May 2004
Grappling With Management Of IP Telephony
BY
CRAIG FARRELL
The move to IP telephony promises big cost-savings for large enterprises,
but some organizations are shying away from large-scale deployments, fearing
that VoIP reliability and security issues may pose problems to business
operations. In theory, a converged voice and data environment should be
ultimately simpler and easier to manage, however the promise of reduced
hardware and operations costs coupled with lower phone bills has not been
entirely sufficient to lure companies into extensive VoIP conversions.
Instead many companies are taking a slow, yet steady, phased approach to
voice over IP, taking migrations a bit more cautiously by implementing on
either a department-by-department or a small trial basis.
While a phased approach helps corporate enterprises reduce risk and
ensure a smoother conversion, many enterprises have still been caught off
guard by the cost and complexity of their migration efforts. The phased
approach introduces more heterogeneity into the network � a combination of
legacy PBXs, new IP telephony hardware, and VoIP applications on top of
existing data applications. A converged environment, coupled with the
maintenance of traditional PBX-based services, introduces more complexity in
terms of service assurance and network monitoring, as the network must now
support a new type of network traffic. However, network availability and
service quality are not the only issues that make the migration to IP
telephony a challenge. Operations personnel must also now grapple with
measuring additional quality of service (QoS) metrics and service level
agreements for VoIP. And as IT organizations move to converged environments,
the network will become truly mission-critical � the lifeblood of the
business, putting additional pressure on IT and network personnel.
�The conversion to voice over IP presents interesting challenges for both
network and service management. In a traditional business environment there
are two separate networked infrastructures for voice and data communications
that can be relied upon to conduct business,� commented George Hamilton from
the Yankee Group. �If the network goes down and e-mail is disabled,
employees can simply pick up the phone. In a converged environment, this all
changes � the network will be the single link tying the business together.�
EMERGING SECURITY VULNERABILITIES
This growing dependency on the network as the single vehicle to conduct
business, coupled with high user expectations, will put even more pressure
on already hard-pressed operations personnel � making real-time network
monitoring and service assurance more critical than ever.
In addition, IP telephony potentially provides applications with a new
avenue for accessing the data network and therefore introduces new security
vulnerabilities. Like data applications running on an IP network, voice
services are also vulnerable to attacks. A recent advisory from the National
Security Infrastructure Coordination Center revealed new security
vulnerabilities for IP telephony equipment that utilize the ITU H.323
standard, which can result in a range of problems such as viruses,
denial-of-service attacks, and other security-related problems that can
impact network routing equipment, security systems and devices.
Even though many equipment vendors have provided information on how to
address and correct these problems, organizations will still need to
consider how threats, network faults, and system and application events can
be centrally managed so that IT staff can better understand the
relationships between security vulnerabilities and service availability and
quality. To effectively address the IT operational challenges that IP
telephony introduces to the network, organizations will need a common method
by which to monitor network, system, and security data and establish a means
of correlating security breaches to network faults and assess their
aggregate impact on application and service problems.
MANAGING BANDWIDTH PRIORITIZATION
Data and voice traffic are extremely volatile, spanning a wide range of
peaks and valleys throughout the day, which makes it difficult to meet QoS
requirements for both types of traffic. Many enterprises may be soon faced
with a question: �Which takes a higher priority, voice or data?� The answer
is �it depends.� As companies migrate to IP telephony, they may not only be
faced with new network management challenges but may also need to make
choices in terms of bandwidth allocation. And because concerns about
reliability and availability continue to plague voice over IP, it is likely
that companies may reserve bandwidth for voice traffic to help compensate
for potential service problems � which could mean delays for data
applications. In the new world of converged voice and data networks, some
companies may find themselves tolerating higher data latency in order to
ensure an acceptable level of VoIP service reliability.
THE ROLE OF MANAGEMENT TOOLS
As companies move to converged networks, operations personnel will
ultimately require management solutions that can offer an end-to-end view of
existing PBX networks, voice services, and data services, as well as the
underlying system, network and security-based resources that support them.
The additional security issues that IP telephony introduces could also mean
that both voice services and data applications could be affected by an
attack or network problem � making real-time service monitoring more
critical than ever. In the world of convergence, the impact of �cyber war�
and security vulnerabilities take on a whole new meaning, as the network
truly does become the lifeblood of the business. IP telephony will more than
likely motivate many organizations to raise the bar on securing their
networks.
�As the momentum for IP telephony gains steam, corporations will need to
evaluate their IP telephony management strategy to ensure their monitoring
tools are capable of addressing the evolving requirements surrounding the
monitoring of both network health and quality metrics as well as security
related events and potential vulnerabilities,� commented Hamilton.
�Management solutions � (need to be) � well-equipped to address these
requirements through the monitoring of network, voice application, and
security events that can be centrally managed by operations teams from a
single point.�
As a result, silo-based IT management tools that only provide isolated
snapshots of individual events or problems will fall short in terms of their
ability provide the required visibility of service quality and network
health and security that many organizations will require. In order to fully
realize return-on-investment from VoIP deployments, IT organizations should
evaluate whether their network management solution offers a means of
centralizing voice and data faults and reassess their staff�s effectiveness
in troubleshooting and resolving problems. With operations centers already
flooded with events, a focus on service management and fault isolation will
be increasingly critical in terms of maintaining operational efficiency and
return-on-investment from IP telephony deployments.
Organizations deploying IP telephony not only need to monitor service
quality, jitter, latency, and other metrics, they also need to couple this
with end-to-end network monitoring as well as security event management and
real-time vulnerability assessments. Management tools that provide the
flexibility to manage voice and data networks together or separately along
with the critical security information will prove most effective in terms of
providing the visibility that operations staff will require to deliver on
the reliability and quality of services that businesses will require.
Craig Farrell is Chief Technology Officer at Micromuse, Inc., a global
software company that delivers industry-leading business and service
assurance solutions to organizations worldwide. For more information, please
visit the company�s Web site at
www.micromuse.com.
If you are interested in purchasing reprints of this article (in either
print or HTML format), please visit Reprint Management Services online at
www.reprintbuyer.com or contact a representative via e-mail at
[email protected]
or by phone at 800-290-5460.
[ Return
To The May 2004 Table Of Contents ]
|