Achieving Internet scale

sipXecs is the first SIP Session Manager solution to use a NOSQL database to scale at the transaction layer.  With the introduction of our SIP Service Oriented Architecture ^TM (SSOA), sipXecs uses mongoDB as its in-memory database to replicate transaction data between different machines that participate in the sipXecs cluster.  A non-relational approach is the best path to database solutions which scale horizontally to incorporate many machines.  Using mongoDB not only gives us fast and efficient replication to many nodes, it also allows for seamless redundancy of SIP call control, disaster recovery, as well as additional services redundancy, including media services such as unified messaging. For the first time any node can take over for any other node in a large and geographically distributed cluster, completely seamless and without dropping any calls.  The system's capacity scales linear with the number of nodes, and nodes can join or leave dynamically.

Redundancy and disaster recovery

Deploying a solution in the cloud requires scale, redundancy and the ability to recover from a disaster (DR).  The sipXecs cluster poses no geographic distance limit between nodes and nodes are organized in a flat hierarchy with a uniform dialplan.  Each node has a full data set including registrations, user credentials, permissions and routing rules.  This means that if a node fails another node in a different location can take over without dropping calls.  Handover happens at the SIP transaction level and fully controlled by DNS. No complicated keep-alive mechanisms are required between nodes.  Network bandwidth requirements between nodes are modest as there is no complex call state information exchanged.  DNS based load sharing can also be used to share load between media services, such as unified messaging.  Several unified messaging servers can be deployed in different geographic locations.  The voicemail message store is replicated between participating nodes using grid file system replication offered by mongoDB.

Geographic distribution

In a large network you often want to operate different points of presence (POPs) in different regions.  These POPs have local trunk access, but you want to distribute load seamlessly between them.  DNS policy can force local traffic to stay local, but to fail over to a remote node if necessary.  Trunk selection for outbound calls is governed by the dialplan and calls can fail over dynamically following a list of gateways specified for each dialing rule.  Trunk gateways are geographically distributed and simply connect to your network infrastructure. Mixing of SIP trunks with legacy PSTN trunks is possible for fail-over purposes and there is no limit to the number of gateways you can deploy in different locations to support the traffic.  Management and administration remain centralized and all locations are managed from one single administrative interface.

Private cloud deployments and hosting

A private cloud, as opposed to a public cloud, offers service to a dedicated large enterprise.  Private clouds are the obvious choice for many large corporations, as they offer all the advantages of a public cloud, but also accommodate the need for data security, privacy, and the flexibility to allow for necessary customizations.  Private clouds allow for the centralization of service into large or regional data centers.  Private cloud deployments can be hosted by a third party or a third party can offer an IT outsourcing contract to operate the service in a private cloud.  Network layer QoS and a good quality infrastructure with sufficient bandwidth and low latency are critical success factors for private cloud deployments.

Virtualization

 The virtualization of real-time media services is still a challenge in high-load environments.  Therefore, hybrid deployments can make sense where media services run on physical hardware and all other services are virtualized.  sipXecs supports such hybrid deployments based on its ability to centrally manage a cluster of machines with individual server roles.  Whether a real-time application can be deployed virtualized does not depend on the application, but the capabilities of the virtualization layer to provide a compute environment suited for real-time.  There is a lot of misunderstanding about this topic out in the media and in corporate brochures.

Multi-tenanting

In order to target a potentially large number of small enterprise, multi-tenant systems are often the most cost effective solution.  sipXecs is not such a multi-tenant system, at least not yet.  We believe that in the mid-size to large enterprise market, private clouds will dominate when it comes to hosted unified communications systems.  A lot of typically smaller companies have asked us about multi-tenant capabilities.  If you are interested and serious about engaging with us to add multi-tenant capabilities into sipXecs, please contact us.  We have a couple of interesting ideas in this area.

Centralized management

Configuration, management, and administration have always been critical elements of any production deployment.  sipXecs offers one of the most comprehensive solutions in the industry to make administration easy and efficient.  We are focused on IT integration, leveraging existing tools and established best practices in IT organizations extensively.  At the same time sipXecs provides comprehensive Web based administration, including centralized installation, configuration, administration, and maintenance of the entire cluster.  sipXecs also provides plug n' play auto-discovery and configuration of devices including phones, softphones and gateways of third party vendors.  This is critical for remote cloud deployments where CPE installed client devices need to be administered in a consistent and cost-effective manner as part of the entire solution.

Monitoring and reporting

Cloud deployments often pose the question about call quality, SLA agreements between the customer and the provider, as well as the ability to perform pre-emptive and corrective maintenance remotely.  Having a good monitoring and reporting solution in place is typically the first step towards a professional service offering that meets the demands of enterprise customers.  There are many excellent tools around offering capabilities in all the above mentioned areas.  The sipXecs team has quite a bit of experience advising customers on how to assess requirements and make trade-offs between different tools.

Network engineering

A good network is the most important factor for a successful cloud service deployment.  VLANs, network layer QoS, bandwidth and jitter, and good quality network layer hardware are all important factors.  Properly configured network services such as DNS and DHCP, but also NTP are critical.  The sipXecs team has seen a lot of different environments.  Contact us if you need help with network design, maybe because you experience bad call quality or other erratic behavior in the performance of your system.

Security

There is no such thing as a completely secure system.  In sipXecs we have taken measures to make it as secure as possible.  All external calls, i.e. all calls to a client not registered on the same system and all registrations are always authenticated.  Strong SIP passwords are automatically generated and managed.  TLS encryption can be turned on for connections to clients, including remote clients with a need to traverse NAT.  TLS can also be used for SIP trunking connections to an ITSP, provided the ITSP supports that.  SRTP, while rarely used, is a matter of encrypting media flows between end points.  Some of the trade-offs to consider with SRTP are performance penalties and management overhead versus added security.  If the system is connected to the Internet, we increasingly see DoS attacks as a result of attempts to hack SIP passwords brute force.  While it is highly unlikely that the sipXecs SIP passwords can be broken, sipXecs uses rate limiting to guard against the negative effects of packet floods.

*certain features first available with release 4.6