Wednesday, 18 May 2016

Product Review: Anynode SBC with Skype for Business

Hello Readers.  Hope you're well.

In today's issue I will be reviewing the Anynode software SBC from TE-Systems.

We all know that Skype for Business is the Swiss Army Knife™ of communications platforms.  Everything it does, it does well.  Everything, from Instant Messaging and Presence to Sharing and Meetings and of course Audio and Video, it does at least as well as the competition.  Some might say it is a truly Unified Communications platform.  

I've said before that Lync and now Skype for Business can replace so many disparate things that a return on your investment is pretty well assured.  This is especially true when you replace your existing/old PBX with Skype for Business.  

The savings comes from a few places and starts with space.  Old PBXs can be huge.  Some can take up whole rooms or even floors in buildings.  The components can be made up of several cabinets worth of hardware just to make it all work.  All of these cabinets require power.  Add to that are the racks of, sometimes, proprietary patch panels wired into the system for all of the phones.  Some old systems can be made to take IP Phones, but that's another cabinet full of components. 

Next is maintenance and support.  The older the PBX the more it costs to maintain and support.  Over time, components for the PBX become more and more rare, and rare means expensive.  Over time, the knowledge and expertise becomes more rare as well.  You either need to have someone on staff that is an expert in this thing or find and retain the expertise from a service provider.  Either way, you pay a premium for retaining the expertise.

Then there are the lines.  The universal standard is ISDN.  ISDN is expensive, especially when compared to SIP (I'll come back to that).  But it isn't just the expense of ISDN.  

ISDN is largely inflexible

Firstly, it relies on the equipment it is connected to, to make it work.  Not all ISDN is created equal.  There have been several variants over the years.  Nowadays the standard is Euro ISDN, QSIG and some other regional variants.  Go back a few years and you might have DASS or DPNSS.  If you do have one of these legacy lines it means that if you ever want to change your PBX you need to be sure that the new system can cope with them.  This might mean media converters (something else to go wrong), although in some cases, your telco might be able to upgrade your lines to a modern standard.

Secondly, if you want to move anywhere, you might not be able to keep your numbers.  I've seen cases where someone wanted to move to the other side of the road and were told that they couldn't keep their numbers because they would be in a different part of the exchange.  

Thirdly, resilience is a pain.  Since an ISDN line is installed in a physical box in the comms room that creates a single point of failure.  That line can only be plugged into one PBX/Gateway for a start.  And because the numbers are tied to that box they can't be easily moved in the event of a disaster.  There are, of course, new ways to tackle that.  Cloud numbering is one solution.  This is essentially migrating your number ranges to your telco's cloud (SIP) and they point those numbers to a completely new and unrelated range of numbers that live on the ISDN box.  This adds an additional level of complexity because you need number manipulation in your gateway or PBX to point these fake numbers to the published numbers of your staff on the way in.  And on the way out you need to manipulate them again so that the published number gets presented to the callee. 

ISDN is Expensive
I said I'd come back to this.  ISDN is many times more expensive than SIP trunks for the equivalent number of channels.  If you have a few multi channel ISDN lines in one office that's bad enough.  Compound that by having lines in many offices and you will be spending a small fortune.  Line rental is just one component of the cost.  The actual call rates are always cheaper on SIP.

SIP is Better
SIP is cheaper, more flexible than ISDN.  It is also resilient and portable.  You can have all of your numbers from all of your sites ported to SIP and have them delivered to one or more locations.  This gets connected to your telephony equipment or your Lync or Skype for Business platform using a Session Border Controller (SBC).  Which brings me nicely to the point of this post.

Do I need an SBC?
The short answer, is no.  But the better answer is yes.  Deploying an SBC has numerous security benefits such as eliminating spoofing, denial-of-service attacks and toll fraud.  On a more practical level an SBC is a gateway between several systems.  On one side you have your SIP trunks from one or more providers.  On the other you have your PBX, your FXS VoIP gateways and Skype for Business.  The SBC/Gateway is the glue that binds all of these systems together.  The SBC is there to make routing decisions to point calls from one place to another.  From one system to another.  For instance, a call from your SIP provider can be routed to your PBX or Skype for Business, or an FXS gateway and on to an analog device, or a SIP phone registered directly to the SBC, or all of the above.  The SBC is the one device that can talk to all devices.

Do I need an SBC for Skype for Business?
If you only have a single qualified SIP provider to connect Skype for Business to the PSTN, you can configure your Mediation Server to connect directly to the SIP Peer of the provider.  Keep in mind, however, that this means you need a Mediation Server which has a leg in your perimeter network AND your LAN.  This exposes your LAN and your Skype for Business servers to the outside world.  Of course this can be locked down by the firewall but you get the point.  I mentioned qualified above.  Not all SIP providers are qualified to be connected directly to Skype for Business.  In fact there are surprisingly few that are.  Similar to the surprisingly few SBCs that are qualified to be connected to Skype for Business.

Qualification is important
I've mentioned this in several posts now, but qualification, when it comes to Lync and Skype for Business, is vitally important.  It means that the vendor has shown a commitment to the ecosystem, for one.  And it means that the device or application has undergone testing from Microsoft to make sure it works.

Qualification is a process vendors go through with a Microsoft program called the Unified Communications Open Interoperability Program (UCOIP for short).  The vendor submits hardware with particular versions of software to Microsoft for testing and Microsoft either grants it or doesn't.

Currently the vendors are (in alphabetical order) Acme Packet, Anynode, Audiocodes, Avaya, Ferrari Electronic and Sonus.

For a full list of those that are qualified click here

On with the show.

The Review - Anynode SBC from TE-Systems 

What is it?
The Anynode SBC from TE Systems is a software SBC that runs as an application on Windows and Linux (Debian or Ubuntu).  It can run as a physical or virtual server and can even run, I'm told, on a Raspberry Pi.  It can apparently run as an application on your SfB Mediation server, although I can't imagine that is supported.

Why do you need one? 
As I've said above, you need an SBC to be the gateway between your Skype for Business environment, your SIP provider and your PBX estate.

Now you have one
Now you have it, you pick your variant, download it and install it.  I'm running it on a standalone Windows Server 2012 R2 x64 virtual server.

Installation is really easy and takes just a few minutes.  Double click on the EXE and you get the following splash screen.
Read the license terms and Click "I agree", then Install

 Choose your web-server port to access the Front End (Web UI) and click OK.

Now it is installed.  Click Launch to launch the Front End.

The first time you run the Front End it displays a popup warning about the license being missing.

If you have obtained a license from Anynode, click yes.

You will be taken to a license wizard
You can choose to import a license file, license on demand directly from TE-Systems and you can use a demo license which is limited by the number of sessions and it plays some announcements occasionally.

I obtained a license from TE-Systems, so I chose to import it.  Browse to the location of the file and click upload and finish.

Now that the system is licensed it needs to be configured.  At first run this is what you see.

You can go through the menus and manually configure every component (I think), but there are also Wizards.  Who doesn't love a wizard?

In my case I wanted to Create a relationship between Skype for Business and a VoIP Provider.  Choose the one you want and click Start.

First, Configure your Skype for Business environment
Click Configure

Now you create a new network adapter
Ports.  This is what the Anynode server will listen on.  Interestingly, 5090 and 5091 is entered by default for those that run it on the mediation server.

Now enter your SIP domain or a specific host address, port and protocol of your mediation server.  

If you choose the SIP domain rather than host address you must also create one or two SRV records in your internal DNS.  

Anynode will query the SRV records and along with the correct priority and weight, port and host of your mediation server.  

If you want to load balance to multiple mediation servers, create multiple SRV records.  If you have an order of preference, you can use the Priority and Weight fields.  The record with the lowest Priority is chosen first (like an MX record).  Weight is used for load balancing.  If you have more than one record with the same priority, the weight is used to select the order they are picked. Larger weights should be given a proportionately higher probability of being selected.

If you have any incoming or outgoing manipulations enter them in the next two screens.  Otherwise skip ahead to Name.  

Change the name if you want, otherwise it will be called Skype for Business.  Then click finish.

This takes you back to the main wizard.  Next you choose your VoIP provider.

Click configure
This opens up a list of provider presets.  Choose the one you are using or other if it isn't listed.

In the next screen you choose your network controller or create a new one if you have multiple NICs.

You can choose the port of your provider along with NAT traversal if you need to.

If you selected a provider from the list, the DNS name should be correct.  You can edit if not, or enter a new endpoint, for instance, if you have a router from the provider.
Enter your SIP Proxy, if any
If your provider uses authentication, you can enter it here
Incoming Manipulation

Outgoing Manipulation 

You can skip past routing domains to name and enter it here.

Now you are at the summary screen for your VoIP provider.  Click next to return to the main wizard again.

Now choose direct routing or dial string.  You should choose dial string to prevent hackers.

Choose your option

Here you can enter the prefix and suffix of your DDI range
 Next for the summary screen and next again to go back to the main wizard

 Click configure

Choose an option

Here you can enter the prefix and suffix if you want.

And finish.

Now assuming everything was correct, it should be working.  The whole thing took about 10 minutes because it was the first time I had seen it.  I recon you could get it down to just a few minutes the more you do.

If you need to edit a Node, for instance, click on the Node and you get a graphical flow diagram.  

Each box takes you to the relevant section.

I'm testing a beta version of code 1.250.39 which has a new dashboard in monitor mode. 

Active sessions

You can also review active sessions, call history statistics and events.  There's even a nifty trace analyzer for, you know...

What else does it do?
In addition to connecting to Skype for Business, PBXs and VoIP providers, it can also connect to Active Directory which can be used to help with routing decisions.  

Call forking is also standard and can be used to send calls to multiple places at the same time and also to create hunt groups right on the SBC.  

This new version of code can be used as a SIP registrar for phones and such.

I guess if you need ISDN or Analog line or device support you can use a VoIP gateway or ATA.  I believe you can also use trunk cards in a physical server to make an "appliance" of sorts.

There is also a new scripted version for Cloud Connector Edition.  It uses the same kind of PowerShell script that CCE itself uses and it deploys a virtual server in Hyper-V with the base configuration on it.  After that you run through the wizard to connect to CCE and your VoIP provider or PBX.

Here is a good video of it in action.  This is next on my list.

Is it any good?
It is early days, but I'd say yes.  It is quick and easy to configure. It seems to have a lot of the features of the other vendors SBCs, not that I have a feature comparison.  It is being developed constantly which a lot of additional features in the roadmap.  And best of all, it is software.  Installation takes minutes.  Upgrading takes about 60 seconds between versions (I went from 1.28.0 to 1.250.39 today).  

I had to call on support and they were very helpful.  Resolved my problem in a couple of minutes and answered several questions I had that made it in to this post along with the Beta version of code.  Thanks Daniel

What's wrong with it?
Nothing that I can see.  

What would I change?
It would be nice to have an inline help menu that explains what's on the screen and what you are configuring.

There are 6 qualified vendors that do SBCs for Skype for Business.  5 of them do primarily hardware versions.  Audiocodes has a software version.  Sonus currently has a resource intensive software version based on the 5XXX code.  The others are hardware only.  

Anynode is different.  They don't do a hardware version.  It is software which is more agile and easy to upgrade.  You scale the server to your particular needs and buy the license for the number of sessions.  Pricing starts at €900 for 10 SIP to SIP sessions including support for the first year (subsequent years are 20% of RRP).  You can even have redundancy options.

It runs on a pretty minimally specked server and even on a Raspberry Pi.

I think it is a great device which is simple to install and configure.  I'm sure it can get really complex, but I've yet to explore.  They have a big list of manuals for every scenario.  And that scripted CCE version shows some great vision that, I'm told, impressed Microsoft. 

Highly recommended.

Additional Info
If you want information about this or any of the other products from TE-Systems visit their website.

For detailed information about the Anynode product click here.

Thanks for reading.

If this or any other post has been useful to you please take a moment to share.  Comments are welcome.