White Paper

Nortel Networks

Designing converged enterprise networks for IP telephony

Contents
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 The human factorrequirements and expectations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Designing converged networks for IP telephony . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 The first 100 meters: desktop and wireless LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 End-to-end Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 An end-to-end system-level view of reliability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 QoS and reliability across the public cloud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Organizational implications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Appendix: IP telephony application design best practices . . . . . . . . . . . . . . . . . . . . . . . . . 19

Introduction
The new enterprise network needs to anticipate customer needs; support seamless collaboration with customers, suppliers and employees; and enable exceptional levels of personalized service. Nortel Networks brings these requirements together and addresses them in an innovative new enterprise strategy centered around our vision called One network. A world of choice. One network because it supports infrastructure convergence and eliminates boundaries. A world of choice because it delivers options on how the enterprise builds the optimal network to suit its needs. Nortel Networks enterprise strategy includes Internet protocol (IP) telephony as an enabler of increased productivity and increased customer engagement, running on a converged, application-optimized network. IP telephony solutions now scale to 200,000 users to serve telecommuters, remote offices, contact centers, and campuses. IP telephony has matured to allow full-scale enterprise deployment: centralized or distributed control, enterprise-wide access to applications such as unified messaging, uncompromised voice quality, choice of features and functions, multiple migration paths, and coexistence with legacy systems. In fact, many customers are already rolling out IP telephony solutions, aiming to reap the benefits of convergence in the LAN and the WAN, and of converged applications. These include the full gamut of Nortel Networks fully-featured, highly reliable and scalable solutions including the i2002/i2004 IP telephones and i2050 soft phones, the Business Communications Manager, the CSE 1000, IP-enabled Meridian, CallPilot unified messaging, and Symposium contact center. In doing so, many are asking how to evolve their networks to provide the required reliability and performance. This white paper provides technical guidelines on the development of IP networks that consistently, reliably, and securely deliver connectivity, low latency, and throughput for IP telephony. IP telephony is not alone in driving the evolution of enterprise networks from best effort networks designed for data to converged application-optimized networks. Variable and long delays, insufficient throughput, and downtime can result in lost productivity, loss of revenues, and lost customers across the full spectrum of internal and customer-facing applications. The real-world approach advocated in this paper is based on the overriding principle that an application view must be taken in holistically designing the IP telephony system and its underlying network. For IP telephony, this application view starts with the human at the end of the line, while the design of the network must factor in the design of the application.
Figure 1. Nortel Networks One network. A world of choice.

Consistent customer experience everywhere

Business connectivity via the Internet

Security for all applications and services

Internet

IP telephony succeeds traditional telephony

Storage and networking at light speed

The human factorrequirements and expectations

The real measure of the performance of IP telephony systemsand of the underlying networkis how well the users requirements and expectations are met, which includes understanding the technical challenges in doing so. The users perception, in turn, is affected by sound fidelity, end-to-end delay, and echo. Expectations for reliability and security have been set by traditional voice networks (Figure 2). In fact, it has been common practice in the industry to assess voice quality by asking users what they perceive, quantified as a mean opinion score (MOS) on a scale of 1 to 5, where 5 is very satisfactory. To move away from the subjectivity of MOS, Nortel Networks has been driving the development of ITU-T G.107, which defines an E-model to objectively measure voice quality. An Emodel R value of 70 or greater provides acceptable voice quality. Fidelity (the clarity of the signal) has improved over the decades as the telephone network has moved to digital operation. Therefore, the industry talks about toll-quality voice as an objective of IP telephony, referring explicitly to the user experience over circuit switched networks. Users want this level of fidelity, though they will reluctantly tolerate lower levels if they gain a lot of value (e.g. mobility with cell phones). In IP telephony, voice packets are transmitted over digital transmission facilities with very good error performance; the percentage of voice packets that contain errors (and are therefore discarded) is extremely low. The fidelity of the voice is dependent on the performance of the coder/decoder (codec) and rate of lost packets. Codecs convert the analog voice signal to a digitized bit stream at one end of a call and return it to its analog state at the other. While bit rates of 64 kbps have been used for years in digital systems, state-of-the-art codecs can deliver near toll-quality voice at bit rates as low as 8 kbps (or even lower). The occasional lost packet (e. g., less than one percent) is problematic for telephony, since this only impacts a short sample of speech; beyond this level, packet loss can be very disruptive to voice communications. Lost packets arise when noise corrupts the packet ormore likely in todays environmentwhen a switch or router in the path drops packets due to congestion or failure conditions, or when an IP telephone or Media Gateway discards a voice packet that has been delayed beyond some acceptable limit (as discussed below).

Figure 2. Human requirements and expectations for IP telephony

E-Model R-value of 70

150 msec one-way delay max

Dial tone always

Calls are private

Few impairments

In audio streaming, one-way delay is generally not an issue. In two-way telephony, delay can impair the quality of the conversation. Delay destroys simultaneity on the call, adversely affecting turn-taking and making it difficult to interrupt. It can even affect one users perception of the politeness, honesty, intelligence, or attentiveness of the other. These impairments become noticeable when the one-way delay rises above 150 ms. This is what is known as the delay budget. There are various contributors to end-to-end delay, including delays introduced by voice codecs, transmission and queuing delays, and propagation delays. Once the delay has been introduced, there is no way to remove it, or mitigate its effects. In a lightly loaded network, the one-way delay is the sum of the codec delay; the time required to transmit the voice packetincluding IP, user datagram protocol [UDP], and realtime transport protocol [RTP] headerson a hop-byhop basis across the network; plus propagation delay (5 ms per km over fiber or 30 ms across the continental U.S.). Thats the best that can be done and contributes to the end-to-end delay budget. In campus networks, this delay is small and dominated by codec delay; on the other hand, long-distance calling and the impact of multiple codecs in the path (for example, transcoding between IP and circuit switching and back to IP) can result in using up to 50 percent or more of the delay budget. Variable packet delay is inherent in all packet networks, due to the receive-queue-and-forward operation that takes place at every node along the path. IP telephony systemsas well as audio streamingare designed to compensate for packet delay variations up to a certain limit. Beyond this limit, received packets are too late to be of value and are discarded. If this happens occasionally, it probably goes unnoticed. If it happens more often, it can be highly disruptive. Echo is another related parameter that has an impact on user perceptions of quality. A certain amount of instantaneous echo is required by the human speaker, to avoid the perception of talking into emptiness. Human psychology demands that a speaker hear himself speak, so local sidetone is generated by the telephone set. Because of the increased delay compared to circuit-switched networks, echo control is essential for certain types of IP telephony connections. The human ear and brain can mask undesirable echo; it must be quieter and quieter as the delay increases for the human perception of performance to remain in the acceptable region. So far, this paper has discussed human perception of voice quality. Users also have expectations that IP telephony is reliable (dial tone is always there and calls are rarely dropped) and secure (existing telephony systems are perceived to maintain the privacy of communications). The nature of dial-tone is changing with IP telephony since it can be generated by the device and not necessarily imply service availability; while security in IP telephony is a much broader issue than privacy. The Appendix provides an overview of the design of the IP telephony systems themselves, which contribute to performance as perceived by the end user. It does this by identifying a number of best practices of IP telephony system design. IP telephony systems consist of clients, Communications Servers, Media Gateways, and Applications Servers distributed across an IP network. Signaling and voice payloads are encapsulated into relatively short packetsthe latter consuming 24 or 80 kbps with G.729 and G.711 respectively. The packetization process consumes part of the 150-ms one-way delay budget, as do various impairment reduction mechanisms built into IP telephony systems. The reader is encouraged to understand this dimension in designing robust IP telephony solutions. The rest of the white paper addresses the design and engineering of application-optimized IP networks that meet IP telephony user needs, and takes into account the design of IP telephony systems.

Designing converged networks for IP telephony

To support IP telephony, a best-effort networkdesigned for TCP-based data and prone to variable delay and packet loss under congestionis being asked to carry applications that require predictable delay and low packet loss (since there is no time to recover from lost packets). Like some data applications, IP telephony systems have high reliability requirements, and they are assumed to be secure. A systematic approach must be taken in designing such networks starting with the first 100 meters, crossing the campus and the WAN, and ending with a discussion of organizational implications. Nortel Networks has developed a number of guidelines to assist enterprises in designing and building real-world IP networks thattogether with the design of the IP telephony application itselfconsistently, reliably, and securely deliver connectivity, latency, and throughput requirements for IP telephony and emerging collaborative and engaging applications. The remainder of this white paper expands on five key areas.

The first 100 meters: desktop and wireless LANs

A few years ago, desktop networks were built on shared media hubs, using a variety of cabling schemes and with best-effort networking. Today, switched Ethernet is the norm, wireless LANs are exploding, and a variety of standards-based Quality of Service (QoS) mechanisms have been built into network products. The following guidelines should be followed in deploying IP telephony in this environment (Figure 3). Structured in-building wiring Category 5 (or better) structured wiring should be used to the desktop. This will ensure that quality voice can be delivered over full duplex 10/100-Mbps links. Structured wiring is important in meeting emergency 911 requirements, which require a correlation between Ethernet port and physical location of the IP telephone. Dedicated switched Ethernet to each telephony desktop Only switched Ethernet QoS-enabled switching (for example, based on the Nortel Networks BayStack portfolio, including the Business Policy Switch) with dedicated ports to each desktop should be used for IP telephony. Shared-media Ethernet hubs must never be used due to packet collisions that will impact voice quality by dropping voice packets. The Ethernet connection could support a soft client in a desktop PCor separate IP telephone and PCsharing the port via a three-port QoS-enabled switch. The wiring closet Ethernet switch should be in a secure location to avoid eavesdropping and other security breaches (which are more difficult with VoIP than with analog phones). IP telephony powering Power outages pose a serious concern. For certain industries such as health care, even the occasional power outage is unacceptable. In such industries, it is standard practice to provide battery and even generator backup for telephony systems. Powering of IP telephones and the use of uninterrupted power supplies (UPSs) can provide increased reliability for IP telephony, matching what can be done over private branch exchanges (PBXs). Powering of IP phones can also ease cabling at the desktop. The in-line powering standard is IEEE 802.3af, and is supported by the Nortel Networks BayStack 460PWR Ethernet switch.

 Category 5 wiring Dedicated switched Ethernet QoS: IEEE802.1p/Q IEEE 802.3af powering

Figure 3. First 100 meter connectivity for IP telephony

1 4 7 * *

2 5 8 0 0

3 6 9 # # #

Security: proprietary, WEP, IPsec QoS: proprietary, IEE802.1p/Q, DiffServ

1 1

 

IP telephony over WLANs Wireless LANs operate over a shared radio spectrum, providing mobility for data devices, IP phones, and PC-based soft clients. Running IP telephony on WLANs must address two key requirementsQoS and security over the radio portion. QoS is being addressed by IEEE 802.11 for WLANs, which will result in an 802.11e standard. However, Symbol Technologies, Inc.with whom Nortel Networks has a strategic alliance focused on IP telephonyhas implemented Enhanced Packet Prioritization (EPP) QoS technology in its 11-Mbps AP-1431 Access Point product, which will support 802.11e when standardized. EPP prioritizes packet transmissions from access points to mobile units and is very useful for media content (for example, IP telephony and streaming video) that can be prioritized over a heavily loaded access point. As with public wireless hot spots, users of QoSenabled WLANs should expect less than toll-quality voice some of the time, particularly in busy mobile PC-intensive environments. On the other hand, high-quality voice can be expected in controlled environments such as retail. Differentiated services (DiffServ) are also supported for end-to-end QoS. Another important consideration with 802.11 WLANs is encryption and authentication. Native security (for example, Symbols MobiusGuard, a comprehensive security suite), wireless application protocol (WAP), or use of IP security measures (IPsec) via IP virtual private network (VPN) soft clients (for example, Nortel Networks Contivity IP-VPN clients) in PCs meet the encryption needs for IP telephony and data alike. For authentication, 802.1x and its extensible authentication protocol (EAP) is the recommended approach and is supported by products such as the Nortel Networks BayStack 470.

End-to-end Quality of Service

Many enterprises have not implemented any form of QoS. Because of this, the traffic may experience differing amounts of packet delay, loss, or jitter at any given time, which can in turn cause speech breakup, speech clipping, and pops and clicksor even worse. Even if bandwidth is over-engineered, growth of traffic, rapid changes of traffic patterns, and network connection failures may result in impairments that impact IP telephony (such as packet loss and excessive delays). The following guidelines should be followed in deploying real-world IP networks that support IP telephony applications across in-building, campus, and broadband leased lines over the MAN and WAN. Going over public packet data networks and over lower-speed leased lines and Layer 2 VPNs requires special attention and will be discussed in the section on QoS and reliability across the public cloud. QoS via 802.1p/Q The IEEE802.1Q standard adds four additional bytes to the standard 802.3 Ethernet frame that provides Ethernet QoS via a three-bit 802.1p field and a virtual LAN (VLAN) ID. Most Ethernet switchesincluding the Nortel Networks BayStack portfoliosupport this standard. Ethernet QoS can be accomplished via the three 802.1p user priority bits, to create eight classes of service for packets traversing Ethernet networks. Ethernet QoS can also be accomplished by prioritizing traffic based on the
7

VLAN ID only, although with less granularity than using 802.1p. For IP telephony, Nortel Networks recommends an 802.1p binary value of 110 for both voice bearer and voice signaling. VLANs can be used to separate traffic for ease-of-management and security purposes, although this is not a requirement. In this case, voice traffic can be placed into one VLAN and nonvoice traffic (for example, data or video) into other VLANs. The voice VLAN traffic is prioritized using the 802.1p bits. IP QoS via Differentiated Services (DiffServ) Different types of applications (including IP telephony) have different traffic characteristics and require different types of QoS behaviors to be applied to them at every router and switch along the path (Figure 4). DiffServ defines a number of different QoS behaviors and their corresponding QoS mechanisms, called per-hop behaviors (PHBs). These PHBs are identified by an IETF-standardized DiffServ control point (DSCP) carried in each IP packet. Even if there is plenty of unused bandwidth available, IP QoS is required, since IP telephony performance may be impacted during times of congestion and traffic peaks and after loss of bandwidth after failures. One of the PHBs defined by DiffServ is the expedited forwarding (EF) DiffServ PHB, the behavior of which provides a low-latency, low-loss service that is ideally suited for VoIP. The EF DSCP is represented by the binary value 101110.
Figure 4. QoS needs: IP telephony and other applications

Performance dimensions
Bandwidth Sensitivity to Delay Low High High High High Medium Jitter High High Medium Loss Medium Medium Medium

Application
IP telephony Video conferencing Steaming video on demand Streaming audio eBusiness (Web browsing) E-mail File transfer Low Medium Low Medium

Medium Medium

Medium Low

Medium High

Low Low

Low Low

High High

Though more comprehensive schemes can be used to differentiate between various types of data traffic (for example, priority data applications) and IP telephony, the simplest approach is to construct network QoS such that there are only two traffic classesone for IP telephony and the other for best-effort data traffic. The IP telephony traffic class uses the EF PHB (DSCP 101XXX). The best-effort data traffic class uses the default (DF) PHB (DSCP 000000). Separation of voice and voice signaling allows routers and switches along the path to separate these types of traffic onto separate strict priority queues to minimize voice jitter that would be introduced by the interaction between voice and signaling packets, particularly on slow WAN links. Ethernet switches generally only support IEE802.1p/Q. However, Nortel Networks products such as the Business Policy Switch and the BayStack 470 also support DiffServ QoS functionality. Passport 8600as a Layer 2-7 devicesupports DiffServ and much more through its Express Classification (XC) technology.
8

Nortel Networks Service Classes (NNSCs) End-to-end QoS management can be quite complex. Nortel Networks has simplified QoS by creating standardized, default QoS configurations and behaviors for its products in the form of end-to-end network service classes. These are called Nortel Networks Service Classes (NNSCs) (Figure 5). NNSCs have been defined based upon the most common types of applications. They provide default mapping between DiffServ and different link layer QoS technologies that a particular interface uses, such as 802.1p for an Ethernet interface. NNSCs define default QoS settings per DSCP queue in which traffic is placed, traffic management parameters, and traffic schedulers. They can also be created on non-Nortel Networks products, through device configuration or QoS policy management systems. The premium NNSC has been defined to be used for IP telephony applications such as VoIP. It uses the EF PHB and IEEE802.1p value 6 as previously defined. These standards use the strict priority scheduler and a policer that discards packets that are out-of-profile; that is, that exceed the configured bandwidth for the service. Under normal operating conditions, no packets should be dropped. Premium NNSC traffic is also mapped to different link layer QoS mechanisms, depending upon the link layer used for transport, such as ATM, Frame Relay, point-to-point protocol (PPP), or Ethernet.

Nortel Networks recommends that the four IETF-standardized DiffServ PHBs be supported: Expedited forwarding for IP telephony applications and services Assured forwarding (with multilevel random early discard [RED]) for various types of real-time delaytolerant and non-real-time mission-critical applications Default forwarding for best-effort services Class selector to migrate non-DiffServ-compliant legacy routers and switches that only support the IP precedence in the type of service (TOS) field. A standards-based approach will keep the IP networking environment open and therefore most agile to business needs.

Figure 5. Nortel Networks Service Class definitions

Traffic category

Example application

Nortel Networks Service Class

Network control

Critical alarms Routing, billing, critical OAM

Critical Network Premium Platinum Gold Silver Bronze Standard

Interactive

IP telephony Video conferencing, interactive gaming

Responsive

Streaming audio/video eCommerce

Timely

E-mail, non-critical OAM File transfer

It is important that all IP telephony packets be queued in a router or switch using a strict priority scheduler, thereby giving telephony packets priority treatment over all other packets. This is required to minimize voice delay and delay variation (for example, jitter). Because a strict priority scheduler can starve the servicing of all other traffic queues, a starvation-avoidance mechanism needs to be set to limit the maximum amount of bandwidth that the VoIP traffic can consume. Many products including the Nortel Networks Passport 8600 routing switchhave this rate-limiting function. In general, weighted schedulers such as weighted round robin (WRR) or weighted fair queuing (WFQ) are not recommended. If a router or switch does not support a strict priority scheduler (for example, it only supports a weighted scheduler), then the queue weight for VoIP traffic should be configured to 100 percent. If this cannot be done due to some product limitation, the network provider should consider replacing the product, because it could cause unpredictable voice quality. IP address prioritization IP telephony traffic can also be prioritized by its IP address. This approach is ideal for devices with statically assigned IP addresses that rarely, if ever, change. IP PBXs, VoIP gateways, and communications servers are VoIP devices that would have their IP addresses statically assigned. Routers and switches can be configured to filter/classify and prioritize all packets originating from these IP addresses. Switch and router performance Even under heavy load, routers and switches should provide IP telephony traffic with very low latency. In addition, they should support wire-speed operation (even with short packets) when packet classification (QoS) is activated. Turning on various packet classification schemes on some software-based routers can have severe impacts on performance, including VoIP packet loss and delay. This is definitely not the case with the Nortel Networks Passport 8600 routing switch (Figure 6). The Passport Express Classification technology provides deep-packet filtering, all in hardware, with no performance degradation even at Gbps speeds. Not only is DiffServ supported, but decisions can be made on every packet on whether to allow it, how to queue it, where to forward it, and what changes to make to it.
Figure 6. Nortel Networks Passport 8600 Express Classification technology

INGRESS
Filtering Service Type 1 Mark packet 8 7 Mark packet 6 5 XC Service Type 3 Service Type 3 Mark + police 4 3 2 No Service Type (browsing) Classification Switching 1

EGRESS
Control

Service Type 2

IP Telephony
eCommerce ERP

Voice/video/data traffic

Outgoing interface

Service Type 4

Police packet

Web surfing

Servicing

10

Expanding QoS beyond IP telephony The capabilities described above are designed for IP telephony, but clearly can be expanded across a range of applications, including mission-critical data and real-time collaboration. A comprehensive policy management system is seen as a critical tool as QoS is expanded beyond IP telephony applications, and is a source of significant operational cost reductions. Nortel Networks Optivity Policy Services manage QoS policies on products such as the Passport 8600, BayRS routers, the Business Policy Switch (BPS), and the Business Communications Manager (BCM).

An end-to-end system-level view of reliability

The telephony world refers to 99.999 percent base system reliability based on a mean time between failure (MTBF) measured in tens of years and redundant common control (for large systems). But this metric alone doesnt reflect the realities in real-world IP networks. A few examples can help. An IP network may fail in delivering IP telephony performance: If it is 100 percent up, but there are non-hardware failure conditions such that a remote site, while physically connected, is logically unreachable (for example, due to routing information protocol [RIP] hop count limits) If it is 100 percent up, but there is congestion in the network resulting in increased packet loss and excessive delays If it is 100 percent up, but IP routing convergence after failures takes too long Consequently, for an IP telephony system, the definition of base system reliability is problematicit is as much a function of how telephony Communication Server and Media Gateway functions are distributed and designed, as of the underlying data-driven infrastructure. Clearly, a comprehensive approach is required to meet the reliability expectations of IP telephony users. Traditionally, IP networks achieve reliability through a combination of non-redundant routers running dynamic routing protocols and applications running error recovery protocols (for example, transmission control protocol [TCP]). However, real-time delay-intolerant applications such as IP telephony dont run TCP (theres no time for retransmissions) and, therefore, require rapid recovery from equipment and physical link failures. The following guidelines should be followed in deploying networks which meet IP telephony requirements as they relate to reliability. Backbone node reliability and availability Backbone node reliability (driven by MTBF) and availability (driven by mean time to repair [MTTR]) should be heading towards figures comparable to those for traditional telephony systems, recognizing that networking techniques can be used to fill the gap. This is achieved by designing switches to deliver the following: Very high component MTBF Redundant power, fans, and temperature sensors Redundant switch fabric and common control with sub-second switchover Hot swappability of all cards Automatic short (sub-minute) system boot and restart times Short (sub-minute) software upgrade service outage time The Nortel Networks Passport 8600 is one of the most resilient routing switch products in the industry, and forms the backbone for both enterprise and carrier networks.

11

Rapid detection and recovery below Layer 3 IP routing system can take a long period of time to converge after failures. For example, if routing protocols such as open shortest path first (OSPF) are used, the convergence times are proportional to the square of the number of routers in the network, and can last minutes in large networks. Therefore, a sound design principle is to provide resilience at the Layer 1 level and provide rapid recovery from failures at that level. In this way, link failures can be handled without impacting the Layer 3 routing system. Three technologies play key roles in this space: Ethernet link aggregation (cf. IEEE802.2ad) allows multiple 100/1000-Mbps Ethernet links to be configured as a trunk group between wiring closet switches and backbone nodes, and between backbone nodes. Automatic traffic rebalancing takes place if one of the links fails. Nortel Networks has taken this one step further in its Split Multi Link Trunking (Split MLT) solution supported on Passport 8600 and on the BayStack portfolio (Figure 7). Split MLT provides sub-second recovery from link failures across trunks homed on two nodes (for extra resilience).
Figure 7. Split MLT: A key reliability enabler

No single point of failure Sub-second fail over Load sharing Layer 2 recover (no impact on IP) Interoperable
IST IST

Core

For extended campus and data center environments, optical dual ring technologies can provide very high resilience. These provide 50-ms recovery from failures on a SONET and wavelength basis. The Nortel Networks OPTera Metro portfolio is the foundation for highly reliable storage networking for many of the largest financial institutions. A new option is resilient packet rings (RPR) being standardized by IEEE802.17. RPR is a Layer 2 solution that combines optical ring and Layer 2 technology (it is a new medium access control [MAC] layer) to provide 50-ms recovery from failures by using a counter-rotating ring. Nortel Networks pioneered RPR in its leading OPTera Metro 3500 portfolio.

12

Dynamic routing over designed networks Some of the key IP networking standards that enhance fault-tolerant networking include high-performance dynamic routing protocols (such as OSPF), protocols for route balancing across paths (such as equal cost multi-path [ECMP]), and for LAN redundancy (such as virtual router redundancy protocol [VRRP]). These protocols should be carried over networks that are designed to put an upper limit on the number of routing points between end users (for example, four, even under single-failure conditions). This puts an upper limit on the delay across the network and speeds up routing convergence times. The capabilities described above are designed to meet the demanding needs of IP telephony, but clearly deliver the benefits of increased reliability for all applications running across the network.

QoS and reliability across the public cloud

Meeting IP telephony QoS, security, and reliability requirements across public packet networks requires special attention. While leased lines are always an option to interconnect sites, virtual private lines using Frame Relay, ATM, andincreasingly IP-VPNs and Optical Ethernet are attractive alternatives. A high degree of flexibility is required to extend networks reliably and with the required application-optimized performance across these carrier environments (on possibly a global basis) with their differing interface, signaling, price/performance, and QoS attributes. The following guidelines should be followed in deploying real-world IP networks that support IP telephony across the cloud. Engineering the bandwidth Typically, LAN bandwidth is inexpensive and is a fixed one-time cost (network interface card [NIC] or switch blade). However, in the MAN or WAN, bandwidth is expensive and results in a monthly recurring cost. QoS allows the enterprise to use expensive WAN bandwidth most cost-effectively. The bandwidth used for voice calls is dependent on the codecs used and how these are configured for different types of calls. How facsimile is handled also needs to be factored in. Traditional voice engineering methods can be used to determine the number of calls that need to be engineered over the WAN link, factoring in calling communities of interest, the number of busy hour call attempts, and the average call holding time. Over under-utilized T3-and-above leased lines, adding IP telephony traffic uses up available bandwidth. For highly-utilized high-speed links and lower bandwidth (T1 or less) connections, the amount of VoIP traffic should be limited to a percentage of the bandwidth of the connection. This is done to minimize the maximum queuing delay that the VoIP traffic experiences over low-bandwidth connections. For lowbandwidth (less than 1 Mbps) connections, no more than 50 percent of the available bandwidth for voice traffic should be used. For connections more than 1 Mbps, up to 85 percent of the available bandwidth for voice traffic can be used. In packet-based services such as Frame Relay, ATM, and Optical Ethernet, tariffs are based on the access link speed and some form of committed rate and burst sizecommitted information rate (CIR) in Frame Relay, peak cell rate (PCR) in ATM, and committed access rate (CAR) in Optical Ethernet. Adding IP telephony traffic results in the need to subscribe to additional virtual circuits (see the following section) and/or higher traffic rate classes. Flexible QoS mapping at the WAN edge Running IP telephony over leased lines leaves QoS and traffic management totally under the control of the enterprise, and has been largely discussed previously, with the added comment that special attention must be given to packet fragmentation and reliability as discussed below (Figure 8). Support for flexible QoS mapping when working into carrier packet services is another matter, and should be addressed as follows: Frame Relay standards and products exist for QoS support though service providers have not generally offered QoS-based services. DiffServ, in conjunction with Frame Relay traffic management, is used to provide QoS over Frame Relay networks. In addition, a separate mesh of virtual circuits (VCs) should be established for IP telephony with appropriate CIR, to minimize interaction between voice and data traffic. The IP telephony VCs should run at a higher priority, if this is

13

offered by the service provider. The Nortel Networks Contivity Secure IP Services Gateway portfolio supports secure routing and full QoS support at the edge of Frame Relay networks. A key differentiator of Contivity is that the same device can be used over an IP-VPN through a software upgrade. ATM is designed for multi-service transport, though it is extremely bandwidth-inefficient in supporting IP telephony, unless IP header compression is used. A G.729 IP stream could take up over 80 kbps across ATM. That said, if ATM is to be used, then IP telephony traffic should be carried over constant bit rate [CBR] or real-time variable bit rate [rt-VBR] VCs (one VC for all voice traffic between a pair of sites). These VCs should be sized appropriately. ATM can support both voice and data over a single VC, provided that the ATM VC is selected to support the most stringent multiservice application (in this case, voice). Optical Ethernet provides native Ethernet connectivity with support for IEEE802.1p/Q. The high-speed, low-latency attributes of this service make it ideal for MAN/WAN connectivity among metro sites. The CAR may need to be specified such that it supports the maximum number of simultaneous voice channels plus any data traffic. DiffServ is again used for service differentiation and IP QoS. The Nortel Networks Optical Ethernet portfolio includes the Passport 8600 and OPTera Metro, and uniquely can be used to build private networks or as the basis of managed services. Using IP-VPNs over the Internet is very attractive for remote access and for connectivity to remote offices. The implications for IP telephony are described later in this document. Nortel Networks has an extensive set of tools to support its customers in developing real-world networks for IP telephony. Contact your local Nortel Networks representative for details.
Figure 8. IP telephony options across public networks

NNSC

DiffServ Code Point (DSCP) CS7

ATM service category

802.1p user priority

Critical Network Premium (IP telephony) Platinum Gold Silver Bronze Standard
* x=1, 2, or 3

rt-VBR CS6 EF-CS5 CBR or rt-VBR AF4x*, CS4 rt-VBR AF3x*, CS3 AF2x*, CS2 nrt-VBR AF1x*, CS1 DE,CS0 UBR

5 4 3 2 0

14

Reducing delay through packet fragmentation In mixed voice/data IP networks, packets must be fragmented prior to traversing bandwidth-limited (less than 1 Mbps) connections to minimize voice delay and jitter. There are several different protocols that can be used to fragment packets. For Frame Relay connections, the provider can use the FRF.12 standard. ATM natively provides fragmentation, since all packets are fragmented into 53-byte ATM cells. However, there are two types of fragmentation that are more universal and not limited to a specific link layer technology such as ATM or Frame RelayIP and PPP fragmentation. IP fragmentation adjusts the packet (maximum transmission unit [MTU]) size for all packets traversing the router. PPP fragmentation splits large packets into multiple smaller packets and encapsulates them into PPP frames before queuing and transmission. Recombination is done at the other end of the link. PPP fragmentation is local-only (as opposed to IP fragmentation, which is source-to-destination), so the two WAN routers initiate and terminate the PPP session. PPP fragmentation allows higher-priority VoIP packets to interrupt and transmit ahead of the remainder of larger, lower-priority packets that have already been queued. The packets may be interleaved so the maximum delay a voice packet will experience is one packet fragment at a time. The fragmentation size is adjusted to achieve a maximum delay of 20 ms over the different connection speeds. The recommended fragmentation size is N times 128 bytes for a link speed of N times 64 kbps (for example, 512 bytes at 256 kbps). Reliability across the WAN Extending the reliability of the campus across the WAN can be a major challenge. While IP routing is the last line of defense, lower-layer mechanisms are required to minimize the impacts of failures and meet IP telephony reliability requirements. With serial linkssuch as Ethernet on fiber, PPP, Frame Relay, and ATMvarious multi-link redundancy options are available (such as Split MLT, PPP multilink, Frame Relay multilink, and ATM inverse multiplexing, respectively). These provide scalable bandwidth and enhanced reliability, though in the case of Frame Relay and ATM, detection of failures and transferring of traffic to active VCs can take seconds; unlike physical circuits, remote end failures of VCs take time to detect and propagate across the packet network. With SONET and wavelength rings, and RPR extended to the enterprise site, very high reliability can be delivered with full redundancy and 50-ms recovery times. These styles of optical solutions would be justifiable only when the total needs of a given site are taken into account, including voice, data, video. and storage. Secure IP telephony across the Internet The Internet is used extensively for employee and partner remote access and connectivity to remote offices, leveraging IP-VPNs for data applicationsfor example, using Nortel Networks Contivity client and Secure IP Services Gateway portfolio. It is very appealing to enhance the productivity of road warriors, telecommuters, and remote office workers by supporting IP telephony over these IP-VPNs. Converged networking can also have immediate payback by eliminating toll charges. Security concerns of running voice over the Internet can be taken off the table, because all traffic leaving the site across an IP-VPN is authenticated and encrypted. Reliability for individual users is less of an issue since, in most cases, alternative methods are available (home or hotel phones, and cell phones). For remote offices, redundant access links and dynamic routing over encrypted tunnels (for example, using Nortel Networks Contivity secure routing technology) can provide a high level of reliability, recognizing that local public switched telephone network (PSTN) interfaces provide an ultimate backup path. QoS is the most thorny issue, since ISPs dont generally offer QoS, although business-grade IP network offerings do offer service level agreements (SLAs) putting an upper limit on latency (for example, 100 ms) and guaranteeing some level of reliability. Only these kinds of services should be considered for enterprise site-to-site IP telephony, avoiding open-ended performance associated with consumeroriented networks. In addition, broadband access should be used (such as digital subscriber line [DSL], cable modems, and Ethernet) to eliminate access delay bottlenecks. Finally, QoS mechanisms should be used at least for all traffic leaving the site, even if they only apply for the egress queues. Following these guidelines can deliver quality voice a good percentage of the time, and reap economic and productivity benefits. Options to use public voice networks should be retained.

15

Organizational implications
The greatest technologies will not yield the desired result unless they are engineered and operated appropriately. Traditional IP networks evolved from PCs to PC LANs to bridged and ultimately switched and routed networks. At the same time, applications running on these networks have evolved from e-mail and file transfers to enterprise resource planning (ERP), supply chain management (SCM), customer relationship management (CRM), and now IP telephony and collaboration. Enterprises recognize that they have had to continuously rethink and evolve their internal procedures and engineering practices, in partnerships with vendors, as the importance of the network has grown to become the very life blood of the enterprise. The following guidelines should be followed in deploying real-world IP networks that support IP telephony across the cloud. Network convergence drives organizational convergence Deploying IP telephony solutions on top of a converged network requires a mixture of skill sets, including a good understanding of what the IP telephony end user wants from feature and performance perspectives, IP telephony application engineering, and network engineering, operations and planning. Combining these skills in a single organization can eliminate a number of hurdles in rolling out IP telephony solutions. Designing the network in line with the business This white paper has focused on meeting the needs of IP telephony, although it is recognized that the business is putting tremendous pressure on the network for increased capacity, performance, and reliability across a range of applications. IT planners must consider networking for IP telephony in the broader context of application-optimized networking across the enterprise. They must establish business-driven reliability objectives, as well as security and QoS policy management directions. On the former point, enterprises need to establish the levels of network-level redundancy that are affordable and justifiable to meet business needs. For example, they need to continuously evaluate the adequacy of their redundancy plans, across the spectrum from having redundant bandwidth in place to meet business-critical traffic only in case of single failures, to having redundant bandwidth to carry all traffic even in the case of multiple failures. Operational evolution Enterprises need to establish operational procedures that recognize the transition from best-effort networking to always-on, application-optimized converged networks. Scheduling maintenance windows and avoiding equipment resets as the first step for fault recovery are but two examples of areas that need to be addressed. These need to be consistently applied across the enterprise. Meeting reliability and QoS requirements for voice within the network needs to be complemented by comprehensive network management tools. These provide configuration management, monitor network operation, and facilitate rapid fault isolation across multi-vendor network environments. Vendors who have experience in deploying and operating global enterprise networks can assist in this area. SLA management for converged networks The increased reliability and performance requirements of converged networks put added pressures for the establishment of strong SLAs with service providers. Once established, there is a need to validate that these commitments are being met. This requires a combination of management tools and reportinggenerated internally and by the carrierand a real-time window through service provider customer network management on how the network is performing.

16

Conclusions
Successful deployment of IP telephony solutions requires an enterprise network that consistently, reliably, and securely delivers connectivity, latency, and throughput for IP telephony applications. Five key areas need to be addressed: The last 100 meters through the use of switched Ethernet and wireless LAN QoS implemented uniformly across the network End-to-end reliability, recognizing that time is of the essence Flexibility in interfacing to public networks for high availability and QoS Review of internal operations, from organization to operational procedures The guidelines provided in this white paper allow the enterprise to build real-world networks that support IP telephony and meet user needs and expectations. These guidelines are real-world, because they take a holistic approach spanning the application and network design. Why IP telephony? The transformation of enterprise networks to IP telephony is not just about reducing toll charges or recreating PBXs, but about re-inventing business communications: Moving voice to the Web model does for person-to-person communications what it did for information and transaction networking. It puts end users in control of their communications, enriches how corporations and governments communicate with customers, and enhances how people collaborate. IP telephony provides a cost-effective way to provide voice and unified messaging for telecommuters, remote offices, campuses, and contact centerswherever users might be located. IP telephony lowers capital and operating costs by converging disparate voice and data onto one network. IP telephony increases revenues by adding new value to voice applications, such as unified messaging and management, Web-enabled multimedia contact centers, remote PC-based call management, and more. Nortel Networks IP telephony solutions Succession enterprise solutions deliver incremental value to any network: Succession enterprise communication servers are fully distributed IP PBXs supporting a wide spectrum of industry-leading applications and features combined with business-grade reliability, investment protection, and global availability. Nortel Networks Succession CSE 1000 is the most feature rich and reliable IP PBX system available for enterprise customers. Its peer networking functionality exploits the flexibility of IP networks, allowing seamless network integration, simplified management, greater flexibility in network deployment, and reduced costs for supporting an increasingly distributed global user community. Succession CSE MX supports new Session Initiation Protocol (SIP)-based multimedia applications (e.g. presence management, collaboration), and bridges the gap between traditional PBXs and next-generation networks. Succession CSE MX brings a new level of feature functionality, scalability, and reliability to converged enterprise networks of all sizes. Meridian 1 and Norstar are the world leading office communications systems with over 43 million lines installed. IP enabling the Meridian 1 represents the smoothest evolution path to IP telephony with full investment protection for existing features, telephones, and equipment. Meridian 1 is evolving into an IP-based communications system with all equipment distributable over an IP converged network. Nortel Networks continues to invest in both Meridian and Norstar, and provides investment protection as our customers move towards IP telephony.

17

 For smaller locations under 150 users, the BCM serves the same multimedia hub function as the CSE 1000 at a lower maximum station/line capacity and lower price point. With the arrival of BCM 3.0, the capacity of the BCM will be increased to 200 users, and via the use of the centralized management capabilities, large networks of users can be implemented using multiple BCMs. For even smaller locations requiring the services of the enterprise network, the family of Remote Office products is available. Remote Office 9150 supports all Nortel Networks Meridian digital stations and services for up to 32 users, and is fully survivable, that is, it can continue to function even if the connection to the core network is lost. Fully secure configuration can be supported through the Contivity line of products. CallPilot 2.0 unified messaging is the ideal solution for converging voice mail, e-mail, and fax on a single desktop, vastly simplifying the enterprise messaging experience. Its integrated design strategy allows for full unified messaging deployment without any impact to existing e-mail servers. As a key application in the Succession enterprise portfolio, CallPilot provides new mobility solutions (e.g. for retrieving voice and e-mail messages with spoken commands over any voice capable device), easy and secure remote worker access, as well as enhanced server capacities and system functionality. Unified messaging with CallPilot significantly improves overall user productivity while lowering the overall cost of messaging for the enterprise. Symposium and Periphonics represent Nortel Networks solutions for customer contact management systems. Managing customer contact today plays a vital role in growing revenue while simultaneously lowering cost of sales. Symposium is Nortel Networks contact center system, a fully scalable system for centralized and distributed call center arrangements. Symposium goes beyond basic telephony call centers to include fully IP-enabled call centers to provide features like escorted browsing and click-to-talk services from the Web site. Periphonics is Nortel Networks sophisticated line of Interactive Voice Response systems that feature drag and drop management interfaces to instantly build customized applications. Why Nortel Networks? For the second year in a row, Gartner Group recognizes Nortel Networks as the clear market leader with the vision and the ability to execute in the IP telephony market. This is because Nortel Networks is the only provider partner that can deliver solutions combining complete end-to-end networks with advanced voice services and applications. We collaborate with our customers to unleash their profit potential by providing innovative new technologies as seamless additions to existing solutions, ensuring investment protection, superior quality and functionality, and graceful deployment options. Nortel Networks cost effectively delivers superior incremental value and choice to our customers, and we can help to drive collaboration, converged services, and improved information workflows across their business, while giving their employees the productive freedom to network seamlessly and securely, anytime, anywhere. One size does not fit allthat is why our converged network solutions feature a range of network elements that have been cost-optimized to deliver the best possible price/performance regardless of the size requirement of the solution. Forming strategic partnerships with a proven global supplier is an important asset for the enterprise IT manager. Nortel Networks is such a partnerit understands the challenges faced by businesses in developing stronger customer relationships, and the critical role of IT and the Internet in serving business objectives. The information management framework is no longer an adjunct support structure; it is the essential foundation for corporate performance. How information is obtained, validated, stored, accessed, and distributed is central to organizational survival and profitability. Thats why weve developed our enterprise vision centered around One network. A world of choice.

18

Nortel Networks: Has exhibited technology and standards leadership in critical areas, including IP and high performance QoS-enabled networking and IP telephony and applications. Has a broad experience base in applications and their networking needs, through its own enterprise network as well as by working with customers across industries. Is a proven supplier of highly scalable, reliable multiservice networks supporting voice and data over packet-based technologies, whose products are certified to work with carrier services on a global basis. Follows strict software and hardware design methodologies for highest quality products, and delivers 7x24 support and a full range of professional services offered on a global basis. Initially, the Nortel Networks strategy means fewer network elements and better capacity management and utilization. The results will be seen in lower total cost of ownership and greater flexibility and performance when deploying IP telephony. Ultimately, the rewards will be seen in enterprise evolution to a more profitable and efficient business model that permeates all aspects of the business and its relations with all stakeholders.

Appendix: IP telephony application design best practices

An IP telephony system is a hardware/software solution that is made up of a set of four logical functions: IP telephones and PC soft clients Communications Servers (also called Call Management servers or Gatekeepers) Media Gateways providing flexible network access (for example, via traditional PBXs, the PSTN, the public wireless network, and beyond) Application Servers (for example, unified messaging, conferencing, and SIP-enabled collaborative applications) These functions are distributed across an enterprise IP network, with extended reach and mobility provided over wireless LANs and the Internet. High-quality multi-mode codecs Codec choice sets the bar for best achievable call quality and drives bandwidth requirements. The two most common codecs used in IP telephony (including Nortel Networks Succession solutions) are G.711 (at 64 kbps) and G.729A (at 8 kbps). These bit rates are for the voice payload alone, and exclude Layer 2 (Ethernet or Frame Relay), Layer 3 (IP) and Layer 4 and above (UDP, RTP) overheads. The general tradeoff is that the greater the compression rate, the greater the added delay. More specifically, G.729-based systems can use up to 50 percent of the delay budgetfive times more than G.711-based systems. Most IP telephony systems support voice activity detection, which suppresses packet transport during silent periods and can result in 40 percent fewer packets being sent. Most IP telephones support both of these codecs and negotiate which codec is optimal for a given call. For example, over the WAN, bandwidth is expensive and, depending upon the amount of bandwidth available, G.729A may be preferred. On the other hand, interfacing into circuit-switched networks is best handled with G.711 to minimize the hit on the delay budget, given the general lack of knowledge of what additional delays will be incurred on the end-to-end connection. (Perhaps the remote end is another IP telephony system requiring the traffic to go through another codec.) Codec usage has a significant impact on network engineering of the IP network.

19

Impairment reduction in IP telephony systems State-of-the-art IP telephony solutions incorporate a number of packetadaptation and impairment-reduction techniques to improve the quality of communications.
Adaptive user/jitter buffers

Some of the characteristics of coding schemes commonly chosen for VoIP applications are as follows: G.711 is the codec generally used in 64-kbps circuit-switched transmission. It is a waveform codec, and, as such, its output is packetized with whatever frame size is required. G.711 can use a 10-, 20-, or 30-ms payload size. G.729/G.729A is the 8-kbps codec standard. It has comparatively good delay characteristics, and has baseline voice quality falling into the acceptable range. G.729A is a reduced complexity version of G.729 without quality impacts. G.729 and G.729A both use a 10-ms payload size.

IP telephony systems are designed to compensate for packet delay variations. This is done by time-stamping voice packets, buffering received packets in a user or jitter buffer in the IP telephone or Media Gateway, and playing out packets in a speech burst as they were received. The length of the buffer defines a play-out window; any packets received outside of this window are discarded, since they arrive too late to be of value. Adaptive operation helps minimize the number of late packets that are dropped when the system is congested, and avoids adding unnecessary delay when congestion eases. The buffer is adjusted during silent periods so the temporal shift in the signal is transparent to users. The added delay is in the 1- to 20-ms range.
Packet loss concealment

Packets may be late in arriving and discarded by the receiving device, or may have been discarded within the network due to congestion. In any case, the missing information degrades the voice quality. Packet loss concealment (PLC) implemented in the IP telephone attempts to preserve the spectral characteristics of the talkers voice and maintain a smooth transition between the estimated signal and the surrounding original samples. Concealment techniques are most effective for up to 60 ms of missing speech. This smoothing comes at a cost of slightly increased delay (10 ms). Nortel Networks products support PLC as an integral part of the codec itself and add PLC to improve the performance of G.711 operation.
Dynamic echo cancellation

Echo control is not required over an end-to-end IP telephony connection. There are various places that echo is generated in an end-to-end connection; for example, at the boundary between the digital network and an analog network. Dynamic operation adapts to network conditions and operates over a wide range of connection types. QoS marking IP telephones, Communications Servers, Media Gateways, and converged applications are all seen as applications running on the IP network. Because of the time-sensitivity of this traffic, these edge devices pre-mark packets with IEEE 802.1p and DiffServ, to ensure the network elements provide the proper QoS for these packets across the network (the latter being discussed in detail in the next section). Inter-system connectivity typically has involved the use of circuit-switched trunks between IP telephony islands, with resulting delay impacts of transcoding from IP to TDM to IP. End-to-end IP telephony and QoS are required to meet voice quality demands in the limited/expensive bandwidth WAN world and to eliminate transcoding delays. These capabilities are being introduced across the Nortel Networks Succession portfolio, and are differentiated by the rich feature set supported. Even with QoS, the right answer under certain circumstances (for example, loss of network capacity under failure) may be to route voice over the PSTN. For example, the Nortel Networks Remote Office 91XX portfolio monitors IP network performance and non-disruptively reroutes existing and new voice calls over ISDN B channels.

20

IP telephone acoustic design The design of IP phones should meet the audio performance standards specified in TIA/EIA-810, which was driven by Nortel Networks. This is the critical last centimeter between the IP telephone and the human ear. TIA-810 is the first allencompassing standard in the world for audio performance of narrowband digital telephones, including IP telephones. This standard establishes handset, headset, and handsfree telephone audio performance requirements for digital wireline telephones, regardless of protocol or digital format. Loudspeakers will introduce large amounts of echo. Speakerphones are notorious for often being the source of voice quality degradation, particularly in the generation of echo and distortion when using G.729. Proper acoustic design ensures high-fidelity speakerphone operation under a broad range of conditions. In fact, this is part of the Nortel Networks i200X IP telephone portfolio. High-fidelity voice on PCs To guarantee the correct audio transmit and receive levels, distortion, frequency response, and echo return loss, and to correctly limit peak acoustic pressure as specified in TIA-810, softphones should be designed as part of a system. High-end sound cards that produce great results for music and gaming do not necessarily have the correct characteristics for telephony. When used with sound cards and unknown headsets/handsets, softphones will produce unpredictable results. Therefore, any calls made with these components that terminate on the public network will likely be in violation of FCC and Industry Canada standards. The Nortel Networks Succession i2050 softphone integrates the headset, headset cords, USB adaptor, and softphone audio stack as part of a system that meets the TIA-810 specification. The gains, distortion, echo control, frequency response, and performance limits of the Nortel Networks USB adaptor match the softphone characteristics. Even the headset cord plays an important role in echo control. Special handling for fax and DTMF tones Conventional (analog) fax traffic that uses the circuit switched network today is totally intolerant of packet loss and cannot be natively run over IP networks, even with G.711 64-kbps coding. Preserving investment in fax machines is an important consideration and is addressed by T.38, an international standard which was driven by Nortel Networks. T.38 describes the technical features necessary to transfer facsimile documents in real-time between two standard Group 3 facsimile terminals over the Internet or other networks using IP protocols. This is done at speeds up to 14.4 kbps. This contrasts with earlier methods that used store-and-forward techniques, fitting the e-mail model. The advantages of real-time fax over IP are guaranteed delivery, easy and familiar operation, and immediate satisfaction. IP telephony solutions, such as the Nortel Networks IPenabled Meridian 1, have the capability of dynamically detecting fax transmission and invoking T.38 functionality for costeffective transmission over IP. A dual tone multifrequency (DTMF) tone is what the user hears when depressing a key to access, for example, a voice mail system or an online banking system. These tones generally wont work well across a compression scheme such as G.729. The solution is to intercept DTMF tones and convert them into signaling packets. Survivability under network failure Communications Servers and Media Gateways must be designed to be cost-effectively distributed to meet survivability objectives set by the enterprise. Local and off-net calls can continue to be made even in case of loss of network connectivity between sites. This is a key capability of the Nortel Networks Succession portfolio, which provides survivability without compromising feature operation. This ensures that new calls can continue to be established in the event of server failures, and that existing calls are not impacted. Survivability is a key attribute of the Nortel Networks Succession portfolio, protecting against network failures. In the event of server failures (noting that the Nortel Networks Succession CSE 1000 is purpose-built on a real-time UNIX operating system and has an MTBF of 34 years), IP telephones can be configured with primary and secondary server addresses to support automatic re-registration and seamless switchover in case of failure.

21

IP telephony system overall security IP telephony Communications Servers are business-critical and must be physically secure and protected from internal and external attack (and toll fraud by employees). Securing these servers starts with hardening of the operating systems. Server management is secured via a physically dedicated Ethernet port with traffic segregated via VLANs, access lists, and IPsec VPNs. Multi-level security is applied with various levels of privileges (monitor, configure, control) for authenticated operational personnel. Secure authentication of VoIP clients is provided (including hoteling) and is as transparent to users as possible; telephony users have only been required to authenticate themselves for off-net access using a feature set called direct inward system access (DISA). System security extends to application servers (such as those for unified messaging and contact centers) and traditional PBXs. IP telephony security is expanded in Nortel Networks Unified Security Architecture. References Introduction to Quality of Service, R. Santitoro, Nortel Networks QoS Recommendations for VoIP, R. Santitoro and J. Haggerty, Nortel Networks Nortel Networks Service Class Overview, R. Santitoro, Nortel Networks Performance Characteristics of Voice over IP Networks, R. Britt and J. Tyre, Nortel Networks QoS Guidelines for Deploying IP Phones, R. Santitoro, Nortel Networks VoIP Network Assessment Guidelines, M. Lewis, Nortel Networks Note: Copies of these white papers can be obtained from your Nortel Networks representative.

In the United States:

Nortel Networks 35 Davis Drive Research Triangle Park, NC 27709 USA

In Canada:
Nortel Networks 8200 Dixie Road, Suite 100 Brampton, Ontario L6T 5P6 Canada

In Caribbean and Latin America:

Nortel Networks 1500 Concorde Terrace Sunrise, FL 33323 USA

Nortel Networks is an industry leader and innovator focused on transforming how the world communicates and exchanges information. The company is supplying its service provider and enterprise customers with communications technology and infrastructure to enable value-added IP data, voice and multimedia services spanning Wireline Networks, Wireless Networks, Enterprise Networks, and Optical Networks. As a global company, Nortel Networks does business in more than 150 countries. More information about Nortel Networks can be found on the web at:

In Europe:
Nortel Networks Maidenhead Office Park Westacott Way Maidenhead Berkshire SL6 3QH UK

www.nortelnetworks.com
GSA Schedule GS-35F-0140L 1-888-GSA-NTEL
For more information, contact your Nortel Networks representative, or call 1-800-4 NORTEL or 1-800-466-7835 from anywhere in North America. *Nortel Networks, the Nortel Networks logo, and the globemark design are trademarks of Nortel Networks. All other trademarks are the property of their owners Copyright 2002 Nortel Networks. All rights reserved. Information in this document is subject to change without notice. Nortel Networks assumes no responsibility for any errors that may appear in this document.

In Asia:
Nortel Networks Asia 6/F Cityplaza 4, Taikooshing, 12 Taikoo Wan Road, Hong Kong

NN102460-110602