The Asterisk VoIP ecosystem

The Voice over IP market is maturing for small businesses, especially those that are tired of paying big bucks for overpriced, proprietary PBX phone systems that lack the ability to scale as a customer’s business grows. This is an excellent opportunity for VARs to get in on the ground floor and make margins in the high 20 – 30% range if they have the right combination of voice and data skills.

In this story for eWeek this month, I talk about ways that VARs can become of this new opportunity for integrated IP PBXs with software from Asterisk.

Caught between computers

There must be something wrong with me this week. For someone who has spent the better part of his career dealing with networked systems, I seem to be caught in between computer networks more often than most people. Or maybe it is just because I am more sensitive to the issues involved? It’s downright spooky.

First there was my Bank of America online account. BofA bought credit card issuer MBNA a while back, and on Monday they finally brought together the two systems, so I can view my card transactions from the same system that has my banking details. I was counting the days, let me tell you. Things don’t much more exciting around here than the chance to see two systems brought together to make my life easier.

Well, so much for anticipation. When I went to pay my bills, I got dumped into a screen telling me how wonderful BofA was going to make my life if I wanted to sign up for their electronic bill presentment system. Trouble is, I already had done a lot of work specifying my payees under the old system, the same payees that were MIA from the screen I was looking at. Harumph.

I fired off an email to BofA support (well, a pseudo-email, because you can’t really communicate with their support over ordinary email, thanks spammers) and got a non-reply reply telling me that I basically was an idiot and asking me to send them tons of useless documentation. So I called them, and after spending 45 minutes on their line waiting and talking to someone that didn’t know anything, I finally got a representative that fessed up that yes, it was them and not me, and yes, the unification of their back-end systems wasn’t going well and it would be a few more days before they fixed things. Just so my time on hold wasn’t a complete waste, I asked that this kindly person communicate to their support department that people like me aren’t crazy and deserve a bit more respect when they debug the bank’s systems for them.

The funny thing is that BofA has me listed in their system as being a customer since the 1980s, when I must have opened an account with some subsidiary that they have since bought and I have since forgotten about. How about that? So is this any way to treat such a long-term customer, I ask you?

Next it was on to Macy’s, which has been busy unifying things on the department store scene. My wife recently bought some furniture and was motivated to open a charge card to get a nice discount. She couldn’t get a new card, because Macy’s claimed that she already had one with one of the department store chains they have since bought. When she tried to open one in my name, she hit a snag with one computer not liking what was being input. Eventually, we sorted it all out, but not while my wife was at the store for several hours. This week I finally got my card, but now we have to chase the discount down. Doubtful, I say.

To top things off, I had to ship something out today via FedEx and I went to their Web site to try to find one of their nearby storefronts. Well, since FedEx bought Kinkos you can’t easily tell what is a shipping storefront and what is a copyshop. And polluting the screen listings are the many places that are basically nothing more than a mailbox on a street corner. If the package that I had was small enough to fit in one of their drop boxes, I would be good. But it wasn’t, and the unified Web site is a real mess to navigate to find the right place.

How hard can it be for FedEx to improve their store listings? People come to their Web site to do two or three simple things. Ironically, FedEx was an early adopter of Web technologies and had a very useable site for far longer than its competitors. Not now, though.

I may start using UPS, they have two locations within a few blocks. And while I would love to switch from BofA, it’s too much trouble, and anyway they got my problem fixed this morning.

I know it is nice that all these companies are expanding, buying out their competitors and making tons of money. But guys, let’s get the basic business integration issues down sooner rather than later. Customers shouldn’t be your beta testers.

Okay, thanks for listening to me vent. You can return to your regularly scheduled programming now.

New parking technologies

The journey of a thousand miles usually begins and ends with finding a parking space. To make it easier to find and pay for that space, various technologies that have long been popular overseas are coming to a garage or street near you.

These innovations include online reservation and available space tracking systems, paying for parking using credit cards and other cashless mechanisms, new ways to monitor and enforce residential street parking, and automated garages that transport your car off the street robotically. These aren’t just flashy hi-tech toys, but help make parking more convenient, reduce the frustration and congestion of drivers circling parking lots, and increase revenue and space utilization for cash-starved cities too.

You can read more about these technologies in my story in the New York Times here.

Insecure hotel LANS

My very first column for PC Week back in 1988 was called The Practical Networker, and the first topic was about hotel connection problems. Back then, we just had to take apart the phones in our rooms to gain access to the little red and green wires to hook up our modems. Sometimes it required surgical skills for those hard-wired phones. Those days seem so quaint now.

Today we have a much more difficult problem, that of insecure and leaky hotel networks. Most hotels don’t really spend the time and energy to lock down their networks, and most business travelers don’t spend the time and energy to lock down their computers. The result is a boon for any corporate spy that has a laptop and minimal skills. Go to any center city convention hotel today and within minute you can collect Powerpoints, secret documents, and business plans on just about any industrial topic. And you don’t need any skill, other than showing up at the right time and place.

The problem is several-fold. First, hotels typically don’t segment their guest LANs – meaning that everyone in the hotel is on the same segment, has the same access, and can see anything across the entire network. This is true for wired and wireless access. Obviously, if a wireless user can sit in the parking lot of the hotel and gain access to the entire hotel LAN, this is even more trouble waiting to happen. The best situation is to have every single guest on a separate virtual LAN so they can’t see anyone else’s traffic. This requires them to use more expensive switching hardware, of course.

Second, many hotels don’t understand their Internet connectivity, and provide little beyond the kind of consumer-grade access that you and I use from our homes. Some even have little or no protection on their Internet connection, as unbelievable as that sounds. There was one hotel I remember vividly in San Diego that had no firewall between its network and the Internet. None, nada. I was attending a conference there during one of the virus outbreaks, and sure enough, a lot of people got infected on Monday morning before they came down for their sessions. In some cases, hotels will give you a public IP address so that you can get out and use your VPN connection. Under these circumstances, these public IPs are really public, you know what I mean?

Some of the Internet providers also don’t understand security, and don’t do anything to protect their customers either. We’ll get back to this in a moment.

Third, most laptop travelers don’t use personal firewalls, still. And if they do use them, they don’t have their configurations setup properly to mask themselves from curious guests who know how to bring up Windows Network Neighborhood and surf around for open file shares. I recently did a demo with a vendor who was sitting in a hotel parking lot somewhere in Salt Lake City. In a minute or two, we were looking at the open file shares on a dozen or more users, all of whom were completely exposed. We were browsing one person’s extensive music collection in a few mouse clicks. Lucky for him, our tastes weren’t similar. (Just kidding.)

Finally, there is the whole wireless issue that just makes things even more insecure. There are hotspots called “evil twins” that are just traps run by clever people that use common names and are set up for the unsuspecting traveler to login to – I have begun noticing these traps more and more when I bring up my laptop. And let’s not even get into how poor wireless security can be.

How prevalent is all of this? Two colleagues, Lisa Phifer and Craig Mathias, traveled around the northeast and tested 24 hotels this past summer. They found trouble almost everywhere they went. Just one in four sites could prevent wireless eavesdropping and block all notebook probes.

Here are a few choice tidbits from their report:

“Hotels can thus be excellent venues for those interested in stealing confidential data from business travelers. Users may assume they are insulated from outsiders, but really have no idea whether any firewall lies between their notebook and the Internet. Business travelers willing to connect to any network that offers free Internet access are especially vulnerable to such attacks – it is literally impossible to tell the good from the bad in this case.”

“Hotspot users might be unpleasantly surprised to discover they are reachable from the Internet [when they choose public IP addresses]. We expected paid networks would protect users from each other or Internet attacks more often than free hotspots, but this was not the case. Several free hotspots had noteworthy exposures, but so did paid networks, including the most expensive sites. “

The only two Internet providers that passed all their security tests were I-Bahn and T-Mobile. They segregate traffic by user and prevent people from inadvertently sharing their connection. The others, including Guest-Tek, Passsym, Starwood, TurboNet, StayOnline, and Wayport, all had security problems.

So, spend some time today making sure your own laptop is properly configured. By all means, if you don’t have a personal firewall on it, now is the time to download one. Zone Alarm is what I use on Windows and it works very well. And the next time you travel, you now have some additional options for in-room entertainment that are absolutely free of charge.

The report is available for download here. As the saying goes, don’t leave home without it.

Remembering Ray Noorda

Ray Noorda died earlier this week and many of you have sent me notes about his passing. He had a profound influence on many of us in the networking industry and was behind many of the technologies and trends that we now take for granted. As a member of my parents’ generation, he was a father figure and mentor to me and many others.

Noorda ran Novell during its glory years of the early 1980/90s. The Novell of yesteryear bears little resemblance to the present company. It began operations in a small Utah suburb located a few miles from the campus of Brigham Young University, and pulled much of its programming talent from the students at the computer science department there. For those of you that have never been to Provo, it is an odd place to start a high-tech company. Provo is dominated by a wall of mountains to the east and rolling hills to the west. Salt Lake City is about an hour up the freeway, past a prison and a bioweapons campus. Until Novell got going, there wasn’t much in high-tech around. Nowadays, the area is filled with former Novell engineers and staffers who have started hundreds of companies, some of which were funded by a private VC firm that Noorda set up with his Novell-created wealth. Intel had a huge presence there, and many others opened up offices to take advantage of the talent that came to the area.

I met Ray several times, and my career in networking was deeply involved with Novell for many years, as sources for my stories, products that I tested and wrote about, clients for my consulting business, and just friends that I made with the many fine people that worked there.

During Ray’s tenure, Novell owned Unix for a period of time, was the first company to get serious about TCP/IP networking, built the first dedicated PC file servers that were any good, made Ethernet networking cards into a solid commercial business, created the first extensive channel program for networking integrators, sold the first PC database servers that could be easily extended, moved network servers into the datacenter, sold integrated email servers, developed the first usable directory service, and many, many more innovations that now seem so ordinary and business-as-usual. They often had a handle on technologies before any of us really knew what to do with them. I am sure that I am forgetting about a few other things here and there.

If you look at this collection of technologies, it is an impressive list. Many of us learned about networking as Novell brought out new software and services, and went through the certifications on Novell products – certifications that were once worth something: and difficult to obtain, requiring more than just paper knowledge and protocols. I covered numerous product launches as a journalist and they were always fun because you could usually get some Novell executive to open up and give you some colorful background. One of these briefings was held at an exclusive ski lodge in the nearby mountains, which was lost on me because I don’t ski but still was a fun place to go. My first taste of Sundance was through many events that Novell held there, too.

I remember my visit to Japan to introduce that country to its version of PC Week. The visit coincided with Novell’s own Japanese launch and I surprised several American executives when my byline for that event appeared in PC Week. Our first networking shootout for PC Week between Ethernet, Arcnet, and Token Ring cemented many relationships with the parties involved in that test. We got Novell to fix the poorly performing Token Ring drivers, not that anyone cares today about Token Ring or Arcnet for that matter.

Novell stories figured prominently in those first issues of Network Computing, a magazine that I created with plenty of support from Novell in 1990 and is still publishing today. When I first opened up shop as a consultant, one of the first things I did was put a Netware server in the Guggenheim Museum to test products for Intel. I think it was a 386. And while I still have my Netware software discs, I don’t think I could set up a server without a lot of work.

Novell was the first to take advantage of the protected mode of 286 chips, beating IBM’s OS/2 to the punch by a few years. It was this file server that I installed at Transamerica Occidental Life back in the mid 1980s, which was the first LAN to be installed there, despite IBM trying to get us to use their crummy attempts. Thus began my own networking career in IT and then into journalism, where I have covered networking topics ever since.

One of my favorite conference speaking sessions was one Interop where I sat down with Drew Major, the principal architect of Netware, for an hour in front of an audience and just had a great talk about the past, present and future of networking. Drew was the real deal and for many of us the soul of networking. At one point, Interop was combined with Networld, Novell’s annual partner conference.

Ray was far from a perfect leader. His biggest weakness was miscalculating Microsoft’s rapid adoption of many of his principle network ideas into Windows 95. Windows 95 was the first Microsoft OS to incorporate a Netware client as part of the OS, and the beginning of the end for Netware. His biggest mistake was buying Word Perfect, another Utah company that fed off local talent, but bled Novell dry and took it away from its core networking competence. He had plenty of hubris when it came to protecting his intellectual property, and many of the almost comical events surrounding Caldera’s Unix lawsuits can be traced to his early litigation with Microsoft on PC DOS.

Today’s Novell is a shadow of its former self. No one cares about Netware anymore, although it is still in use here and there. Its vast and powerful reseller base is in shambles. They are still involved in Unix, having bought SUSE a few years ago. They still sell a directory service, and it still has features that are lacking in Microsoft’s Active Directory, not that anyone thinks about this either. They moved their HQ across the country.

Ray, thanks for taking this young pup for such a great ride in our industry. Those of you that would like to post your own comments and tributes to him, please go to my blog at Strominator.com or send me emails with permission to post your thoughts.

Non-linear entertainment

I had high hopes for a new interactive DVD called The Onyx Project. It features an interesting story, a great role played by David Strathairn (who played Murrow in “Good Night, and Good Luck”), and at first blush, a great new idea on how to make more engaging entertainment.

The idea is intriguing, and comes at a time when the movie and TV business is trying desperately to figure out where this next convergence home run will be. Google buying You Tube is just the latest foray mixing the Web with TV. Look at all the various TV-themed Web sites that support the more popular shows today, and discussion boards about what will happen next on Lost. Clearly, we have begun some baby steps here. Granted, much of the video content on You Tube is stolen snippets from commercial sources, but I guess the Google legal eagles will get things sorted out eventually and we can all get back to stealing music and annoying the RIAA instead.

What Onyx does is provide a framework for browsing the video content, similar to the way a Web browser works in examining Web content. The difference is that the controls are minimal, and there are a lot of hyperlinked clips that you can jump from one place to another on the DVD. There is no way to watch this like a traditional DVD, with menus and chapter titles and the like. Instead, it is a series of scenes that can be woven together, so that your experience navigating and watching this content will likely differ from mine.

You can navigate the various video snippets using some simple onscreen commands to go forward and backward, and jump to a new sequence of scenes. And I should note that this DVD only works on relatively recent Windows XP machines, and ones with significant audio and video processing power too. I had a newish Dell with integrated video/audio and it had the occasional hiccup and garbled sound. You would probably do much better if you have discrete graphics and audio processing available for Onyx.

The story is solid and interesting. It is about a special forces commando mission that has gone awry in the Middle East. Strathairn plays the role of an Army colonel that led the mission. He has returned to a nondescript hotel room and is taping his memories about the mission, the tensions in Iraq and Afghanistan, and his life in the Army running various black ops. His voice dominates most of the video snippets that you see — it is more of a video taped confessional and history lesson rolled into one. He uses lots of military lingo ala Clancy and it is all very au courant.

Despite his performance and a fascinating story line, ultimately Onyx doesn’t succeed. It is the old story that most of us don’t want to work too hard at being entertained. It fails because of its technological underpinnings, which get in the way of the entertainment value of the package.

The issue for me is that I am a mostly linear guy when it comes to watching movies and TV. And while I enjoyed Pulp Fiction and Lost, I watch both of them on DVD because I want to be able to stop and start them when it is convenient for me, and repeat passages that go by quickly or that have poor audio or hard to hear dialogue that is critical to the story.

I mention both of these titles because they are leading examples of great non-linear stories that don’t need a late-model XP PC or a user guide to view their content.

Lost is amazingly nonlinear for a TV show. There are a complex web of characters that come and go, and back stories and flashbacks galore. It is a far cry from Hill Street Blues, which started the concept over a decade ago with an ensemble cast and overlapping stories. And Pulp Fiction had that whole out-of-time sequencing thing that really worked and gets better on subsequent viewings too.

Back to Onyx. I got about an hour or so into the videos and then got stuck. According to the press packet, there are at least five recorded hours of content, which is too bad because I really wanted to find out what happened to the Colonel and his mission. No matter what I clicked on, I was trapped into viewing previously seen segments. First I thought the producers were trying to mimic the Irag war but I think it was just bad software design. Ideally, the system should skip over segments that you have already seen. I started clicking at random, just to get some fresh content, but no luck.

I never did find out what went wrong with the mission in question, which is too bad because there is a lot of great material on the DVD, including some references to current events and stock footage of real people interwoven with the fictional characters. (There we go again, confusing reality with fiction.) It reminded me of my first efforts at playing Myst, where I could never seem to get out of the first level of the game no matter what I clicked on. Sadly, I don’t think there is any cheats to pop up like the game had.

If I were doing Onyx over, I would have several modes of operation, including one that would allow you to play a linear movie from beginning to end, or at least some way of advancing the narrative. There is a “shuffle” command but that didn’t seem to do much and I still was trapped inside the first 50 minutes or so of content. I would also fashion the videos to run in a standard browser or use one of the usual media players, rather than have to rely on its own software to do the navigation.

We are still a far cry from true non-linear entertainment, and in the meantime Onyx is an interesting experiment, but as flawed as its mission that it portrays.