Monitors network and devices for health and performance.
Detects & fixes issues with intelligent alerts and inbuilt diagnostics tools.Checks for SQLi, XSS and 4500 other web vulnerabilities.
Integrated Vulnerability Management to prioritize and manage vulnerabilities.
VoIP/ IP PBXs and Unified Communication systems have become extremely popular the past decade and are the No.1 preference when upgrading an existing or installing a new phone system. IP PBXs are based on the IP protocol allowing them to use the existing network infrastructure and deliver enhanced communication services that help organizations collaborate and communicate from anywhere in the world with minimum or no costs.
This article explains the fundamentals of IP PBX systems, how IP PBXs work, what are their critical VoIP components, explains how they can connect to the outside world and shows how companies can use their IP PBX – Unified Communications system to save costs. We also take a look at the best Free VoIP PBX systems and explain why they are suitable for any size small-to-medium organization.
Traditional, Private Branch Exchange (PBX) telephone systems have changed a lot since the spread of the internet. Slowly but surely, businesses are phasing out analogue systems and replacing them with IP PBX alternatives.
A traditional PBX system features an exchange box on the organization’s premises where analogue and digital phones connect alongside external PSTN/ISDN lines from the telecommunication company (telco). It gives the company full ownership, but is expensive to setup and most frequently requires a specialist technician to maintain, repair and make changes.
A typical Analogue-Digital PBX with phones and two ISDN PRI lines
Upgrading to support additional internal extensions would usually translate to additional hardware cards being installed in the PBX system plus more telephone cabling to accommodate the new phones. When a company reached its PBX maximum capacity (either phones or PSTN/ISDN lines) it would need to move to a larger PBX, resulting in additional costs.
IP PBXs, also known as VoIP systems or Unified Communication solutions, began penetrating the global PBX market around 2005 as they offered everything a high-end PBX offered, integrated much better with desktop applications and software (e.g outlook, CRMS etc) and supported a number of important features PBXs were not able to deliver. IP PBX and Unified Communication systems such as 3CX are able to deliver features such as:
The features offered by IP PBXs made them an increasingly popular alternative for organizations that were seeking to reduce telecommunication cost while increasing productivity and moving away from the vendor-proprietary solutions.
According to surveys made back in 2013, 96% of Australian businesses were already using IP PBXs. Today it’s clear that the solution has huge advantages. IP PBX offers businesses increased flexibility, reduced running costs, and great features, without a premium. There are so many advantages that it’s difficult for organizations to justify traditional analogue/digital PBXs. Even market leaders in the PBX market such as Siemens, Panasonic, Alcatel and others had to adapt to the rapidly changing telecommunications market and produce hybrid models that supported IP PBX features and IP phones, but these were still limited when compared with a full IP PBX solution.
When an IP PBX is installed on-site it uses the existing LAN network, resulting in low latency and less room for interference. It’s also much easier to install than other PBX systems. Network engineers and Administrators can easily configure and manage an IP PBX system as most distributions come with a simple user interface. This means system and phone settings, call routing, call reporting, bandwidth usage and other settings can be seen and configured in a simple browser window. In some cases, employees can even configure their own preferences to suit their workflow.
Once installed, an IP PBX can run on the existing network, as opposed to a whole telephone infrastructure across business premises. That means less cable management and the ability to use existing Ethernet cables, resulting in smaller starting costs. This reduction in starter costs can be even more significant if the company has multiple branches in different places. Internet Leased Lines with unlimited usage plans mean voice calls can be transmitted over WAN IP at no extra cost.
In addition, firms can use Session Initiation Protocol (SIP) trunking to reduce phone bills for most calls. Communications are routed to the Telco using a SIP trunk via the IP PBX directly or a Voice Gateway. SIP is an IP-based protocol which means the Telco can either provide a dedicated leased line directly into the organization’s premises or the customer can connect to a Telco’s SIP server via the internet. Usually main Telco lines are provided via a dedicated IP-based circuit to ensure line stability and low latency.
With SIP trunks Telco providers usually offer heavily reduced prices over traditional methods such as PSTN or ISDN circuits. This is especially true for long-distance calls, where communication can be made for a fraction of a price when compared to older digital circuits.
Savings on calls via SIP trunk providers can be so significant that many companies with old Legacy PBXs have installed an IP PBX that acts as a Voice Gateway, which routes calls to a SIP provider as shown in the diagram below:
Connecting an Analogue-Digital PBX with a SIP Provider via a Voice Gateway
In this example an IP PBX with Voice Gateway (VG) capabilities is installed at the organization. The Voice Gateway connects on one end with the Analogue - Digital PBX using an ISDN BRI interface providing up to 2 concurrent calls while at the other end it connects with a SIP provider via IP.
The SIP provider can be reached via the internet, usually using a dedicated internet connection, or even a leased line if the SIP provider has such capabilities. The Analogue - Digital PBX is then programmed to route all local and national calls via the current telco while all international calls are routed to the SIP provider via the Voice Gateway.
The organization is now able to take advantage of the low call costs offered by the SIP provider.
The digital nature of IP PBX makes it more mobile. Softphone applications support IP PBX and let users make calls over the internet from their smartphone or computer. This allows for huge portability while retaining the same extension number. Furthermore, this often comes at a flat rate, avoiding per-minute fees. Advanced Softphones support a number of great features such as call recording, caller ID choice, transfer, hold, voice mail integration, corporate directory, just to name a few.
A great example is 3CX’s Free Windows softphone, which is a great compact application under continuous development that delivers everything a mobile desktop user would need to communicate with the office and customers while on the road or working from home:
Altaro has released Altaro VM Backup V7, a faster and lighter upgrade to its flagship Hyper-V and VMware backup solution, which now supports Windows Server 2016 and includes several highly-requested features including unique Augmented Inline Deduplication technology and boot from backup.
Altaro’s unique Augmented Inline Deduplication delivers faster backups and restores on local and offsite locations by making sure that only new data is transferred to the backup or offsite location. This augmented inline deduplication technology solves a common problem found in conventional backup solutions which deduplicates data after the transfer process. With Altaro VM Backup v7, that process happens before the data is transferred. This process not only provides quicker backups, but it also reduces the amount of storage needed to store said backups significantly more than any other solution on the market today.
"Version 7 is an important milestone at Altaro” said David Vella, CEO of Altaro. "Not only does it fully support Windows Server 2016, our new and unique Augmented Inline Deduplication technology offers our customers the best storage savings in the industry"
Boot from Backup is another innovation in Altaro VM Backup V7 that enables users to instantly boot any VM version from the backup location without affecting integrity of the backup. If disaster strikes, the VM can be booted up instantly from the backup drive with minimal downtime, while the VM is restored back to the Hypervisor in the background. A simple VM reboot completes the recovery process and preserves any changes done while the VM was booted.
For more information about Altaro VM Backup V7, visit altaro.com/vm-backup
It’s hard to go to a pub, café, or hotel these days without running into public or guest WiFi. In many cases, an internet connection can feel like a necessity – keeping up with work or personal emails, arranging plans with friends, checking social media. Connecting is usually as easy as entering an email address, filling out a survey, or entering a code on a receipt.
It's an easy trap to fall into. Cellular data is expensive. In the US, 500 MB of pre-paid data costs an average of $85 US. If your contract doesn’t have a large data allowance, free WiFi is a godsend. However, that convenience comes with considerable risk to your privacy and security. If you’re not using a VPN at a public hotspot, you’re opening yourself up to all kind of malicious attacks and data interceptions such as sslstrip man-in-the-middle attack (analysed below), online activity monitoring, computer hijacking, restricted online browsing and many more serious security threats.
The biggest misconception about open WiFi is that it offers the same protection as your home network. That couldn’t be further from the truth. The annoying password on your home network does much more than keep people from connecting. It encrypts your data so that those on the outside have trouble looking in.
By nature, guest WiFi has no password. In most cases, that means no encryption. With a simple tool, anyone on the network can see which websites you’re visiting. In some cases, they can even intercept the emails you send, the files on your computer, and passwords. It doesn’t matter if you’re at a high-security airport or the coffee shop down the road.
Even when an attacker isn’t around, you’re putting trust in the security of everyone else on the network. You may have the latest version of Windows 10, but the person next to you could have no security knowledge. Some forms of malware attempt to spread themselves to other people on the network, and the user probably doesn’t even know about it.
Thankfully, wifi snooping is on the decrease thanks to SSL encryption. This web standard is spreading across all the most popular sites, and you’ll notice it by the HTTPS icon in your browser (as seen in the image on the left). It means that while someone can see the url you’re on, they can’t see your emails or the password you just typed in. Unfortunately, this won’t stop someone resourceful. In fact, SSL can be bypassed with a single method.
In 2009, security expert Moxie Marlinspike introduced sslstrip. By routing a victim’s connection through their own machine, an attacker can redirect them to the HTTP version of the page. The browser won’t even detect this and the victim has no idea what’s going on.
Representation of how an sslstrip wifi attack works
The vulnerability comes from the fact that most users don’t type in “https://” at the beginning of every url. This means that when they first connect to the site, it’s HTTP. Most websites will then redirect users to an HTTPS version, but ssltrip steps in and sends back HTTP instead. The hacker can then view all the user’s requests in plaintext, collecting whatever information he likes.
Though attackers often need specialist software and some technical knowledge, packages such as WiFi Pineapple can make so-called “man-in-the-middle” attacks relatively simple. In a few clicks, users can pretend to be a public network, routing traffic through them rather than to the router. From there, the attacker can force the user to visit websites with malware, install key loggers, and plenty of other shady things. It’s not too difficult, and with the aid of YouTube, a seven-year-old did it in eleven minutes.
In some cases, attackers don’t even need any experience to view your information. Oftentimes, users connecting to hotel WiFi forget to change Windows sharing settings. This makes it easy for anybody to view your shared files with no hacking required. Sometimes this isn’t even password protected, making it child’s play.
However, there are also tools to make more complex processes simple. In 2010, a simple browser extension called FireSheep was released. The tool lets users catch browsing cookies from any website that doesn’t use HTTPS. Though many major websites such as Facebook and Gmail are protected, smaller sites often use HTTP, and many users have the same password for multiple sites.
Firesheep Firefox extension in action
Other tools let you do the same from an Android phone or other devices. And that’s assuming you’re connecting to the right network at all. A common method of attack is to set up a fake network, or honeypot. To the untrained eye, it won’t look out of place. Often, they will make sense in the context, named Starbucks WiFi, for example. In fact, an attacker owns it, and is logging everything you do. Our article configuring Windows 8 / 8.1 as an access point is a good example that shows just how easy it is to configure your workstation into a honeypot.
The word torrenting is often viewed as synonymous with pirating. It’s seen as a shady and illegal practice, used to con hard working artists out of their money. As a result, internet service providers often blanket ban torrent websites or severely throttle downloads. If you aren’t using a VPN for torrenting, there’s a good chance you’re affected by this. However, ISPs over-arching policies can hurt users that use Peer-to-Peer (P2P) file sharing for innocent purposes.
Instead of using dedicated servers, P2P utilizes the connections of other users to distribute files. As they download a torrent, the individual also uploads a small portion for others to download. This creates an interconnected network where files are provided by many different people.
One huge example of legal P2P usage is gaming. Online games such as World of Warcraft, League of Legends, and downloads from UPlay all have a P2P option. This saves on server costs for the developers and can increase torrent speed. This can foster development for smaller, indie companies, who might not have the infrastructure for lots of servers.
Download Torrents Safely & Bypass any geo-location restrictions using ExpressVPN Client
In fact, Windows 10 even takes advantage of this method to save on bandwidth issues. The OS delivers updates in multiple parts, pulling bits from both PCs on the same network, over the internet, and Microsoft’s own data centers. This feature is turned on by default since the Windows 10 Anniversary Update in the summer of 2016.
However, more important is the role of torrenting in distributing public data. The Internet Archive caches huge amounts of websites and offers a huge variety of public domain books, TV shows, and audio recordings. The non-profit recommends the use of torrents to download its content, as it saves on bandwidth and allows it to continue its vital work.
This role extends even to government. NASA has used torrents several times in the past to distribute its findings, including this high-resolution picture of earth. The UK government has done similarly, releasing large datasets on public spending via BitTorrent.
As well as supporting government, BitTorrent is also used to oppose it. Transparency sites such as Julian Assange’s Wikileaks often release so-called ‘insurance files’ through torrents. Shortly before the leak of Hilary Clinton’s emails, the site published an 88GB, 256-AES encrypted file. This keeps the organization from being shut down – if WikiLeaks goes dark, an automated message sends out an unlock password for all the data. In previous cases, files have reached upwards of 400GB.
Despite the genuine uses of P2P, users still get attacked by copyright claimants, sometimes inaccurately. In 2015, the creators of B-movie Elf Man filed a lawsuit against hundreds of users who claimed to have never even heard of the movie. Ryan Lamberson was one of these defendants and was eventually reimbursed for $100,000 in legal fees. Closer examination of evidence revealed that the tools used by the copyright holder did not account for several shortcomings, and only tracked uploads rather than downloads.
The defense also pointed out that the primary evidence was little more than an IP address. This information came from a third-party software that connected to the BitTorrent swarm in which the files were shared. However, some torrent software allows for the spoofing of IP addresses, and the investigator failed to account for several other false positives. Because of the win, several other Elf Man cases were dropped or settled for a lower value.
Other thrown cases include the Adam Sandler movie The Cobbler, and a 53-year-old artist painter was wrongly accused of illegally downloading and sharing 18 films and TV shows. Thankfully, there is a simple way to avoid such risks.
Using a VPN for torrenting will ensure your identity remains private, not just from ISPs, but copyright claimants and government. When you connect to a VPN, all your traffic goes through a “tunnel”. The individual packets that make up your data contain information such as IP Address, protocol, and other identifying information.
Tunneling wraps those packets in others that provide extra security against prying eyes. In addition, the data is encrypted in transit, meaning ISPs, service providers and other middlemen see nothing but gibberish. Different providers use different encryption methods, the most common being IPSec, L2TP, and OpenVPN.
The benefit of this tunneling is clear. An ISP or copyright holder can only see the IP address of the VPN servers, not your own. This makes for anonymous torrenting, and they can’t see what website’s you’ve visited either. Though this might not protect you against entirely baseless accusations, it should stop you from coming under genuine suspicion.
A VPN for torrenting will also provide you with protection in other ways. To stay safe on public WiFi, they are almost essential. Without one, attackers can snoop on your online traffic, possibly recovering passwords and credit card details. You could also be vulnerable to malware on your machine and tracking from third parties.
However, not all VPNs are created equal. Though some provide anonymous torrenting and public WiFi protection, others are questionable at best. Researching hundreds of different providers can be a pain, so instead we’ve done that for you. Our network security team has produced a VPN service review of all the Best VPN Service Providers, alongside detailed feature lists.
Finally, our Begineers Guide to VPNs article aims to educate users with all the necessary information so they can fully understand how a VPN works, security features offered by the best VPN service providers, what to look for in a VPN and what to stay away from.
Encrypted communication has the add-on effect of avoiding bandwidth throttling from ISPs. As mentioned earlier, service providers inspect packets to classify different data. This lets them put a speed cap on specific mediums. This is usually done unofficially and some service providers will deny the practice despite significant data to the contrary.
Despite this, it’s becoming more and more routine for ISPs to throttle or block torrent downloads. Everything you receive goes through their servers, allowing them to analyse it with Deep Packet Inspection. This method lets the service provider look at different data packets and classify it into different categories, such as video, music, and torrents.
Bandwidth throttling can be achieved in several ways. One method is blocking router ports often used for BitTorrent. Typically, P2P downloads go through TCP ports from 6881-6889. By limiting the speed on these, an ISP can cut out a big chunk of bandwidth.
However, this method is becoming less and less popular. Increasingly, torrent clients randomize TCP ports or tell users if there are any issues. As a result, internet service providers use methods that are harder to dodge.
One such technique is called traffic shaping. The flow of certain packets is delayed in favour of others, affecting download and upload speed. This can be done as a blanket, or through intelligent burst shaping. Burst shaping increases torrent speeds for a short period, before gradually returning to a lesser speed. Thus, extended downloads such as movies, games, and streaming are slower, while web pages still load quickly.
The need for shaping comes from the limited bandwidth resources of an ISP. It lets the service provider guarantee performance to other users by reducing the effect of heavy users. Often, P2P is main target for this, and it’s easy to see why. Torrent downloads use large amounts of bandwidth and therefore cost a lot of money to sustain. In addition, companies are under a lot of legal pressure from copyright holders. By throttling, they can assure the parties that they’re doing their bit to limit the impact of pirates.
Unfortunately, it’s difficult to differentiate between legal P2P downloads and illegal ones. This means that regular users can be throttled due to blanket policies. You can check if your torrents are being throttled by running the Glasnost test. The eight-minute download will detect bandwidth throttling in the upload and download streams separately.
It was just a matter of time until the new global wave of government site blocking at the ISP level arrived in Australia. In mid-December 2016, the Federal Court ruled that Internet companies would need to block sites such as ThePirateBay, Torrentz, TorrentHound, IsoHunt and streaming service SolarMovie. Australian ISPs were given 15 days to comply with the new decision and implement different blocking mechanisms to make it more difficult for users to gain access to these sites, however, it seems like blockages were bypassed by Australian users in just a few seconds.
The deadlines for the ISPs to implement the blocking was the 31st of December so from the 1st of January 2017, access to the above mentioned sites would be denied.
Download Torrents and access restricted content safely from anywhere in the world!
Currently, when an Australian online user tries to access any of the 5 sites they are presented with the following website:
The Piratebay blocked by a large Australian ISP
Australia’s mobile network providers are also blocking access to the above sites presenting their users with a similar website.
No matter which ISP or mobile network users are coming from, they now all receive a message stating access to the selected sites is disabled.
There is a number of different ways an ISP can choose to block access to the above sites in order to comply with the Federal Court ruling. This includes blocking IP addresses, DNS blocking, URL blocking or any other method agreed mutually by the ISPs and rights holders.
At the moment Telstra, Optus and DoDo, which are amongst Australia’s largest ISPs for home, businesses and mobile users, are implementing DNS blocking. When users on their networks send a DNS request to their DNS servers they are redirected to one of the sites specifically setup for the block.
Optus DNS Blocking redirects users to a different website when trying to access ThePiratebay.org
This is also clearly evident when performing a simple nslookup query. In the example below, we queried Optus’s DNS server for www.thepiratebay.org and saw it pointed us to IP addresses 13.54.13.201 & 54.79.39.115 which do not belong to ThePirateBay:
Nslookup shows how easy it is to bypass DNS blocking and access any DNS-blocked site
After switching to Google’s public DNS servers located in the US, you’ll notice that we received different IP addresses for www.thepiratebay.org and were able to successfully access the website along with all other blocked websites.
Using a VPN Service Provider is the best, safest and fastest way to access any restricted site not only from Australia but also across the globe. When connecting to a VPN service your internet traffic is routed through the VPN server, bypassing any local geographical restrictions, blocking or checkpoints from your ISP or government.
The advantages inherent in a VPN service are many but here are some of the most important: