One such ambitious network operator, Metropolitan Telecommunications (MetTel), plans to expand its competitive local exchange footprint from a current 15 states to more than 35 states by the end of 2005. It also plans to respond rapidly along the way to demand for advanced IP-based communications and collaboration services among its primary small and medium business (SMB) target market.

Among its first steps in executing on these aggressive plans, MetTel announced in March that it is deploying nCite Session Border Controllers from Netrake.

According to MetTel executives, the nCite deployment constitutes a necessary precondition for executing on both its geographic expansion and its advanced VoIP and IP multimedia services roadmap. Laying the groundwork for session control now, they explain, will deliver benefits including, and beyond, security in the near and distant future.

Trusted Peers: Securing Home Infrastructure
MetTel initially began providing competitive voice and data services to customers in New York City nearly a decade ago. It has since expanded its Unbundled Network Element-Platform, or UNE-P, services footprint to 15 states — primarily on the East Coast, from Florida to Maine, though also in Texas. It primarily serves the SMB market and counts a number of Fortune 1000 multi-location customers across one or several states among its clients.

Unlike many UNE-P-based competitive local exchange carriers (CLECs), MetTel deployed its own VoIP offering more than two years ago. For most customers, it has delivered telephony services through gateways to standard public switched telephone network (PSTN) interconnections with incumbent local carriers. Through the PSTN gateway, the softswitch has looked to customers like a traditional Class 5 TDM switch serving their traditional TDM phones.

MetTel will continue to serve TDM customers based on PSTN gateway interconnections. “That business won’t go away any time soon,” says Sam Vogel, Chief Marketing Officer for MetTel. “Customers will determine when and how they migrate away from TDM.”

However, VoIP will anchor MetTel’s efforts to reach new customers as it doubles its geographic reach this year. Because the Netrake session controllers enable secure IP-to-IP peering via the Session Initiation Protocol (SIP), these platforms position MetTel to begin offering hosted VoIP services, while it continues to serve TDM customers, from its offering.
“Netrake will allow us to peer with many IP providers to open additional VoIP markets quickly,” says Ed Fox, Vice President, Network Services, for MetTel. He adds that, unlike some residential and SOHO VoIP providers, MetTel will not ask customers to buy access services from a third party to “get to us however you can. It will be a T1 or T1 equivalent we control so there will be no QoS issues,” he says. “Netrake allows us to add off-net locations to our network, as well as the ability to peer and get traffic from markets where we need to interconnect with other local carriers.”

In short, Netrake’s nCite solution empowers MetTel to securely deliver SIP-based applications to its business customers across its own VoIP infrastructure, as well as across peer networks. This will provide its avenue to geographic expansion.

Because the session controller must support what is effectively a national IP peering play, the company made scalability a top priority in vendor selection. According to Fox, nCite’s real-time operating system plus proprietary hardware for high-volume packet processing enables a single session controller to provide a range of security features that can be scaled up with confidence. Netrake says it designed nCite to provide security for up to 150,000 VoIP registrations in a single shelf.

“First and foremost, we provide the security fabric to protect their infrastructure so they can readily offer a diverse set of IP-centric voice features across a wide geographic footprint,” says Shahsi Kanth, Director of Customer Engineering for Netrake. “MetTel is well aware,” he adds, “that VoIP operators must learn from the data networking industry that security must be built into the industry’s foundations, rather than turned to as an afterthought.”

Network-to-Enterprise Application
Through an agreement reached in January, MetTel will begin in the second quarter of 2005 to resell VoIP services from other SIP wholesale carriers thus requiring Netrake to support multiple SIP-based, IP-to-IP interconnects. MetTel plans to gradually build its own hosted IP PBX and other VoIP services over time.

As MetTel employs this dual strategy to gain VoIP customers, it will rely on its session controllers for not only carrier-to-carrier, but also carrier-to-enterprise features. These include firewall and network address translation (NAT), firewall traversal, and denial of service attack (DOS) prevention for secure delivery of advanced communications features such as browser-based Web account management, IP video, and multimedia conferencing. Additionally, the session controller provides per-session historical reporting for both billing and session performance analysis and troubleshooting.

“SIP serves voice, video, IM, and other telephony applications; given the IP nature of SIP, all are vulnerable to all kinds of intrusions,” Kanth says. “With the Netrake nCite, MetTel can securely offer all the services they want while helping customers avoid firewall headaches through remote firewall/NAT traversal for hosted PBX. MetTel is hosting that process in the network and therefore taking the burden off of their customer’s shoulders.”

MetTel also is now positioned to help existing customers make the transition from TDM to VoIP at their own pace. “They have to be ready to accept the technology and pony up the money to convert the service,” says MetTel’s Vogel. “It may at first be new locations, where they wish to make the step to hosted VoIP instead of buying traditional PBX for example.”
In the enterprise session control application, scale will matter too. “Netrake was the only supplier that offered firewall and network address traversal, peering, and had Virtual Proxy Server on its roadmap, where you’re paying one license, instead of separate licenses,” Fox says. “They melted it all together. That is how they architected the system by being hardware-centric, while similar systems have to add software to support these different functions. So we’re more confident in their reliability and scale numbers because of that architecture. When you talk about scaling software, it’s a scary issue. With Netrake’s hardware solution, it works.”

According to Kanth, whether applied to peering with a Level(3) or to a direct IP interconnect with an enterprise, MetTel needs to secure each interconnection point. “Our architecture supports one or many SIP proxies for partitioning of each enterprise to address concerns about unauthorized access,” he says. “We protect their softswitch core. As they add more applications and customers, we’ll scale with them.”

nCite also features remote, automated configuration of customer premises VoIP equipment through its element management system (EMS). “Billing was a big issue,” Fox says. “We can pull CDRs [call data records] from Netrake in XML,” or extensible Markup Language, a standard formatted data exchange standard. “All our other VoIP and switch operations support are native XML,” he adds. “The big draw is we don’t have to make changes in the EMS.”

Fox further notes that the remote CPE configuration, combined with virtual SIP proxy server partitioning, will allow MetTel to “take the intricacies out of customer turn up. It moves the equipment and smarts out into the network. The whole premise is security — allowing us to preempt coming SIP security attacks. Netrake is our joint defense to that.”

As small and medium business demand for IP communications, collaboration, and converged multimedia grows, MetTel has laid a solid foundation to respond. IT