Viop phone - Voice Over IP

Although we’re presenting some typical numbers here, you should run the numbers using your own particular configuration. The most beneficial comparisons of a VPN occur when compared to a dedicated, line−based network or one that makes extensive use of long distance dial−up lines. If you are already using a shared network (Frame Relay or ATM), the cost savings are not so striking. Consider that a VPN box at each location might cost $5,000 including installation; multiplied by seven sites is equal to $35,000. Now, how long will it take to save this cost if you substitute your ISP charges for each location and subtract the cost of your existing T1 or Frame Relay network? If you had six T1s at $5,000/month, you might now have seven T1 access lines from your ISP at $3,000 or $4,000/month. The $7,000/month savings will pay off the $35,000 investment in 5 months. If your Frame Relay service is costing $1,000/month per location, the break−even point doesn’t happen in any reasonable period. Using remote access server and dial−up lines is cheaper to install, costing about $6,000 to $7,000 for about 20 users to install at the central location. Now comes the big bite, which is the long distance charge from all the remote locations. This could easily grow to $5,000/month if each of the users spent two hours online. Each working day at $0.10/minute is about $8,000/month. Plug in your own assumptions as to duration and cost of telephone calls here. (Even at 1 hr/day and
$0.06/minute, that is $2,000/month for 20 users). A VPN system might cost $14,000 to install, including licenses for PC software at each location. The ISP charges that are $20/user/month, plus an ISDN line at the home shop for $100/month, means that we are saving $1,500 in monthly charges. We can pay off the system in 10 months. Again, do not assume that it will pay off in all cases. But, in all cases, it is worth the effort to perform the calculations. viop Your VPN will definitely require more network management than a dial−up system, so the cost of perhaps an additional system administrator may have to be added.

Proprietary Protocols
Most VPN products are designed strictly around IP. They will often handle other protocols, such as AppleTalk and IPX, by tunneling them inside of IP packets. This introduces both overhead and delay. If the amount of “foreign” protocol traffic is small, then this is not significant. If the bulk of your network is IPX or Apple talk, we recommend you investigate VPN vendors who will support these protocols in native mode.

VoIP VPN
The justification for doing VoIP on a VPN is primarily security, along with the reduced cost of VoIP. Depending on usage, voice generates relatively large amounts of traffic. Be sure to include this additional traffic in your sizing estimates. Our discussion of VoIP applies to whether we have a VPN or not. With a VPN, the delays due to encryption are larger, and therefore we would expect that the performance of voice over the VPN would be worse than VoIP. If we have chosen a network provider who will offer a SLA with QoS, there is a better chance for success, but the delays due to encryption and basic packet switching will still be there. With the exception of international calling, one must have a very large calling volume to make it worthwhile to put voice over the Internet and suffer the attendant quality
reduction.

Summary

VPNs can provide a cost−effective solution to have secure communications across the Internet. Performance can be improved by utilizing a national/international ISP that will offer SLAs and QoS. Choosing hardware−based over software−based VPN equipment will generally provide better performance. Choosing VPN vendors who embrace standards and support multiple standards increases your flexibility to your vendor/equipment choices. Knowing your current and anticipated traffic volumes permits you to make improved cost performance studies.

read comments (0)

The layman’s version (don’t try this at home because it won’t work as described here) is that each of us thinks up a couple of prime numbers (the bigger the better). One number we keep for ourselves and the other number we publish on our web site along with the product of the two prime numbers as our public key. Anyone wanting to send us something will use the public key to encrypt it with the public key, and only we can decrypt the message with our private key. We can authenticate the source if the sender used his private key to encrypt his signature because only his public key will decrypt his signature.

This system is secure because of the tremendous amount of processing power it takes to factor large prime numbers. (For example, if we could factor the product, we could determine the private key.) Unfortunately, performing the encryption and decryption are also processor intensive (slow). But it sure solves the key distribution problem. Therefore, we could use public key cryptography to
encrypt and distribute the keys to all our VPN boxes.
Authentication
Authentication is the process of verifying that this is the party to whom I am speaking, and that they have authorized access. There are several ways of doing this; however, the most common way is to provide an authentication server that passes out authenticated certificates based on something the user has or knows. User Level Authentication The user has or knows his/her account code (name) and password. User names are public, and passwords can be compromised. A more secure system is to use a type of secure ID card. These credit card sized devices are based on an internal clock that generates a different pseudo random code every minute. The authentication server is time synchronized with the card and therefore generates the same number at the same time. When the user calls in, he/she must enter his/her account code and the code from the card as the password. The IP has embedded in it a set of layer 2 protocols called the Point−to−Point Protocol (PPP). In PPP, the basic security methods used are Password Authentication Procedure (PAP) and the
Challenge Handshake Authentication Protocol (CHAP). PAP and CHAP do little for security. In fact, PAP and CHAP are part of the basic PPP protocol suite and fall short in providing a true security procedure. These schemes do not address issues of ironclad authentication and integrity, oreavesdropping. The PAP and CHAP are rudimentary procedures used to log on to a network, but
hackers and crackers easily defeat both.

Tunnel Protocol (L2TP) is another variation of an IP encapsulation protocol as shown in Figure 4−6. An L2TP tunnel is created by encapsulating an L2TP frame inside a UDP packet, which in turn is encapsulated inside an IP packet, whose source and destination addresses define the tunnel’s ends. Because the outer encapsulating protocol is IP, clearly IPSec protocols can be applied to this composite IP packet, thus protecting the data that flows within the L2TP tunnel. Authentication Header (AH), Encapsulated Security Payload (ESP), and Internet Security Association and Key Management Protocol (ISAKMP) can all be applied in a straightforward way.

L2TPs are an excellent way of providing cost−effective remote access, multiprotocol transport, and remote LAN access. It does not provide cryptographic robust security. L2TP should, therefore, be used in conjunction with IPSec for providing secure remote access. L2TP supports both host−created and ISP−created tunnels. A remote host that implements L2TP should use IPSec to protect any protocol that can be carried within a PPP packet. Integrated at the VPN point of access, user authentication establishes the identity of the person using the VPN node, and this is because an encrypted session is established between the two locations. The user authentication mechanism enables the authorized user of the VPN system access to the system, while preventing the attacker from accessing the system. Some of the common user authentication schemes are

• Operating system username/password
• S/Key (one time) password
• Remote Authentication Dial−In User Service (RADIUS)
• Strong two−factor token−based scheme

The strongest user authentication schemes available on the market are two−factor authentication schemes. These require two elements to verify a user’s identity: a physical element in their possession (a hardware electronic token), and a code that is memorized (a PIN). Some cutting−edge solutions are beginning to use biometrics mechanisms such as fingerprints, voiceprints, and retinal scans. However, these are still relatively unproven. When evaluating VPN solutions, it is important to consider a solution that has both data authentication and user authentication mechanisms. Currently, there are VPN viop solutions that provide only one form of authentication.
Because of this, VPN solution providers that only support one of the two authentication mechanisms will typically refer to authentication generically, without qualification of whether they support data authentication, user authentication, or both. A complete VPN solution will support both data authentication (also known as the digital signature process or data integrity) as well as user authentication (the process of verifying VPN user identity).

Packet Level Authentication The IPSec standard provides for packet level authentication to prevent man−in−the−middle attacks. (This is where someone intercepts your packets and substitutes his/her own.) IPSec is a layer 3 protocol that enhances the use of the layer 2 underlying checksum is calculated and encrypted with the data. If the checksum calculated by the recipient doesn’t match the one sent by the originator, someone has tampered with the data. The IPSec standard specifies two different algorithms for doing this MD−5 and SHA−1. If your vendor’s equipment supports both algorithms, it improves the chances for intervendor compatibility. The other alternative is to simply not use packet level authentication. In order to guarantee authenticity of the packets, a digital signature is required to authenticate the devices to one another. IPSec has included the X.509 digital certificate standard. Essentially, the X.509 certificate server keeps a list of certificates for each user. When you want to receive data from another device, you first ask for the certificate from the certificate server. The sender stamps all data with that certificate. Because this process is secure, you may be sure that these packets are
authentic. Your vendor then ideally supports both authentication algorithms and X.509. In any case, it is essential that someone in your organization understands in detail how each vendor supports the various levels of security that you intend to use. These authentication and encryption systems all have to work together flawlessly. If the vendors you choose stick to the standards, it improves the chances of, but does not guarantee, an integrated working environment.

IPSec offers a variety of advantages. Chief among those are

• IPSec is widely supported by the industry including Cisco, Microsoft, Nortel Networks, and so on.
• This universal presence ensures interoperability and availability of secure solutions for all types of end users. In addition, all IPSec−compliant products from different vendors are required to be compatible.
• IPSec provides for transparent security, irrespective of the applica−tions used.
• IPSec is not limited to operating system−specific solutions. It will be ubiquitous with IP. It will also be a mandatory part of the forthcoming Internet Protocol Version 6 (IPv6) standard.
• IPSec offers a variety of strong encryption standards. The key design decision to support an open architecture allows for easy adaptability of newer, stronger cryptographic algorithms.
• IPSec includes a secure key−management solution with digital certificate support. IPSec guarantees the ease of management and use. This reduces deployment costs in large−scale corporate networks

IPSec used in conjunction with L2TP provides secure remote−access client−to−server communication. L2TP alone cannot provide for a totally secure communication channel due to its failure to provide per packet integrity, inability to encrypt the user datagram, and the limited security coverage only at the ends of the established tunnel. The major drawback to packet−filtering techniques is that they require access to clear text, both in packet headers and in the packet payloads.
There are two major drafts in IPSec: AH and ESP. They are defined as follows:

• AH is used to provide connectionless integrity and data origin authentication for an entire IP datagram (hereafter referred to as authentication).
• ESP provides authentication and encryption for IP datagrams with the encryption algorithm determined by the user. In ESP authentication, the actual message digest is now inserted at the end of the packet (whereas in AH the digest is inside the authentication).

AH provides data integrity only and ESP, formerly encryption only, now provides both encryption and data integrity. The difference between AH data integrity and ESP data integrity is the scope of the data being authenticated. AH authenticates the entire packet, while ESP doesn’t authenticate the outer IP header. In ESP authentication, the actual message digest is now inserted at the end of the packet, whereas in AH the digest is inside the authentication header. The IPSec standard dictates that prior to any data transfer occurring, a Security Association (SA) must be negotiated between the two VPN nodes (gateways or clients). The SA contains all the information required for execution of various network security services such as the IP layer services (header authentication and payload encapsulation), transport or application layer services, and self−protection of negotiation traffic. These formats provide a consistent framework for transferring key and authentication data that is independent of the key generation technique, encryption algorithm, and authentication mechanism. One of the major benefits of the IPSec efforts is that the standardized packet structure and security association within the IPSec standard will facilitate third−party VPN solutions that interoperate at the data transmission level. However, it does not provide an automatic mechanism to exchange the encryption and data authentication keys needed to establish the encrypted session, which introduces the second major benefit of the IPSec standard: key management infrastructure or Public Key Infrastructure (PKI).
The IPSec working group is in the development and adoption stages of a standardized key management mechanism that enables safe and secure negotiation, distribution, and storage of encryption and authentication keys. A standardized packet structure and key management mechanism will facilitate fully interoperable third−party VPN solutions. Other VPN technologies that are being proposed or implemented as alternatives to the IPSec standard are not true IP security standards at all. Instead, they are encapsulation protocols that tunnel higher level protocols into a link layer protocols. When encryption is applied, some or all of the information needed by the packet filters may no longer be available.

read comments (0)

There are five ways to create a VPN:

• Between desktops
• Between routers
• Between firewalls
• Between VPN−specific boxes
• With integrated boxes

Although not normally considered a VPN, one can certainly use desktop PCs to encrypt data and send it across the Internet securely. Additionally, software is available that runs on a desktop capable of creating a VPN to a firewall or stand−alone VPN device. Most VPN equipment vendors offer corresponding software that runs on a laptop or desktop in order to provide a secure path to the home office over the Internet. Most of the discussion then involves creating a VPN between business locations, branch offices, and road warriors.

Encryption
The first basic rule is the more secure it is, the less convenient it is to use and the greater impact (negative) it will have on overall system performance. The strength of an encryption mechanism is dependent upon the complexity of the calculation and the length of the key. The most popular mechanism for which hardware is readily available is Data Encryption Standard (DES), developed by IBM and now standardized. The basic key is 54−bits long. Triple DES involves simply running the algorithm with a 112−bit key. The question here is as always how secure do you need to be? The more secure, the larger the key used (or the more times the algorithm is run with different keys). This all takes time to encode and to decode. Much has been made lately of the fact that by using thousands of computers, a DES−encoded message could be broken in 39 days. Keep in mind that this is for one key. If we change keys, it would take the crackers and hackers another 39 days. Are they (hackers and competitors) motivated to do this? The method mentioned previously used the brute force attack of guessing keys. Changing keys often means that the attackers must start all over again. The other encryption standard (not widely supported) is International Data Encryption Algorithm (IDEA), which uses 128−bit keys.
The second basic rule is that encryption performed in hardware is much faster than in software.

Key Handling
A very important part (some say the most important) of an encryption is the mechanism used to disseminate keys. Here again, security is the inverse of convenience. True, keys can be sent in a multi−encrypted file. They can also be sent by snail mail or given over the telephone (not very secure). The problem with this private key system is that both communicating parties must have the same key. If all locations are talking to the home office, they all must have the same key, or the central office must keep separate key pairs for each location. This key management nightmare can be handled in two ways. We could use the X.509 digital certificate system for key management. The other alternative is to use a public key system to encrypt the private key so that they can easily be exchanged.

read comments (0)

Internet−Based VPN

the same time. The philosophical point is that a dedicated network will be overbuilt in some areas and underbuilt in others. A shared network offers the hope that we can spread the overall cost out while getting the benefits of a private network. Historically, this accounts for the popularity of shared data networks beginning with X.25, Frame Relay, ATM, and now the Internet. The Internet has become a popular, low−cost backbone infrastructure.
Because of its ubiquity, many companies now want to use a secure Virtual Private Network (VPN) over the public Internet. The challenge in designing a VPN is to exploit the technologies for both intracompany and intercompany communication while still providing security. Of course the rule of thumb we now use in an Internet Protocol (IP) network is “IP on everything.” A VPN is an extension of an organization’s private intranet across a public network (that is, the Internet), creating a secure connection essentially through a tunnel. VPNs securely convey information across the Internet connecting remote users, branch offices, and business partners into the corporate network.

VPNs are owned by the carriers, but used by corporate customers, as though the customers owned them. A VPN is a secure connection that offers the privacy and management controls of a dedicated point−to−point leased line, but actually operates over a shared routed network. In the past we saw traditional networks being built as part of a leased line, point−to−point network. This was expensive and risky. A single link error brought the network down. Later a virtual networking scenario emerged using a packet−switching technology called Frame Relay. This demanded that presubscribed links were established by being premapped in logic. VPNs are created using encryption, authentication, and tunneling, a method by which data packets in one protocol are encapsulated in another protocol. Tunneling enables traffic from multiple organizations to travel across the same network, unaware of each other, as if enclosed inside their
own private steel pipe. It is easy to jump to the conclusion that the Internet is free and, therefore, there are tremendous cost savings to be had from this free shared network. Later, we will explore some cost comparisons, but as one might guess, the relative cost benefit depends very much on each network’s geography and traffic volume.

read comments (0)

Without trying to throw a damper on the voice SDN/VPN, there are some conditions that may cause the end users to balk at its use. Many organizations’ telecommunications management typically try to match the needs of the organization without causing undue stress on the user. However, the special dialing procedures necessary to use a SDN/VPN often got in the way. Let’s use an example of a group with road warriors. The traveling person needs to use long distance to customers, contacts, and back to headquarters. Therefore, a special calling card is issued that has the caller go to a pay phone. From there the caller dials a special 800 number to call into the SDN/VPN (this requires 11 digits). This is nothing more than a switch that is keeping track of the traffic and usage verification. Once into the SDN/VPN, the caller then dials the 11−digit telephone number for a North American location. The number of dialed digits may be higher for international calls. Finally, the caller must dial their user calling card number to validate it for authentication and billing purposes. This may be an additional 15 digits. So all told, the customer has just dialed 37 digits to make a call. This creates frustration for the caller, especially if they make several calls during the course of a day.
Let’s complicate the above scenario a bit! After being frustrated by dialing all those digits, the caller gets a busy tone. This means that they have to start over. Now the frustration really starts to mount. Moreover, one may be reading this and saying “what is the author talking about? I can dial a number and if I get a busy tone, then I merely dial the pound key (#) and get my dial tone back.”
That may be true for some calls and some phones, but this is not a guarantee. The individual phones at airports, hotels, and along the roadside may not allow this. Many may be phones that are used by a specific vendor/carrier (we have all seen the WorldCom and AT&T phone in the lobbies of hotels that only allow the features on their own specific network). So if the caller is using a WorldCom phone and calling an AT&T network, all bets are off. The service may require that the caller hangs up and starts over. Moreover, when making a string of calls on a normal calling card, customers are able to use the # key to place the next call without entering the calling card number every time. This again is not necessarily true with the special SDN/VPN cards. Although the carriers have taken great strides in eliminating these problems, they still cannot guarantee that everything works at every phone. By the way, with the SDN/VPN, the carriers allowed stored numbers in the central switch so that a user could eliminate some of the dialing process by using a speed dialing arrangement. Corporate telecommunications personnel may have predefined calls to each office with a three− to five−digit
speed number, thus the caller could eliminate some of the digits required. This is a noble gesture, but it does not always work the way it was planned, and therefore the end users begin to rebel against the amount of time they spend dialing digits to do their job. Now back to the original purpose of the VPN—to save money and ease the process of communicating between and among users within an organization—the ease of use is not assured, as stated previously, so the goals are not met entirely. From there, however, the user can usurp the savings by doing many things:

• Reducing the amount of calls they make by refusing to dial the digits
• Calling around the VPN by using a separate calling card that is not billed under the special arrangement
• Placing operator assisted calls instead of dialing, thereby incurring a much higher cost per minut

Each of these situations complicates the overall purpose of using the VPN/SDN. One final comment here is that the users also begin to bemoan the use of the network to their superiors, who then begin a grass roots effort to override the VPN. What was planned as a cost containment tool, becomes a more expensive solution overall, and management really does not want to hear all the complaints about a system as mundane as the telephone. Bear this in mind as you look into the use of these systems. This discussion so far has only considered the case where the corporation owns the PBX and connects it to the VPN. What if a Centrex system is provided by the incumbent local exchange carrier (ILEC) or leased from a reseller? The answer is that one can still implement all the above
with a Centrex system at any or all locations. Because Centrex is essentially a PBX that is physically resident at the local central office, it too can have TIE, FX, or RCF trunks. The long distance carrier supplying the VPN will be more than happy to terminate VPN trunks on a Centrex system.

In summary, the important points are as follows:

• Calls are carried over the PSTN.
• A custom dialing plan is used.
• Pricing is dependent on the locale.
• The number of locations.
• The projected or committed traffic volumes.

This is all achieved by computer databases in the network.

read comments (0)

To get corporate America back on the switched network, AT&T devised a marketing strategy. The approach went something like this to the CEO/CFO: “Look, your primary business is banking [building airplanes, trading stocks, selling insurance or whatever], but it is not running a telephone company. Who knows better how to run a telephone system than we do? (You can substitute your favorite carrier here. AT&T is chosen here because they were the first to introduce this service.) You think you are saving money by using these dedicated lines. On the surface, it appears that you are. However, who is managing this network? What is it costing you to recover from outages? Do you have back−up facilities for each of your dedicated routes? Your dedicated team of telephony experts is costing you a bundle. Why are you doing this?”

The CFO and CEO look at each other and shrug their shoulders. “Our CIO or CTO [2] CTO is the Chief Telecommunications Officer or Chief Technology Officer depending on the organization sold us on the idea for providing better service at a lower cost,” they said in unison.
“Look,” said AT&T. “We have the ultimate (outsourcing) deal that will provide all your current capabilities for one low price. We will manage the whole network for you and give you all the service you currently enjoy with your private network with little or no hassle.” Our product is called (somewhat obscurely) Software Defined NetworkTM because you can define the parameters of the
network yourself,” AT&T said proudly. Sprint and MCI/WorldCom [3] MCI and WorldCom were different entities at the time of this offering, but for this book are updated to reflect current situations. TMSoftware Defined Network is a Trademark of AT&T. offer essentially the same product and call it a virtual private network (VPN). We use VPN here because it is both the generally used term, and it is descriptive of the offering. Here is how the deal works: The company defines the locations that will be part of the VPN as shown in Figure 3−2. The larger the average traffic commitment made between these locations, the lower the price per minute can be. (The catch is that if traffic falls below the average commitment, cost falls into the next higher rate category.) carrier will do it. Organizations can now lay off the telecommunications department. (Please note that the staff supporting the PBX in each location is still needed to handle moves, adds, and changes. In addition, the staff needed to maintain the dedicated data network is still needed. Even if the organization migrates to a Frame Relay network, some management of the vendor is always required). All the calls to specifically defined locations (offices) in Chicago, Atlanta, Phoenix, and Seattle are known as on−net calls. These are priced at the reduced rate. Calls to business partners and customers are off−net calls and are charged at a higher rate. If the off−net call volume to these specific locations rises, the organization can still place FX lines into these areas. Again, there is no substitute for knowing the traffic distribution when evaluating any telecommunications plan. As one can determine from the above description, it takes a sharp pencil to figure out if this is a good deal. It is definitely a good deal for the carrier who gets all those calls and minutes back on the switched network. The VPN is more reliable than a dedicated, line−based network because calls are really riding over the Public Switched Telephone Network (PSTN), which is rich in multiple paths. One of the features of the private, line−based network was four− or five−digit dialing. This can be preserved intact if we want. Because the switches in the telephone network are computers that have access to a database, they can easily look up how to route a number based on the originating location and number dialed. The VPN then is a special discount−billing plan, with the carrier managing the network on which we can have a custom−dialing plan.
A caveat that should also be brought into the equation is that the large corporations will negotiate long−term SDN/VPN agreements with the carrier. Typically, the agreements will bear a 3 to 5 year term whereby the customer enjoys the benefits of the fixed pricing arrangement, with some caveats on usage such as minimums, numbers of locations, average revenue generated per month, and so
on. If, however, the average volume falls below an agreed−to level, the carrier may charge a penalty. This penalty may be in the form of

• A minimum charge per site
• A minimum charge per month
• An averaged cost that is used on a quarterly basis (that is, they will bill the higher rate for an entire quarter if the customer does not achieve the minimum billing)

Any one of these charges may apply to the consumer’s billing, depending on the agreement between the players. Incidentally, the customer and the carrier are usually sworn to secrecy regarding the rates and terms of the agreement, through some nondisclosure arrangement. The purpose of this nondisclosure is to keep the mass public coming back and asking for the same deal! Or is it? Sometimes the deal is not as good as it is supposed to be. One such case was a large financial company who had a deal with the carrier for 5 years, yet over that same period of time the costs were rapidly plummeting. The customer was actually spending more per minute for their SDN/VPN than if they just picked up the phone and made a long dis−tance call. Newer contracts will usually bear some terms that state if the costs decrease over the term of the agreement, then the carrier will annually review and adjust the rates accordingly. It may also state
that the adjustments will be enacted if the costs drop by some fixed percentage point (like 10 percent). In either case, the carrier will also hook a contingency that because they are tied to reducing the costs in the contract period should the prices fall, they also reserve the right to raise the rates if their prices increase at greater than some tied percentage point (usually 10 percent). So what we have is an agreement that is somewhat fluid and can be modified during the term of the contract so long as both parties are in agreement. Where this is a benefit is when a company plans extraordinary growth over the term of the agreement, or when there is some speculation that some
sites may be closed and contraction will drop the overall volumes.

read comments (0)

Using these dedicated lines between locations, organizations created a private network. The next step in the evolution of private networks was to devise a corporate−wide numbering plan and have the now intelligent PBX determine the route to the dialed destination via its peers, just like the local telephone office does. After all, other than size, there is little difference between a PBX and a telephone company central office switch!

read comments (0)

As corporate communication volumes increased, organizations realized the cost of telephone service was escalating. Originally, all long distance service was charged on a per minute basis. AT&T introduced a volume discount outbound calling plan called Wide Area Telephone Service (WATS) [1] Some people refer to the term as Wide Area Telecommunications Services. For a monthly fixed payment, the organization got 240 hours of service to one of five bands across the country. Each band was priced, based on the distance from the originator’s location. A typical company usually had a band 5 line and a band 1 or 2 to cover adjacent state calls. It took some analysis to determine the most cost−effective solution for each company’s particular calling pattern. Foreign exchange (FX) service provided a fixed rate calling plan if a company had a large call volume for in−state locations. This is essentially subscribing to telephone service at the foreign central office location and leasing an extension cord from the telephone company to the home location. Originally, there were no usage charges on this line so the more you used it, the less expensive it was. Of course, long distance calls made from the foreign exchange were billed at the long−distance rate. An FX line is needed to each high volume calling location. Alternatively, a company could use a leased telephone line between locations. These lines went by several names: Terminal Interface Equipment (TIE) line, dedicated line, and a data line, when used for data. These are essentially point−to−point telephone lines that are available in two−wire or four−wire configurations. Because the difference in cost between two− and four−wire connections was small (relative to the cost of the line), the four−wire option was preferred unless the company needed many lines. The next logical step was to use these TIE lines to connect private branch exchanges (PBXs) at the various locations. Here again, there were no usage charges on these dedicated lines. A company with locations in Seattle, Phoenix, Atlanta, and headquarters in Chicago might have a “hub and spoke” arrangement of TIE lines from their headquarters to each regional office. Each location then might have FX lines to adjacent cities; for example, a company based in Seattle might have an FX
line to Tacoma, Kent, and Everett. There were corresponding inbound services where the called party paid. For example, the original Zenith operator provided toll−free calling in the days of manual switchboards. The inbound WATS service, now known as 800 service, was originally also structured in bands. Finally, for local toll service, remote call forwarding (RCF) allowed people to sign up for telephone service in a foreign exchange and have them make a long distance call from Tacoma, for example, back to Seattle at your expense. Although this was more expensive (depending on the number of calls) than FX, an advantage of RCF is that you can receive multiple calls at a time. It soon became apparent to people working in the Phoenix location that they could call their uncle in Kent by first asking the company operator (later by dialing) for the TIE line to Chicago. They would then choose the TIE line to Seattle and finally dial across the FX line to Kent. The PBX, although not smart, did allow a person to dial up the TIE and FX lines. The important fly in this otherwise ingenious solution (ointment) to high−cost long distance telephone service is that each TIE or FX line could only handle one call at a time. The challenge for the telecommunications manager was therefore to figure out the optimum number of TIE lines between locations to minimize cost and waiting time for the TIE line, while maximizing savings across the commercial long distance circuits. About this time, AT&T noticed a small drop in its long distance revenue from such business and a sharp increase in the number of leased lines it was providing. Now, clearly it is much more profitable to rent a telephone channel out at $0.25 per minute than to lease that capacity to a corporation for 1,000 per month. One should also be aware that the average corporation will not pay these prices, but smaller companies and independent contractors may! On average, 75 percent of the paying public is overpaying the cost of long distance because of the complexity and the various changes that take place. Recently, the three top providers of long distance service raised their rates by 7 percent (12/2001). The impact was primarily in the area of basic long distance service. This means that many small companies have subscribed to a plan with the carrier. The carrier selects the plan that best fits the customer’s dialing habits and number of circuits used (lines). However, the plan is current at the time of the deal and may change several times in the next year. Better pricing or packaging may become available the very next day. The consuming public may not realize that the new package is available and continue to pay the agreed to rates for the next x years, costing them hundreds to thousands of dollars extra per year. To rectify the problem, many organizations periodically call the carrier and ask for the best plan to meet their dialing habits. Once again, the best plan is selected at the time of the call, not forever adjusted automaticall.

read comments (0)

Many companies created or built their own private networks in the past. These networks are usually cost−justified or based on the availability of lines, facilities, and special needs. Often these networks employ a mix of technologies, such as private microwaves, satellite communications, fiber optics, and infrared transmission. The convergence of the networks has further been deployed because of the mix of services that the telephone companies did not service well. Many companies with private networks have been subjected to criticisms because the networks were misunderstood. Often the networks were based on voice savings and could not be justified. Now that the telecommunications networks and systems are merging, the demand for higher speed and more availability is driving either a private network or a hybrid.

read comments (0)

The network−numbering plan was designed to enable a quick and discreet connection to any telephone in the country. The North American Numbering Plan, as it is called, works on a series of 10 numbers. As progress occurs, the use of Local Number Portability (LNP) and Intelligent Networks (IN) enables the competitors to break in and offer new services to the consumer. Note that there have been some changes in this numbering plan. When it originally was formulated, the telephone numbers were divided into three sets of sequences. The area codes were set to designate high−volume usage and enabled some number recognition tied to a state boundary. With the convergence in full swing, the numbering plan became a bottleneck. Now with the use of LNP, the numbering plan will completely become obsolete as we know it. No longer will we recognize the number by an area code and correlate it to a specific geographic area. LNP will make the number a fully portable entity. Moreover, 10−digit dialing in the age of convergence becomes the norm because of the multitude of area codes that will reside in a state.

read comments (0)