1. Nadi, Fiji, 4 – 6 July 2011 eGovernment IP Telephony Experience in Korea JayH Kim, Xener Systems ITU-T Workshop on Bridging the Standardization Gap and Interactive Training Session (Nadi, Fiji, 4 – 6 July 2011 )

2. Copyright © 2009 Xener Systems, Inc. All Rights Reserved. Contents 1.Introduction to Korean e-Gov. IPT Project 2.Guidelines of Korea Governments IPT IP Telephony & Unified Communication 2

3. Introduction Korean E-Gov. IP Telephony Project IP Telephony & Unified Communication Copyright © 2011 Xener Systems, Inc. All Rights Reserved. 3

4. 4 Source of Article: http://unpan.org/Library/MajorPublications/DELUNEGovernmentSurvey/PublicEGovernanceSurveyintheNe ws/tabid/651/mctl/ArticleView/ModuleId/1555/articleId/22303/Default.aspx South Korea ranks 1st in UN e-government survey Quoted as The countrys prize winning e-government system is expected to serve as a model for many other countries planning to establish e-government systems.

5. 5 Example of Benefits from e-Gov. Project Worlds Highest On-line survey Ratio in National Census (in 2011) On-line Participation Ratio reaches 40% 756 households out of 1,889 households across the nation 40.1% The previous world record by Canada was 18.5%(in 2006) Initial forecasting: 30% savings by 16.4 Million USD Additional savings, 2M USD, thanks to 40% participation Savings as much as 18.4 Million USD

6. Driving Forces of Gov. IPT Project Korean Governments Master plan: 20% Cut down on telecommunication cost of each person Nationwide implementation of BcN (Broadband converged Network) Keeping pace with Internet Telephony widespread Modernization of Telephony Network of Korean Gov. Take an Initiative of Being a Reference Model of Gov. IPT Korean Central Government complex IPT

7. Korea Government Efforts for e-Gov. IPT Nov. 2008: Make a guideline for adopting VoIP by government agencies Draw up a guideline to regulate the introduction of VoIP by government organizations. Define roles for each entity Service operator: Network interworking and management Gov. team in charge: regulation for VoIP introduction and usage, recommended vendors and specification Gov. organization: Budget for VoIP and implementation Dec. 2008: Plan for introduction of VoIP by Gov. organizations New-year Administrative Report to the President of Korea (2009) Feb ~ June. 2009 : Briefing Session about VoIP for Gov. agencies Explanation to Gov. agencies (2 times) to service operators (3 times) 2 3 1

8. Korea Government Efforts for e-Gov. IPT (continued) 5 7 Mar. 2009: Set up a Test Bed to experience and promote VoIP Comprehensive test in interoperability and quality and security(encryption) and standard-compliance With the group of system vendors and of service provider, respectively, July 2009: Selection of VoIP service operators who will manage and operate Gov. telephony system KT, SK Broadband, Samsung Networks, LG Dacom Aug. 2009 ~ : VoIP deployment in Central Government Complex The office of Prime minister Ministry of Legislation Ministry of Public Administration and Security Ministry of Education, Science and Technology, etc. Aug. 2009: Make a plan for long-term development of Gov. VoIP. Research on VoIP usage and VoIP in general Phased deployment plan, planning of strategic projects, and effects expected 6 4

9. 4 SPs were selected to serve government buildings with leased data lines. Government organizations can choose a serving ITSP at their discretion. KT Commercial Network IP-PBX Video phone SKBB Commercial Network LGD Commercial Network SSN Commercial Network IP network for government IPT project Interworking with VoIP Service Operators IP phones

10. Adopting TDM-free IP Telephony environment: called Pure IP PBX Serves as a foundation for future advanced services IP Contact Center(Customer Service), UC(Unified Communication) Pave the way for e-Government Goal, All-IP e-Government Quality control system ensures top-notch communication quality. World-best reliable and powerful network infrastructure: IP backbone, Soft Switch, Operators experience Adopt enhanced VoIP security with a dedicated equipment for VoIP services Trustworthy interworking with designated VoIP service operators Top Level of Telephony Quality and Security Improvement of Administrative Work Performance Benefits Gained through IPT Improvement in work efficiency and productivity on a fast network infrastructure Increased satisfaction about public service Corporate ring-back tone Click-to-call on the Web: Direct access to Call Center 1-person-1-phone: direct and fast reach to a public servant in service Open doors to the public for convenient communication channel

11. IP Telephony & Unified Communication Copyright © 2011 Xener Systems, Inc. All Rights Reserved. 11 The Guidelines Korea Governments IP Telephony

12. Guidelines for Korea Governments IPT Security Internet Telephony Security guideline supplementary service IP Telephony mutual supplementary service guideline – standard model IP telephony – public agency – standard model Usage Usage of IP telephony Design guide Design guide of government agencys IP telephony network network usage E-Gov. IPT network usage guide installation IP Telephone installation guide Operation IP Telephony Operation guide for Government Agencies

13. Key Points to be Considered Openness / Stand Compliance / Service Availability / VoIP Security IP-PBX PSTN SSW Standard Compliance interoperable with various IP phones from many vendors No proprietary specification, strict compliance with intl standards interoperable with various IP phones from many vendors No proprietary specification, strict compliance with intl standards Openness VoIP Security H.323 Num. SIP Support for standard SIP Connect Integration with the existing equipments Support for standard SIP Connect Integration with the existing equipments Secure communication and auth. VoIP network protection Secure communication and auth. VoIP network protection Service Availability Service is always available Regardless of system fault, network fault, natural disaster Service is always available Regardless of system fault, network fault, natural disaster

14. Key Points to be Considered Key Point 1 : Openness IPPBX accommodates diverse IP terminals, based on open technology and common standard. IP PBXs and IP phones should be compatible with each other, regardless of its manufacturers. a wide range of choice in IP terminals free from vendor lock-in(dependency) easy to secure compatible terminals and no worry about vendor bankruptcy a wide range of choice in IP terminals free from vendor lock-in(dependency) easy to secure compatible terminals and no worry about vendor bankruptcy IP PBX Standard SIP Protocol (RFC 3261) Vendor A Vendor B Vendor C Vendor D Vendor E Vendor F Vendor G Vendor H Vendor I Vendor J Benefit

15. Key Points to be Considered Key Point 2 : Standard Compliance IP PBX must well interoperate with not only IP phones but also Soft Switch(IPT Toll). IP Phones IP-PBX Trunk Gateway Access Gateway Analog Phones PBX ITSP PSTN SSW VoIP operator SIP protocol (standard) National standard (by Gov.) IP-PBX SSW SIP Connect (intl standard) IP-PBX IP Terminals Specification for call features SIP Protocol & Security NAT traversal needed IPT Toll (SSW) SIP SIP-connect SIP E1/T1

16. Key Points to be Considered Key Point 3 : Service Availability Data Link1 Data Link2 System Redundancy (Component Virtual IP Address) Active Standby LAN I/F Redundancy (System Virtual IP Address) Data Redundancy (Heartbeat Link) In case of system failure / network failure / power failure / natural disaster The telephone service continuity should be ensured Redundancy (system / network interface / data / power) Fallback for Power Failure / Interworking with PSTN network Redundancy (system / network interface / data / power) Fallback for Power Failure / Interworking with PSTN network PoE S/W

17. Key Points to be Considered Key Point 4 : VoIP Security Standard Recommendation for Authentication and Encryption Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005 ItemStandard Recommendation Device(Terminal) AuthenticationPKI (Public Key Infrastructure) User AuthenticationHTTP Digest (RFC 2617) Signaling Encryption Security Protocol TLS v1.2 (RFC 5246) Encryption AlgorithmInternational Standard Algorithm Key ManagementPKI Media Encryption Security Protocol sRTP (RFC 3711) Encryption AlgorithmInternational Standard Algorithm Message Authentication Code HMAC-SHA1 (RFC 2104) Key ManagementSDES (RFC 4568)

18. Introduction Model of IPT for Gov. IPT Service Infrastructure Configuration Ministry of Public Administration and Security designated National Information and Communication Service Providers. (B Group - internet service, C Group - internet telephony service) Gov. agencies use IPT service by utilizing IP infrastructure of B group providers and IPT systems of C group providers. ISP (KT) ISP (SKBB) Analog phone ITSP 1ITSP 2ITSP 3 ITSP 4 ITSP : Internet Telephony Service Provider ISP : Internet Service Provider

19. Introduction Model of IPT for Gov. 3 Introduction Models (A, B and C) Gov. agencies select appropriate model among 3 models according to the necessity and characteristics of each agency IP phone, IP PBX, TG(Trunk Gateway) Model A IP phone, IP PBX, TG(Trunk Gateway), AG(Access Gateway) Model BModel C IP phone, IP PBX, TG(Trunk Gateway) IP PBX IP phone ITSP infra F/W PSTN network ITSP infra PSTN network IP PBX IP phone Analog phone PABX F/W ITSP infra PSTN network IP PBX IP phone Analog phone F/W Replace legacy PBX and all analog phones with IPT systems Replace legacy PBX with IP PBX Maintain existing analog phones and Introduce additional IP phones Maintain legacy PBX and analog phones Introduce additional IP PBX and IP phones

20. Introduction Standards of IPT for Gov. The Standard for LAN Construction PoE switch Complying with IEEE 8.2.3af Provide electrical power to IP phone and PC through UTP cable Cabling IP Phone and PC should share one port of PoE switch. IP Phone has 2 Ethernet ports and provide port switching function. (LAN port, PC port) VLAN setting By using VLAN technology, separate Voice traffic and date traffic logically Enhanced voice quality and security Switching Function support Sharing one port (IP phone and PC) Data traffic : untagged 802.3 Voice traffic : tagged 802.1q Inline power PoE switch UPS UPS : Uninterruptible power supply PoE : Power of Ethernet

21. Introduction Standards of IPT for Gov. The Standard for WAN Construction For reliable and high quality IPT service Gov. agency should select proper voice codec and design network bandwidth properly. Codec Type Codec itself B/W Codec Payload Size of VoIP Header +Trailer (in Ethernet) VoIP Payload (IPv4) in Ethernet B/W G.71164 Kbps80 Byte 58 Byte 138 Byte 138Byte x 8 x (1000ms/10ms) = 110,400bps = 110.4Kbps G.7298 Kbps10 Byte68 Byte 68Byte x 8 x (1000ms/10ms) = 54,400bps = 54.4Kbps The Standard for System Capacity Design – IP PBX The capacity of IP PBX = The number of IP Phone users In case of subscribers growth, IP PBXs capacity should be expanded without additional H/W installation (Software-based license support) Standard for calculating network B/W

22. Introduction Standards of IPT for Gov. The Standard for System Capacity Design – Gateway Trunk Gateway port capacity [Case 1] TG directly interworks with PSTN network E1 PRI DID/DOD E1 PRI IP PBX E1 PRI DID/DOD The number of TG ports = The number of lines from telephone company Calculate the number of TG ports according to traffic volume [Case 2] Through TG, IP PBX interworks with legacy PBX Analog Gateway port capacity FXS port of AG accommodates analog phones and FAXs. The number of FXS ports of analog gateway = the number of analog phones and FAXs

23. Introduction Standards of IPT for Gov. The Standard for Integrated NMS Introduction Integrated NMS : operation and management system for IPT systems (IP PBX, IP phones, TG) For more efficient operation and reliable IPT service, introduction for NMS is recommended. The Standard for IP Phone Introduction PoE support / Menu button support / Setting through web browser support Switching function support (LAN configuration) / PSTN port support Secondary IP PBX address setting in case of system failure The Standard for Access Gateway Introduction Consist of at least one port FXS and FXO, Accommodate FAX (T.38 standard support) Secondary IP PBX address setting in case of system failure Setting through web browser support, Security standard support I-NMS Gateway IP phone IP- PBX Management Operation Monitoring IP terminal Provisioning F/W update SNMPv1/v2

24. Supplementary Services Guidelines Basic Supplementary Services [example] Supplementary services are divided into mandatory and optional services Gov. agencies should use mandatory supplementary services for cost reduction, improvement for convenience and public administration service. Other supplementary service (optional) is optionally selected and used according to characteristics and necessity. User Group Services Call Hunt Group (M) Call Blocking /Barring (O) Call Restriction by Operator (O) Malicious Call Trace (O) Multiple calls per line appearance (O) Multiple line appearance (O) One Number Multi-phone (O) Distinctive ring (O) Intercom (O) Group Call (O) Direct Inward System Access (DISA) (O) Auto Attendant (O) Subscriber Service Calling Line Identification (M) Caller ID Blocking (O) Call forward (M) Music-on-hold (M) Call park / Parked call pickup (O) Pickup (M) Call Transfer (M) Call Hold (M) Call Back Busy Subscriber (O) Wake-up Call (O) Call Intrusion (O) Call Override (O) Privacy (O) Do Not Disturb (DND) (O) The Anonymous Call Rejection (ACR) (O) M : mandatory, O : optional

25. Technology Specification and Interoperability IP PBX Interworking feature IP PBX interworks with various system and PSTN network via designated protocols Interworking systemprotocol ITSP systems SIP (RFC 3261 and Extension Method) SIP phone Authentication server LDAP or RADIUS Billing serverRADIUS or FTP NMSSNMP v1/v2/v3 Gateway SIP handling feature (for interworking with ITSP network) Register method handling / Invite method handling Authentication and encryption specification Comply with Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005

26. Technology Specification and Interoperability IP Phone Codec Audio : G.711 alaw, G.711 ulaw, G.729A, G.729B Video : H.263(mandatory), H.264(high end) over CIF, over 30 frames/second codec Negotiation feature Protocol SIP, SNMP V1, V2, V3, TLS, SRTP Authentication and encryption specification Comply with Internet Telephony Security Guideline for Government Agencies published by National Intelligence Service (NIS) in 2005 Standard for QoS Packet Delay : less than 100 ms (END to END) Jitter 10/20 ms, without Packet Loss (G.729) :R value over 70 / (G.711) : R value over 80 Call success rate : Over 97% Maintaining long call (under the condition of using CODEC G.711/729, over 12 hours Silence Suppression, VAD (voice activity detection),, CNG (Comfort Noise Generation), etc.

27. Fault Handling Plan Fault handling procedure Primary care (maintenance company) Fault handing complete & analyze Call manufacturers engineer Fault handling Fault handling complete & report Help Desk of partner Call suppliers engineer Solve the problem Suppliers engineer cant solve the problem Need Technical support Help desk can solve the problem by itself Fault Occur Report result of result of fault handling fault handling Fault Fault handling handling Report&Inspection Fault Fault notification notificationFaultdetection

28. Security Guideline for Gov. IP Telephony NIS Security Review At the planning stage, Gov. agency should take the security review by NIS Introduce security systems have CC certificate and pass the security compliance verification test. Strong Authentication and Encryption To use IPT service safely Accurate authentication and encryption for signal and voice are required. ItemStandard Recommendation Device AuthenticationPKI (Public Key Infrastructure) User AuthenticationHTTP Digest (RFC 2617) Signaling Encryption Security Protocol TLS v1.2 (RFC 5246) Encryption AlgorithmInternational Standard Algorithm Key ManagementPKI Media Encryption Security Protocol sRTP (RFC 3711) Encryption AlgorithmInternational Standard Algorithm Message Authentication Code HMAC-SHA1 (RFC 2104) Key ManagementSDES (RFC 4568) Standard Recommendation for Authentication and Encryption

29. Security Guideline for Gov. IP Telephony Security for External Section Before Providing National Information and Communication Service (C group provider) Limited internet telephony service Internal section : IPT service External section : PSTN service After Providing National Information and Communication Service (C group provider) If the National Information and Communication service provider properly apply security measures required by NIS, Gov. agencies use IPT service in all section. (internal and external ) PSTN IP phoneBusiness PC IP PBXTGW IP Network PSTN IP phoneBusiness PC IP PBX TGW Back up

30. Security Guideline for Gov. IP Telephony Voice and Data Network Separation Plan (VLAN) Integrated network have a higher risk of quality reduction /difficulty of expansion /wiretapping. Separation between voice and date network is required. Physical separation : cost rising Logical separation(VLAN) is recommended. : advanced security : high increased management efficiency Introduction of security system specialized for IPT Detecting and blocking external attack with security system specialized for internet telephony Firewall specialized for IPT Intrusion detection(protection) system specialized for IPT IPT F/W IPT IDS(IPS)

31. Security Guideline for Gov. IP Telephony Back up Configuration in Case of Failure Data Link1 Data Link2 System Redundancy (Component Virtual IP Address) Active Standby LAN I/F Redundancy (System Virtual IP Address) Data Redundancy (Heartbeat Link) 1) Active 2)Switch-over Sync. 1) Standby 3) Standby 3) Active l Automatic Fail Detection (Heart-beat Check) l Auto Switch-over (within 5 seconds) l Call Status Preservation l DB/Data Synchronization (In-memory DB) System Redundancy (Active – Standby or Active – Active) Power Redundancy Fallback for Power Failure Uninterruptible power supply(UPS) PoE(Power of Ethernet) switch IP phone supporting PoE Inline power PoE UPS

32. Introduction Standards of IPT for Gov. Alternative Routing in case of IP Network Failure In case of system failure / network failure / natural disaster Providing internal and external call for such emergency call as 119 and back up call by Interworking with PSTN network ISP ITSP 1ITSP 2 Government Office XX Back up Configuration in Case of Failure

33. All Requirement Compliant product - Xener Openness Redundancy Inter operability Inter operability Efficient Total solution Efficient Total solution Tested & Proven Solution Security (IP sec & TLS) Security (IP sec & TLS)

34. IP Telephony & Unified Communication Copyright © 2009 Xener Systems, Inc. All Rights Reserved. 34