Data networks are an indispensable part of everyday business, allowing employees, business partners, vendors, and end users to access corporate resources and communicate effectively. One of the great advantages of data networks has been their tolerance to disruption. If other traffic traversing the network delays the packets of a file by a few milliseconds (even a few seconds), the end user hardly notices. As long as the file arrives intact, the network has done its job.
However, voice and video data are time-sensitive and cannot tolerate delays. When converging voice with an existing data network, administrators must understand the impact of voice data and make accommodations to support an acceptable level of VoIP performance.
A Matter Of Time
Darwin Herdman, CTO and general manager for managed services at RedSiren (www.redsiren.com), says that voice data requires protection against the busy network traffic and other delays that occur at the LAN and WAN levels.
Tracking VoIP call activity is an important way to correlate call volume to network load, helping administrators locate bottlenecks that may suggest the need for upgrades.
"Most of the data/Internet traffic is ‘best effort' and can handle delays gracefully," he says. "On the other hand, voice traffic is very sensitive to delays of any kind. The ITU recommends that one-way delay for voice applications should be less than 150ms. Outside of the local LAN, VoIP traffic is not free. WAN and access links must be appropriately sized to support a number of simultaneous calls. A poor line speed between sites can cause delay to both parties."
Often, errors and oversights in network planning or inadequate resources (such as WAN bandwidth) can result in data delays that will ultimately impact network performance. When voice data is given appropriate priority, Herdman notes that data users may experience email hesitation, logon timeouts, and delays in Internet browsing. If VoIP is not given adequate network priority, he says, phone users will experience delayed dial tone, echoes, and annoying lags that will make conversation extremely difficult.
Avoid Common Mistakes
Herdman says that inadequate planning frequently plagues convergence efforts. Planners often underestimate the impact of VoIP on current network resources, and they don't account for future growth.
"Administrators should always assess their existing network against the expected call volume and potential for growth," says Herdman. "Enterprises should comply with the recommended best practices prevalent in the industry to facilitate smooth transition to converged voice and data networks." He notes that best practices include defining network traffic priorities and identifying VoIP traffic requirements and migration strategies well in advance of any actual work. Herdman also suggests including Quality of Service on all segments of the network to help track and maintain adequate voice quality.
Implementation is another area that frequently compromises VoIP convergence efforts. Administrators sometimes overlook the need for common network upgrades, such as increased bandwidth, new VoIP-capable telephones, VoIP-enabled equipment (such as routers and switches), and cabling.
Call quality measurements help administrators ensure reliable communication and identify instances of
unacceptable VoIP performance.
Even the actual installations and setups are common sources of problems. Herdman says that single-source solution providers typically yield the best results. "From a contracting perspective, users may want to consider sourcing expertise but should only do so if they get the entire picture from one company. In other words, don't split the engagement by design and implementation unless the implementing company signs off on the design process. Without it, finger-pointing ensues."
Herdman says that outside contractors should also be able to qualify current network capabilities before recommending upgrades and provide IT planners with a solid VoIP plan. "Before any contract is assigned, get a preassessment that outlines all upgrades and costs. The preassessment will simulate voice calls and measure the level of preparedness and behavior of existing systems and list options for deployment."
Any implementation plan should offer reliable operation and room for growth. Herdman says, "A top issue is whether phones go out when the power goes off. To make IP phones work like their predecessors, switches and routers must have line-powered connections that send power down the network cable. Working backwards, the switches and routers typically then need UPS to keep the phones working."
Although VoIP networks will certainly demand network resources, Herdman also underscores the need for security. Corporate VoIP communications can be just as sensitive and confidential as personnel files or new product designs, and protecting VoIP data against eavesdropping and attack poses a unique obstacle for IT planners.
"Quality of Service issues are a critical element of IP telephony and pose a significant challenge to security professionals," says Herdman. "We cannot assume that the
same security controls and measures that are currently implemented in data networks can be deployed in an IP telephony environment without compromising QoS. The time-critical nature of IP telephony systems and a low tolerance for disruption and packet loss limit the utility of traditional security solutions."
VoIP management tools can make detailed measurements of call quality, quickly identifying problem areas for further investigation and corrective action.
Although specific VoIP security issues can be quite extensive, Herdman recommends a complete suite of precautions that often mirror the protections afforded to a data network. "Critical IP telephony infrastructure, including call-processing managers, voicemail servers, voice gateways, and voice-enabled routers, must be subject to strict system hardening procedures and continuous security management," he says.
Herdman suggests that IP telephony and data devices should be deployed on two logically separated network segments with dedicated DHCP servers. This allows administrators to better defend the overall network while minimizing the impact of compromised systems.
In addition, voice encryption allows for improved security but may impair the benefits of QoS. "If performance is an issue," says Herdman, "recommend encryption at the router or other gateway and not the end points to provide for IPsec tunneling." Toll fraud can be mitigated using device and user authentication techniques to prevent unauthorized devices from accessing the network. Ultimately, VoIP convergence presents IT planners with serious issues, but each can be resolved and prevented with proper planning and careful implementation.
by Stephen J. Bigelow