Is it secure?
Has it been risk assessed and where are its weak points?
Back in the 1990s when I started to work with telephone and voicemail systems it was all pretty straightforward: install some analogue or ISDN lines and write a vast cheque for a PBX. This meant, in my case, an Alcatel 4400 and an Octel Serenade voicemail server. The handsets were digital, though proprietary, and connected by …
Is it secure?
Has it been risk assessed and where are its weak points?
not really sure this is a stunning piece of investigative journalism more just a paid advert for 3CX
no mention on how easy earlier versions of 3cx were to hack and run up huge bills acting as an open sip gateway (this happened to me, and was only caught out by hitting my SIP trunk providers credit limit)
however the software is pretty robust, we have been using it for 5 or so years, but it is has been pretty rubbish at coping with network binding and changes to our external ip's (thank you telefonica)
I'm currently managing a couple of sites with ancient Nortel BCM 400s. Support for these is going the way of XP in a few years, so I'm looking for alternatives. The problem is while the sites do have structured cabling to 80% of extensions, so conversion to IP is reasonably straightforward there, each site has a handful of handsets (both digital and regular analogue/PSTN) which are only connected via a single pair in remote buildings with long lengths of cable which would be a pain to replace.
Can this system deal with those kinds of extensions?
You'll need an ATA for those.
from cheapass Grandstreams to rock solid Pattons / Audiocodes.
Pay your money and take you choice.
Thanks. I'll look in to that.
have a look at E-Metrotel they do Asterisk based devices that support all the old Nortel Norstar/BCM phones, both IP (unitstim) and the digital stuff.
Now that is interesting. I've mainly been looking at IP Office as my next step (which is what my last scratch build got), whereas in theory this should just bolt up instead of the current installs.
For Asterisk you can get PCI(e)-cards with "analogue" ports.
Might be worth investigating HomePlug over Twisted Pair? That allows you to use phone wire to extend a network. Not cheap, but a single pair to a remote building could actually drive several IP phones.
We have internal ADSL over a single pair at other sites for 8mbit single PC network use (over about 150mtrs of phone pair), which might be cheaper than re-laying for fibre.
There are issues. The software interface is kludgy in places and not intuitive. Little things irritate me as the admin. Spent almost an hour finding where to send a config email to an end user with a 3CXPhone. However, the ability to tweak by choosing your codec, compatibility with almost every handset out there, and overall operation versus price is a good feature. It is also VLAN aware and is stable once you get it set up properly.
Can be tied into VOIP providers easily as well for decent long distance, but choose that provider wisely.
Good phone package. Suggest hiding 60% of the extension tweaks under an "Advanced" button as majority will not be used by average user.
What about source routing? Routing of calls, rewriting of numbers, based on which of the users is making the call?
Also, obviously, the author hasn't looked at some of the other asterisk offerings, since Kerio has been doing this in Operator for a while now (and yes, I work for Kerio for the next 2 weeks, but as an admin of an Operator box, can honestly say that there are alternatives out there that CAN be easy to use!)
That is the model name of a rather popular digger!
PBX in a Flash - an Asterisk distribution - has been rock solid for me. It's configured via a very web 1.0 GUI, but it's fit for purpose - and significantly cheaper. My installation is just 4 lines / 8 extensions - but their helpful forum is full of pro's who install call centres and the like.
And learn how to use Asterisk, or its 3000 variants including the ones with nice GUI interface.
Asterisk may be complex to learn but once you're over the learning curve there is nothing stopping you from mixing it with anything and you're "vendor lock-in" free.
Damn. And until now I was pleasantly surprised that Linux zealots hadn't come out of the woodwork with this sort of immature crap.
Is the next post from this author going to re-live the joys of sendmail and postfix? Please, 1990's technology shoehorned into 2010's infrastructure.
If all it does is provide telephony services, then it's already too old. Where are the collaboration tool improvements, where are the B2B federation capabilities? If you're saving money by trying to do less, you're going to cost yourself more in the long run in terms of lost opportunities, not to mention your staff won't want to use it.
It doesn't appear to run under Linux ...
Or do away with a traditional PBX (Unless in an epic lease) and look at Cloud voice select, hosted co-location.
Ah yes, cloud-based services.
What could possibly go wrong with that ...
What about bypass
i..e. make a 999 call when the power fails
Also if you have remote sites using IP telephony on your server, when they dial 999 the BT EISEC system will show where the call is breaking out to PSTN, NOT the remote location.
for EISEC see www.sinet.bt.com/278v2p1.pdf
what's the costs of the electricity for all the POE routers and the transformers to power the phones. i.e cost of electricity for standard router vs additional cost of electricity for POE - I've never had a satisfactory answer for that
even big conventional PBXs run off a 13amp socket and transform down to 48V with hefty battery backup and bypass lines
I've been using 3CX for a few years, though I'm still on an earlier version. I found that it was simplest - though the newer versions do have blacklisting - to lock down the incoming SIP ports to the IP address of my trunk provider. At least passwords aren't defaulted to the extension number any more; that was a recipe for disaster.
I never got hacked, but I did find that the rate of attempts was way too much for the small windows box running my installation to cope with. And since I only have two channels, to replace an old ISDN2e setup, it was easiest to just limit incoming calls to the registrars, much as I'd have liked to be able to let people simply use my email address as my SIP address.
On the whole, it works, and I have various auto attendants and black/whitelists set up to ensure that I don't get pestered by telesales scum. But you do have to jump through some hoops to set up things like that, certainly in the version I'm using.
Still, it's way cheaper than having ISDN, especially as the SIP provider I'm using (Gamma Telecom) doesn't charge a monthly rental per number, just per SIP trunk channel. I've got a Fritzbox hooked up to it, providing me with two analogue ports and a DECT basestation. That gives me a link to the phone service over the ADSL line, in case the broadband fails, and also links in the entry phone - SIP entry phones are still horrifyingly expensive.
Things like that, of course, are one reason why a cloud based solution would be slightly bonkers for me - I don't want to find out that because the broadband has gone down, I no longer get notified when someone's at the front door.
So, yes, it's not bad. And when I made the switch from ISDN three years ago, I did look at Asterisk, but 3CX seemed a bit more straightforward to set up then. I'm not sure that would necessarily be the case now, however.
This restriction is configured because IIS versions installed on workstation operating systems can only serve up to 10 simultaneous HTTP requests
That should be "may only...".
I'm sure that the hardware of many MS workstations is more than capable of handling 10 simultaneous requests, but MS only allows you to have up to 10.
It needs a Windows server set up... which, unless you already have one, is comparatively hard to set up and maintain. After all there is no central update mechanism.
If you've got the hang of it, configuring an Asterisk server is very straightforward, particularly if you want to do slightly unusual things. It's a far cry from the unusable GUI softwares which used to keep you from configuring your PBX in the 1990s.
You're obviously not experienced in managing Windows Servers then.
I can deploy a Windows Server VM in a matter of minutes. Ready configured with central update management (we use SCCM, but WSUS is also available for free). Managing a Windows Server is not hard. It isn't 1999 any more.
By comparison to setting up Asterisk, Windows is a walk in the park.
However, I do run an Asterisk box here. Its been running happily for 5 years without issue for our 40ish extensions. But when I look at replacing it later this year, 3CX is a serious contender.
"Cost: Pricing is based on the number of concurrent calls and includes one year's maintenance. It starts at four concurrent calls for €395 and scales to 1,024 concurrent calls at €34,995."
Whereas Asterix is FREE!!
I won't be buying.
Free is speech, not beer. We do have to be fair to Windows, so let's overengineer a ROFLscale Asterisk PBX for comparison's sake.
First, a Digium-supported Asterisk installation at $11k for a three-year term. Since that's a five-server support agreement, we'll make this a three-system cluster just because we can. And since we're doing the support-contract route, that's three entitlements for RHEL at $800/ea/year ($7200 for three years). Buy the hardware; tart up some R720s with crazy RAM and call that $6k each. Add a nice switch (heck, add two!), firewall, and we're still at $35kish. I'll call that a draw based on the infamous parity exchange-rate concept; if you disagree, throw in training for your PBX guy and some one-on-one time with Digium's people until the prices balance out.
Oh, wait a second... we didn't buy Windows. That'll cost you $2k for those three machines (Windows Server 2012 Standard). Whoops, now the Windows software alone is more expensive than the Linux hardware and software.
My coat? It's an OpenBSD fireman's jacket.
Some things to remember when looking at TCO:
Windows system admins are cheaper than Linux admins (at least, they are in this market). Setting up Asterisk is time consuming, and prone to errors due to the text based nature of the system (typos etc.) It requires someone who specifically knows Asterisk to do it - which is expensive, compared to 3CX which as a point and click system is easier to get up and running without specific knowledge. Many businesses have existing Windows expertise in place, so adding the new system will be slanted towards a Windows based solution.
We run an Asterisk system here, and it works flawlessly, but learning it in the first place was a heck of a lot tougher than learning how to install Windows and install 3CX.
I was under the impression that a SIP exchange was little more than a directory service. Once the call has been handed off to a client, there isn't anything "concurrent" about the call is there?
If the system is handling a thousands of concurrent calls, that might indicate something like hundreds of concurrent connections to the SIP server. Which hardly seems like it would justify even 16GB of memory?
It can, but you can also route all or some calls through the PBX. For example, it's possible for 3CX to transcode between different codecs, which may be useful for some people. And of course there are things like automated assistants, hold queues and so forth, where the PBX will be handling the call. If a call is from a SIP phone on a private network range to something outside, it's also going to have to do some fiddling around to direct traffic appropriately.
There's an explanation of the different ways it can work at http://www.3cx.com/blog/docs/media-server/
I have been using 3CX for the past 6 years, It has come a long way since. We have recently moved on to the new V12 which is very stable and easy to operate. So if you are considering a new IP based pbx, or contemplating a move from an existing one, then you should surely consider trying out 3CX. I believe there is a free version and a Demo version too, so you can try before you buy.
Go for 3CX, you will not regret it
There are some great alternatives to the product mentioned in this advertorial.
The FreePBX distro runs great as a virtual appliance or on dedicated hardware
Or Kerio Operator
Dave - thanks for the shout out to Asterisk! One thing to keep in mind is that Asterisk is not really a PBX like 3CX, Asterisk is a communications engine and a developer platform. There are several free to download distributions that use Asterisk as an engine that are easy to use like Elastix, FreePBX and PBX in a Flash. Digium uses Asterisk as the core engine in its Switchvox UC product that is available as an on-premise or as a service in the cloud. Switchvox has actually won awards for it's attractive user interface and ease of use. Also because Swittchvox uses open source Asterisk as its engine it is very cost competitive compared to other full featured UC offerings.
Biting the hand that feeds IT © 1998–2018