With a lot involved in deploying SD-WAN, leveraging a managed service provider (MSP) can help businesses keep their IT staff forward-thinking. There are many to choose from, and knowing the criteria to get the best fit is essential.
In searching for an MSP to align with, the size and focus are important so that businesses receive service based on their needs and style. For instance, if an SMB pairs up with an MSP designed for enterprise networking, MSP may not provide the personalized touch the business requires. They are simply too large. On the other hand, selecting a start-up MSP may not be mature with respect to its service offerings. However, they might be able to deliver SD-WAN, which may not meet overarching needs.
Once a business chooses an MSP for SD-WAN, they’ll want them to provide more than just services. For instance, businesses may want to add:
Businesses should want to partner with an MSP that can consolidate these services more holistically. They will want a partner that can help with their overall technology roadmap. For instance, integrating the network security of SD-WAN with endpoint security.
This relates to how the MSP is protecting themselves which effectively protects the customer. If their network is not reliable and secure, that will mean downtime and security issues for their customers. An easy way to investigate this is to know what type of certifications they have. A typical one to look for is SOCII (service operation center), where they have their processes not only well established but are independently tested by third-party auditors. These auditors will verify the following:
As they look for an MSP, businesses may find that many lack WAN service diversity and are not carrier agnostic. Businesses will want to ask questions such as:
That’s the benefit of picking an MSP that has those relationships to bring in a complete solution set and deliver it over one single bill instead of receiving bills from all the individual locations.
Let’s take a look at how Sangoma’s Managed SD-WAN service delivers this solution-set to customers and look at some key strengths.
Dedicated Implementation Team
When an SD-WAN solution is deployed, our dedicated implementation team begins to establish a relationship with the customer; they bring the customer through the entire implementation lifecycle, including post-implementation, monitoring, and support. This dedicated project management style approach is a crucial differentiator of Sangoma’s.
Owned & Operated Robust Core Network Backbone
Sangoma has pioneered the SD-WAN landscape with its own privately owned and operated PCI-Certified and HIPAA-compliant backbone. We have a diverse set of WAN transport options that brings all those transport options into a single network backbone that enables our clients to have the carrier and transport diversity that enables them to be successful.
Managed, Maintained & Monitoring 24/7/365
A major strength of Sangoma’s SD-WAN service is that customers can completely offload their IT resources from the burden of managing, monitoring, and maintaining the SD-WAN service. Sangoma’s dedicated network operations center (NOC) does all this for them remotely. If any issues arise, the NOC team is automatically notified and resolves the issue, even before it has any chance of reaching the customer’s network. Since Sangoma has a homegrown SD-WAN solution, customers have true experts on their side, assuring total satisfaction.
Simplified Billing
There is a lot of value in having customized invoices that simplify a customer’s back office approach to processing bills and allow the back office staff to be more strategic in their efforts.
Sangoma’s Managed SD-WAN solution ensures customers securely connect any user, any device, anywhere, anytime, over any transport. It provides connectivity uptime for users in the most secure way.
In summarizing the need for SD-WAN, there are 3 main objectives:
Uptime & Application Availability
Users need to be able to reach their application whenever needed, so network uptime is vital. Included in uptime is also a security component. For instance, if there is a security attack that takes down the network, the user applications become unavailable. So, ensuring security incidents don’t occur is also key.
Visibility & Management of WAN Workloads
With the resiliency of an SD-WAN network, a failure could occur without users ever noticing and without impact. Still, visibility and management of those individual components are important to ensure the trouble has been identified and remediated in order to get back to primary services.
Simplifying the Complexity of Telco Billing
Consolidating all the individual bills from each carrier in their respective regions offers a nice white-glove approach and saves customers time and resources.
SD-WAN technology is advantageous to incorporate into business networks. Still, it can worsen the complexities of network management for organizations that lack the IT resources to deploy and maintain an SD-WAN solution. They may look to MSPs to deliver managed SD-WAN to replace their traditional WAN architecture. MSPs can provide simplified SD-WAN operations by leveraging a multi-vendor strategy enabling them to augment their offering to provide agility and a differentiated service tailored to business requirements.
Get in touch with one of our Managed SD-WAN specialists.
The post Leaving DIY Behind appeared first on Sangoma Technologies.
No commercial off-the-shelf software meeting your needs? Tired of wasting time juggling multiple, disparate communications tools to get the job done?
Tie together Voice, Video, and SMS, for example, and integrate customized solutions into your existing user interface or business processes with our pre-built APIs in our communications platform/SDK environment.
APIdaze is our CPaaS platform for programmable telephony that clients have used to develop custom IVRs, create webhooks for WebRTC, and even develop AI Bot responders. Build your own call center, integrate SMS in your softphone client, automate call tracking applications, and more; the applications are nearly endless.
APIdaze enables you to create the perfect communication solution platform, or augment your existing one, without the time and money building it all by yourself.
Check out this customer testimonial for more details.
APIdaze can integrate with your existing platform to enhance your development efforts. APIdaze is highly customizable and uses our pre-built communications API’s to enable your developers to add real-time voice, video, and messaging elements into VoIP, web, and mobile applications.
Download our paper on the CPaaS Revolution to learn more about how APIdaze can streamline your communication platform development efforts.
Sangoma Wholesale Carrier Services, formerly known as VI, provides value-added resellers access to industry-best Sip Trunking products and carrier services, over our own nation-wide network at discounted rates to service aggregators. We offer wholesale Trunking as a Service (TaaS), provide telecom compliance and regulatory solutions, SPAM/Fraud protections, and reseller-focused features such as Hosted Billing. Sangoma Wholesale Carrier Services continues a legacy of innovations in product development, the expansion of our core networks and to advance technological capabilities, such as CPaaS, to help value-added resellers thrive as communications service providers.
The post Build Your Own Communications Platform with APIdaze (CPaaS) appeared first on Sangoma Technologies.
Cybersecurity is essential for SMBs. This Business Tech Weekly article explains why in more detail, but some of the obvious ones include a relative lack of resources, inadequate training, and the desire to spend only what the business considers to be “needed.”
But this is proving risky. According to the IBM Security, Cost of Data Breach 2022 Report, data breaches cost businesses a lot of money. “Reaching an all-time high, the cost of a data breach averaged $4.35M in 2022, and 83% of organizations studied have experienced more than one data breach.”
As such, today, many companies are making this their number one IT priority – to ensure they do not contribute to the next report!
But what to do about it? While the Business Tech Weekly article explains a few essential areas to cover (like training employees about phishing emails, instituting solid passwords, etc.), that still won’t cover everything.
The IT department may have a big load they can’t handle. One good way to address that is to go to a Managed Service Provider who can offer these services. One you already go to for your UCaaS or Access—someone like Sangoma.
The post Cybersecurity Importance to SMBs appeared first on Sangoma Technologies.
In our last blog we started a conversation around the advantages of Managed SD-WAN vs DIY. In this post we are continuing that discussion by outlining some of the pitfalls to avoid when attempting a DIY SD-WAN.
Depending on the size of the business, monopolizing IT staff resources for SD-WAN deployment may not be the best use of their time when they could be focusing on more strategic efforts. Enterprise businesses may be fine as they may have an entire floor dedicated to IT/ project management resources, but for an SMB, the IT resources are much thinner. So, keeping IT resources as strategic as possible is most important here.
As already discussed, there are a lot of things that need to be discovered when it comes to the implementation and post-implementation of an SD-WAN solution. When it comes to budget, there is a need to expand the focus not just on dollars but take a look at the human capital and timeline to be able to complete a deployment.
For small to medium-sized businesses, it’s beneficial to align with an experienced MSP who can deploy a dedicated team of certified and specialized network engineers that not only can set realistic expectations but can help them remain mindful of all the steps for an on-time delivery.
The first question an executive team should ask themselves is, “Should we continue to manage our networks within?” It’s a meaningful and impactful question, especially if the business is starting to embrace hosted solutions, SaaS, or public cloud services, where the network’s complexity will change drastically.
A major benefit of SD-WAN is that it can automatically detect link failures and seamlessly failover to a backup connection. So, if there is a failure in the primary link, a business will not notice any service disruption because it will continue to function over the failover connections. What this means is that the actual problem is never detected and resolved. For example, if the primary connection is a broadcast connection and the failover is over LTE, if the primary link fails, everything routes over to LTE and will continue to do so until the primary link failure is resolved. In this scenario, the business would be paying for increased charges since the connection remains on LTE. So SMBs may not have the capacity to maintain SD-WAN services efficiently.
Can the business supply helpdesk staff with 24/7/365 monitoring & support?
Many businesses run from 9-5 but want their networks to run smoothly around the clock without straining their staff.
Can the public cloud be leveraged?
Which deployment model will best support the use of SaaS and public cloud services? It’s essential to understand the different workloads and how that traffic will traverse the network for an end-user experience.
Timeline for implementation & can we meet the desired dates?
The best thing to do here is to define the desired completion dates, then work backward and develop milestones that need to be completed then be able to understand if those milestones can be completed by those desired dates.
There are 6 key outcomes for a business deploying SD-WAN:
Hard Cost Savings
SD-WAN vendors on the market typically promote the hard cost savings of their industry solution. SD-WAN saves substantial circuit costs for businesses relying on legacy circuits for their locations.
When it comes to growth enablement, how can companies rapidly deploy for new locations or new applications? Ideally, they want to reduce provisioning time and turn up services for their end users in days, not weeks or months.
Reduction of Risk & Meeting Compliance
How can a company have advanced service features to identify and respond to security threats that may become prevalent in its environment?
Business Continuity
How can companies have continuity and be able to failover to secondary and tertiary connections services in the event that their primary provider suffers an outage?
Efficiency & Productivity
This relates to the end-user experience, and they want to know that when they turn on their applications-that, they will work. It’s about understanding how a network can be designed to prioritize and shape bandwidth to support those business-critical applications.
Simplified Billing
This is an impactful value but not necessarily known upfront. There is value here in handling multiple carriers and being able to consolidate billing. For example, for nationwide businesses and all their locations, what is realized is that their back office becomes inundated. The workload sometimes becomes out of control with individual bills from many different carriers, which may require an increase in the accounting departments to handle this. So, you can consolidate the circuits, hardware, and licenses into a simple bill with SD-WAN or a managed SD-WAN solution.
So, while there are front-end needs for SD-WAN, things like simplified billing is a nice white-glove approach to SD-WAN to look out for.
Stay tuned for our next and final blog post on DIY vs a Managed approach for SD-WAN.
Get in touch with one of our Managed SD-WAN specialists.
The post The Pitfalls To Avoid In DIY SD-WAN appeared first on Sangoma Technologies.
In today’s fast-paced business environment, customer expectations are higher than ever before. Customers demand seamless experiences across all channels, including voice, email, chat, social media, etc. To meet these expectations, contact centers must be able to provide an omnichannel experience.
An omnichannel contact center is a customer service strategy that integrates all communication channels and allows customers to switch between channels while maintaining the context of their interactions. This approach enables businesses to provide a consistent and personalized experience across all channels, increasing customer satisfaction and loyalty.
Omnichannel means you can reach out and touch your audience wherever they are, which means you have more opportunities to get them interested in what you’ve got going on. You can do this by using channels like email, phone calls, text messaging, and even social media platforms.
An omnichannel contact center is the next step in customer service for companies that want to provide a better customer experience but maintain efficiency and effectiveness.
Here are some reasons why an omnichannel contact center is necessary:
Customers expect it: As mentioned earlier, customers expect a seamless experience across all channels. They want to be able to contact a business through their preferred channel and have their inquiries resolved quickly and efficiently.
Improved customer retention: Customers are more likely to stay loyal to a business that provides a seamless and personalized experience across all channels. An omnichannel contact center can help businesses retain customers by providing a consistent and efficient customer experience. Switching communication channels can improve hold/wait times, fostering a better customer experience.
Better Reporting and insights: An omnichannel contact center can give businesses better insights into customer behavior and preferences. By tracking customer interactions across all channels, businesses can better understand their customer’s needs and preferences.
Ultimately, an omnichannel contact center is all about providing a better customer experience. It’s not just about technology or how you deliver your services; it’s about understanding what customers want and how they want to interact with your brand. By combining all of these things into one seamless process, organizations can create a contact center that meets their customers where they are and, thus, create loyal customers who will continue to do business with them in the future.
For additional information on Sangoma CX and omnichannel, click here.
The post What is an Omnichannel Contact Center & Why Should You Care? appeared first on Sangoma Technologies.
In today’s digital age, businesses rely heavily on fast and reliable internet connectivity to stay competitive and succeed. With the advent of 5G wireless internet, businesses can experience a new level of internet connectivity which is faster, more reliable, and more secure than ever before. Here are some of the growing benefits of 5G wireless internet for businesses:
One of the most significant benefits of 5G wireless internet is its lightning-fast internet speeds. With download speeds up to 100 times faster than 4G, businesses can enjoy seamless connectivity and faster data transfer rates. This means businesses can upload and download large files in seconds, host virtual meetings without lag, and stream high-quality video content without buffering.
Another benefit of 5G wireless internet is its seamless connectivity. Unlike traditional wired internet connections limited to certain areas, 5G wireless internet is accessible almost anywhere. This means businesses can stay connected on the go or in remote locations.
With faster internet speeds and seamless connectivity, businesses can experience increased productivity. Employees can complete tasks faster, communicate with each other seamlessly, and collaborate on projects more effectively. This can lead to increased efficiency and better performance.
5G wireless internet is designed to be more secure than previous generations of wireless technology. With its enhanced security features, businesses can protect their data and communications from cyber threats more effectively. This can help businesses avoid costly data breaches and protect their sensitive information.
5G wireless internet is a future-proof technology supporting the latest applications and devices. As businesses embrace new technologies, such as the Internet of Things (IoT) and artificial intelligence (AI), they will require faster and more reliable internet connectivity. 5G wireless internet is designed to meet these demands, making it a valuable investment for businesses looking to stay ahead of the curve.
Sangoma has launched its 5G wireless Broadband internet service as part of its Managed Internet connectivity product suite. Our new wireless service leverages our relationships with the major US wireless carriers to deliver customers the best 5G plan based on their geographical location and from the provider of their choice! It consists of:
Since it’s part of Sangoma’s Managed Internet services, customers benefit from 24/7/365 maintenance and monitoring from our in-house NOC.
If you want to take your business to the next level, consider upgrading to our 5G wireless internet today!
The post The Growing Benefits of 5G Wireless Internet for Businesses appeared first on Sangoma Technologies.
About 6 months ago, it was announced that Sangoma was positioned by Gartner, Inc. in the 2022 Gartner® Magic Quadrant
for Unified Communications as a Service. Sangoma is one of only twelve other companies placed in 2022 and one of just six companies to appear consecutively for the last eight years.
So why am I writing about it again, now? This is on my mind since at last week’s Channel Partners conference, I was asked about this multiple times. Sangoma’s brand is getting out there more, to people who may not know us that well. This becomes part of the 60 second Sangoma story
The post Reminder: Sangoma is Recognized in the Gartner UCaaS Magic Quadrant appeared first on Sangoma Technologies.
Why do businesses look for SD-WAN solutions? What kind of challenges are they experiencing? Why do businesses want to change how their business locations and end users connect?
This is the first of 3 posts where we discuss the needs for SD-WAN within business networks, the different ways to implement and lastly the benefits of partnering with an MSP for a Managed approach to SD-WAN.
Short and simple, the traffic across networks continues to increase, and so too are business networks. In fact, global network traffic size is expected to expand at a compound annual growth rate (CAGR) of 9.7% from 2021 to 2028 and even higher for small-to-medium sized businesses of 10.3% during the respective period. Businesses purchase various software and applications and then realize that their network is limiting them from achieving their goals. It’s become very labor-intensive for them to log into many devices to manage their network.
Today’s business environments are seeing a lot of challenges in the following ways:
As trends continue and companies undergo digital transformation, they are embracing more software-as-a-service (SaaS) and public cloud applications. In a prior time, they relied on applications and services running on servers in their office locations. Now they are moving to a business model where they rely on that being provided as a service, where those applications run on hardware located elsewhere. So businesses need to understand how to manage their networks in this new way, how to secure them, and be able to provide a reliable end-user experience so that end-users can achieve what’s needed. They also need to figure out how to connect all their locations, decide what type of internet services are needed at each, and what type of carriers they need to embrace in order to achieve a holistic environment. This all focuses on a company’s network, how it’s set up, and how it’s managed.
This identifies software-defined wide area networking (SD-WAN) as a need within business networks. SD-WAN is a virtual WAN architecture that allows businesses to leverage any combination of transport services, such as broadband, MPLS, LTE, to securely connect users to applications. SD-WAN uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS providers. This increases application performance and delivers a high-quality user experience, which increases business productivity and agility and reduces IT costs. This is why we are seeing businesses of all sizes adopting SD-WAN at an exponential rate. For instance, an in-depth analysis of industry insights shows that the market is expected to have an estimated Compound Annual Growth Rate (CAGR) of 31.2% between 2022 and 2030. Significant contributors to this growth are small to medium businesses (SMBs). Prior to SD-WAN availability, SMBs were limited to offering goods and services globally and having a distributed workforce across multiple locations because it needed to be more of an operating cost to bear. With SD-WAN and a highly competitive landscape, SMBs can leverage SD-WAN to reduce operating expenses while leveraging multiple links to low-cost local internet lines.
Deploying an SD-WAN solution can be very complex and includes a combination of three key elements when selecting the right components:
Finding the right partner to work with will help businesses achieve their goals here.
After having selected the right components, there’s a list of things to consider on the implementation front.
It’s important to note that the contracts for the hardware licenses and the circuits may not align, so it’s important to keep that in mind for renewal purposes.
So, there are many things to look at during the implementation cycle.
Once everything is all set up from an implementation standpoint, there are things to consider regarding maintenance. Businesses need to document everything and keep the information current in the event their support teams need to reach out to hardware manufacturers or carriers for help. Or if changes are required during the lifecycle of the service. This includes:
Stay tuned for the next post where we continue this discussion and get into the pitfalls to avoid in DIY SD-WAN.
Or get in touch with one of our Managed SD-WAN specialists.
The post Why Managed SD-WAN is Better than a DIY Approach in a Digital Transforming World appeared first on Sangoma Technologies.
More and more businesses are turning to the cloud to run parts of their business – from their phone system to their back office type systems to everything in between. And many of these services are managed services, offloading and optimizing IT resources.
Many of these services run in different public networks, a hodge-podge of whatever the particular service uses, and run on any device. This puts stress on the networks as bottlenecks could occur. I’m sure we’ve all experienced this in our work-from-home experiences using video meetings – sometimes, the video is a bit “wonky” for brief periods. This can happen in business connections as well. As such, the networks businesses use to deliver workloads to their employees need to be responsive, or adaptive, to the applications running on them.
This is one of the benefits of using SD-WAN. An SD-WAN solution has intelligence that can define traffic routes and priority based on the application need and, as such, can inherently find the best route for the traffic. There’s a lot more to it than a single sentence, though, as SD-WAN is complex.
In fact, according to a 2021 Frost and Sullivan SD-WAN survey of North American-based network services decision-makers, 64% said they prefer a fully managed SD-WAN service, and 16% said they like a co-managed approach precisely because of the complexity of setting it up and running it. See what Sangoma has to offer with managed SD-WAN.
The post Application Aware Network appeared first on Sangoma Technologies.
If you are in the customer service business, and your business is growing, it is probably time to add an agent-based contact center to supplement calls queues, etc. that may be part of your basic UC / phone system. While some call center type features are making their way into the base phone system, these are more departmental type of call center features. Which are great if you have a small business, but as that business grows, it may be time to upgrade to an agent-based contact center. Why?
As your business grows, it may be time to augment your UC solution with an agent-based contact center. To find out more about Sangoma’s Contact Center solution, please go here.
The post 6 Benefits Of A Quality Contact Center appeared first on Sangoma Technologies.
There have been some important developments in SD-WAN technology over the last year. We need to continually assess changes in key technologies so we can make informed decisions and move our businesses forward. Let’s take a look at some of these developments so you can determine whether they might be important to your organization.
SD-WAN, or software defined wide area networking, is now well over a decade old as a technology. The term SD-WAN was coined in 2014 by Cisco well after the technology’s introduction, so SD-WAN is now considered a mature service.
Here’s a quick overview for those unfamiliar with SD-WAN. Traditional site-to-site connectivity models relied upon closed private networks in the past. Typically, we saw MPLS or private lines connecting sites back to a centralized data center. Those data centers had the applications and security stack for the organization. Also, internet access was concentrated at that data center behind that security stack. This provided ease of management and concentration of security tools creating a strong security posture. These networks were expensive, but they guaranteed quality of service and security as well as reliability.
Over the last decade, that model has changed though.
As a result, the datacenter became less important as a central computing hub, and distributed security made the centralized security platform less important as well. This gave rise to SD-WAN.
How does SD-WAN work?
SD-WAN allows users at each enabled location to access cloud applications directly over the public Internet, bypassing the need to route through a data center hub and enhancing performance. So, SD-WAN reduces costs and management effort while improving performance without sacrificing security.
Here’s a brief outline of how SD-WAN works and is used:
SD-WAN is Mature & Reliable
SD-WAN is offered by the most reputable names in the networking industry and has completely replaced MPLS or private line for new network deployments. Most mature technologies enter into a state referred to as the plateau of productivity according to Gartner Hype Cycle, where SD-WAN is well entrenched in at this point. Typically seen in this phase of the technology lifecycle is a stagnation on product development. The industry focuses more on consolidation and adoption, rather than new capabilities. This is because the easy stuff has already been invented and so new capabilities come slower. However, the development within SD-WAN doesn’t seem to be slowing down. SD-WAN remains a dynamic and evolving technology as capabilities are pushed into the cloud rather than residing on a heavy appliance on site. To add, with the computing scale of the cloud, additional services are easy to add, and the industry continues to move forward.
When evaluating an SD-WAN strategy there are some new trends to consider.
Secure Remote Access
One of the biggest developments in SD WAN is the coupling of secure remote access. The work-from-home strategy changed the focus of all IT professionals from secure location to securing the individual or the data itself. Some forward looking SD-WAN providers have already incorporated secure remote access before the pandemic, aligning their strategy with Gartner’s Secure Access Service edge (SASE). Other SD-WAN providers have since paired secure remote access capabilities with their SD-WAN platforms.
In fact, small office locations for some customers are eliminating SD-WAN architecture and just using the secure remote access of their SD-WAN provider. What you lose here is application prioritization and seamless failover. That may be acceptable for a few users who might work from home if necessary, in an SD-WAN for home deployment. For a location with five or fewer people broadband connectivity is probably adequate for applications and redundancy is not absolutely critical, where you might have a wireless redundant option rather than a fixed circuit option for redundancy. What you gain is a lower cost structure.
Co-Managed SD-WAN
Early on, enterprises with considerable staff of network architects purchased SD-WAN devices and deployed and managed those devices themselves. This provided ultimate control similar to what they had in their prior WAN environment. Over time, however, organizations have realized that SD-WAN doesn’t require much care and oversight. The talents of the network architect are better used in strategy, policy and design rather than maintaining the appliances.
One of the key benefits of managed SD-WAN is a co-managed environment between the managed services provider and clients’ IT teams. Co-management is now the most popular strategy where SD-WAN service providers maintain the device and its high-level configurations and the customers manage the application policy within the SD-WAN platform. This gives clients a sense of control that they need to run their network while delegating the non-value-added work to a vendor. Some clients are completely outsourcing the management of the WAN, and this option is frequently paired with a network carrier, creating a true network-as-a-service environment.
Wireless Only SD-WAN
While this option has existed for years now since wireless was integrated into SD-WAN, with the increased mobility of the workforce and supply chain issues affecting the delivery of wired services, wireless SD-WAN has caught on. Typically, with just a single wireless service SD-WAN prioritizes the application, so limited bandwidth is optimally utilized and eliminates non-business activity on the network, saving the aggregate bandwidth costs. Certainly, 5G makes this a very interesting exit strategy, but at least in the United States, it’s only really applicable for certain low utilization use cases because of the cost.
SD Branch
Software Defined branch office technology is an extension of the SD-WAN concept. The monitoring and management of branch LANs, access points, print resources and other branch peripherals reduces the need for on-site support and improves the service to the branch. The SD-WAN architecture is core to SD branch delivery.
Security Tools
Look for SD-WAN providers to continue to expand horizontally into other SASE categories, such as secure web gateway, data loss prevention, remote browser, etc. The industry is very fluid right now and SD-WAN is at the center of most security strategies. Going forward demand continues towards becoming the core interoffice connectivity technology. We’ll see automation and AI begin to make its way into the industry allowing the platforms to make adjustments in real time.
So, SD-WAN is mature, but not idle. There is a lot of growth in the industry and it’s important for users to have a well thought out strategy before making an SD-WAN decision. If you’d like to know more how SD-WAN can help your business and how Sangoma’s Managed SD-WAN services work, click here.
The post The Top 5 Trends in SD-WAN appeared first on Sangoma Technologies.
Today, I’ll touch on the benefits of using a Managed Internet Access service according to the Eastern Management Group. Managed Internet Access is a service where a provider (such as Sangoma) obtains and proactively manages the uptime of internet facilities of each customer location.
Major benefits include:
If you want to read the full report now, please go here.
The post Overall Managed Access Benefit Review appeared first on Sangoma Technologies.
Late summer of 2022, there was a major multi-day internet outage that happened in Canada that affected many businesses, small and large. Let’s discuss what happened and some of the steps you can take to protect your business if something similar happens to you.
In July of 2022, Canada’s Rogers Communications suffered a major internet outage. For those of you who haven’t heard of Rogers, it is a very large internet and wireless service provider, on the scale of ~ 20 billion US dollars and 26,000 employees. Rogers suffered an outage due to a packet storm on their network. It was caused by a software upgrade that accidentally removed all the traffic filters to the internet from their network. Without the filters, the Rogers network equipment became quickly overwhelmed and stopped functioning. Rogers serves about 30% of Canada’s internet capacity, so this was a big event and affected many people and businesses. It took about 2-3 days to fully restore services to all customers.
So, as a business delivering services to your customers, what would you have done in this case, if your internet service provider was down for multiple days? Businesses who had invested in SD-WAN and redundant ISPs were generally okay. However, those without redundancy, or without an SD-WAN platform to prioritize internet service, they unfortunately suffered catastrophic downtime. Some of them even had to rely on manual processes to keep their business running. They would never have thought service from a large and reliable vendor like Rogers would come to a halt like this, so the investment didn’t seem needed. Businesses with backup internet access generally made it through, and the ones that had SD-WAN did not experience any degradation in service, at all. This is because SD-WAN prioritizes real-time traffic, by application. Even if your redundant internet connection is based on inexpensive broadband, SD-WAN will automatically prioritize your most important applications, so that things like voice and point-of-sale (POS) have the capacity they need, while other less critical applications are limited to what’s left over. This is a significant benefit of SD-WAN and something to consider if real-time traffic is important to your business, because without it, your typical failover setup means a loss in all active communications which would need to be re-established once the backup connection becomes active.
SD-WAN has a couple of other key features as it relates to protection. For instance if your SD-WAN provider is a gateway or private middle mile service, your inbound traffic is also protected because inbound packets will be routed over the best available circuit. Also, if you’re using an SD-WAN provider with gateways or private middle miles, you’ll have built in DDoS protection. So SD-WAN provides a number of protections aside from just managing network resiliency.
Here’s the interesting takeaway. Even if you had a resilient design, and you had sufficient internet, and you had SD-WAN in place, your vendors and business partners may not. With the Rogers outage, a major credit card transaction system was taken offline, leaving their point of sale customers without the ability to accept credit cards. Another example was cell phone service being disrupted as well. We can imagine that many businesses with critical vendors and applications experienced an impact even if they themselves continue to have strong internet service. It might be far-fetched to try and identify whether or not your key business partners have network redundancy and utilize SD-WAN, but identifying the key providers and confirming with them may actually be a new priority element in your business continuity plan.
Beyond internet access, what other key services might be exposed to vendor interruption. Is voice critical to your business? Are you using Microsoft Teams for voice or collaboration? For example, what would happen if Microsoft had an issue or you had to quarantine Office 365 because of a cyber event?
If you’re curious how to protect your environments and learn more about our maintenance-free SD-WAN service, get in touch with one of our Managed SD-WAN specialists.
The post Protecting Your Mission Critical Services When Your Internet Provider Has An Outage appeared first on Sangoma Technologies.
It’s definitely a great time to be a Managed Service Provider (MSP), Communication Service Provider (CSP), and Voice Service Provider (VSP), delivering managed communication services. Whether they be a seasoned provider or just starting out, the work-from-home movement has created a massive change in IT infrastructure, which means managed service providers have become very popular and are enticed to deliver more. For instance, the MSP market was valued at $242.9 billion in 2021 and is projected to reach 354.8 billion by 2026, registering a CAGR of 7.9%! This tremendous growth is pushing MSPs to continue to broaden and diversify their offerings. Still, there is a big surprise waiting for inexperienced or ill-informed providers: the increased set of communications tax complexity, obligations, and risk.
MSPs, CSPs, and VSPs certainly understand that they are required to charge for and remit communications taxes. If you are reselling, charging, and invoicing for telecom services, such as data, voice, video, and messaging, then you’re in that camp. But what’s been happening, which has become more challenging, is that communications services have become the de facto method for delivering services from the cloud, but not only that, they’re being offered via programmable interfaces, or APIs. So now communication services are being embedded into SaaS platforms, essentially reselling data services. So the lines have become blurred, and knowing whether you need to pay communication taxes is a bit unknown. You need to ask yourself, “Is my business selling services that incorporate voice, video, or data?” If the answer is yes, then you’ll need to make sure you’re up to speed on tax compliance; otherwise, you’ll have some penalties to pay, aside from learning how to pay those taxes going forward.
Let’s start with general sales taxes, which apply at the federal, state, county, and city levels. Communication taxes fall under this umbrella too. From there, though, they can be very different, not just in terms of the rate and how it’s applied, but with communications taxes, there are instances of tax on tax in tearing of taxes. In many instances, the jurisdiction for communications taxes will be completely different from what you may have from a sales tax perspective. For instance, there are a lot of communication taxes that are based on school district zones, so even just establishing the jurisdiction that applies can be different. We now have a stacking of communication tax complexity over the existing complexity of sales tax. So, registering with the local jurisdiction, and collecting the tax, is one thing, but then it cascades since communications taxes have different compliance obligations. There are different registration obligations, different filing obligations, and also things like exemption management, where the forms that are needed to be filled out to be exempt from communications taxes are different from what is needed to be collected from a sales and use perspective.
This depends on two criteria: jurisdiction and types of services sold. These combined could mean filing 1,000s of compliance tax returns, especially if the provider is selling services nationwide. Voice itself is taxed heavily, as many different types of taxes are applied. Communication taxes are applied at the federal, state, and jurisdictional levels. E-911 is also similarly taxed.
We talked a bit about the blurred lines around knowing if a business is required to pay communication taxes. On top of that, with the plethora of service providers out there, it would be unsustainably time-consuming for the government to find every business out there with communication services, find out if they are simply consuming or reselling them and dig from there. Businesses could easily fly under the radar from paying their taxes.
The recent robocall mitigation regulations, including the STIR/SHAKEN mandate, has forced VSPs, CSPs, and MSPs to register their telecommunications business by applying for a Federal Registration Number (FRN). Now that their telecommunications business is registered with the FCC, comprehensive compliance is much more important for that business. This includes the rating, collection, and remittance of taxes, fees, and surcharges that are levied by the government in the various states, counties, and cities that they sell in, as well as at the federal level.
With all that there is to consider and the challenges there are to become well informed of tax compliance, it may be a good idea to pair up with experts in the field for consultation or, better yet, with a vendor having a tax engine, who can automate rating and calculations of services, based on local and service feature.
As part of our wholesale carrier services hosted billing service, we have a built-in tax module that automates the calculation and collection of taxes and regulatory fees for our customers who resell our wholesale carrier services. For readers unfamiliar with our wholesale carrier services, read this blog post. What differentiates us is that we offer a complete set of wholesale VoIP services, from termination/origination, DIDs, SMS, E911, Fax, fraud detection/protection, and telecom compliance toolkits, wrapped around an intuitive portal, which includes our hosted billing platform and tax module.
Our tax module is the “single pane of glass,” where our customers save a ton of time in tax rating and calculation for all their customers who may be dispersed nationwide using various services we resell. It consolidates taxes on all levels of government and service types. Also, as our customers expand across regions, the tax modules save them time from figuring out new tax compliance information for those areas as well.
Tax compliance becomes more complex as products become more innovative and are offered in a less traditional fashion. For instance, voice services integrated within APIs were never something tax compliance was designed for. The natural progression is that innovation outpaces tax law but, with time, always catches up. A great example of this is with streaming services, such as Netflix or Amazon Prime, for example. When they came out on the market, communications tax compliance only applied to traditional TV services. So no taxes were applicable for a while, but communication taxes started working their way into these new innovation streaming services as time progressed.
As an MSP, CSP, or VSP, it’s essential to understand the gray areas of communications tax compliance and be informed to avoid risks and possible penalties.
Learn more about Sangoma’s Tax module, built into our hosted billing platform, and have your tax rating and calculations automated for you.
The post What You Need To Know About The Growing Complexities of Communications Taxes appeared first on Sangoma Technologies.
When the day came that we all “had” to work from home, everyone learned how important a phone system client became (whether it was a mobile one, or a desktop one), because that was how we continued to talk to people and keep the business running– because our business phone number could be called, or we could call out on the business phone number – from these clients. And then the clients that integrated chat and video took center stage. Today, this is all part of a typical Unified Communication solution, including those from Sangoma.
However, as we start to return to the office, will the importance of these clients diminish? I’ve definitely started to see articles about how especially the mobile client experience may not be the best.
It seems unlikely that client importance will diminish. First, some form of hybrid work seems to be here to stay, as discussed in this article from Forbes. Employees will always be working remotely in some fashion, whether it is from home or from another location. Employees like it, and while there is some debate about it, it seems organization output is not impacted, though organization culture might be impacted. So, while everyone now needs to come back from the cool place they moved, they likely don’t have to go into the office every day.
And second, just like always, technology will “solve” any problems. We saw it 20 years ago when VoIP first came on the scene. There were issues and they were overcome. And we’ll see it here as well. 5G is one technology that will certainly play a role in improving the mobile client experience.
Getting back to the clients. So yes, they will remain even more important. And we’ll need to keep innovating them forward since they’ll remain an ever-critical part of a business communication system.
The post Softclients are a Critical Component of a Unified Communications Solution appeared first on Sangoma Technologies.
In today’s world, it’s imperative to have access to information from any device, anytime and anywhere. However, this has led to the growth and complexity of the networks that connect everything, making them increasingly challenging to manage.
The two main types of networks are Local Area Networks (LANs) and Wide Area Networks (WANs). LANs connect devices within a local office, while WANs connect offices across different locations globally. Without WANs, businesses would be restricted to communicating within their local offices, preventing them from accessing the broader online world, the internet.
SD-WAN, the latest evolution of WAN technology, has recently emerged as a game-changing innovation. SD stands for “software-defined,” and while the concept is not new, it has become a focal point, particularly in infrastructure and networking. SD-WAN essentially leverages software to make IT smarter, faster, and more cost-effective. It is a revolutionary way to construct and manage long-distance networks, providing better bandwidth optimization and ensuring the delivery of real-time applications with improved user experiences.
Traditional WANs typically have a large number of routers that communicate with each other over extended distances. Within each router is a data plane and a control plane, with the data plane holding the information transmitted or received, and the control plane determining the route the data should take. However, someone needs to program the control plane with rules on how to handle network traffic on the data plane. This is typically done by entering a series of commands into each router’s command line interface, or CLI, by a network administrator. This can be a very manual, time consuming and error prone process. For example, let’s say there is a large business with 100 locations that needs to deploy a new application across all these locations. Let’s assume that each location has one router which needs 20 new commands to implement the correct configurations for the new application. With 100 locations, that’s 2000 (20 x 100) commands and if each command took 40 seconds of time that’s roughly 22 hours of work just to deploy a single application for the business. Also, the CLI can be error prone. Imagine a mistake was made on one of those commands and having to hunt down that error or troubleshoot the application. Staff and IT resources would be impacted and could potentially paralyze the business! To overcome this tedious process, network admins will try to automate this process using programming tools and scripts, however, these tools and procedures add more layers of complexity as well as even more CLI commands with more variables that could compound existing problems.
With SD-WAN, this process is simplified, as the control plane is centralized, where changes can be grouped and managed simultaneously across the entire WAN, from a centralized management portal. Businesses can use specific rules to automate the process and distribute configurations instantly, eliminating the complexity and errors inherent in the old manual method.
One of the most significant benefits of SD-WAN is the ability to leverage broadband internet connections, reducing the need for expensive private MPLS networks, lowering costs and increasing performance. Moreover, the software-defined capabilities of SD-WAN enable network admins to change characteristics of their entire network from a central management portal, such as:
Once these rules or policies are set, they can be automatically distributed and implemented across the organization in seconds.
So, with SD-WAN, configuring new or existing networking infrastructure is much easier than the old way of fragile command lines and manual updates.
Here are three key takeaways for businesses regarding SD-WAN:
Agility: SD-WAN enhances agility by simplifying network policy configuration and management.
Performance: SD-WAN provides higher performance by leveraging multiple paths intelligently, including broadband connections.
Cost: SD-WAN lowers IT operational costs by simplifying WAN infrastructure and providing a more efficient network.
Setting up and managing a WAN has never been easier, provided that it’s software-defined. But taking it a step further, businesses can take advantage of a Managed SD-WAN, where a vendor handles the entire network for them, including deployment, maintenance, updates and technical support. To learn more about this zero-touch network infrastructure get in touch with one of our Managed SD-WAN specialists for more info.
The post Exploring SD-WAN – The Advanced Evolution of Business Networks appeared first on Sangoma Technologies.
In 2017, Jason A. Donenfeld (known for WireGuard®) reported an issue in Tox’s handshake [1]. This issue is called “Key Compromise Impersonation” (KCI). I will try to explain the issue as simple as possible:
In Tox you don’t register an account (e.g. with username and password), but instead your identity is solely based on (asymmetric) cryptographic information, a so-called asymmetric key pair. Such a key pair consists of a public part (public key) and a private part (private key). The public part, as the naming suggests, is public and contained in your ToxID which you share with your contacts to be able to communicate with them via Tox. The private part, again as the name suggests, needs to stay private! If someone gets in possession of your private key, they stole your Tox identity. This could, for example, be the case if someone got physical access to your computer or successfully installed malware on your system, e.g. a so-called trojan horse, to be able to extract data from it. If this happens, you will most likely have multiple problems and your Tox identity may be just one of them. The password you enter when you create your Tox profile, e.g. when you first start qTox client, is used to encrypt your profile and also your private key on your disk. If you start qTox, you need to enter your password to decrypt your private key, to be able to communicate via Tox. Your private key is then stored unencrypted in memory (i.e. RAM) while qTox is running. This means an attacker either needs to get access to your password (steal or crack it) or to read your Tox private key from memory while your Tox chat client is running.
If someone successfully stole your Tox identity (i.e. this private key), they are you – at least in the context of Tox. So they can successfully impersonate you in Tox. Now in this case the KCI vulnerability leads to “interesting” behavior. It is clear that someone who stole your identity is able to impersonate you. But because of the KCI vulnerability, they may also be able to impersonate others to you. This means, to exploit this vulnerability in practice, someone not only needs to successfully steal your private key, but additionally:
In summary, KCI is exploitable, but with a huge effort.
Anyway, this is a real vulnerability and it should be fixed. The current Tox handshake implementation is not state-of-the-art in cryptography and it also breaks the “do not roll your own crypto” principle. As a solution, there is a framework called Noise Protocol Framework (Noise, [2]) which can be used to create a new handshake for Tox. More precisely, the application of Noise will only change a part of Tox handshake — the so-called Authenticated Key Exchange (AKE). Noise-based protocols are already in use in e.g. WhatsApp, which uses it for encrypted client-to-server communication, and WireGuard®, which uses it for establishing Virtual Private Network (VPN) connections. Noise protocols can be used to implement End-to-End Encryption (E2EE) with (perfect) forward secrecy (which is also the case with the current Tox implementation), but further adds KCI-resilience to Tox.
Tobi (goldroom on GitHub) wrote his master’s thesis (“Adopting the Noise Key Exchange in Tox“) on the KCI issue in Tox, designed a new Handshake for Tox based on NoiseIK and implemented a proof-of-concept (PoC) for this new NoiseIK-based handshake by using Noise-C [3]. This PoC has a few drawbacks, which is why it should not be used in practice (see Appendix). If you want to know more about his master’s thesis, see the update in the initial KCI GitHub issue [4].
He applied for funding at NLnet foundation and their NGI Assure fund to continue his work on Tox and to be able to implement a production-ready Noise-based handshake for toxcore. Fortunately, this application was successful [5]. NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme (https://ngi.eu/).
The objective of this project is to implement a new KCI-resistant handshake based on NoiseIK in c-toxcore, which is backwards compatible to the current KCI-vulnerable handshake to enable interoperability and smooth transition. The main part of this project is to implement NoiseIK directly in c-toxcore to remove Noise-C as a dependency (as the only other dependency for c-toxcore is NaCl/libsodium) which was used in the PoC and therefore improve maintainability of c-toxcore (see Appendix).
The tasks in this project are:
Noise_IK_25519_ChaChaPoly_SHA512
, but it may change due to new insights in c-toxcore).The plan is to implement this new handshake until July 2023. Since it’s not a trivial task, there are still some obstacles:
“Note that lossy and out-of-order message delivery introduces many other concerns (including out-of-order handshake messages and denial of service risks) which are outside the scope of this document.” (cf. [6])
Both points are not ideal for a handshake based on NoiseIK (i.e. it would be way easier to implement it in a client-server model using TCP), but it should be possible to work this out.
Tobi is available in #toktok (libera.chat) as tobi/@tobi_fh:matrix.org and ready for any input, questions, remarks, discussions or complaints.
The PoC shouldn’t be used in practice/in production because it should be improved in the following aspects (for details see chapter five of Tobi’s thesis [4]):
Noise_IK_25519_ChaChaPoly_SHA512
protocol will be implemented directly in c-toxcore. This will remove Noise-C as a dependency for toxcore (i.e. the only other dependency is NaCl/libsodium) and therefore improve maintainability. Additionally this will reduce the number of possibly vulnerable source lines of code.
“WireGuard” is a registered trademark of Jason A. Donenfeld.
Channel partnerships are the way Sangoma does business. We understand the value the channel partnerships bring to Sangoma, and ultimately to the end-user customers who need business communication solutions. As such, we work hard to ensure our channel programs bring value to our channel partners, that what we offer our channel partners is unique, and ultimately that it is worthwhile for the channel partner to invest their time with Sangoma solutions.
If you want to learn more, we will likely be at your favorite Telecom Services Distributor / Technology Services Distributor event as they roll their events out across the country.
We will also be at the channel event of the year, Channel Partners in Las Vegas in early May. We’ll be at booth 1819.
We’d love to meet you and show you why Sangoma would be a great option to help you service your customers with the best business communication solutions.
The post The Importance of Channel Partnerships appeared first on Sangoma Technologies.
Channel partnerships are the way Sangoma does business. We understand the value the channel partnerships bring to Sangoma and, ultimately, to the end-user customers who need business communication solutions. As such, we work hard to ensure our channel programs bring value to our channel partners, that what we offer our channel partners is unique, and ultimately that it is worthwhile for the channel partner to invest their time with Sangoma solutions.
If you want to learn more, a few ways are coming up where you can meet us and hear more from us:
We’d love to meet you and show you why Sangoma would be a great option to help you service your customers with the best business communication solutions.
The post The Importance of Channel Partnerships appeared first on Sangoma Technologies.
In the mid-2000’s, VoIP Innovations pioneered SIP trunking services for an emerging number of non-facilities-based, value-added resellers and managed service providers. Back then, VoIP for business-use was less common. Today, there are over 40,000 VAR’s/MSP’s and VoIP has replaced POTS lines in the large majority of businesses nationwide.
As enterprises have all but done away with in-house telecommunications departments, these VAR’s/MSP’s have more heavily relied upon rebilling the tailored services provided by VoIP Innovations. Now known as Sangoma Wholesale Carrier Services, the legacy of innovations continues with Compliant Service Solutions for this continually growing market segment.
Not only are clients’ technical expectations on VAR’s and MSP’s heightened, so too are the FCC’s expectations and requirements on these non-facilities-based voice service providers.
For example, In December 2021, the FCC pushed out the Small Provider Order Fourth Report and Order pertaining to STIR SHAKEN. This order is specifically for non-facilities-based, small voice service providers to be in compliance by the revised deadline of June 30, 2022.
Our many Compliance-as-a-Service solutions provide the tools you need to take care of your SHAKEN requirements yourself. Other compliance-related solutions include SMS Campaign Registry, e911 Dynamic Location Routing, Hosed Billing with comprehensive tax calculations, and HIPAA compliant fax solution services. We have found that the more seamlessly our products work for our VAR’s and MSP’s, the more easily they can customize their services to more profitably meet the needs of their end-users.
As our reseller partners’ demands are ever evolving, we continue to innovate our products mix to keep up with the FCC’s more demanding requirements.
Check out another recent blog post Brian Smiley, our VP of Wholesale, created to learn more about reselling the most trusted, best-in-industry, carrier communications services for your clients.
If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.
Or visit our website at carrierservices.sangoma.com. Stay tuned for more exciting, innovative offerings coming soon!
The post Sangoma Wholesale: Compliance-as-a-Service appeared first on Sangoma Technologies.
In a December blog, I wrote at a high level about a paper from the Eastern Management Group regarding the benefits of utilizing different types of cloud services, which basically boil down to the following organizational benefits:
Today, according to that paper, I will highlight just a few of the benefits of using Managed SD-WAN services. Software Defined Wide Area Network (SD-WAN) is a virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE, and broadband internet services – to connect users to applications securely. It creates a network managed through cloud software rather than disparate hardware systems. A significant benefit of using SD-WAN is:
Managed SD-WAN utilizes a third party to oversee the implementation, continued monitoring, and updates of the SD-WAN service. Major benefits include:
If you are looking for more information on Sangoma’s Managed SD-WAN offering, please go here. If you want to read the full report now, please go here.
The post Overall Managed SD-WAN Benefit Review appeared first on Sangoma Technologies.
More than 15 years in the making, the VI Communication Services portal leads all other SIP trunk providers’ portals in the industry for features and capabilities. As VI Communications is now Sangoma Wholesale Carrier Services, our legacy of innovations continues both in network expansion and portal enhancements.
The BackOffice Portal is our customer portal for ordering and managing DIDs. And, the end-user portal is our brandable, extensible portal for our customers to pass on some of the powerful capabilities, such as number porting, to their end-users.
Our award-winning portal simply does more than anyone else’s. And, our industry-leading service further separates us from the competition. At Sangoma Wholesale Carrier Services, customers can always talk to a live person 24/7.
Often emulated for its ease-of-use, our portals are unrivaled for their comprehensive capabilities.
What else would you expect from the company known for leading the industry in innovations?
A true multi-tenancy portal for resellers to organize multiple customer profiles, provisioning, and managing telephone numbers. Our integrated billing platform will exceed expectations for what is possible. Easily process taxes and even other carrier’s call detail records (CDR’s).
We are so much more than just Trunking as a Service with a great portal. We are your one-stop source for the compliance solutions that you need which are integrated into our nation-wide carrier network.
Learn about our Hosted Billing and integrated Tax Solutions. Manage SPAM and fraud before it affects your customers. Stay ahead of all the new STIR SHAKEN requirements for VoIP resellers. Keep on top of the changes with Campaign Registry for SMS. And, your customers can remain connected even in emergencies with our e911 Dynamic Location Routing solutions.
Check out another recent blog post that Brian Smiley, our VP of Wholesale, created to learn more about reselling the most trusted, best-in-industry, carrier communications services for your clients.
If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.
The post Sangoma Wholesale: Power of the Portal appeared first on Sangoma Technologies.
VI Communications has been the carrier services division of Sangoma since being acquired in 2019. Otherwise known as Sangoma Wholesale Carrier Services, this division is integrated yet operates as an autonomous business unit.
There is one primary reason for this autonomy. We primarily service and support the important “middleman” or value-added resellers.
Nationwide, approximately 40,000 managed service providers typically support multiple end-customer businesses’ IT and communication service needs. We have provided wholesale services to these value-added resellers for over 15 years.
As the wholesale arm of Sangoma, it could be perceived as competing for the same end customer. Our distribution model is designed to be trusted and complement our customers’ unique offerings and expertise.
Our wholesale division exists to provide value-added resellers access to the best industry products and services possible at a discounted rate to service aggregators. And we follow stringent CPNI (customer proprietary network information) rules to ensure privacy and the protection our customers expect.
Our reliably engineered network is the foundation for our product and carrier services offerings. Our award-winning BackOffice and End-Client portals with industry-leading, FCC-compliant features are offered in an a la carte manner where you only pay for what your customers use.
Sangoma Wholesale Carrier Services continues a legacy of innovations in product development, the expansion of our core networks and technological capabilities, and value-added resellers thrive as communications service providers.
We are so much more than just Trunking as a Service. We are your one-stop source for the compliance solutions you need, which are integrated into our nationwide carrier network.
Learn about our Hosted Billing and integrated Tax Solutions. Manage SPAM and fraud before it affects your customers. Stay ahead of all of the new STIR SHAKEN requirements for VoIP resellers. Keep on top of the changes with the Campaign Registry for SMS. And your customers can remain connected even in emergencies with our e911 Dynamic Location Routing solutions.
Check out another recent blog post Brian Smiley, our VP of Wholesale, created to learn more about reselling your clients’ most trusted, best-in-industry carrier communications services.
If you are attending ITEXPO Feb 14-17, please come to booth 617 to meet Brian and/or consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.
Or visit our website at carrierservices.sangoma.com. Stay tuned for more exciting, innovative offerings coming soon.
The post Sangoma Wholesale: Empowering Value-Added Resellers appeared first on Sangoma Technologies.
A couple of months ago, I wrote about being selected, again, for the 9th year in a row, to the Gartner UCaaS Magic Quadrant. It never gets old, just like football teams that consistently get to the playoffs! I’m pleased to announce that we’ve also been designed a Leader in the Frost and Sullivant FROST RADAR
North American UCaaS Market for this year.
It’s very nice to honored like this by key analyst companies. It makes all the hard work, by the entire company, mean something. The recognition is nice.
We know we can’t just sit still and not innovate if we want to keep getting this recognition. The market is continually changing, and the competition changes as well. I mean who would have thought 9 years ago that video meetings and collaboration would be key features in a UCaaS platform now? But they are. Business phone systems are just different now, in a way that benefits the customers.
Change is still coming though. If you read the report (and the report can be found here on our website), you‘ll see it mentions that “Integrated platforms delivering UCaaS, CCaaS and CPaaS are at the foundation of next-generation business communications solutions”.
Sangoma certainly agrees with that statement and we have been driving this on our roadmaps for a while. We have or own CCaaS and CPaaS platforms, that are integrated with our UCaaS. And we are using our CPaaS to create apps that augment our UCaaS solution, whether that be with integrations to other software systems, or productivity improvement apps that supplement UCaaS.
As Elka Popova, VP of Connected Work Research, ICT of Frost and Sullivan says “Sangoma continues to strategically augment and diversify its extensive UCaaS portfolio and partner network, more recently via the acquisition of Star2Star and NetFortris. Sangoma consistently prevails within the industry as a one-stop shop for complete communications solutions, including UCaaS, CPaaS, SD WAN and communications devices.”
We certainly intend to continue to offer the best one-stop shop cloud communications solutions, intend to continue to innovate, and thus continue to be recognized as leaders!
The post Sangoma as a Frost and Sullivan FROST RADAR™ North American UCaaS Market Leader appeared first on Sangoma Technologies.
It’s been a while. For both an in-person AstriCon and an ITEXPO during its “rightful” time in mid-February in southeast Florida. And they are both converging and happening in a few weeks in Fort Lauderdale.
The last time we had an in-person AstriCon was in 2019. This will be the first one since Covid. We decided to co-locate it with ITEXPO since, at the last AstriCon, we did not have members of the ecosystem (such as phone vendors that support Asterisk and FreePBX). The ecosystem exists in force at ITEXPO, so it made sense to run AstriCon as a co-located event. To register, please go to this link: https://www.itexpo.com/east/astricon.aspx
And Sangoma will also have a booth at ITEXPO. Since the last time we did a show, we changed our logo, so you will surely notice that. Sangoma has the widest range of business-focused communication services, and we won’t be able to demonstrate all of them. But we will showcase our UCaaS platforms, phones, MSP Services, Open-Source products (Asterisk and FreePBX), and wholesale carrier services (i.e., VoIP Innovations) offerings.
We’re looking forward to catching up with you, so please stop by our booth (617)!
The post Going to ITEXPO and AstriCon appeared first on Sangoma Technologies.
VI Communications is Sangoma Wholesale Carrier Services. Known initially as VoIP Innovations, Sangoma Wholesale was built on over 15 years of Trunking as a Service expertise. Sangoma Wholesale continues the legacy of innovations within its award-winning user and end-client portals.
Sangoma Wholesale Carrier Services’ innovative solutions are industry-leading and delivered on its own reliably engineered network.
Ideal for VoIP resellers and communication service providers, wholesale customers can buy unbundled services on an a la carte basis. A full-featured, extensible SIP Trunking platform puts number ordering, management, and provisioning all in your administration or directly into the hands of your end-users. This multi-tenant environment allows for customizable parent-child account relationships. And our integrated Hosted Billing options are popular, complementary add-on services for their ease of use.
Sangoma Wholesale is much more than a one-stop shop for your carrier services like VoIP, SMS, fax, and video collaboration solutions. Check out our array of Compliance Solutions. Whether it is STIR SHAKEN, Tax Calculation, SMS Campaign Registration, Kari’s Law for e911 Dynamic Location Routing, or Fax solutions that meet all the requirements for HIPAA – we have what you need for resale.
And likewise, as consumers demand heightened detection and protection from SPAM and Fraudulent calling, we have services you can trust.
If you are attending ITEXPO Feb 14-17, please come to booth 617 to consult with a Sangoma Wholesale Carrier Sales SME about our innovative solutions.
Remember, VI Communications is Sangoma Wholesale Carrier Services.
Visit us at booth 617 at ITEXPO or learn more at https://carrierservices.sangoma.com/.
The post VI Communications is Sangoma Wholesale Carrier Services appeared first on Sangoma Technologies.
In December, I did a podcast with Isha Mukherjee, our Asia-Pac marketing wiz. We talked about a bunch of things, ranging from our new logo, to what happened to UC in 2022, to my thoughts on UC in 2023.
If you want listen to whole podcast, just go here.
For this blog, though, I just want to focus on my thoughts for UC in 2023. I encapsulated my thoughts into the term “Smart Business”. This could mean multiple things, such as making your business smarter through using UC. And I certainly see that. In the Frost and Sullivan blog from a few weeks ago, I talked about the integration of contact center, unified communications, and CPaaS. And I certainly see that moving quite far along in 2023, even bringing in some aspects of AI that’s already in the contact center towards UC. And utilizing CPaaS apps to augment the UC system, so that the UC system is “smart” for your business. In other words, it does what you need it to do.
And that brings us to another meaning of Smart Business, which is doing business in a smart way. I think we’ll see more one-stop shopping with cloud communications in general. If there is a global slowdown, then businesses unfortunately may not be able to keep the same number of employees. There would likely be retrenchment. And this means you need to do business smarter in order to keep the same level of service, and to even grow. One way to do that, is to get your cloud communications from one provider. One bill, one place to talk to, many less headaches. Focus your people on growing the business, not the back-end that runs the business. UCaaS, Contact Center, Augmentation Apps, Collaboration, Video Meetings, and MSP services – all from one vendor, servicing you well. That is Sangoma.
The post UCaaS Futures Musings Podcast appeared first on Sangoma Technologies.
Sangoma recently partnered with Eastern Management Group regarding a report reviewing the end-customer benefits of Sangoma’s various Communications as a Service offerings. The full report can be found here, and it covers all of Sangoma’s Communications as a Service offerings:
While each one of these has specific customer benefits, at a high level the value to the end-user of using any managed communications service comes down to the following:
In the next couple of weeks, I will go a more in-depth into some of the Sangoma cloud services, and explore more specific end-user customer benefits of the cloud service discussed that week. If you want to read the full report now, please go here. Otherwise, stay tuned here and I’ll provide a few quick updates for you.
The post Overall SaaS Benefit Review appeared first on Sangoma Technologies.
Hey there Fellow Jitsters!
Have you ever considered adding telephony to your Jitsi Meet self-hosted instance?
Up until now you only had the option to run Jigasi and deal with telephony yourself. Many of our users do this every day, but when we asked we learned that there was interest in offloading that part. Could someone else host it?
Today we’re launching a new way to quickly connect to the public telephone network and offer dial-in capabilities to your users without the need for hosting and managing the entire telephony infrastructure: JaaS components. You can give it a try today!
Are you running Jitsi Meet on a Debian instance or are you using Docker? Either way, you can opt-in for this feature and it will be automatically set up. A new JaaS account will be created for you and you’re good to… call.
If you’re running Jitsi Meet on Debian all you need to do is to answer ‘Yes’ to this question and you will have dial-in capability on your Jitsi instance.
Note: A Let’s Encrypt certificate is required and the email address used to generate the certificate will be used also for creating your new JaaS account.
If you’re running Jitsi Meet on Docker you’ll need to set the following variables on your .env file:
Now you can restart your setup with `docker-compose up –force-recreate`
An email will be sent to you, asking you to set up a password for the JaaS admin account:
From the JaaS admin console you can manage your account, see the overall activity and upgrade to another plan if needed.
You’re all set up now! Let’s make a phone call! Join a call on your Jitsi Meet instance and notice how the dial-in option becomes available when trying to invite participants. You can now dial-in to one of the phone numbers provided in the list and you’ll be connected to the meeting.
Get started today, a free trial is available! Please check the JaaS components website for details on pricing.
Jigasi is the first Jitsi component offered as a service, with more to come. Stay tuned!
Your personal meetings team.
Author: Oana Emilia Ianc
The post Self-hosting a fully-featured Jitsi Meet instance just got as easy as pie appeared first on Jitsi.
Last week you may have noticed that Gartner, Inc. positioned Sangoma in the 2022 Gartner® Magic Quadrant for Unified Communications as a Service. Sangoma is one of only twelve other companies placed in 2022 and one of six to appear consecutively for the last eight years.
“We are thrilled to be recognized again in this year’s Gartner UCaaS Magic Quadrant,” said Sangoma Chief Marketing and Product Officer Jim Machi. “It’s gratifying to be independently recognized for vision and execution. Sangoma has grown its position in the top tier of cloud communications companies. Sangoma offers the widest set of cloud communication services in the industry, all engineered in-house, to offer partners and customers a single-source, business-oriented cloud-native communications portfolio. UCaaS is the centerpiece of this strategy, but this complete vision goes beyond that to include CCaaS, Video Meetings as a Service, Collaboration, CPaaS, etc., so this recognition is exciting for Sangoma, our partners, and our customers.”
To read the full report, fill out the form on this page.
The post Sangoma is Recognized in the Gartner UCaaS Magic Quadrant appeared first on Sangoma Technologies.
It’s been a while since we introduced End-to-End Encryption (E2EE) over two years ago. Back then we started with a simple model consisting of a passphrase everyone needed to type and later migrated to a model with randomly generated keys per participant. Each have different characteristic and we ultimately chose to stick with the latter. Today we are introducing a missing piece in the E2EE puzzle: user verification.
User verification was not previously possible in Jitsi Meet. Just like our core E2EE we are basing our implementation on the Matrix protocol. Matrix’s libolm / vodozemac provide a Short Authentication String (SAS) mechanism implementation which developers can use. They even have great documentation on how it works, thanks Matrix!
First, you’d gather in a meeting and turn E2EE on.
Now you’ll see a new option for each participant in their tile menu that allows you to verify them:
After choosing to verify a user a dialog will open with a list of emojis:
.
Wait what? Emoji? These emojis conform the SAS. They have been carefully chosen to avoid ambiguity and make the process more user friendly than comparing random numbers. You can find more information in the Matrix spec. You must verbally compare them with the other participant and if they match, mark it as verified.
Once a user is verified this will be reflected in the user information tooltip:
At this point you can be sure that not only your data is encrypted end-to-end, but also that there is no man-in-the-middle (MITM) attach happening.
User verification is currently available in Jitsi Meet master and deployed in beta. It will be part of the next stable release, but expect more improvements specially in the UX front.
We’d like to thank Robertas Maleckas (ETH Zurich), Prof. Kenny Paterson (ETH Zurich) and Prof. Martin Albrecht (Royal Holloway, University of London) for their work researching Jitsi Meet’s E2EE and encouragement, and Matrix for their tools, which make implementing E2EE a much better experience.
Please note that we still consider our E2EE experimental and are still working on improvements. Please make sure you check out our post on how end-to-end encryption in general does NOT offer a meaningful level of trust and protection when it comes to modern meetings services.
Your personal meetings team.
The post Trust, but verify: introducing user verification appeared first on Jitsi.
Trying to explain something to someone and they just don’t get it? If an image is worth a thousand words how about a diagram? Today we’re excited to announce the availability of whiteboards in Jitsi Meet – the missing piece for all those seeking an educational meeting solution and not only!
We decided to stand in the shoulders of giants on this one. The core implementation comes from Excalidraw, an excellent whiteboarding piece of software, which is Open Source, of course. We made some tweaks and adjustments to have it fit in with our vision. We seek to provide an easy to use feature that enables participants to share ideas and brainstorm without having to seek a third party solution. From now on, meeting moderators can open a whiteboard and have everyone in the call sketch away.
The interface supports a number of tools and settings that keep the collaboration interesting and effective. During a meeting, changes that a participant makes locally via the whiteboard are sent to a server to then distribute those updates only to devices of other participants in the meeting. The whiteboard content can be exported as a png or svg at any time during the meeting, so all that hard work doesn’t go to waste.
If you’re using meet.jit.si, you can go ahead and play with the whiteboard in your meetings right away! For those self-hosting, it can be enabled from the config file, and you’ll need to deploy this simple backend.
As you might already know, we’re firm believers in the power of Open Source, we seek to collaborate with other communities to build solutions everyone can use and we’re excited to bring more to this feature in the future!
Your personal meetings team.
Author: Mihaela Dumitru
The post Introducing whiteboards in Jitsi Meet appeared first on Jitsi.
Sangoma is very proud and honored to be able to service multi-location businesses with our UCaaS system and MSP services. A common dialing plan among the different physical businesses, physical phones that are tightly tied to the UC system, mobile and desktop clients to augment the desk phone, and having a CPaaS system that can enable multi-location business unique requirements to be added to our UCaaS solution has enabled Sangoma to service these businesses well with our UCaaS solutions.
Beyond UCaaS, though, Sangoma, through its acquisition of NetFortris, now offers connectivity and security services that can be tailored to bring the best connectivity solution to the needs of the overall multi-location business and each of the specific physical buildings. It is hard to manage what is the best connectivity solution, which provider to get it all from, all the different bills, etc. That’s understandable, for sure. The IT department needs to be expert at everything, and that’s downright impossible.
Someone like Sangoma can determine the best price, the best type of connectivity solution, and the best provider for each location and manage the network for you. You likely do not need the same bandwidth for each building, and the network provider may most likely offer a different economical service all around. Let someone else figure that all out for you and take care of all that for you.
As your UCaaS provider, it makes sense to get all this from us. We understand the networks, and we’re monitoring the UCaaS anyway, so why not have us manage and monitor your internet connectivity as well?
And we can also offer you SD-WAN services with this connectivity so that you can get the most efficient routing, a more stable internet (because of the use of multiple connections), and cost savings. And, of course, monitoring by Sangoma. Learn more about our MSP services here.
The post Multi-Location UCaaS and Multi-Location Connectivity Services appeared first on Sangoma Technologies.
A few months ago, the FCC released a public notice reminding non-facilities-based “small voice service providers”, that they must implement the STIR/SHAKEN caller ID authentication framework in their Internet Protocol networks no later than June 30, 2022.
Is this a surprise to you? Well perhaps, considering a 2 year extension was granted to small VPS (those with 100,000 or fewer voice access lines) from the original deadline of June 30th, 2021. So why the sudden change in deadline? What happened was an overwhelming amount of robocalls were observed to be originating from these small VSP from the time that deadline was announced, so much so, the FCC decided to cut the extension by 1 year, significantly moving up the deadline.
In summary, as a small voice service provider you are no longer subject to a two year extension and must update your certifications and associated filings in the Robocal Mitigation Database (RMD) and implement the authentication framework by June 30, 2022 (which of course has passed at this point in time) or be subject to ”appropriate enforcement action” by the FCC.
We know that it’s a lot of work, time, and money spent to become compliant. To implement STIR/SHAKEN into your voice network, you’ll likely need to provision a cost-prohibitive session border controller (SBC) or a SIP proxy, which can significantly alter the way you route traffic to your partners. This can create unexpected consequences for you, such as billing, for instance, not to mention the network maintenance and monitoring that’s required for these new points of failure.
The deadline for compliance has already passed for non-facilities-based providers. Don’t risk waiting for the FCC to contact you and be put under extreme pressure. We have a Zero-maintenance call signing solution for you!
VI Communication Services’ Call Signing Services help you become compliant, simply by sending your phone calls to our voice network. On our side, we will provision a dedicated server to host your unique certificate and sign calls on your behalf, using the attestation rules that you yourself configured. That’s all! No additional hardware or network maintenance required. We take care of everything for you so that you can focus on running your business. View our product slick.
The post As a Voice Service Provider, How Has the FCC’s Updated Deadline on STIR/SHAKEN Compliance Affected Your Business? appeared first on Sangoma Technologies.
A managed IT service is an information technology (IT) task provided by a third-party service provider and delivered to a business customer.
“Managed services” refers to outsourcing information technology (IT) processes and functions to improve operations and reduce expenses. It’s a way to augment your company IT staff with access to specialized expertise and not worry about the cost and complexities of hiring and staffing for 24/7/365 critical business functions.
Managed services are ideal for companies that:
Businesses outsource a plethora of IT-related services to managed IT solutions providers, including:
In a managed service arrangement, the managed service provider (MSP) is responsible for the functionality of IT services and equipment for the client, who typically pays on a monthly retainer basis.
Companies that offer managed services are called managed service providers (MSPs). MSPs are third-party companies that remotely manage IT infrastructure and systems. Small and medium businesses (SMBs), nonprofits, government agencies, and enterprises across various industry verticals leverage MSPs to deploy and manage technology solutions.
Typically, an MSP delivers applications and management services through the Internet under a contractual service-level agreement (SLA). The SLA details qualitative and quantitative performance metrics that govern the MSP and customer engagement.
MSPs handle complex or repetitive tasks required to maintain a client’s IT infrastructure and typically are engaged in managing the following activities:
Businesses of all sizes typically offload the management of select IT services for these key reasons:
Sangoma makes it painless to access a complete suite of managed networking, security, and business communications solutions customizable to your organization’s unique needs.
The post What are Managed IT Services? appeared first on Sangoma Technologies.
Jitsi today supports life-streaming conferences to large audiences through our Jibri tool – this tool renders all the media from the conference, and forwards it to a streaming service such as YouTube.
This approach works, but it has limitations. In addition to being computationally expensive, it also introduces substantial latency to the media. This can be a problem when interaction is needed between the participants in the conference and the audience, for example for a text-based question-and-answer session.
This article will describe a new approach to live-streaming media, which uses Jitsi’s builtin functionality, without transcoding, to reach potentially very large audiences with latency comparable to that of a live conference.
The basic approach to media distribution for this solution is straightforward – simply forward media to all the audience members in the same way that they are forwarded today to conference participants – i.e. as individual RTP streams over WebRTC. This can re-use Jitsi’s existing well-tested technology to distribute the media and have it arrive at receivers and be played out to viewers.
The challenge, of course, is to scale Jitsi’s back-end services so they can support sending media to very large numbers of viewers, potentially in the hundreds of thousands or more. The rest of this article will discuss some of the architectural enhancements we need to make to Jitsi to support this.
The first insight that will make this possible is to realize that in a streaming scenario, while the conference’s active participants need to know that they are being watched by an audience, they don’t need to know all the audience members’ identities or presence in real-time; nor do the audience members need to know about each other. Thus, the system can be modified such that presence information about individual audience members is not sent to other conference participants, or to unnecessary parts of the backend; this reduces the amount of signaling traffic substantially.
The second substantial change that we are making to the backend is to be able to have more sophisticated topologies for the Jitsi Videobridges to relay media among them. Currently, when more than one Jitsi Videobridge is used in a conference (in Jitsi’s Octo/Relay technology), the bridges are connected to each other in a full mesh. This topology minimizes the latency for media, but would not scale to very large conferences, where e.g. hundreds of thousands of participants might need several hundred bridges. If every bridge in such a conference were connected to every other one, the bridges could be overloaded just sending media out.
Instead, we are developing technology that can arrange bridges into more elaborate topologies. In particular, our plan for very large conferences is to still have the conference’s active participants be connected to bridges which are arranged in a mesh; but the audience members would then be connected to bridges whose interconnection forms a tree extending from various nodes of the core mesh, so that the core media servers would only need to send media out to a limited number of connections to the audience’s bridges, which would then be forwarded out to the audience, possibly relaying through multiple bridges on the way.
Finally, changes need to be made for the signaling servers used by the Jitsi back-end. While information about audience members only needs to be propagated to selected back-end infrastructure servers, information about a conference’s active participants needs to be forwarded to the entire audience. The existing XMPP servers that the Jitsi back-end uses aren’t designed for this level of load. Thus, we are developing solutions such that this participant information can be mirrored from one XMPP server to another, allowing each server to handle only a manageable number of client connections while still getting the information to the entire audience quickly.
Stay tuned!
Your personal meetings team.
Author: Jonathan Lennox
The post Low-latency conference streaming to very large audiences appeared first on Jitsi.
In my last blog, I wrote about a customer just wanting basic PBX features from “25 years ago” and whether it was possible to buy a business phone system today that would be able to effectively replace one of these older systems.
The answer is “of course you can get a phone system” that handles the PBX feature requirements from 25 years ago. And it will do exactly what you want it to do, and are used to doing, in terms of calling and call routing and audio conferencing and voice mail, etc. And it can still be on-premises if you wish, but it can also run in the cloud. And you can use a handset just like your current system has. If this is what you want, we have it.
But it will also come with other features, or the ability to add these features, because that is what many customers want today:
So don’t be confused and don’t be afraid to upgrade because of the marketing buzzwords used today. You’ll have all your old features, but you’ll be able to use these new features as well. For instance, the mobility feature allows your business phone number to follow you around on your laptop and Smartphone – it will make you “look bigger” to your customers since you’ll be reachable more easily.
Upgrade so you don’t put your business at risk because of a potentially failing old system. Come talk to us and we’ll be happy to help. PBXs are there today, just in different clothing.
The post UCaaS as PBX Replacement: Part 2 appeared first on Sangoma Technologies.
We proudly announce that Business Voice+ was named the Cloud Computing Product of the Year Award, presented by Cloud Computing Magazine.
Business Voice+ is Sangoma’s pure cloud deployment platform. Designed for businesses who want peerless call quality, communications flexibility, and exceptional system support, Business Voice is the perfect, zero-hardware option. With Business Voice, your business can leverage the power of a complete, end-to-end system from an intuitive, browser-based interface.
The Cloud Computing Product of the Year Award honors vendors with the most innovative, practical, and beneficial cloud products and services deployed within the past year.
Learn more about Business Voice+!
The post Business Voice+ Named Cloud Computing Product of the Year by Cloud Computing Magazine appeared first on Sangoma Technologies.
Education requires total commitment, and for good reason. After all, it involves nothing less than preparing young people for lifelong personal and professional success. Considering the stakes, school systems should prioritize high-quality and worry-free communications, but all too often they face challenges implementing and supporting the latest in telephony. Let’s explore why.
School administrators are often confronted with funding shortfalls and end up scrapping IT investments. If that isn’t bad enough, many schools don’t have a permanent IT professional on staff, which means critical communications infrastructure goes unmaintained and improvements fall to the wayside.
On top of this, user-friendliness inhibits the successful implementation of next-generation communications systems. Educators need systems they can easily pick up and run with, especially given the fact that “13.8 percent of U.S. teachers are either leaving their school or the profession altogether.” With this in mind, it’s clear that successful systems can’t require a steep learning curve. Educators need a solution that lets them focus on what matters most: teaching!
Thankfully, there is a solution that overcomes these not-so-insignificant barriers: Unified Communications as a Service (UCaaS).
Educators require an easy way to interact with parents, administrators, students, and coworkers. Many schools have answered that call by discarding existing telephony for cutting-edge voice over internet protocol (VoIP) solutions that pair high-quality voice with unified communication (UC) tools to create UCaaS systems. Uniting technologies like voice, video conferencing, instant messaging, email, SMS, and fax into a single platform, UCaaS is an affordable and customizable system that adapts to the needs of any school network. It can also have hugely positive implications for an organization’s overall effectiveness and culture, with recent survey data showing UCaaS translating to better productivity for 72% of respondents, higher collaboration for 91%, and faster problem solving for 88%.
“Parent notes” are a critical tool for keeping parents informed, but how often are they left in backpacks, found on the floor of the bus, or worse – eaten by the dog? With UCaaS in an educator’s corner, teachers can ditch these types of archaic communication methods in favor of crystal-clear voice or high-resolution video. Whether it be a one-on-one call with a co-worker or student, or a group video conference with parents, the flexibility maximizes the effectiveness of a school’s messaging by supporting whichever channel works best for the stakeholders involved. And this is just one example; the possibilities are practically endless when technology is on your side.
As a seasoned IT vendor successfully equipping schools with the best communication solutions for years, Sangoma has discovered an ideal way forward. By striking a much-needed balance through “must have” features while also remaining affordable, we ensure that schools will never be “out for the summer” or any other season when they work with us.
“It looks like we are saving about $400 a month so far,” said Sadie O’Brien, IT director for the Shiocton School District, after deciding to transition to [Sangoma] Switchvox.
By eliminating up-front costs, Sangoma UC expertly walks the fine line between offering advanced communication features without straining an institution’s IT funding. Additional savings are gained from low annual fees, and the solution operates through an all-inclusive pricing model. This fixed, consistent, subscription-style billing structure fits comfortably within school system budgets.
Sangoma UC doesn’t just solve problems created by sparse technology budgets, it also addresses the administrative challenges faced by these institutions. The system can be administered via a single computer connected to the network – with no coding required. Everything is geared toward lowering the learning curve and easing the burden for education professionals right from the get-go. Let’s take a closer look at how it can impact some of the primary stakeholders within a given school district:
IT Professionals: IT support staff gain major advantages with Sangoma UC in that it requires no special software, hardware, or license keys – meaning there’s nothing to download or install. The entire system can be managed through a single pane of glass with customizable views and widgets. With a subscription-based model, dealing with lengthy updates or cumbersome maintenance becomes a thing of the past, instead transitioning to the vendor’s responsibility.
Teachers: The typical teacher is overworked and overwhelmed, meaning that any technology they use must always help, never hinder. Sangoma UC is simple and intuitive enough that teachers can simply pick it up and immediately start taking advantage of its mobility features, dedicated conference rooms, and more.
Administrators: Administrators within school districts have a lot on their plates – from tracking absences, to managing calls from parents and staff, to sending out alerts and emergency messages. Sangoma streamlines these workflows considerably with a full suite of easy-to-learn features, such as IVR, auto attendant, receptionist console, mobile and desktop apps, and RAY BAUM compliance.
As a 100% web-based system, Sangoma UC centralizes communications and ensures access to all messages, applications, and tools, regardless of where users are or what device they’re using.
Having equipped more than 1,000 schools, we’re well aware of the communication challenges faced by school districts. This includes chronic problems with funding, adequate IT support, and the pressing need for high-quality anytime/anywhere connections between students, teachers, and parents. However, through our UCaaS system, schools can equip themselves with cutting-edge communications that provide comprehensive benefits for less time and effort.
Want to learn more about Sangoma and how it can transform your district? Download our free eBook today!
The post UCaaS and the Education Industry: Equip Your School with Cutting-Edge Communications appeared first on Sangoma Technologies.
Yes, there are still business systems called “PBX’s” out there. These are on-premises business phone systems that basically just did calling in and out of a building, offered voice mail, could perform an audio conference call, could forward a call, and had a some ‘advanced” calling features like ring groups, or sending group messages (i.e. recording a message, and then sending it to a group of people – like an email but you recorded the email), or call screening. The phone system that ran the business if you will.
And they ruled the roost at one time. You learned many of the intricacies of these systems to be the most effective communicator out there, augmenting your email with these phone systems features.
These systems are out there still. Not all have been upgraded yet. But they are old, and many of these systems are even out of maintenanace. Still chugging along…until they are not….
As VoIP marched on and the internet networks became faster, other communication modes such as chat and video entered the fray, and the need to have the systems on-premises dissipated. Today’s UCaaS systems were born.
And with it it came newfangled terminology. No more analog and digital. Seats, bandwidth, Unified Communications, trunking, hosted, cloud, multi-tenant, single-tenant, collaboration, single sign-on, UCaaS, mobility, and CPaaS are now typical words used.
But this doesn’t mean the requirements of the PBXs of 25 years ago are different. The need to have a phone system that “runs the business” is still there. And I’ve had some prospects / customers kind of wondering what is going on – “can’t we just get a phone system?”. And these prospects have not upgraded since it’s kind of confusing to them. They want to, because they know the “chugging along” at some point will simply stop, but they don’t want to make a mistake, or buy something they won’t be able to work well.
The answer is “of course you can get a phone system”. I’ll talk about this more in my next blog.
The post UCaaS as PBX Replacement: Part 1 appeared first on Sangoma Technologies.
Back in June, I wrote a blog about hot desking. And I wrote at the time “But is hot desking of a physical phone an obsolete concept with Unified Communications? Does it even need to be in RFPs anymore? Because with UC, you can make and take phone calls with your work extension from your computer, or from your smartphone, via a UC client. I can do that no matter where I sit in the office.”
Now, 4 months later, I got an email from a reader asking if I wanted to take that back because with the return to the office, many companies are going to hybrid models. Hybrid, to many, in addition to working both in the office and at home, means there are fewer offices. Because companies have downsized the physical space to save money.
And now when you show up to the actual office, instead of going to a specific office or cubicle, you might just have to go find a place to sit. And so the phone at the “place to sit” is not hard wired with your extension. What I wrote is still valid and maybe even more-so if this is what hybrid means.
What I will acknowledge, though, is that maybe there are some specific jobs where the company wants you on a deskphone, instead of on your smartphone, or the UC app. Security issues, for instance might come into play. So yes, I can see this being a part of RFPs with a hybrid environment if the use demands a physical phone while at the office.
But if the UC client is used when working from home, what’s the difference if you are at home or in the office? Mobility is mobility. That’s all I’ll say.
The post Let’s Revisit Hot Desking appeared first on Sangoma Technologies.
After upgrading to Ubuntu Jammy and Asterisk 18.10, I saw the following messages in my logs:
WARNING[360166]: loader.c:2487 in load_modules: Module 'chan_sip' has been loaded but was deprecated in Asterisk version 17 and will be removed in Asterisk version 21.
WARNING[360174]: chan_sip.c:35468 in deprecation_notice: chan_sip has no official maintainer and is deprecated. Migration to
WARNING[360174]: chan_sip.c:35469 in deprecation_notice: chan_pjsip is recommended. See guides at the Asterisk Wiki:
WARNING[360174]: chan_sip.c:35470 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Migrating+from+chan_sip+to+res_pjsip
WARNING[360174]: chan_sip.c:35471 in deprecation_notice: https://wiki.asterisk.org/wiki/display/AST/Configuring+res_pjsip
and so I decided it was time to stop postponing the
overdue migration
of my working setup from
chan_sip
to
res_pjsip
.
It turns out that it was not as painful as I expected, though the conversion script bundled with Asterisk didn't work for me out of the box.
Before you start, one very important thing to note is that the SIP debug
information you used to see when running this in the asterisk console
(asterisk -r
):
sip set debug on
now lives behind this command:
pjsip set logger on
The first thing I migrated was the config for my two SIP phones (Snom 300 and Snom D715).
The original config for them in sip.conf
was:
[2000]
; Snom 300
type=friend
qualify=yes
secret=password123
encryption=no
context=full
host=dynamic
nat=no
directmedia=no
mailbox=10@internal
vmexten=707
dtmfmode=rfc2833
call-limit=2
disallow=all
allow=g722
allow=ulaw
[2001]
; Snom D715
type=friend
qualify=yes
secret=password456
encryption=no
context=full
host=dynamic
nat=no
directmedia=yes
mailbox=10@internal
vmexten=707
dtmfmode=rfc2833
call-limit=2
disallow=all
allow=g722
allow=ulaw
and that became the following in pjsip.conf
:
[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0
external_media_address = myasterisk.dyn.example.com
external_signaling_address = myasterisk.dyn.example.com
local_net = 192.168.0.0/255.255.0.0
[2000]
type = aor
max_contacts = 1
[2000]
type = auth
username = 2000
password = password123
[2000]
type = endpoint
context = full
dtmf_mode = rfc4733
disallow = all
allow = g722
allow = ulaw
direct_media = no
mailboxes = 10@internal
auth = 2000
outbound_auth = 2000
aors = 2000
[2001]
type = aor
max_contacts = 1
[2001]
type = auth
username = 2001
password = password456
[2001]
type = endpoint
context = full
dtmf_mode = rfc4733
disallow = all
allow = g722
allow = ulaw
direct_media = yes
mailboxes = 10@internal
auth = 2001
outbound_auth = 2001
aors = 2001
The different direct_media
line between the two phones has to do with how
they each connect to my Asterisk
server
and whether or not they have access to the Internet.
For some reason, my internal calls (from one SIP phone to the other) didn't
work when using "aliases". I fixed it by changing this blurb in
extensions.conf
from:
[speeddial]
exten => 1000,1,Dial(SIP/2000,20)
exten => 1001,1,Dial(SIP/2001,20)
to:
[speeddial]
exten => 1000,1,Dial(${PJSIP_DIAL_CONTACTS(2000)},20)
exten => 1001,1,Dial(${PJSIP_DIAL_CONTACTS(2001)},20)
I have not yet dug into what this changes or why it's necessary and so feel free to leave a comment if you know more here.
Once I had the internal phones working, I moved to making and receiving phone calls over the PSTN, for which I use VoIP.ms with encryption.
I had to change the following in my sip.conf
:
[general]
register => tls://555123_myasterisk:password789@vancouver2.voip.ms
externhost=myasterisk.dyn.example.com
localnet=192.168.0.0/255.255.0.0
tcpenable=yes
tlsenable=yes
tlscertfile=/etc/asterisk/asterisk.cert
tlsprivatekey=/etc/asterisk/asterisk.key
tlscapath=/etc/ssl/certs/
[voipms]
type=peer
host=vancouver2.voip.ms
secret=password789
defaultuser=555123_myasterisk
context=from-voipms
disallow=all
allow=ulaw
allow=g729
insecure=port,invite
canreinvite=no
trustrpid=yes
sendrpid=yes
transport=tls
encryption=yes
to the following in pjsip.conf
:
[transport-tls]
type = transport
protocol = tls
bind = 0.0.0.0
external_media_address = myasterisk.dyn.example.com
external_signaling_address = myasterisk.dyn.example.com
local_net = 192.168.0.0/255.255.0.0
cert_file = /etc/asterisk/asterisk.cert
priv_key_file = /etc/asterisk/asterisk.key
ca_list_path = /etc/ssl/certs/
method = tlsv1_2
[voipms]
type = registration
transport = transport-tls
outbound_auth = voipms
client_uri = sip:555123_myasterisk@vancouver2.voip.ms
server_uri = sip:vancouver2.voip.ms
[voipms]
type = auth
password = password789
username = 555123_myasterisk
[voipms]
type = aor
contact = sip:555123_myasterisk@vancouver2.voip.ms
[voipms]
type = identify
endpoint = voipms
match = vancouver2.voip.ms
[voipms]
type = endpoint
context = from-voipms
disallow = all
allow = ulaw
allow = g729
from_user = 555123_myasterisk
trust_id_inbound = yes
media_encryption = sdes
auth = voipms
outbound_auth = voipms
aors = voipms
rtp_symmetric = yes
rewrite_contact = yes
send_rpid = yes
timers = no
The TLS method
line is needed since the default in Debian OpenSSL is too
strict. The timers
line is to prevent outbound calls from getting dropped after 15 minutes.
Finally, I changed the Dial()
lines in these extensions.conf
blurbs from:
[from-voipms]
exten => 5551231000,1,Goto(2000,1)
exten => 2000,1,Dial(SIP/2000&SIP/2001,20)
exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
exten => 2000,n,Hangup
exten => in2000-BUSY,1,VoiceMail(10@internal,su)
exten => in2000-BUSY,n,Hangup
exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
exten => in2000-CONGESTION,n,Hangup
exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
exten => in2000-CHANUNAVAIL,n,Hangup
exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
exten => in2000-NOANSWER,n,Hangup
exten => _in2000-.,1,Hangup(16)
[pstn-voipms]
exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _1NXXNXXXXXX,n,Dial(SIP/voipms/${EXTEN})
exten => _1NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _NXXNXXXXXX,n,Dial(SIP/voipms/1${EXTEN})
exten => _NXXNXXXXXX,n,Hangup()
exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _011X.,n,Authenticate(1234)
exten => _011X.,n,Dial(SIP/voipms/${EXTEN})
exten => _011X.,n,Hangup()
exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _00X.,n,Authenticate(1234)
exten => _00X.,n,Dial(SIP/voipms/${EXTEN})
exten => _00X.,n,Hangup()
to:
[from-voipms]
exten => 5551231000,1,Goto(2000,1)
exten => 2000,1,Dial(PJSIP/2000&PJSIP/2001,20)
exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
exten => 2000,n,Hangup
exten => in2000-BUSY,1,VoiceMail(10@internal,su)
exten => in2000-BUSY,n,Hangup
exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
exten => in2000-CONGESTION,n,Hangup
exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
exten => in2000-CHANUNAVAIL,n,Hangup
exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
exten => in2000-NOANSWER,n,Hangup
exten => _in2000-.,1,Hangup(16)
[pstn-voipms]
exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _1NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@voipms)
exten => _NXXNXXXXXX,n,Hangup()
exten => _011X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _011X.,n,Authenticate(1234)
exten => _011X.,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _011X.,n,Hangup()
exten => _00X.,1,Set(CALLERID(all)=Francois Marier <5551231000>)
exten => _00X.,n,Authenticate(1234)
exten => _00X.,n,Dial(PJSIP/${EXTEN}@voipms)
exten => _00X.,n,Hangup()
Note that it's not just replacing SIP/
with PJSIP/
, but it was also
necessary to use a format supported by
pjsip
for the channel since SIP/trunkname/extension
isn't supported by pjsip.
JMP offers VoIP calling via XMPP, but it's also possibly to use the VoIP using SIP.
The underlying VoIP calling functionality in JMP is provided by Bandwidth, but their old Asterisk instructions didn't quite work for me. Here's how I set it up in my Asterisk server.
After signing up for JMP and setting it up in your favourite XMPP client,
send the following message to the cheogram.com
gateway contact:
reset sip account
In response, you will receive a message containing:
First of all, I added the following to my /etc/asterisk/pjsip.conf
:
[transport-udp]
type = transport
protocol = udp
bind = 0.0.0.0
external_media_address = myasterisk.dyn.example.com
external_signaling_address = myasterisk.dyn.example.com
local_net = 192.168.0.0/255.255.0.0
[jmp]
type = registration
contact_user = 5554561000
transport = transport-udp
outbound_auth = jmp
client_uri = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
server_uri = sip:jmp.cbcbc7.auth.bandwidth.com:5008
[jmp]
type = auth
password = three secret words
username = 5554561000
[jmp]
type = aor
contact = sip:5554561000@jmp.cbcbc7.auth.bandwidth.com:5008
[jmp]
type = identify
endpoint = jmp
match = jmp.cbcbc7.auth.bandwidth.com
[jmp]
type = endpoint
context = from-jmp
dtmf_mode = rfc4733
disallow = all
allow = ulaw
allow = g729
auth = jmp
outbound_auth = jmp
aors = jmp
rtp_symmetric = yes
rewrite_contact = yes
send_rpid = yes
timers = no
and for reference, here's the blurb for my Snom 300 SIP phone:
[2000]
type = aor
max_contacts = 1
[2000]
type = auth
username = 2000
password = password123
[2000]
type = endpoint
context = full
dtmf_mode = rfc4733
disallow = all
allow = g722
allow = ulaw
mailboxes = 10@internal
auth = 2000
outbound_auth = 2000
aors = 2000
I checked that the registration was successful by running asterisk -r
and
then typing:
pjsip set logger on
before reloading the configuration using:
reload
Once I got registration to work, I hooked this up with my other extensions so that I could send and receive calls using my JMP number.
In /etc/asterisk/extensions.conf
, I added the following:
[from-jmp]
include => home
exten => s,1,Goto(2000,1)
where home
is the context which includes my local SIP devices and 2000
is the extension I want to ring.
Then I added the following to enable calls to any destination within the North American Numbering Plan:
[pstn-jmp]
exten => _1NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
exten => _1NXXNXXXXXX,n,Dial(PJSIP/${EXTEN}@jmp)
exten => _1NXXNXXXXXX,n,Hangup()
exten => _NXXNXXXXXX,1,Set(CALLERID(all)=Francois Marier <username>)
exten => _NXXNXXXXXX,n,Dial(PJSIP/1${EXTEN}@jmp)
exten => _NXXNXXXXXX,n,Hangup()
Here username
is my bwsip numerical username. When calls are placed, this gets
automatically swapped in by my real JMP phone number, but Bandwidth appears to
require its users to use their username in there caller ID string.
For reference, here's the rest of my dialplan in /etc/asterisk/extensions.conf
:
[general]
static=yes
writeprotect=no
clearglobalvars=no
[public]
exten => _X.,1,Hangup(3)
[sipdefault]
exten => _X.,1,Hangup(3)
[default]
exten => _X.,1,Hangup(3)
[internal]
include => home
[full]
include => internal
include => pstn-jmp
exten => 707,1,VoiceMailMain(10@internal)
[home]
exten => 2000,1,Dial(PJSIP/2000,20)
exten => 2000,n,Goto(in2000-${DIALSTATUS},1)
exten => 2000,n,Hangup
exten => in2000-BUSY,1,VoiceMail(10@internal,su)
exten => in2000-BUSY,n,Hangup
exten => in2000-CONGESTION,1,VoiceMail(10@internal,su)
exten => in2000-CONGESTION,n,Hangup
exten => in2000-CHANUNAVAIL,1,VoiceMail(10@internal,su)
exten => in2000-CHANUNAVAIL,n,Hangup
exten => in2000-NOANSWER,1,VoiceMail(10@internal,su)
exten => in2000-NOANSWER,n,Hangup
exten => _in2000-.,1,Hangup(16)
Finally, I opened a few ports in my firewall by putting the following in
/etc/network/iptables.up.rules
:
# SIP and RTP on UDP (jmp.cbcbc7.auth.bandwidth.com)
-A INPUT -s 67.231.2.13/32 -p udp --dport 5008 -j ACCEPT
-A INPUT -s 216.82.238.135/32 -p udp --dport 5008 -j ACCEPT
-A INPUT -s 67.231.2.13/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
-A INPUT -s 216.82.238.135/32 -p udp --sport 5004:5005 --dport 10001:20000 -j ACCEPT
Wow, we just shipped our one millionth phone! Over 10 years ago, Sangoma (and Digium) decided that having a seamless end-to-end Unified Communication system was important. And at that time, end to end system meant just the phone and the UC systems. So, we decided to release our own phones.
These days, a UC system includes Sangoma’s UCaaS service (or on-premises version), the desk phone, mobile and desktop client software, Sangoma’s collaboration-as-a-service client (TeamHub), and Sangoma’s video meetings service (Sangoma Meet).
The UC industry has come quite a long way in 10 years, but the phone is still part of the system, especially for brick-and-mortar businesses. And we are proud to serve all of these customers.
As I said in the press release about this news, “Many of our customers use both desk phones as well as our mobile and desktop clients to communicate. And since we manufacture our own desk phones and develop our own cloud communications software, we are able to provide deep integration between our phones and our cloud communications services, in a way that other phone manufacturers or UCaaS companies simply cannot do. This kind of integration has contributed to the successful growth of this important product line at Sangoma, differentiating us from our competitors and leading to this one-million-unit milestone.“
So, thank you to all the users of these phones, the distributors who fulfilled these phones, and the resellers who put our solutions into the end-user businesses. Let’s count the next million.
The post Sangoma Announces Shipment of Its One Millionth Desk Phone appeared first on Sangoma Technologies.
In order to fix the following error after setting up SIP TLS in Asterisk 16.2:
asterisk[8691]: ERROR[8691]: tcptls.c:966 in __ssl_setup: TLS/SSL error loading cert file. <asterisk.pem>
I created a Let's Encrypt certificate using certbot:
apt install certbot
certbot certonly --standalone -d hostname.example.com
To enable the asterisk
user to load the certificate successfuly (it
doesn't have permission to access the certificates under /etc/letsencrypt/
),
I copied it to the right directory:
cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
Then I set the following variables in /etc/asterisk/sip.conf
:
tlscertfile=/etc/asterisk/asterisk.cert
tlsprivatekey=/etc/asterisk/asterisk.key
The machine on which I run asterisk has a tricky Apache setup:
This meant that the certbot domain ownership checks would get blocked by the firewall, and I couldn't open that port without exposing the private webserver to the Internet.
So I ended up disabling the built-in certbot renewal mechanism:
systemctl disable certbot.timer certbot.service
systemctl stop certbot.timer certbot.service
and then writing my own script in /etc/cron.daily/certbot-francois
:
#!/bin/bash
TEMPFILE=`mktemp`
# Stop Apache and backup firewall.
/bin/systemctl stop apache2.service
/usr/sbin/iptables-save > $TEMPFILE
# Open up port 80 to the whole world.
/usr/sbin/iptables -D INPUT -j LOGDROP
/usr/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
/usr/sbin/iptables -A INPUT -j LOGDROP
# Renew all certs.
/usr/bin/certbot renew --quiet
# Restore firewall and restart Apache.
/usr/sbin/iptables -D INPUT -p tcp --dport 80 -j ACCEPT
/usr/sbin/iptables-restore < $TEMPFILE
/bin/systemctl start apache2.service
# Copy certificate into asterisk.
cp /etc/letsencrypt/live/hostname.example.com/privkey.pem /etc/asterisk/asterisk.key
cp /etc/letsencrypt/live/hostname.example.com/fullchain.pem /etc/asterisk/asterisk.cert
chown asterisk:asterisk /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
chmod go-rwx /etc/asterisk/asterisk.cert /etc/asterisk/asterisk.key
# Commit changes to etckeeper and restart asterisk.
pushd /etc/ > /dev/null
/usr/bin/git add letsencrypt asterisk
DIFFSTAT="$(/usr/bin/git diff --cached --stat)"
if [ -n "$DIFFSTAT" ] ; then
/usr/bin/git commit --quiet -m "Renewed letsencrypt certs." letsencrypt asterisk
echo "$DIFFSTAT"
/bin/systemctl restart asterisk.service
fi
popd > /dev/null
Here is the setup I put together to have two SIP phones connect together over an encrypted channel. Since the two phones do not support encryption, I used Asterisk to provide the encrypted channel over the Internet.
First of all, each VoIP phone is in a different physical location and so I installed an Asterisk server in each house.
One of the server is a Debian stretch machine and the other runs Ubuntu
bionic 18.04. Regardless, I used a fairly standard configuration and simply
installed the asterisk
package on both machines:
apt install asterisk
The two phones, both Snom 300,
connect to their local asterisk server on its local IP address and use the
same details as I have put in /etc/asterisk/sip.conf
:
[1000]
type=friend
qualify=yes
secret=password1
encryption=no
context=internal
host=dynamic
nat=no
canreinvite=yes
mailbox=1000@internal
vmexten=707
dtmfmode=rfc2833
call-limit=2
disallow=all
allow=g722
allow=ulaw
The extension number above (1000
) maps to the following configuration
blurb in /etc/asterisk/extensions.conf
:
[home]
exten => 1000,1,Dial(SIP/1000,20)
exten => 1000,n,Goto(in1000-${DIALSTATUS},1)
exten => 1000,n,Hangup
exten => in1000-BUSY,1,VoiceMail(1000@mailboxes,su)
exten => in1000-BUSY,n,Hangup
exten => in1000-CONGESTION,1,VoiceMail(1000@mailboxes,su)
exten => in1000-CONGESTION,n,Hangup
exten => in1000-CHANUNAVAIL,1,VoiceMail(1000@mailboxes,su)
exten => in1000-CHANUNAVAIL,n,Hangup
exten => in1000-NOANSWER,1,VoiceMail(1000@mailboxes,su)
exten => in1000-NOANSWER,n,Hangup
exten => _in1000-.,1,Hangup(16)
the internal
context
maps to the following blurb in /etc/asterisk/extensions.conf
:
[internal]
include => home
include => iax2users
exten => 707,1,VoiceMailMain(1000@mailboxes)
and 1000@mailboxes
maps to the following entry in
/etc/asterisk/voicemail.conf
:
[mailboxes]
1000 => 1234,home,person@email.com
(with 1234
being the voicemail PIN).
In order to create a virtual link between the two servers using the
IAX protocol, I
created user credentials on each server in /etc/asterisk/iax.conf
:
[iaxuser]
type=user
auth=md5
secret=password2
context=iax2users
allow=g722
allow=speex
encryption=aes128
trunk=no
then I created an entry for the other server in the same file:
[server2]
type=peer
host=server2.dyn.fmarier.org
auth=md5
secret=password2
username=iaxuser
allow=g722
allow=speex
encryption=yes
forceencrypt=yes
trunk=no
qualify=yes
The second machine contains the same configuration with the exception of the
server name (server1
instead of server2
) and hostname
(server1.dyn.fmarier.org
instead of server2.dyn.fmarier.org
).
Finally, to allow each phone to ring one another by dialing 2000
, I put
the following in /etc/asterisk/extensions.conf
:
[iax2users]
include => home
exten => 2000,1,Set(CALLERID(all)=Francois Marier <2000>)
exten => 2000,2,Dial(IAX2/server1/1000)
and of course a similar blurb on the other machine:
[iax2users]
include => home
exten => 2000,1,Set(CALLERID(all)=Other Person <2000>)
exten => 2000,2,Dial(IAX2/server2/1000)
Since we are using the IAX protocol instead of SIP, there is only one port
to open in /etc/network/iptables.up.rules
for the remote server:
# IAX2 protocol
-A INPUT -s x.x.x.x/y -p udp --dport 4569 -j ACCEPT
where x.x.x.x/y
is the IP range allocated to the ISP that the other
machine is behind.
If you want to restrict traffic on the local network as well, then these ports need to be open for the SIP phone to be able to connect to its local server:
# VoIP phones (internal)
-A INPUT -s 192.168.1.3/32 -p udp --dport 5060 -j ACCEPT
-A INPUT -s 192.168.1.3/32 -p udp --dport 10000:20000 -j ACCEPT
where 192.168.1.3
is the static IP address allocated to the SIP phone.