NEC's Unified Communications Solution package marks the intersection of stylish endpoints coveted by mobile workers with the high level of performance that arises out of the company's long history in telephony.
NEC's Univerge Unified Communications Solution package marks the intersection of stylish endpoints coveted by mobile workers with the high level of performance that arises out of the company's long history in telephony.
In this Clear Choice Test -- one in a series of tests conducted using the same test methodology and has included products from Avaya and 3Com -- NEC's UC platform showed itself to be well-fashioned (owing to the sleek appearance of its endpoints), well designed, feature-packed, secure and resilient.
This hands-on evaluation included an example of each of NEC's top-of-the-line UC endpoints (almost a dozen in total) including hard phones and softphone clients. These clients were connected to redundantly deployed SV7000 IP PBX communications servers running a hardened version of Windows 2003 Server.
These SV7000 servers, which handle call routing and provide the basic PBX telephony functionality, came bundled with NEC's SV7000T (Call Telephony server) and SV7000S (Session Initiation Protocol [SIP] Server) software. The underlying servers support SIP trunks, are XML and Java compliant, can scale from 300 to 6,000 ports for IP terminals, and work in conjunction with LDAP-based directory services for secure user access. Presence intelligence is supplied by NEC's OW5000 Presence Engine, which maintains records of users' communication availability and device preferences.
Performance: Very strong
We verified NEC's advertised traffic load handling, voice quality statistics and other traditional IP PBX type tests for the SV7000 as the core communication platform. The product satisfied our base level performance metrics for a modern IP PBX, achieving 32,369 busy-hour calls with 1,000-user loads without dropping any calls. For load test, a combination of call-generation tools were used, including the EMPIRIX Hammer which sent calls directly to the UC system (see How we did it).
Voice quality tests achieved 4.4 or higher (out of 5) in the mean opinion score (MOS) tests even when transitioning between H.323 and SIP calls. NEC's excellent voice quality was confirmed by ClearSight Analyzer and TouchStone WinSIP.
A second load test we conducted – one that stressed the underlying IP-PBX performance and the system's ability to track user presence changes -- required a multi-session version of NEC’s UC700 softphone application that ran on several workstations. Three-hundred virtual sessions were created on each of five servers and 150 each on 17 workstations, making available a maximum of 4050 sessions. We observed that without server performance degradation we were able to support a total of 3883 virtual sessions with the NEC platform, requiring 81% of CPU utilization and 2 GB of memory of the SQL database server running inside the OW5000 presence server.
NEC has a consolidated message center interface – used across all of its supported endpoints – which clearly showed all voice messages, e-mails, instant messages and faxes received in all of our testing. Menus on various devices were nearly identical and endpoints show user presence information and changes in the same fashion.
The hardware endpoints all have a basic set of features that includes display colors, the number of soft and hard keys, menu-driven functionality and presence indicators. Advanced features include video communications, XML-based Web browser applications and touch screens.
Components tested included the top-of-the-line SIP-compliance DT750 hard phone. It offers an LCD color display, touch-screen and Open XML interface, and is Bluetooth compatible. The Open XML interface enables companies to create a customized look and feel on a browser-like display. We tried to disable the DT750 hardphones by sending denial-of-service (DoS) attacks at it, as well as using other methods, but we could not cause the NEC endpoints to malfunction.
The MC530 client for mobile devices uses Windows Mobile 6, which provides its touch-screen functionality and offers one-touch access to IM, voicemail, our contacts lists and Bluetooth wireless functions. We found no glitches when testing the touch screen, click-to-dial or clipboard dialing capabilities. Joining audio and Web conferences was a seamless process with these phones.
The MC530 mobility client provided accurate and reliable presence information. When changing a test user's status to "available," only 1.5 seconds was needed for propagation of that information to the UC700 softphone, DT700 series hardphones and the UA5200 attendant console. The NEC endpoints consistently signify presence status: red for unavailable, yellow for possibly available and green for available.
While the DTerm SP30 softphone, NEC's first softphone designed for lower system requirements, offers basic dialing features and provides a window into all UC functions except presence, the UC700 is a broader, enterprise-class client-server softphone that provides full presence capability and VIP call routing. It closely integrates with the MC530 Mobile Client, which we tested on BlackBerry 8700, BlackBerry Curve 8300 and Windows-Mobile-based HTC TyTN smart phone.
We found that with the UC700 mobile client we had an identical UC experience to those users sitting at a desk in the office. The mobile client offered good, responsive presence displays and correctly identified the availability of the wireless network with a GUI indicator showing the type of network connection (either cellular or Wi-Fi).
The UC700 worked well with the Microsoft components in our test bed, updating its presence with Microsoft Outlook calendar information and obtaining the latest contact information for communications purposes. It also offered good quality video without reduction in crispness or clarity with 800 x 600 resolution. The audio was synchronized with the video, enabling users to see the status of their contacts and to quickly determine which communication method (phone, mobile, voice mail, e-mail or fax) is fastest. Presence is streamlined by setting contact rules that can be modified for different contacts. Once set, a contact rule can be left as is or changed on the fly. Calls are then routed by the underlying NEC servers based on Caller ID, user status and Microsoft Outlook schedule information.
NEC also offers a well-designed proprietary instant messaging application embedded in its MC530 Mobile Client. IMs can be sent and received without exiting the application. The mobile screen showed the same menu as the desk phones and the PC-based soft phones. We can verify that the UC client can use its IM application to send instant messages to Microsoft IM program. Text and video messages were sent from one client endpoint to another. Presence information and contact list was available throughout the end points.
An optional software feature plug-in for Microsoft Outlook 2007 allows Outlook to process voicemail messages and redirect them to a handset or listen from to them from a PC. Messages can be recorded via the PC or from a phone. This feature is easy to use and is cleanly integrated with both Outlook client interface and the underlying NEC UC voice mail programs.
The NEC UA5200 software can best be described as a next-generation attendant console. The console user not only has access to all the incoming call information but also to presence information for the called party as well. With only two clicks, the incoming call can be forwarded to the recipient, alternate numbers, or to voice mail. For security purposes, it records threat calls with a single click and includes both the voice message and details such as caller ID if available, time and length. If customer records are kept on the UA5200, private call information can be sorted, identified with color codes with access subject to confidentiality rules.
Reliability: No sweat
Our reliability testing taxed both servers and endpoints, exercising any available failover capabilities by disconnecting network links and, in some cases, interrupting power. When we unplugged the power (one by one) to the redundant OW5000s presence engines, access to the underlying SQL database on which presence propagation relies was retained.
The UM8500 voice mail servers are configured in a secure Microsoft Cluster environment, which combines multiple virtual servers onto one or more physical servers; all can be managed from the MA4000. In this instance the Microsoft Exchange Server 2007 and Active Voice (AV) servers were combined into virtual servers host on the physical UM8500.
A voice mail sent to an extension attached to the redundant server was available even after the first Cluster (OH1) containing the active server was disconnected from the network with no delay of the message. Full voice mail options remained available during the server takeover process. There was a slight delay when reversed -- when Cluster OH1 became active and Cluster OH2 was disconnected. Voice mail logon was available after 1 minute but the voice mail message was available after about 2 minutes. Voice mail was available through the failure of the Exchange Server.
System Oversight: Excellent
NEC provides a number of standalone applications that can manage individual components of the UC system, but all components can also be managed from a centralized location using the Web-based MA4000 management application. Resident on its own server, the MA400 provides both a single point of administration and a single point of entry for IP PBX communications, voice mail, corporate directory, call accounting and E911 service.
Because it's accessible by network administrators and designated end-users who have permission to use various components in delegated management scenarios, its GUI has been designed to simplify management tasks for IT technicians and managers alike. Drop-down lists simplify terminal provisioning and moves-add-change tasks are handled with a wizard like interface. One thing we really liked was the consistent look and feel for both end users and administrators.
Powerful tools simplify and expedite station programming and renumbering. For example, large groups of devices can be deployed and using the MA4000's range programming tool, mass configuration changes can be applied.
The real-time monitoring tool determines the status of each station and collects VoIP and network traffic statistics from the SV7000 servers. This data can be used for capacity planning and for setting up threshold based alerts. For mass deployments, CSV files could also be used.
The MA4000 also offers proactive fault management that is designed to prevent network problems before they can take hold. Potential fault details are collected from all IP PBX and network applications in real time with SNMP traps. These are categorized by type, severity, source or even description. The MA4000 then generates notices for each type of determined fault.
As secure as it is powerful, the MA4000 works with LDAP-based Active Directory authentication methods, providing a single point of authentication for administrators and end users. For security purposes end user and administrator management interactions are encrypted.
The management system also offers certain types of intrusion detection, toll-fraud protection and a full audit history. It can raise an alarm and log information when it detects unauthorized access. For example, it tracks if multiple attempts to enter a password are incorrectly made and can send an alarm if there is an attempt to "hack" voice mail. We really liked that the alarm "pages" that list possible causes for a flagged event. The administrator no longer needs a book of codes with their significance.
System security: Solid
Based on tests where we assessed the vulnerability of each of the major UC components in the NEC offering using a variety of load and threat generation tools, we can say that system is highly reliable and secure. Server failover mechanisms responded quickly to deliberate network and power disconnects and seamlessly maintained calls already in progress. We made several attack attempts, which are discussed below, and the SIP server shrugged off our attempts to breach its security.
Using Clearsight Analyzer and WinSIP 3.0 we attempted to intercept and modify traffic as a means of gaining ingress to the network. These attempts failed because of the thick encryption on the server and other unified communications components. We also tested security of the system's other components, specifically aiming to make communications fail. We conducted a series of vulnerability scans, compound attacks, distributed DoS attacks, SIP-torture and other assaults in an attempt to find holes in NEC's security.
A Mu Dynamics Mu-4000 Service Analyzer was used to comprehensively test the security offered by the server, combined with our own proprietary VoIP security test toolset. With the MU-4000 2,500,107 anomalies and permutations of specific attack vulnerabilities were sent using a variety of protocols such as UDP, ARP, DHCP and IPv4 and SIP. The hardened SV7000 resisted all attacks, remaining fully operational.
When reporting on Friday’s DDoS attack, the national media should have warned consumers not to install...
The attacks that overwhelmed the internet-address lookup service provided by Dyn today were well...
By forcing Windows 10 on users, Microsoft has lost the tenuous trust and credibility users had in the...
Sponsored by AT&T
The massive DDoS attack that disrupted the internet address-lookup service Dyn last week was perhaps...
A Q&A on what caused the Dyn DDoS attacks and what to do to protect yourself and your network.
What every citizen should know about the state of our voting systems and the security of our elections....
Despite concerns about the proposed $85.4 billion merger of AT&T and Time Warner, analysts expect it to...