There is a lot to like about Avaya's one-X Unified Communications platform.
The company offers a dizzying array of UC products that enterprises can piece together to craft customized systems grounded in the company's long, solid telephony history. That said, integrating all the pieces together takes a lot of effort and may require a great deal of assistance from Avaya and its resellers.
Guide to VoIP: Beware of UC security threats
This Clear Choice Test is the first in a series of reviews that examine the facets comprising enterprise UC platforms.
Our hands-on evaluation of a 2,500-users Avaya UC deployment included an example of each of Avaya's one-X suite of UC endpoints including hard phones, softphone clients, smartphone clients and a Web portal interface. These clients were connected to redundant S8730 IP PBX/communications servers running a hardened version of Red Hat Linux and Communication Manager 5.1 software.
In the test bed's main office configuration, we employed Avaya's SES SIP server to perform standards-based SIP call set-up and routing, which worked in tandem with the S8730 servers. The servers were also connected to a G650 Media Gateway, which provided media translation (G248, H323 and SIP), SIP trunking and other voice gateway functions. According to Avaya, this configuration is capable of supporting up to 36,000 users, including 16,000 IP end points.
As our branch office UC link, we tested the Avaya G450 media gateway, equipped with embedded S8300 blade communication servers, also running Communications Manager 5.1. This configuration is capable of supporting up to 450 users.
Our hands-on evaluation included more than a dozen endpoints including IP hard phones, desktop videophones, PC-based softphones and mobile phones. We assessed the end-user interfaces including the breadth of features and functionalities they support, use of presence capability, voice-to-text support and integration with existing corporate e-mail and communications including MS Exchange and IBM Lotus Notes Sametime servers.
The easiest way to understand Avaya's UC platform is to examine its various parts.
Avaya's UC core: the S8730
The S8730 servers in our test network handled call routing and provided the basic PBX telephony functionality. The G650 media gateways ran along side the S8730 to provide traditional gateway functionality including connectivity to SIP trunks and H.323-to-SIP conversion. The new Communication Manager 5.1 software, which provides the core IP PBX functionality, features a number of improvements over previous version Communication Manager 4.0, including better server survivability, enhancements to integrate with a SIP contact center and support for additional hardware configurations.
The S8730s we tested had AMD Opteron Quad Core processors with 4GB of memory operated by Red Hat Enterprise Linux 4.0 operating systems. Overall system availability was increased with the RAID 1 controllers and the optional second RAID hard disk drive. A second power supply is an optional feature.
When we physically disconnected a remote office from the main S8730 servers, connectivity was restored in about 3.5 minutes as the remote S8300 blade servers took over the main servers' functions at that point. During the downed period, all calls that were in progress remained connected but no new calls could be made. Features such as presence or directory services were unavailable until either connectivity was restored or the full system failover took place.
The system was configured (according to Avaya's best-practices standard) to wait 3 minutes before turning over control to the S8300. The 3-minute failover delay is a good practice for a geographically distributed failover mechanism in order to avoid "flapping" back and forth or a premature failover. This adjustable lag is designed to give the WAN a chance to recover on its own. If the 3-minute lag was eliminated, the system could theoretically restore connectivity in 30 seconds.
Local system resiliency for the Avaya S8730 provided instantaneous failover in other tests we conducted. We interrupted network connections and power supplies to invoke the same unit redundancies as well as failover to a standby S8730.
We also tested security of the system's components, specifically aiming to make communications fail. We conducted a series of vulnerability scans, compound attacks, distributed denial-of-service (DoS) attacks and SIP-torture assaults.
A Mu Dynamics Mu-4000 Security Analyzer was our weapon of choice inside the test network, combined with our own proprietary VoIP security test toolset. With the MU-4000, we sent over 2.5 million anomalies and permutations of specific attack vulnerabilities using a variety of protocols such as UDP, ARP, DHCP and IPv4 and SIP. The hardened Avaya UC system withstood all attacks.
We made several attempts using SIP signaling exploits to spoof an Avaya IP phone (pretending to be one of the authenticated endpoints on the network). The system would not allow us to register. We were also unsuccessful in cracking the system using a classic "man in the middle" attacks whereby we attempted to intercept call setup and call media voice traffic. Our attempts to overrun the S8730 and SES SIP servers with call requests were also unsuccessful.
When we ran the distributed DoS attacks none of the components failed or required a reset. At best, we could hinder calls from the soft clients, the Avaya 9640 hard phones and other endpoints, but we couldn't break the components or cause the equipment to need a reset. The product satisfied our base level performance metrics for a modern IP PBX, achieving 6,000 busy-hour calls with 1,000-user loads without dropping any calls. We expected at least a few dropped calls at this level of operation, so this call completion volume is impressive.
Voice quality tests achieved 4.4 or higher in the mean opinion score (MOS) tests even when transitioning between H.323 and SIP calls, an excellent showing as compared with other telephony systems we've tested. Of course, Avaya did have the advantage of using separate media gateways that provided additional processing power for this functionality.
Building on this strong VoIP base service, Avaya has branded many of its UC interfaces as part of its one-X family of products. We tested one-X Communicator, the one-X Deskphone Edition 9600-series phones, one-X Portal, one-X Desktop Edition, one-X Mobile and one-X Speech.
In general we liked the one-X interface designs. To varying degrees, they afforded necessary access and interaction between communication modes including IM, voice mail, e-mail and telephony. Most were integrated with a functional presence to allow you to see other parties' availability while you advertise your own.
Avaya one-X endpoints
The one-X IP telephones feature the latest in VoIP technology such as displaying presence, integration with Microsoft Outlook, extension to cellular deliver and use of the G.722 codec open standard for wideband audio. The units we tested – Avaya's top-of-the-line 9640 and 9650 models – provided excellent sound quality.
All phones in the 9600 family support H.323. SIP support is available on the 9620, 9630/30G and 9640/40G. A product called SIP R2.0 for the 9600 Series provides security enhancements such as Secure Real-Time Transport protocol and Transport Layer Security. The 9640 has a VGA color display.
The 9640 taps into Outlook calendar appointments and offers changeable display skins. We also accessed the Avaya instant messaging application using a programmable soft key. The phone's alpha-numeric keypad was used for typing messages and the 9640 features a USB port to connect a keyboard as well.
We could access our e-mail from the device by dialing the one-X Speech attendant to have our messages read to us. The assumption is that, in most cases the desktop phone will be close to a computer that will most likely be the interface used for IM, e-mail and calendar. But it is good to know these applications can be accessed through the hard phone only.
When used with Communication Manager 5.1, the 9640 supports up to three Subnet Bandwidth Manager 24-button expansion modules allowing it to serve as a receptionist-type phone.
Avaya one-X Communicator
Avaya's one-X Communicator is a unified communications soft phone application that incorporates all the functionality of Avaya's one-X Desktop client. For instant messaging, one-X Communicator includes Avaya's own instant messaging application and also provides API hooks into existing "default" instant messaging programs such as MS Office Communicator, IBM Lotus Sametime and Jabber. E-mail hooks also exist for access into MS Outlook client and IBM Lotus Sametime
One-X Communicator has both a SIP and H323 version that are identical except for underlying protocol support. This enables switching between the softphone client and desktop hard phone.
Companies can deploy one-X Communicator either as a standalone client application or utilize the integration of one-X Communicator into existing applications including Microsoft Office Communicator or Citrix Presentation Server.
One-X Communicator gets telephony presence information from the Intelligent Presence Server, which is another piece of the UC puzzle. This software product – which we ran on IBM X306 server -- tracks, maintains and advertises user presence information and communicates with MS Office Communications Server.
In testing, users are able to make, receive and handle voice calls, send instant messages and track each others' presence using a graphical interface we found both intuitive and clean. The Avaya one-x Communicator provides integrated access using APIs to the mail client being used. Avaya's other product offerings also push UC functionality to the e-mail in-box, for example, voice-to-text in an e-mail form and visual voice mail where you can see full caller detail information and attached WAV files in an e-mail.
Avaya one-X Portal
Avaya one-X Portal is a Web-based application that runs on a separate server (Avaya's AES - Application Enablement Server)and brings access to UC functions, including telephony, conferencing and messaging, to any device with a browser and an Internet connection. It does not require software to be installed on a user's computer.
We tested access to the portal using both a Windows XP-based notebook running Internet Explorer 7 and an Apple notebook running Safari. The interfaces were exactly the same on both browsers.
The login procedure was easy: We just entered a user name and password, which were verified against Active Directory. We were glad to see there was no "remember me" feature. While convenient, these functions can lead to security breaches.
Access to all communication applications including e-mail and IM takes place directly from the browser. The application worked well, providing call logs and allowing us to dial, conference and transfer in one click. On conference calls, we could see the names of all participants and we could mute any of them, a function that comes in handy to silence participants calling from sites with a lot of background noise.
Using the one-X Portal (just like with one-X Communicator) we could easily see whether other users in the test network were on the phone, online, in a conference call or available for instant messaging and thereby we could make an intelligent decision on the best way to communicate.
Avaya one-X Mobile
Avaya's one-X Mobile application brings a level of UC capability to mobile phones by providing access to office phone functions through a graphical user interface. It should be noted that one-X Mobile does not provide e-mail access. Nor does it provide presence and messaging capabilities. In essence, one-X Mobile isn't going to turn a dumb phone into a smart one.
According to Avaya, the one-X Mobile client can be used on more than 200 models of cell phones, including the Apple iPhone. The one-X Mobile family consists of software clients for Symbian, Windows Mobile, Blackberry, Palm, Java and iPhone.
Our testing on the Blackberry Curve and Blackberry 8700 showed that one-X Mobile comes pretty close to offering mobile users all the telephony communication options they get while in the office. Its single business number access feature lets the user receive calls from one central place without providing callers the mobile phone number. This mobile desktop extension enables the user to decide to take a message, have it stay in the Avaya voice mail store or get returned to the Avaya attendant. Also, the caller ID information sent when returning calls can utilize information pertaining to the office desk phone instead of the mobile account.
The mobile application has configurable settings that can be used to block callers and send them directly into voice mail or another number. Instead of using the mobile carrier's voice-mail system, one-X mobile can route callers to the Avaya Communication Manager 5.1 voice-mail system, which has more features, including voice-to-text and e-mail versions of the voice mail.
With more and more workloads going to the cloud, and the top vendors being as competitive as they’ve...
Sample some of the toughest job interview questions for technology professionals, as rounded up by...
The U.S. government reportedly pays Geek Squad technicians to dig through your PC for files to give to...
Sponsored by AT&T
Sponsored by Aquantia
So far, there’s no reason to think this issue is affecting other iPhone devices.
Of the Everests that IT faces daily, identity and access management is a particular challenge. These 10...
New and dynamic authentication factors can help prevent identity theft.
A fresh round-up of venture-backed Internet of Things startups with a focus on enterprise IT.