HOW CAN CUSTOMERS MANAGE THEIR SOFTPHONE CLIENTS?
CounterPath’s Stretto Platform™ provides hosted and premise-based management modules, including Provisioning, User Experience Metrics and Help Desk Assistant. The Provisioning module ensures that employees can have their soft phones remotely configured with over 250 settings.
WILL THE SOLUTION WORK FOR HOME WORKERS?
For enterprises seeking to provide UC access to home-based employees, it is typically recommended that Enterprise Session Border Controllers (E-SBCs) be deployed at the edge of the enterprise network. When an SBC is deployed, all VoIP-related traffic (both signalling and media) can be routed from the PCoIP zero client over the public Internet to the Enterprise SBC, which ensures all incoming / outgoing VoIP traffic is carefully controlled by the enterprise.
Key functions performed by SBCs include:
- Security, including protection from Denial-of-Service (DoS) attacks, topology hiding and encryption of signalling and media streams
- NAT traversal, to perform mapping between the enterprise's private IP addressing space and the public Internet
- Quality of Service, including prioritizing of traffic flows (e.g. based on ToS/DSCP settings)
- Media transcoding
Enterprise SBCs are available from over 20 vendors, and include appliance-based products as well as software products that can be deployed on Virtual Machines (VMs) on existing servers. The market leaders are Oracle/ACME, Cisco and Sonus, but products are also available from Avaya, Siemens, Audiocodes, Sangoma, Adtran, Dialogic, Ingate and others. When configuring SBCs, only modest configuration changes are needed to the UC clients and to the existing IP PBX infrastructure (e.g. the DNS entry used by the home-based UC clients must be pointed to the public SBC IP address).
For enterprises not wanting to deploy SBCs, the alternative is to rely on VPN connections between the home and the enterprise. This approach reduces the capacity of the VPN server, but may be adequate in some scenarios; while the VPN server performs security and NAT traversal functions, it does not allow for prioritization of VoIP traffic and is typically more costly to manage.
WHAT PROVISIONING OPTIONS EXIST FOR CUSTOMERS WITH ULTRA-STRICT SECURITY POLICIES?
For larger customers with hundreds of employees, CounterPath’s premise-based Stretto™ deployment option is typically a good fit, as the platform physically resides on the customer’s premise. For smaller customers for whom deploying a premise-based solution is too costly, customers should consider CounterPath’s hosted Stretto Platform™; each customer is provided with secure HTTPS-based access (via GUI else API) to the Stretto Platform™, where they will only be able to access their data; furthermore, all password information (such as SIP credentials) is encrypted when it is stored. However, for small customers whose security policies do not allow the storage of any employee data in the cloud (such as SIP credentials), this solution may not be appropriate. In this case, customers can consider a version of the Bria Virtualized Edition softphone that supports only local provisioning (in this case, each VM will need to be manually provisioned with key data such as user credentials).
WHAT FEATURES DOES THE BRIA VIRTUALIZED EDITION SUPPORT?
In addition to the standard set of telephony features (Call Waiting, Call Hold, Call Mute, Call Transfer, Call Display), the soft phone supports Contacts (based on integration with Active Directory via LDAP, as well as XMPP) and Instant Messaging / Presence (based on XMPP, as well as SIP SIMPLE). The Bria Virtualized Edition also supports advanced security capabilities (TLS, SRTP) and multiple account support (enables the user to be logged into multiple SIP accounts at one time).
DOES THE SOLUTION SUPPORT QOS?
Yes, the solution supports VLAN tagging, to be used to prioritize voice and SIP signaling traffic.
DOES THE SOLUTION SUPPORT ENCRYPTION OF SIGNALING AND MEDIA?
The Bria Virtualized Edition can be configured to support SIP signaling over TLS and Secure RTP (SRTP). SRTP is defined in RFC 3711; all media can be sent using SRTP with keys exchanged using RFC 4568 (SDP Security Descriptions for Media Streams).
DOES THE SOLUTION SUPPORT CALL RECORDING?
Yes, the solution can be used with 3rd party Call Recording solutions, which are often used in Call Centres.