, selecting more lines, and then submitting the Web page. This
demonstrates the power of IP over traditional PSTN.
But all is not perfect with the service provider-based voice VPN
picture. Even with QoS standards such as DiffServ and MPLS, there still is
not a solution to ensure quality of service when crossing multiple service
provider networks. Unfortunately, it doesnt behoove competing service
providers to prioritize traffic originating from another service providers
network. Most service providers will maintain their own managed networks,
but this also limits the number of on-net POPs that a subscriber can
hop to when making a phone call, resulting in higher phone charges.
For the VPN service provider, having the ability to offer all
communications and services on a single network offers substantial
benefits. First, for the customer the benefit is that the service provider
is a one-stop shop for all of the companys communications needs.
Second, the service provider is able to offer lower rates to its customers
since the cost of administration, billing, and account provisioning are
consolidated into a single platform. Third, anyone with broadband access
to an IP network can become the service providers customer, which means
geography is no longer a barrier. With IPs location-agnostic
characteristic, service providers have a much wider marketplace with far
more revenue potential. Finally, the flexibility of a voice VPN solution
allows for enhanced services to be added la cart as the customers
needs evolve. Indeed, all of these advantages point to a bright future for
voice VPN services.
[ Return
To The January 2002 Table Of Contents ]
|