A while back I wrote about comments from fellow blogger Skibare and his theory that Google may purchase Skype and how it would mean game over for everyone else. I have been thinking about these comments subconsciously for a while and I have to admit that whether or not Google decides to buy Skype it seems only a matter of time before they launch Gphone.
I can see it now:
"What is Gphone? ...As part of Googles mission to make the Web more useful we have decided to launch Gphone, short for Google Phone. Gphone is a free PC to PC program that allows you to make unlimited calls to other Gphone users..."
What happens next, of course, is that Microsoft needs to become a phone company and launches Mphone and of course, then there is IBM, Sun, etc.
Interestingly, I keep hearing how handset manufacturers are considering adding the Skype protocol to their devices. Skype has become that popular. Is this a barrier to entry for Google? Perhaps, but when you have access to just about every Web user out there by simply adding some text to your search page you have to wonder if anything is beyond your reach.
I have been thinking a great deal about developer programs and VoIP ecosystems since TMCs just completed VoIP Developer Conference. I saw with my own eyes how developers were so attracted to companies that are pushing ecosystems like Avaya.
Skype realizes this and last year, right around the time that Niklas Zennstrom made his first U.S. speech at Internet Telephony Conference & EXPO, they launched a developer program. I recognized this as pure genius immediately.
You see, the future of VoIP is going to be in building ecosystems where many companies can make money. Think of this as a platform business. In other words, the future of VoIP is going to depend on interconnected parts and pieces to make large-scale solutions possible.
Skype gets this and is helping to further push their brand by making others rich in the process. Avaya understands this and their developer program is mission-critical to them. Inter-Tel gets this too, but doesnt have the resources to be Avaya yet.
One thing is for sure, the company that wins the PBX war is going to be the one with the most developers. Cisco knows this and Nortel does as well but Avaya is winning the race for the hearts and minds of new developers according to my informal polling at recent industry events.
This is important because the future of the PBX may be similar to that of the PC. The company with the largest developer program wins. What sorts of development are we talking about? Vertical applications such as legal, real-estate, hospitality, and so on You see a company in a certain niche in the market will always want a phone system customized to what they do. It is that simple. This brings us back to the size of the developer program.
The result of the VoIP developer wars, as I call them, is more choice for companies looking for solutions. Everyone wants to feel special. Everyone wants to think their software and in fact all products they purchase are designed to best suit their needs. The companies that get this are the ones that will win tomorrows VoIP wars for sure.
Services Over IP
One of the more interesting comments I heard at the VoIP Developer Conference was from Michael Stanford, Director, VoIP Strategy, Digital Enterprise Group at Intel who said VoIP is old news, said Stanford. "Long Live SoIP, or Services over IP." He went on to explain that VoIP is merely the first drop in the coming deluge, the first significant application over IP, and that we have already moved beyond simply seeking to offer cheap minutes.
Stanford offered a veritable laundry list of promising numbers from a variety of research analysts. Cell phone lines are far outstripping fixed lines globally. Dual mode shipments are slated to grow beyond 100 million units shipped by 2010. Data-capable phones will overtake voice-only phones by 2008. (Today's conventional wisdom dictates that virtually all cell phones will be smart phones soon, yet there is starting to be some pushback from the cell phone industry. People want simplicity, and perhaps the increasing amount of services may stall sales.)
Broadband subscriptions are growing, with an expected 300 million broadband users globally expected by 2008. To keep up with service evolution and advent of IPTV, as well as other applications, we will need 10MB+ by 2008.
Stanford mentioned that WiMAX field trials have begun with over 100 trials being conducted globally today. He expects to see notebook integration by next year, and the first WiMAX phones and mobile network rollout by 2008. By 2008-10 we should see global network rollout.
Stanford wrapped up his presentation by reminding everyone that VoIP is the beachhead to services over IP, and that the technologies underlying VoIP (RTP, SIP QoS, IMS) support more than just voice. VoIP is the baseline feature that opens the door to new services such as wideband audio, video, IM, push to talk, presence, document sharing, rich collaboration, and the further rapid innovation of new features and service combinations.
The opportunity, according to Stanford, is New Services and New Applications. SoIP. Services over IP. Any access connects you to any service. Opportunities abound for developers.
What amazed me most about the keynote was how many people were asking about WiMAX after Stanford finished. This is not surprising as right around the same time as the show, Vonage announced they are working with a company called TowerStream to deploy VoIPoWiMAX (this is a brand new acronym I just made up!) Check out tmcnet.com/154.1 for more on this alliance.
I moderated an interesting panel on HMP or host media processing that included David Duffet who heads up Aculab Academy; Alan Percy, Director of Business Development, AudioCodes; Amir Zmora, VP Marketing and Product Management, Surf Communication Solutions; Greg Pisano, Market Development Manager for Carrier Enhanced Services, Brooktrout Technologies; and Daniel LeCour, Vice President of Business Development, Envox Worldwide.
We had a tremendous amount of expertise up on stage and what struck me as the panel proceeded is how complex it is to make a decision as to whether to use host media processing or use boards in your applications. The one real obvious point I came away with is that HMP is a great solution for small-scale projects but there are almost no service provider solutions that are better served with an HMP solution.
If you have a medium-scale application you really need to do some intricate calculations to figure out which solution is most cost-effective. Interestingly the panelists kept throwing around Moores law and used it as an argument to justify going HMP. I countered that DSPs also evolve according to Moores law. The panel agreed and actually said a common problem they see in the market is that users dont realize that Moores Law also applies to DSPs.
Interestingly David Duffet made sure the audience was well-aware of what he coined as Duffets Law, which says that the faster processors get the more that is demanded of them. As an example he mentioned that some service providers in South America are running VoIP on low-quality lines and as such now need the DSPs to do extremely intensive echo-cancellation.
Speaking of having more demands on your server, it seemed unanimous that when you deal with video, the HMP solution gets expensive fast. By the time you factor in licenses for the OS and space in a cage, the costs add up quite quickly.
Mark Spencer, the founder of Digium and creator of the Asterisk open-source PBX spoke to a standing room only crowd and fielded a bunch of questions about the Asterisk platform. One of the more entertaining aspects of the conference sessions was a snippet of code Mark showed that was written by a friend. The code was aimed at eliminating contact with an ex-girlfriend and it basically connected calls from the ex-girlfriends cell phone to her home phone and vice-versa. This apparently resonated with crowd based on the laughter in the audience.
I later heard a story from someone else who had found out their spouse was beginning to develop a relationship with someone else (lets call this person Pat) and subsequently they programmed their home-PBX (It amazes me how many people have PBXs in their houses these days) to do the following. Regardless of who called whether the spouse called Pat or Pat called the spouse, the calls were rerouted to a PBX extension that never picked up. Apparently this solution helped end the relationship. I tell you these VoIP developers are very creative. If you could shrink-wrap some of these, there is no telling how much money can be made.
It may come as a surprise to learn that not all corporate security issues originate from outside the network. A growing number of threats are coming from inside networks. In fact some security analysts have found that there are more successful attacks coming from within than outside your network. Cyber criminals working inside a company can steal the identities of coworkers on a large scale. Usually these criminals are difficult to spot. They dont look like criminals.
This concept is not lost on crime syndicates who equip members of their organizations with fake identification and send them to apply for and obtain jobs in Fortune class corporations. Once inside, these criminals have access to the inside of networks on the soft side of the firewall and from there can unleash an array of internal attacks on a companys computer network in an effort to steal identities.
Other times, such syndicates direct their efforts towards the corporation and in some cases are able to steal money from banks and other financial institutions. When they are caught it is often too late to get the money back.
Internal and external hackers are always looking for new ways to get confidential information they can use to make money from. Techniques such as VoIP eavesdropping allow a hacker to listen-in on phone calls. Conversations with banks where PIN codes are used can be saved for later analysis. Think of unprotected VoIP networks as a hacker gold rush.
VoIP encryption is one way to deal with the problem and if you read Internet news sites like TMCnet you probably have noticed a growing trend by companies to encrypt voice packets. The problem is that encrypting voice packets in a way that an enterprise cannot unencrypt them causes problems for law enforcement agencies as well as the corporation. Skype is an example of a product that cannot be centrally unencrypted. HIPAA and Sarbanes Oxley are two laws that require corporations to record certain employee conversations in order to be in compliance with the law.
Phil Edholm the CTO of Nortel Networks told me a while back how concerned he is about peer to peer encryption of SIP messages as these messages can contain viruses and other malicious code. Encrypting SIP messages on a peer to peer network can lead to absolute disaster if you arent careful. If all of these problems arent bad enough, there are issues relating to latency caused by encryption you also have to deal with.
Encryption unless it is centralized is a bad idea for enterprise VoIP. In this world where security is so important to all of us, any sort of p2p VoIP security protocol that governments cant break is bad news for the population as a whole. Rich Mendoza, the Managing Director of SIP Solutions at BorderWare tells me that the firewall, not encryption, is going to have to deal with the VoIP security issues and you know what? He thinks we will need specific firewalls for various applications such as e-mail. If Rich is correct, the more applications you have, the more firewalls you will need.
As Rich tells me, general purpose firewalls dont generally do the deep packet inspection needed to protect organizations using VoIP. He goes on to say that service providers arent in the packet censorship business, this is why we have desktop applications for antivirus, anti-spam, and anti-spyware (he forgot anti-adware how can anyone live without this?) We need endpoint applications to protect VoIP calls.
BorderWare sells firewalls so they are obviously biased towards firewall use. Their appliances sit behind your general purpose firewall and when deploying you just open up ports 5060 and 5062 on your general firewall so that the VoIP firewall can handle the job of dealing with the VoIP traffic. Another application of these firewalls is deployment by service providers to their customers so that the softswitch is segregated and customers cant get to other customers on the same softswitch.
This past December 2004 I wrote the following about VoIP E911 in Internet Telephony Magazine:
I have said it before and I will say it again if we dont get our act together soon as an industry we will have some serious headaches to contend with. The positive press friendly to VoIP that we witnessed for a year will vanish the moment someone is injured or worse because there is a problem with VoIP and E911 connectivity.
The current state of 911 over todays VoIP providers is not good. The incumbents arent as much of an issue as the newer carriers who transfer 911 calls to lower priority administrative lines in PSAPs. E911 over VoIP can be much better than PSTN 911. We need to come together as an industry and discuss the challenges and standards issues and make sure that e911 over VoIP becomes a reason to adopt and not a reason to pass on VoIP.
I consider this a stumbling block that needs addressing on our way to achieving VoIP 2.0. Companies like Vonage, who use technology from an innovative company called Intrado, are taking bold steps to ensure the safety of their customers. They should be commended for their efforts and others need to follow.
Few service providers listened. These providers are now scrambling to meet the FCC deadline for 911 compliance.
Now Im at it again. I am telling you that if you are a service provider or an enterprise putting VoIP on your network, you need to understand the security implications of not having a VoIP aware firewall in the mix. Understand full well what you are doing.
If you are unsure, come to Internet Telephony Conference & Expo this October to learn everything you need to know to roll out VoIP safely and securely. We have extensive and in-depth education on this topic. Remember that if a 911 call doesnt work on your network because of some sort of attack, someone will be held responsible. The same goes for sales calls and revenue that may be lost. Be sure you know as much as you can and do as much as you can to ensure a successful and secure VoIP deployment. IT
If you are interested in purchasing reprints of this article (in either print or PDF format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.