Telecommunications Cost Management: May 2009

Monday, May 18, 2009

PBX Firewall

In recent years, PBX firewall technology has been increasingly used by military installations, hospitals, energy firms, banks, and others to dramatically increase their control of telecommunications traffic. In some cases, the increased reporting available from the firewall has enabled them to reduce costs as well.

How does it work? A series of very fast, special-purpose computers sit between the "demarc" wiring from the telephone company and the PBX. These pizza box size computers have the unique ability to look inside the traffic on the telecommunications lines and apply predefined, logical rules. For example, the PBX firewall can:

Stop or log unauthorized modem traffic (e.g., individuals may set up PCAnywhere on their workstations as a convenience, unintentionally leaving a backdoor for hackers).
Stop modem traffic detected on lines that are supposed to be for fax-only. The same event could also trigger logging-only or a page to security personnel.
Stop voice traffic on fax lines after a certain time at night. Or limit calls to no more than three minutes (time to communicate with a distant party regarding fax status).
Report on any lines not used in the past six months.
Page or show exception reports when anyone in the organization calls a direct competitor.
Disable any calls to or from ISPs not relevant to the organization's business.
Provide special-purpose reporting on individual lines, odd usage, traffic between company locations, etc.

Exhibit 5 illustrates how hackers often thwart a strong IT firewall. Hackers, like most others, first look for the easy way in.

The PBX firewall, shown in Exhibit 6, sits between the demarc and the PBX, significantly lessening the likelihood of unauthorized intrusion (assuming the appropriate logic rules have been programmed).

Savings Potential Using PBX Firewall

The detailed information gathering and reporting available from the PBX firewall can potentially result in cost reduction. In a case study reported by Memorial Hermann Hospital in Houston, Texas, significant savings were obtained from:

Elimination of unauthorized modem calls to ISPs, freeing up trunk lines for voice communications so that installation of new T1s could be eliminated or at least delayed.
Replacement of higher-cost local access trunks with cost-effective tie trunks. By identifying that much of the PSTN traffic was between Memorial Hermann locations, it was easy to justify fixed cost tie lines that proved to be less-expensive, even in the short run. Three local access trunks costing a total of $4500 per month were replaced with three tie lines at $1050 per month, resulting in a savings of $3450 per month.
Reduction of full-time equivalent employee costs. The higher visibility of telecom information plus the ability to centrally monitor the entire Memorial Hermann enterprise resulted in decreased telecom FTEs per end user.

Another cost savings was reported by an East Coast banking enterprise. The telecom organization within the bank installed a PBX firewall for a few weeks at each of several locations. When the traffic patterns were recorded at one location, the firewall was moved to another site. After the round-robin process was complete, the bank had identified enough unused capacity to justify the firewall purchase several times over.

Saturday, May 16, 2009

Malicious Pranks & Using Security Tools to Offer More Services

Many of the same controls listed for toll fraud will help reduce the exposure to destructive changes by hackers. Some basic prevention steps include:

Force changes of voicemail passwords. Most current voicemail manufacturers maintain a history of changes so that a user cannot change his password to one number and then quickly change it back to the same number he has used for the past ten years.
Force passwords to be at least eight digits.
Identify unused mailboxes (sometimes used by drug dealers as an untraceable mailbox for transactions).
Never allow dial tone to be accessible from voicemail.
Implement a class of service program that allows employees or on-premise contractors to have only the features they need. For example, the ability to modify someone else's telephone features is obviously powerful and dangerous if misused — a hacker who gains access to a phone with that level class of service could significantly disrupt operations. Review class of service annually.

Using Security Tools to Offer More Services

Although our discussion of security to this point has been from a defensive perspective, there are a few operational enhancements that come out of a good security system. Some of these include:

Use of voice verification to allow DISA. By enrolling employees who normally use calling cards for business (salespeople, traveling professionals, etc.) in a voice print authorization system, calling card costs can be significantly reduced. By use of an 800 number to call in to the PBX and allow DISA for an outgoing call (after verification), a traveler can obtain the same services at a cheaper rate. Although she would pay for the call two ways (into the PBX and out to another location), the cost of calling card calls is usually so high that the organization still reduces costs. In particular, the cost of calling card international calls and intraLATA calls are often well above 800 number rates. Exhibit 1 shows a payback analysis using fictitious but typical calling card and 800 number rates. Savings in calling cards alone can pay for the security device, since the payback shown in less than one year. Of course, the payback calculation shown in Exhibit 1 will vary considerably, depending on the number of calls via calling cards, the percentage of users who would be willing to go through the voice registration process, per-minute costs of long-distance and calling card usage, and cost of the verification equipment itself (e.g., Veritel's Voicecheck technology).

Exhibit 1: Analysis of Potential Savings Using Voice Verification in Place of Calling Cards

Access voicemail in areas of the world without touch-tone telephones. Using voice-activated-only voicemail (with appropriate speaker voice recognition) allows rotary users to go through menus within voicemail.
Access special/confidential services. For example, Parlance Corporation has a service called Employee Connector that allows an individual to list multiple phone, pager, cellular, etc. numbers. These numbers can be dialed by saying, for example, "Ms. Doe's vacation home" or "Mr. Smith's New York office." Having this information would be useful for executives and their administrative assistants but might be too sensitive for the general employee population. By front ending this service with a security device, it would be practical to use it. Executives would feel confident that only those with a need to know would have access.

Thursday, May 14, 2009

Business Loss Due to Disclosure of Confidential Information

Some organizations have found their bids for projects coming in at just above the competition on a consistent basis. This could be due to coincidence or to unauthorized disclosure. It is always a concern when sensitive information is passed over wires or air space.

Following are some techniques for securing confidential voice transmissions:

Use a scrambling device such as SecureLogix Telewall, which has built-in encryption capability (the same device is required on both ends). The advantage of a trunk rather than handset-based approach is that the entire office or plant can be set up for encrypted conversations, assuming the other end (e.g., headquarters or a sister location) has a Telewall as well. The Motorola KG-95 also encrypts at the trunk level, unlike the older AT&T Surity 3600, which encrypts only from one handset to another. The Motorola product is shown in Exhibit 1. These devices, which enable point-to-point and multi-party encryption, protect the conversation from origin to destination (i.e., no intermediate points of clear conversation). Faxes can be protected as well. They typically have a secure/non-secure button that allows the telephone to be used in either mode, as required.

Exhibit 1: Motorola End Crypto Unit, CI-13 (Courtesy of Motorola, Inc.)

- Use IP encryption if the voice conversation is converted to IP traffic before transmission beyond the premises. The Borderguard NetSentry devices, for example, use DES (Data Encryption Standard), 3DES (triple DES), and IDEA (International Data Encryption Algorithm) to scramble any data going across the wire. Note that with the increasing power of microchips, it is much easier for determined hackers (or governments) to break codes. The following quote, found on an Internet security page (http://www.jumbo.com/pages/utilities/dos/crypt/sfs110.zip.docs.htp), illustrates how quickly algorithms once thought secure have become as antiquated as iron safes:
  
  Use of insecure algorithms designed by amateurs. This covers the algorithms used in the majority of commercial database, spread-sheet, and word processing programs such as Lotus 123, Lotus Symphony, Microsoft Excel, Microsoft Word, Paradox, Quattro Pro, WordPerfect, and many others. These systems are so simple to break that the author of at least one package which does so added several delay loops to his code simply to make it look as if there was actually some work involved.
- Use an enterprisewide dialing plan to ensure that all calls go through the least cost and least public route. Calls that go over leased lines (tie lines) are easier to secure than calls going over the public switched telephone network (PSTN). Encryption equipment can be placed at both ends and the voice traffic can be converted to IP. Typically, dialing plans are implemented to facilitate ease of use for employees as well as least-cost routing. However, they also increase (at least to some extent) security. A dialing plan is implemented by making changes to every PBX in the organization's network so the user dials the same number to reach an individual regardless of what location the call is made from. For example, if Mary Doe's number is 789-1234 and she is located in a Memphis, Tennessee office, then she can be reached from London or Sydney by dialing 789-1234 (with no preceding country codes, etc.). The PBX has all the logic built in to convert the numbers to the appropriate route. A dialing plan also has the side benefit of increasing contact between the telecom staffs of various locations, resulting in an exchange of security information.
Keep in mind that the U.S. Commerce Department as well as most international governments have significant regulations on the level of encryption used. The French government, in particular, has stringent laws against encrypting without permission.

Tuesday, May 12, 2009

Toll Fraud | Voice and Telephony Security

Prevention of toll fraud requires unceasing vigilance. Hacking is frequent and can result in large losses. For example, NASA and the Drug Enforcement Agency have both been hacked for millions of dollars. The basic steps for toll fraud prevention include the following:

Protect the PBX maintenance port. Use passwords of at least ten characters and change them monthly. This is the absolute minimum protection. Far better is to use a two-factor authentication system, such as verification systems from Axent, CDI's Uniguard, or Avaya's ASG security gateway. Exhibit 1 illustrates a device used to control access to multiple ports, including the PBX. Such a device can be used to manage security for many devices.
Exhibit 1: Example of PBX Maintenance Port Protection Device (Uses Two-Factor Authentication)
Use common sense calling restrictions. If your organization never makes calls to South America, restrict the calling patterns to eliminate that possibility. The telephone operators can be given a class of service that overrides that restriction on the chance that a legitimate call needs to be made to a restricted location. Calls can be restricted by time of day, day of the week, and location. For example, lobby area telephones should not generally have the ability to make long-distance telephone calls (or at least not international calls). If the organization does not do business on Sunday, restrict outgoing calls on that day. All "common area" telephones, such as those in lobbies, break areas, and conference rooms, may need to have after-hours restrictions. The mechanism for restricting functions on the PBX is the class of service. Many organizations, much to their later regret, have allowed the technical staff to set class of service policy. Because the technical staff is oriented toward pleasing the user, there is often escalation over time in the number of users who have the most powerful class of service. In the absence of policy, if a vice president asks a switch technician to enable dial-tone capabilities from an international location, the switch technician will most likely comply with the request.

Use toll fraud insurance. Some PBX vendors and most common carriers will provide toll fraud insurance, as long as basic control mechanisms (that they specify) are in place. Typically there will be a deductible ($5000 to $20,000) per loss, but at least coverage for large losses is available. The carriers have sophisticated monitoring programs that identify an organization's typical usage patterns and flag unexplained and rapid increases in volumes to particular destinations. Also, some international locations are far more likely to be called by hackers than others (actually, hackers typically sell the "service" to individuals on the street, who then tend to call certain locations more than others).
It is prudent to keep an up-to-date contact list of those management personnel authorized to make decisions regarding long-distance services. This list should be periodically sent to the vendor (carrier or PBX manufacturer) that is monitoring your traffic. For example, assume that your organization is attacked on a Saturday night. The monitoring service identifies hundreds of calls going to Bolivia and Columbia (countries with which you normally do not do business) and attempts to call a responsible party on your contact list. If they cannot reach someone in authority, they are hesitant to shut down all outgoing international business because you may have essential functions that require outgoing international calls.
Put tight controls over tandem trunk calling (going into the PBX, then going to an outside line). DISA — allowing someone to call in, get dial tone, then call out — should be prohibited unless there is some security system in place to control it (e.g., voice verification). Some organizations will allow calls into voicemail, and then a transfer to dial tone (using a password). Given the ease of password cracking techniques now available, this service to employees can be expensive indeed. Better to provide them with calling cards for business-related calls outside the office (or an 800 number to dial into the office). Sometimes, vendors set up a new PBX and voicemail system and leave backdoor passwords as well as voicemail-to-dial tone capabilities (with only a two-digit password). In smaller locations, the organization will be completely dependent on vendor expertise. When a hacking incident occurs, the maintenance vendor may accept the responsibility or may say that the customer never instructed them to eliminate DISA, etc. Caveat emptor!
Periodically review forwarding of extensions to dial tone. Any station forwarded to dial tone is "hacker bait."
Educate your operators and employees to social engineering techniques. One technique widely practiced is for a hacker to call someone and say, for example, "I'm from PAC Bell and we are testing your system for some reported problems. Would you please forward me to 9011 so we can complete our trace of the system?" Of course, this transfer gives them dial tone. Another scam is for someone dressed in a delivery company uniform to arrive at the receiving desk to deliver a package for "Mr. X." Mr. X is not there and the hacker asks to use the telephone to call his boss. Apparently, he is put on hold and then gets in an involved conversation with his boss about wrong directions, etc. What he is actually doing is dialing a local number that charges a high per-minute charge for services (e.g., $15 per minute); he then gets a kickback from the service provider.
Immediately request your local exchange carrier to disallow any third-party charges to the main number. Some prisoners, for example, will make long-distance calls and charge to any organization that allows third-party charges.
Do not forget to periodically review your call accounting reports. Are there calls to a location that your organization has no business reason to call? Some hackers will keep the volume of calls sufficiently small to stay below the radar screen of the long-distance carrier's monitoring algorithms. Sort down minutes called by location and also list single calls in descending order of cost. A quick review can spot problem areas — including some that are unrelated to toll fraud (e.g., "stuck" modems).
Educate users on the vulnerability of calling card theft. In some airports, "shoulder surfers" observe calling card numbers being keyed in and sell the numbers on the street as fast as possible. Using an 800 number to call back to the office reduces the frequency of calling card calls (as well as reducing the cost). Using a voice verification system to allow secure DISA (see discussion below) also decreases the need for card use. A user, in the interest of expediency, may occasionally give her card number to coworkers. Most carriers, when they detect multiple usage of the same calling card in widely separate geographic areas (e.g., Japan and the United States) within a short period of time, assume fraud. Ensure that all employees who need a card have one.
Some organizations, concerned about potential misuse by their own employees, contractors, or temporary workers, use prepaid calling cards. The advantage of this technique is that a stolen card number would be used to its limit and then no further charges will accrue. The disadvantages are that it allows for no internal accounting of what the card was used for and that sometimes the card is not fully used.
Monitor your organization's fax-on-demand server. To efficiently serve their customers, many firms will set up a fax-on-demand server that accepts a call from the public network and faxes requested information back to the caller. Hackers have recently begun to exploit this service in the following ways:
- Repeatedly calling the fax-on-demand service, asking for faxes to be sent to a 900 or 976 number owned by the hacker (these area codes have a special surcharge associated with them). Of course, the information on the fax is not used, but the minutes accumulate and the calling party (i.e., the hacked party) is responsible for paying the toll.
- Repeatedly calling a fax-on-demand service, merely to harass the organization by running up its long-distance bill.
- Harassing individuals by sending the fax to a business or residence that did not request it (waking up people in the middle of the night, etc.).
- One company was hit with over 2000 requests to send a long document to Israel, resulting in a $60,000 telephone bill. ^[4]
- Techniques to detect and defend against fax-on-demand abuse include:
  - Check the fax system log (or call detail) for repetitive faxes to the same number.
  - Exclude all area codes where there is no reasonable expectation that the organization would do business.
  - Exclude area codes associated with high fraud incidence (e.g., 767 — Trinidad and Tobago; 868 — Dominican Republic). ^[5]
  - Monitor overall volume of faxes sent out.
  - Power off and on to clear the queue if it is obvious that the server has or is being attacked.
  - Monitor the fax server over the weekend (particularly long holiday weekends) because that is the favorite time for hackers to start their penetration.
Make use of your organization's internal billing system. It is easier to spot unusual activity if long-distance bills are broken down by department. Make the internal reports easy to read, with appropriate summary information (e.g., by international location called), to provide the organization with more eyes to watch for unusual activity.
Use appropriate hardware/software monitoring and toll restricting tools. Some features of these tools include:
- Selectively allow or restrict specific telephone numbers and/or area codes.
- Allow 0+ credit card access but restrict 0+ operator access.
- Limit the duration of telephone calls in certain areas.
- Restrict international toll access.
- Provide for bypass codes.
- Report on a daily basis (sent via e-mail) any suspicious activity, based on predefined exception conditions.

Monday, May 11, 2009

Voice and Telephony Security

A company's vulnerability to threats varies by its size and business type. For example, businesses that frequently engage in intense international bidding may find themselves in competition with a government-owned organization. Because the government often owns the telephone company as well (PTT), there is a temptation to "share" information by tapping the lines (all it takes is a butt set and knowing which trunks to tap into). While such occurrences are undoubtedly infrequent, they are a threat.

Toll fraud, on the other hand, is ubiquitous. Hackers use stolen calling cards to find a vulnerable PBX anywhere in the world and sell the number on the street (mostly for international calls). Poorly controlled voicemail options and DISA (direct inward system access) are excellent "hacker attractor" features. Medium-sized installations are preferred because they offer enough complexity and trunking to allow hackers to get into the system and run up the minutes before detection. Smaller key system sites do not have the capacity, and larger sites often (but not always!) have toll fraud detection systems (such as Telco Research or ISI Infortext's TSB TrunkWatch Service).

Two characteristics of the telephone system enhance the hacker's world of opportunity: (1) it is difficult to trace calls because they can be routed across many points in the system; and (2) hacking equipment is relatively cheap, consisting of a PC or even a dumb terminal hooked to a modem. Hackers (a.k.a. "phone phreaks") sometimes have specific PBX training. It could be a disgruntled PBX technician (working for an end-user organization or the vendor). In addition to their technical background, hackers share explicit information over the Internet (see www.phonelosers.org). These individuals have a large universe of opportunity; they hack for awhile on a voice system, find its vulnerabilities, and then wait for a major holiday and go in for the kill. Losses of $100,000 over four days are common. If holes in one PBX have been plugged, they go on to another. In some cases, they use a breach in one PBX to transfer to another, even less secure PBX.

The final category of security break, malicious pranks, gets inordinate attention from senior management — far beyond the economic damage usually incurred. For example, a voicemail greeting could be reprogrammed (just by guessing the password) to say, "Hello, this is Mr. John Doe, CEO of XYZ Company. I just want you to know that I would never personally use any of XYZ's products." Of course, not all changes are minor. A clever hacker who obtains control of the maintenance port can shut down all outgoing calls or change a routing table — there is no end to the damage if the maintenance port is compromised.

Saturday, May 9, 2009

The Future for Satellite Technology

Although traditional VSAT technology, with its minimal uplink bandwidth, is not appropriate for some organizations, the newer systems in development should be reviewed by network architects. For example, Hughes' new system under development, the Spaceway system, is expected to provide a variety of low-cost broadband services with small satellite dishes, with data rates ranging from 512 kbps upstream and up to 30 Mbps downstream. Applications will include Internet access (with a strong multimedia component) to LAN/ WAN solutions for work-at-home employees, SOHOs, and large organizations.

Hughes' system includes full mesh point-to-point and multicast communications architecture. This allows the development of high bandwidth peer-to-peer applications, such as file sharing, distributed databases, and decentralized content distribution.

The availability of reasonably fast Internet links in rural areas around the world could significantly change the business dynamic of many firms. While the media continually laments the lack of bandwidth, the most serious deficiency of the Internet is actually the lack of geographic coverage.

Another alternative architecture is a hybrid system that uses satellite transmissions for downlink and terrestrial for uplink (currently used to provide Internet access to areas with no other broadband availability). Because satellites are large (many tons), they have power plants that allow megabit-per-second downloads of video, software upgrades, and other information. The terrestrial link in this asymmetric data access scheme provides for less latency (delay) for the user response. Most applications, as is the case with home Internet users, consume far more download bandwidth than upload bandwidth.

The technology of caching will be increasingly used for Internet services. Caching takes recently retrieved information, copies it, and places it on a server close to the consumer. This process allows users to access popular Internet data quickly because it is physically located much closer to the user. The more users are associated with a cache, the more the benefit because there will be a higher likelihood that a requested file will be in the cache. This could potentially speed the deployment of international intranets for global organizations. Caching is relevant to satellite transmissions because it reduces demand for repetitive uplinks from the hub for frequently used pages.

Thursday, May 7, 2009

Controls to Improve Resiliency, Reliability and Security | Satellite Communications

Good practices can mitigate some of the risks associated with satellite communications. Firms that have all their offices or plants linked via satellite/ VSATs should carefully consider the exposures. For example, one paging company suffered customer ill-will and economic loss because the satellite it was using to relay pages stopped functioning. The following description of a satellite breakdown and its consequences is courtesy of 911 magazine (August 1998, www.9-1-1magazine.com):

The Day the Pagers Went Silent

When the PanAmSat Galaxy IV Communications Satellite got knocked out of its orbit for a couple of days in May, it also knocked out the majority of pager communications in the United States.

Launched in 1993, the $250 million HS-601 spacecraft stopped relaying pager messages, television news feeds, and all sorts of broadcast data communications around 6PM PST on May 19th when the satellite's onboard control system as well as a backup switch failed and it rotated out of its proper position. PanAmSat, which owns the satellite, scrambled to establish communications with the Galaxy 4, finally re-establishing its position on the evening of the 20th. That affected thousands of emergency communications centers nationwide, which depend on pagers to notify responders and senior staff of emergencies…

"I would hope that in the future, this type of failure will be automatically corrected by electronic or computer means without having to manually redirect antennas or reprogram computers," said Miami's Charles Manetta. "This is how many telephone failures are corrected and are transparent to the end user. Time will tell."

The failure was not without irony. The Phoenix Disaster Recovery Newsletter reported:

For several hours after the spacecraft failure, the president of PanAmSat tried desperately to get in touch with Hughes' technical team in charge of engineering for Galaxy 4. After more than 3 hours, he finally contacted GM senior management (owner of Hughes, of course) by telephone. He said he'd been trying to contact Hughes' techno geeks for hours. "Why," he demanded, "didn't your people respond to my pages?"

Had a contingency plan been in place (including alternate satellite), resumption of service would have been quicker. Following are some of the most common control and security measures employed for VSAT satellite systems:

Change control. Both the remote VSAT dishes and the central hub are attached to a myriad of software and hardware support systems. For example, central hub operators, including providers such as Hughes Global Services and Gilat Satellite Networks Ltd., must be extremely careful with the software that controls repositioning of the hub dish. Otherwise, an error could cause the signal to become so attenuated that communication would stop. Of course, the usual communications infrastructure, including hubs, routers, and network management software, should also be included in change control. Occasionally, perhaps once per year or every six months, hubs need to be brought down for maintenance (physical and software upgrades). This schedule should be published well in advance.
Equipment redundancy. Spares for critical equipment such as the IP gateway (links the organization's LAN/WAN to the satellite system), specialized modems, encryption boxes, and other satellite-specific devices should be available and periodically tested.
Backhaul redundancy. The backhaul circuit is usually a terrestrial communications link, such as a T1 or Frame Relay circuit, that connects one or more central locations to the satellite hub. If this link is cut by a backhoe or loses function for some other reason, communication is lost. Hence, a duplicate circuit, perhaps from a different long-distance provider, but at least in a different conduit, is required.
Power. For redundant equipment that is on hot standby, a separate power source provides protection from power supply failure. For example, a dual 250W hot-swap redundant power supply may be required for some devices.
Backup arrangements. Satellites are expensive. The launch alone is typically $50 to $400 million, with costs further exacerbated by occasional launch failures. As a result, satellite transponder space is at a premium. Organizations relying on satellite communications for critical business functions cannot assume that they can "throw money" at the satellite vendors and get backup service quickly. Much of the capacity is booked months, even years in advance. Spare capacity should be obtained in advance of need.
Disaster recovery planning and testing. In addition to negotiating with their satellite provider for backup capacity, organizations need to carefully design their response to a satellite failure. VSAT dishes will most likely need to be repositioned in every office or plant using the service. The whole reason for having a satellite remain geo-stationary is that the field dishes can be set and locked to look at a specific point in the sky. Practically, it may take weeks for a large network of VSATs to get repositioned and correctly adjusted, because a trained technician must do the work.
Service level agreements (SLAs). Service level agreements should be established for the hub operator, satellite service, and dish maintenance vendor. Frequently, the hub operator and dish maintenance vendor (for field locations) is the same provider. SLAs are particularly important for satellite failure because that is the most difficult step in recovery. If, for example, backup transponder space has been purchased on the same satellite, then the SLA should state how long it will take to transition operations. From the perspective of the field office or plant, what is the response time for dish or RF (radio frequency) equipment problems? Chart below summarizes key issues to be addressed in satellite service level agreements.

Capacity planning. While the downlink bandwidth (satellite to VSAT dish) can be quite large, the uplink is often no more than could be expected from a terrestrial modem and sometimes less. As more VSATs are added, the uplink capacity of the system will degrade unless more "in-routes" or uplink bandwidth is added. If an organization has specific bandwidth needs that are highly likely to occur, it should consider purchasing extra transponder space so that there is no delay when the need arises.
Network Management System. Components of the satellite communications system should be SNMP (Simple Network Management Protocol) addressable so they can be monitored along with the rest of the organization's communications infrastructure.
Physical/electrical protection. For VSAT dishes, a lightning arrestor and surge arrestor are de rigueur. Trees, bushes, and other obstructions can interfere with the line-of-sight. Often when the dish is installed, adjacent trees are small but with growth they steadily decrease the signal strength. Access to the facility should be restricted as well.
Expertise. For those firms with enough VSATs to justify owning their own hub — an investment in excess of $1 million — highly skilled technicians are required. Backup personnel (perhaps including contractors) should be available.
Spare parts. Particularly for hub operators, spare parts will prevent delays in operations.
Documentation. As in other complex systems, documentation of frequencies, sites, IDs, network schematics, etc. is important. Firms operating their own hubs need to pay particular attention to documentation because of the inevitable drift toward technical uniqueness.

Tuesday, May 5, 2009

Call Centers

There are a number of technology solutions that can reduce overall organizational costs, even if they add slightly to the telecom budget. Call centers provide one such solution.

Call Centers

Although call centers would be an obvious choice for heavy massing of technological firepower, many organizations still rely too heavily on human agents to do work that could be done by computers and telephone systems. Examples include:

Predictive dialers. Anathema to families that enjoy a quiet dinner together without telemarketer interruption, predictive dialers allow agents to call efficiently. Not only does the predictive dialer actually make the call, but it "uses complex mathematical algorithms that consider, in real-time, the number of available phone lines, the number of available operators, the length of an average conversation and the average time operators need between calls, and constantly adjusts their dialing rates based on these factors." Also, the best predictive dialers screen out calls where there is no answer or those that are answered by an answering machine. Most of the time, the calling agent hears a quiet "zip" in the headphone and a live person is then on the line. While manual dialing may result in 15 to 20 minutes of productive calling time per hour, predictive dialers allow agents to productively talk 40 to 57 minutes per hour. Given that call center agents are paid between $12 and $20 per hour (as well as incentives), any device that makes them more efficient is likely worth the investment. It is interesting to note that, in the eternal war between "push" or outbound call centers and potential customers, technology solutions are found on both sides. Telemarketer "zappers" are now sold that intercept telemarketing calls. In Texas, some 77,000 households have signed up for a blocking service since the law went into effect on January 1, 2001.
Call center workforce management software. Although scheduling agents via software would seem to be a "nice to have," akin to a deluxe PDA, it strongly affects call center costs. Beyond a certain number of agents, it becomes difficult to mentally juggle schedules, demand, holidays, incentives, shifts, etc. One of the highest expense items is overtime; without an automated system for scheduling and reporting, absenteeism and overtime will climb to unacceptable levels (for mid- to large-sized call centers). Steven J. Cain, Gartner Group's Call Center Benchmarking Practice Research Director, says that, "When you consider that, in some industries, contact center turnover reaches as high as 50 percent, there is significant opportunity to reduce turnover, building an experienced and tenured agent base to deliver the highest quality customer interactions while minimizing the expense of recruiting, training and productivity shortfalls while getting up to speed."
Interactive Voice Response System (IVR) The familiar "press 1 for account balances, press 2 to transfer funds,…" is the public face of interactive voice response technology. Some call centers shun IVR systems because of the acknowledged public preference for human interaction. This philosophy should be reconsidered in some cases. For example, is it better to staff from 7 a.m. until 10 p.m. and then leave a message for the customer to "call back during business hours" or to have an IVR after-hours that provides the customer with some useful information. Second, as the public becomes more familiar with IVR, there are situations where non-human interaction is faster and preferred. For example, when people call about booking reservations for deluxe resorts, they want to talk to someone and ask multiple questions. However, if they must cancel those reservations, they merely want to cancel — why take the time to explain? In this case, the transaction can be handled without agent contact, saving money for the company and time for the customer.

Sunday, May 3, 2009

Risk Areas for Satellite Communications

Experienced VSAT technicians are often loath to quote satellite reliability above 99 percent availability. Key risk factors for service interruption include the following:

Rain fade. Normal or even reasonably heavy rain will not necessarily disrupt communications. However, a heavy downpour can weaken the signal so much that transmission stops. The hub operator can adjust power on the hub to a certain extent but at some level of rain, nothing more can be done. As expected, some areas of the United States are far more susceptible to rain fade than others (e.g., some parts of Florida).
Satellite malfunction — fuel shortage. While any number of destructive elements, such as meteorites, can disable satellites, they are most commonly rendered useless because of fuel shortages. A geosynchronous satellite must necessarily stay within tight limits of position in the sky because all VSAT dishes must be fine-tuned for direction to ensure a strong signal. And because satellites naturally tend to wander in an elliptical path, they must be constantly homed to the correct position in space via small thrusters mounted at appropriate locations around the outside surface. These thrusters require fuel; when there is no more fuel, ground control is unable to keep the satellite on target and it drifts away, thus becoming useless for communications. There is a story about the early days of commercial satellites in which technicians new to satellite management used a mouse hooked to a control unit to position the "bird." Apparently, it was so much fun that they moved it around too much, depleting its fuel and rendering a multimillion-dollar satellite useless.
Satellite malfunction— transponders. Transponders receive signals on the uplink, translate them to the downlink frequency, and amplify them for retransmission to Earth. Transponders can and do fail. Because there are multiple transponders in a satellite, the failure of a single transponder does not necessarily mean the end of the satellite's life. However, if an organization's communications are going through the failed transponder, the result is the same as if the satellite had been knocked out — that is, no service for that organization.
Ice and snow. If VSAT dishes are not properly heated or enclosed in a radome (special purpose plastic cover), they may not receive and transmit a sufficiently strong signal to function.
Lightning and power surges. Engineers working day-to-day on VSATs generally agree that the most frequent reason for breakdown of the dishes is electrical.
Relatively short mean time to failure. VSAT equipment stays hot and wears out relatively quickly.
Frequency conflicts. Although the FCC controls the frequencies used, occasionally a technician will set up a VSAT incorrectly, resulting in interference. The solution is for all parties to return to their assigned frequencies to avoid interference.
Sun transit errors. When the main beam of an Earth station receiving antenna is in a straight line with the sun, significantly larger noise will occur, sometimes temporarily stopping communications. These errors are more likely to occur during the fall and spring equinox. Sun transit problems are far more likely to occur with the older, type I VSAT dishes. Type II and III dishes are smaller in diameter and less sensitive to concentration of noise.
Temporary "commandeering" of frequencies by government authorities. For purposes of safety and security, government authorities or military personnel may temporarily take over certain frequencies in a geographical area. These are lawful actions but in some cases organizations using those frequencies are not timely notified and spend considerable time researching the cause of the downtime.

Friday, May 1, 2009

Basic Satellite Technology

There are two primary satellite systems in use today: geostationary and low earth orbit (a third, middle earth orbit, is less common). Low earth orbit (LEO), due to its proximity to the Earth's surface, requires considerably less power for transmission, both to and from the satellite. Commercial enterprises, such as Teledesic, intend to use LEO systems to provide high-bandwidth Internet connectivity to areas of the world not readily serviced by terrestrial networks. LEOs can also be used for handheld mobile telephones in any location where there is a reasonably direct line-of-sight to the satellite.

This post focuses on geostationary satellite systems. Satellites in geostationary orbit appear to move only slightly in the sky, hence the term "geostationary." Flying high at 35,800 kilometers (22,000 miles), a geostationary satellite orbits the Earth in the same amount of time it takes the Earth to revolve once. From Earth, therefore, the satellite appears to be stationary, always above the same area of the Earth. The area to which it can transmit is called the satellite footprint.

Exhibit 1 is a simplified diagram of a typical geostationary satellite system using small receiving (end user) VSAT dishes.

Exhibit 1: Geosynchronous Satellite System

Advantages of geosynchronous satellite systems include:

Quick to deploy at field locations. Once agreements with the satellite and hub providers are in place, additional VSAT dishes can be installed within a few days. Terrestrial lines, on the other hand, can require months to install, depending on the carrier, location, and other logistical factors. Some organizations have mounted VSAT dishes on flatbed trucks so that they can be set up quickly; they can then be moved to another location.
Only practical solution for very remote locations. For example, in the natural gas industry, pipelines must be run across thousands of miles, some parts of which may be ten to hundreds of miles away from the nearest telecom point of presence (POP). In those cases, satellite transmission of technical data (e.g., pipeline pressure and flow) is the only reasonable way to monitor the pipeline. Similarly, some rural locations cannot get terrestrial services (other than ordinary telephone service) because their usage does not justify the high investment required by the local telephone company to run the conduit.

Low cost relative to terrestrial lines. In many cases, satellite communications will cost one third to one half that of its terrestrial counterpart. One-way video, in particular, is drastically less expensive than alternatives because of the satellite's ability to carry broadband transmissions. Sometimes, satellite communications are used solely as a backup in case terrestrial lines are down.

Exhibit 2: Sample Costs to Transfer Internationally 600 Megabytes to 10,000 Subscribers

Technology	Transmission Rate (Mbps)	Transfer Time	Transfer Cost (U.S. $)
Telephone line	0.04	2 days	1,500,000
ISDN	0.12	12 hours	100,000
ADSL	1.5	1 hour	20,000
Cable	4	20 minutes	1,200
Satellite	40	2 minutes	25

Works when parts of the public network are down. As recent world events have reminded us, a temporary slowdown in the public switched telephone network is often a consequence of high-visibility disasters. Telephone lines and cellular phones (which ultimately use terrestrial lines) become swamped. In contrast, VSAT dishes need only electrical power and a clear line of sight with the appropriate satellite. They are unaffected by congestion on the public network or any circuit/equipment breakdown in the POP itself. The one exception to satellite independence from terrestrial carriers is the need to use conventional lines for the backhaul circuit.
Capable of efficiently multicasting text, images, video, and audio over large geographic areas. In contrast, multicasting via terrestrial lines often equates to repeated transmissions of the same information, wasting valuable band-width. Note that multicasting is a one-way, one-to-many medium.
Bypasses Internet congestion points when used for Internet transmissions.
Only one or two providers needed for end-to-end international communications. For terrestrial leased line management of international connections, each individual carrier usually manages its segment of the link. A satellite connection, on the other hand, may use only a single supplier who is responsible for the quality and management of the international backbone connection.

Disadvantages include:

Weather interference. Bad weather (discussed in detail later) can disrupt satellite communications. Heavy rains, ice storms, and even the vernal/ autumnal equinox can sometimes disrupt the signal.
Propagation delay. Geosynchronous satellites must be positioned so high above the Earth that even traveling near the speed of light, signals do not instantly traverse from end to end. Voice carried over geosynchronous satellite, while still used for mobile communications such as Inmarsat satellite phones, is considered inferior to landlines for routine business communications. The one-half to one-second delay is disconcerting for most individuals who are used to the full duplex mode of the traditional public network (i.e., both parties can talk at the same time, without delay). From a data communications perspective, this limitation makes both Internet access and highly interactive applications unsuitable for routine use over satellite links.
Limited two-way bandwidth. While video "downlinks" from the satellite are carried over a large bandwidth, uplinks (from the VSAT dish to the satellite) are narrowband (typically 64 to 256 kbps).