ITU-T Workshop on Bridging the Standardization Gap and

ITU-T Workshop on Bridging the Standardization Gap and Interactive Training Session (Nadi, Fiji, 4 – 6 July 2011 ) e. Government IP Telephony Experience in Korea Jay. H Kim, Xener Systems Nadi, Fiji, 4 – 6 July 2011

Contents IP Telephony & Unified Communication 1. Introduction to Korean e-Gov. IPT Project 2.

IP Telephony & Unified Communication Introduction Korean E-Gov. IP Telephony Project Copyright © 2011

South Korea ranks 1 st in UN e-government survey Quoted as “The country’s prize winning e-government system is expected to serve as a model for many other countries planning to establish e-government systems. ” Source of Article: http: //unpan. org/Library/Major. Publications/DELUNEGovernment. Survey/Public. EGovernance. Surveyinthe. Ne ws/tabid/651/mctl/Article. View/Module. Id/1555/article. Id/22303/Default. aspx 4

Example of Benefits from e-Gov. Project World’s Highest On-line survey Ratio in National Census (in 2011) On-line Participation Ratio reaches 40% 756 households out of 1, 889 households across the nation 40. 1% The previous world record by Canada was 18. 5%(in 2006) Savings as much as 18. 4 Million USD Initial forecasting: 30% savings by 16. 4 Million USD Additional savings, 2 M USD, thanks to 40% participation 5

Driving Forces of Gov. IPT Project Korean Government’s Master plan: § 20% Cut down on telecommunication cost of each person § Nationwide implementation of Bc. N (Broadband converged Network) Korean Central Government complex IPT Keeping pace with Internet Telephony widespread Modernization of Telephony Network of Korean Gov. Take an Initiative of Being a Reference Model of Gov. IPT

Korea Government Efforts for e-Gov. IPT 1 v Nov. 2008: Make a guideline for adopting Vo. IP by government agencies • Draw up a guideline to regulate the introduction of Vo. IP by government organizations. • Define roles for each entity Service operator: Network interworking and management Gov. team in charge: regulation for Vo. IP introduction and usage, recommended vendors and specification Gov. organization: Budget for Vo. IP and implementation 2 v Dec. 2008: Plan for introduction of Vo. IP by Gov. organizations • New-year Administrative Report to the President of Korea (2009) 3 v Feb ~ June. 2009 : Briefing Session about Vo. IP for Gov. agencies Explanation to Gov. agencies (2 times) to service operators (3 times)

Korea Government Efforts for e-Gov. IPT (continued) 4 v Mar. 2009: Set up a Test Bed to experience and promote Vo. IP 5 v July 2009: Selection of Vo. IP service operators 6 v Aug. 2009: Make a plan for long-term development of Gov. Vo. IP. 7 v Aug. 2009 ~ : Vo. IP deployment in Central Government Complex • Comprehensive test in interoperability and quality and security(encryption) and standard-compliance • With the group of system vendors and of service provider, respectively, • who will manage and operate Gov. telephony system • KT, SK Broadband, Samsung Networks, LG Dacom • Research on Vo. IP usage and Vo. IP in general • Phased deployment plan, planning of strategic projects, and effects expected • The office of Prime minister • Ministry of Legislation • Ministry of Public Administration and Security • Ministry of Education, Science and Technology, etc.

Interworking with Vo. IP Service Operators 4 SPs were selected to serve government buildings with leased data lines. Government organizations can choose a serving ITSP at their discretion. KT Commercial Network SKBB Commercial Network LGD Commercial Network SSN Commercial Network Internet Telephony Network (KT) Internet Telephony Network (SKBB) Internet Telephony Network (LGD) Internet Telephony Network (SSN) SG SSW TG VG SG SG SSW TG TG SBC VG SSW SBC VG SBC IP-PBX IP phones SSW TG IP network for government IPT project Public Offices SG Video phone VG SBC

Benefits Gained through IPT Pave the way for e-Government Goal, ‘All-IP e-Government’ Adopting TDM-free IP Telephony environment: called ‘Pure IP PBX’ Serves as a foundation for future advanced services IP Contact Center(Customer Service), UC(Unified Communication) Top Level of Telephony Quality and Security Quality control system ensures top-notch communication quality. World-best reliable and powerful network infrastructure: IP backbone, Soft Switch, Operator’s experience Adopt enhanced Vo. IP security with a dedicated equipment for Vo. IP services Trustworthy interworking with designated Vo. IP service operators Improvement of Administrative Work Performance Improvement in work efficiency and productivity on a fast network infrastructure Increased satisfaction about public service Corporate ring-back tone Click-to-call on the Web: Direct access to Call Center 1 -person-1 -phone: direct and fast reach to a public servant in service Open doors to the public for convenient communication channel

IP Telephony & Unified Communication The Guidelines Korea Government’s IP Telephony Copyright © 2011

Guidelines for Korea Government’s IPT ü Internet Telephony Security guideline ü IP Telephony mutual supplementary service guideline ü IP telephony – public agency – standard model ü Usage of IP telephony ü Design guide of government agency’s IP telephony network ü E-Gov. IPT network usage guide ü IP Telephone installation guide ü IP Telephony Operation guide for Government Agencies

Key Points to be Considered Openness / Stand Compliance / Service Availability / Vo. IP Security • interoperable with various IP phones from many vendors • No proprietary specification, strict compliance with int’l standards Openness IP-PBX SSW • Secure communication and auth. • Vo. IP network protection • Support for standard SIP Connect • Integration with the existing equipments PSTN Standard Compliance H. 323 • Service is always available SIP Num. • Regardless of system fault, network fault, natural disaster Vo. IP Security Service Availability

Key Points to be Considered Key Point 1 : Openness IPPBX accommodates diverse IP terminals, based on open technology and common standard. § IP PBXs and IP phones should be compatible with each other, regardless of its manufacturers. § Vendor A Vendor B Vendor C Vendor J IP PBX Vendor D Vendor I Standard SIP Protocol (RFC 3261) Vendor E Vendor G Vendor H Vendor F Benefit § a wide range of choice in IP terminals § free from vendor lock-in(dependency) § easy to secure compatible terminals and no worry about vendor bankruptcy

Key Points to be Considered Key Point 2 : Standard Compliance § IP PBX must well interoperate with not only IP phones but also Soft Switch(IPT Toll). ① SSW <-> Vo. IP operator ① SIP IPT Toll (SSW) • SIP protocol (standard) ITSP • National standard (by Gov. ) PSTN ② IP-PBX <-> SSW SIP-connect ② PBX E 1/T 1 IP-PBX ③ Access Gateway Analog Phones • Trunk Gateway SIP Connect (int’l standard) SIP Analog Phones IP Phones ③ IP-PBX <-> IP Terminals • Specification for call features • SIP Protocol & Security • NAT traversal needed

Key Points to be Considered Key Point 3 : Service Availability v In case of system failure / network failure / power failure / natural disaster v The telephone service continuity should be ensured System Redundancy (Component Virtual IP Address) Active Standby Data Redundancy (Heartbeat Link) LAN I/F Redundancy (System Virtual IP Address) Data Link 1 Data Link 2 § Redundancy (system / network interface / data / power) § Fallback for Power Failure / Interworking with PSTN network Po. E S/W

Key Points to be Considered Key Point 4 : Vo. IP Security § Standard Recommendation for Authentication and Encryption Item Standard Recommendation Device(Terminal) Authentication PKI (Public Key Infrastructure) User Authentication HTTP Digest (RFC 2617) Security Protocol International Standard Algorithm PKI Security Protocol s. RTP (RFC 3711) Encryption Algorithm International Standard Algorithm Message Authentication Code HMAC-SHA 1 (RFC 2104) Key Management Media Encryption Algorithm Key Management Signaling Encryption TLS v 1. 2 (RFC 5246) SDES (RFC 4568) § Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005

Introduction Model of IPT for Gov. IPT Service Infrastructure Configuration § Ministry of Public Administration and Security designated National Information and Communication Service Providers. (B Group - internet service, C Group - internet telephony service) § Gov. agencies use IPT service by utilizing IP infrastructure of B group providers and IPT systems of C group providers. ITSP 1 ITSP 2 ITSP 3 ITSP 4 ISP (KT) ISP (SKBB) • ITSP : Internet Telephony Service Provider • ISP : Internet Service Provider Analog phone

Introduction Model of IPT for Gov. 3 Introduction Models (A, B and C) § Gov. agencies select appropriate model among 3 models according to the necessity and characteristics of each agency Model A Model B Model C Replace legacy PBX and all analog Replace legacy PBX with IP PBX Maintain legacy PBX and analog phones with IPT systems Maintain existing analog phones and Introduce additional IP phones Introduce additional IP PBX and IP phones ITSP infra PSTN network F/W F/W PSTN network PABX IP phone IP PBX Analog phone IP phone, IP PBX, TG(Trunk Gateway), AG(Access Gateway)

Introduction Standards of IPT for Gov. The Standard for LAN Construction § Po. E switch v Cabling § Complying with IEEE 8. 2. 3 af § Provide electrical power to IP phone and PC through UTP cable § IP Phone and PC should share v VLAN setting § By using VLAN technology, one port of Po. E switch. § separate Voice traffic and date IP Phone has 2 Ethernet ports traffic logically and provide port switching function. (LAN port, PC port) § Enhanced voice quality and security UPS Po. E switch Voice traffic : tagged 802. 1 q Inline power Switching Function support § UPS : Uninterruptible power supply § Po. E : Power of Ethernet Sharing one port (IP phone and PC) Data traffic : untagged 802. 3

Introduction Standards of IPT for Gov. The Standard for WAN Construction § For reliable and high quality IPT service § Gov. agency should select proper voice codec and design network bandwidth properly. Standard for calculating network B/W Codec Type Codec itself B/W Codec Payload G. 711 64 Kbps Size of Vo. IP Header +Trailer (in Ethernet) B/W 138 Byte 80 Byte Vo. IP Payload (IPv 4) in Ethernet 138 Byte x 8 x (1000 ms/10 ms) = 110, 400 bps = 110. 4 Kbps 68 Byte 68 Byte x 8 x (1000 ms/10 ms) = 54, 400 bps = 54. 4 Kbps 58 Byte G. 729 8 Kbps 10 Byte The Standard for System Capacity Design – IP PBX § The capacity of IP PBX = The number of IP Phone users § In case of subscribers growth, IP PBX’s capacity should be expanded without additional H/W installation (Software-based license support)

Introduction Standards of IPT for Gov. The Standard for System Capacity Design – Gateway v Trunk Gateway port capacity [Case 1] TG directly interworks with PSTN [Case 2] Through TG, IP PBX interworks with legacy PBX network IP PBX The number of TG ports = The number of lines from telephone company E 1 PRI DID/DOD Calculate the number of TG ports according to traffic volume E 1 PRI DID/DOD v Analog Gateway port capacity § FXS port of AG accommodates analog phones and FAXs. § The number of FXS ports of analog gateway = the number of analog phones and FAXs

Introduction Standards of IPT for Gov. The Standard for Integrated NMS Introduction § Integrated NMS : operation and management system for IPT systems (IP PBX, IP phones, TG) § For more efficient operation and reliable IPT service, introduction for NMS is recommended. ¡ Management I-NMS IPPBX ¡ Operation ¡ Monitoring Gateway ¡ IP terminal Provisioning ¡ F/W update SNMPv 1/v 2 IP phone The Standard for IP Phone Introduction § Po. E support / Menu button support / Setting through web browser support § Switching function support (LAN configuration) / PSTN port support § Secondary IP PBX address setting in case of system failure The Standard for Access Gateway Introduction § Consist of at least one port FXS and FXO, Accommodate FAX (T. 38 standard support) § Secondary IP PBX address setting in case of system failure § Setting through web browser support , Security standard support

Supplementary Services Guidelines § Supplementary services are divided into mandatory and optional services § Gov. agencies should use mandatory supplementary services for cost reduction, improvement for convenience and public administration service. § Other supplementary service (optional) is optionally selected and used according to characteristics and necessity. Basic Supplementary Services [example] v User Group Services § § § Call Hunt Group (M) Call Blocking /Barring (O) Call Restriction by Operator (O) Malicious Call Trace (O) Multiple calls per line appearance (O) Multiple line appearance (O) One Number Multi-phone (O) Distinctive ring (O) Intercom (O) Group Call (O) Direct Inward System Access (DISA) (O) Auto Attendant (O) ※ M : mandatory, O : optional v Subscriber Service § § § § Calling Line Identification (M) Caller ID Blocking (O) Call forward (M) Music-on-hold (M) Call park / Parked call pickup (O) Pickup (M) Call Transfer (M) Call Hold (M) Call Back Busy Subscriber (O) Wake-up Call (O) Call Intrusion (O) Call Override (O) Privacy (O) Do Not Disturb (DND) (O) The Anonymous Call Rejection (ACR) (O)

Technology Specification and Interoperability IP PBX v Interworking feature § IP PBX interworks with various system and PSTN network via designated protocols Interworking system ITSP systems SIP phone protocol SIP (RFC 3261 and Extension Method) Authentication server LDAP or RADIUS Billing server RADIUS or FTP NMS SNMP v 1/v 2/v 3 Gateway v SIP handling feature (for interworking with ITSP network) § Register method handling / Invite method handling v Authentication and encryption specification § Comply with Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005

Technology Specification and Interoperability IP Phone v Codec § Audio : G. 711 alaw, G. 711 ulaw, G. 729 A, G. 729 B § Video : H. 263(mandatory), H. 264(high end) over CIF , over 30 frames/second § codec Negotiation feature v Protocol § SIP, SNMP V 1, V 2, V 3, TLS, SRTP v Authentication and encryption specification § Comply with Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005 v Standard for Qo. S § Packet Delay : less than 100 ms (END to END) § Jitter 10/20 ms, without Packet Loss (G. 729) : R value over 70 / (G. 711) : R value over 80 § Call success rate : Over 97% § Maintaining long call (under the condition of using CODEC G. 711/729 , over 12 hours § Silence Suppression, VAD (voice activity detection), , CNG (Comfort Noise Generation), etc.

Fault Handling Plan Fault handling procedure Fault detection Fault notification Report & Inspection Fault handling Report result of fault handling Fault Occur Primary care (maintenance company) Solve the problem Fault handing complete & analyze Need Technical support Call supplier’s engineer Supplier’s engineer can’t solve the problem Help Desk of partner Help desk can solve the problem by itself Call manufacturer’s engineer Fault handling complete & report

Security Guideline for Gov. IP Telephony NIS Security Review § At the planning stage, Gov. agency should take the security review by NIS § Introduce security systems have CC certificate and pass the security compliance verification test. Strong Authentication and Encryption § To use IPT service safely § Accurate authentication and encryption for signal and voice are required. Standard Recommendation for Authentication and Encryption Item Standard Recommendation Device Authentication PKI (Public Key Infrastructure) User Authentication HTTP Digest (RFC 2617) Security Protocol International Standard Algorithm PKI Security Protocol Media Encryption Algorithm Key Management Signaling Encryption TLS v 1. 2 (RFC 5246) s. RTP (RFC 3711) Encryption Algorithm International Standard Algorithm Message Authentication Code HMAC-SHA 1 (RFC 2104) Key Management SDES (RFC 4568)

Security Guideline for Gov. IP Telephony Security for External Section v Before Providing National Information and Communication Service (C group provider) IP Network § Limited internet telephony service IP PBX TGW PSTN § Internal section : IPT service § External section : PSTN service IP phone Business PC v After Providing National Information and Communication Service (C group provider) § If the National Information and Communication service provider properly apply security measures required by NIS, Gov. agencies use IPT service in all section. (internal and external ) ITSP SG IP PBX SSW Back up TG VG SBC TGW IP phone Business PC PSTN

Security Guideline for Gov. IP Telephony Voice and Data Network Separation Plan (VLAN) § Integrated network have a higher risk of quality reduction /difficulty of expansion /wiretapping. § Separation between voice and date network is required. § Physical separation : cost rising § Logical separation(VLAN) is recommended. : advanced security : high increased management efficiency Introduction of security system specialized for IPT § Detecting and blocking external attack with security system specialized for internet telephony § Firewall specialized for IPT § Intrusion detection(protection) system specialized for IPT F/W IPT IDS(IPS)

Security Guideline for Gov. IP Telephony Back up Configuration in Case of Failure v System Redundancy (Active – Standby or Active – Active) System Redundancy (Component Virtual IP Address) Active 1) Active 3) Standby 1) Standby 2)Switch-over 3) Active Sync. Data Redundancy (Heartbeat Link) LAN I/F Redundancy (System Virtual IP Address) Data Link 1 Data Link 2 l l Automatic Fail Detection (Heart-beat Check) Auto Switch-over (within 5 seconds) Call Status Preservation DB/Data Synchronization (In-memory DB) v Power Redundancy Po. E v Fallback for Power Failure § Uninterruptible power supply(UPS) § Po. E(Power of Ethernet) switch § IP phone supporting Po. E Inline power UPS

Introduction Standards of IPT for Gov. Back up Configuration in Case of Failure v Alternative Routing in case of IP Network Failure § In case of system failure / network failure / natural disaster § Providing internal and external call for such emergency call as 119 and back up call by Interworking with PSTN network ITSP 1 ITSP 2 ISP X Government Office

All Requirement Compliant product - Xener Redundancy Inter operability Openness Security (IP sec & TLS) Efficient Total solution Tested & Proven Solution