The Network Alley
Networking, Cybersecurity, Certifications, etc…
Monday, July 31, 2023
The Art of Invisibility
Friday, January 27, 2023
2023 Phone System Project - Part 1
TL;DR:
My company has used an on-prem Cisco Call Manager and Unity system for years, but due to the challenges of the pandemic in 2020, we rapidly deployed Cisco Jabber to allow employees to work from home. However, the existing system had limitations and often experienced issues with call quality and dropped calls. In 2021, I began researching different options for a new phone system, comparing upgrading the current system, migrating to Zoom Phone, or migrating to Microsoft Teams Phone. Ultimately, the cost savings and simplification of Zoom One, which included both Meetings and Phone in one license, made it the preferred option over upgrading the current system or migrating to Microsoft Teams Phone.
Full story:
The company I work for has used on-prem Cisco Call Manager and Unity for years. Each office has their own voice router and local PRI telco circuit. Each office had their own set of DIDs. Each employee had an internal extension normally configured to reflect the last 4 digits of their 10 digit DID. Then the employee would be assigned a desk phone with the extension. Calls made to the extension or the DID would route directly to the employee desk phone. We forced an outbound caller ID number to be what the main line is for the employee's respective office.
Then 2020 Covid happened.
Luckily in 2017 we had upgraded our Call Manager environment to support the ability to use Cisco Jabber, a softphone that can be ran our computers and cell phones, even over the internet. When Covid struck, we had maybe less than 10 users actually using Jabber, as there wasn't much interest in it before then since everyone was in the office. I had to rapidly deploy Cisco Jabber across our couple hundred employees when lockdowns and quarantines started. This was quite a tedious task in Call Manager, but I got the whole company on Jabber in a matter of weeks. Oh I forgot, even though our Call Manager environment was ready for Jabber use, we didn't have the licensing in place for it. And Cisco looooves their licensing. That was weeks and 10's of thousands of dollars investment in licensing just to get our organization to be able to even use Jabber.
Ever since 2020, I have configured a desk phone and Jabber for each and every employee (they are seperate configurations that each take a handful of minutes). Our company has hired a large amount of people and brought on many new offices. Each new office meant a migration to a PRI telco circuit and site configuration in Call Manager. It would take sometimes 6 months or more to get a new PRI circuit in place, and many hours in Call Manager configuring the new site.
All the while, Call Manager itself would be flaky at times. The PRI circuits would be flakey or simply just go down for hours or days. We didn't have proper redundancy in place within the environment to make it so that if a site PRI went down, that the employee's phones simply routed to a different office PRI, so if a PRI went down, that whole office phone's were down. Even if they were using Cisco Jabber from home, because we had their phones route out of their office's PRI circuit. People would regularly complain of calls dropping, call quality issues, and just a general dissatisfaction with our phones.
Back to 2020. When Covid struck and I spent weeks getting our company set up on Cisco Jabber, I had mentioned that it would be a good idea to consider a cloud-based phone system instead. That way we don't have to worry about things like this. There was some push back because the perception of cloud-based phone systems was that they were only for small companies with a handful of employees, and they were generally unreliable.
In 2021 I mentioned that I wanted to do a full blown research project into what the best options would be for our organization. So at the beginning of 2022, I started the research and documenting potential costs and features of phone systems.
I landed on comparing the options of:
1. Upgrading our current phone system
2. Migrating to Zoom Phone
3. Migrating to Microsoft Teams Phone
I was really wanting to use a system that we already had in place, to reduce the friction of change to the company. We had been using Zoom for years even prior to 2020, so we were comfortable with the experience. And we had started using Teams due to Covid. Honestly, the adoption of Teams was not that great within the org. We had some occasional "all-staff" posts, and we had departmental "Teams", but I think the biggest use case for it was Chat. We even went as far as to disable Zoom Chat to make sure everyone used Teams Chat, for governance and compliance reasons, I believe.
Option 1 was upgrading our current Cisco Call Manager phone system, I knew what it would look like, because I had gone through it back in 2017. It was a massive year-long project that cost a ton of money and had a slew of VAR engineers and project managers and licening and hardware and config change. It was a nightmare. From the time we got a scope of work to the time of project close, it literally was a calendar year. And this was to go from Call Manager 8.6 to 11.5 with 2 physical servers.
I really did not want to go with option 1, and I presented the running cost of our current system since 2017, and it was very high. I will admit that most of the cost came from having individual PRI circuits at every single location, even offices with a few people in them.
Option 2 was to migrate to Zoom Phone. When I first started considering cloud-based phone systems, Zoom was not my #1 choice. I was leaning more towards Microsoft Teams. I did the reasearch anyway. Gathered how much we were already paying Zoom for Meetings, and got MSRP pricing for Zoom Phone. Right in the middle of my research, Zoom rolled out "Zoom One", which was a license type that included Meetings and Phone in one license. This immediately piqued my interest for the simplification and for the cost savings.
Option 3 was to migrate to Microsoft Teams Phone. I had originally set this out as my #1 choice. I think primarily becuase I thought "hey, we're already using Teams for chat, why not add calling to it" and because I thought it would be wayyyy cheaper than eanything else. I mean, we already had E3 licensing, it looked like a tiny add-on fee to get the phones! Well turns out that having E3 didn't mean anything regarding their phones. I even trialed an E5 license because their marketing said "phone system was included!". What a deal! Seemed like an easy sell to upgrade our licensing to E5 and get all of the other security and compliance improvements and a phone system thrown in for free!
Well, it turns out, the terminology was important here. To Microsoft, the "phone system" was essentially the equivalent to Cisco Call Manager, it doesn't do anything unless you have a connection to the PSTN. So you would still need to pay a seperate license for a "calling plan" (the connectivity to the PSTN) or get a 3rd party provider to provide your PSTN connectivity.
All of this seemed expensive, complex, and exhausting. That option #2 of "a single license for all video meetings and phones" seemed much more appealing when I started digging into the Microsoft world.
So I started leaning towards migrating to Zoom Phone. I reached out to our rep and started gathering more information about features, pricing, and what a potential roll-out would look like. I got a demo license from Zoom and started seeing what the admin side of Zoom Phone was like. It was amazingly simple, especially for someone who knows what they are doing and hoping to accomplish already. I had multiple sites, auto attendandts, and call queues set up in a very short amount of time. No consultants, engineers, or project managers. Just me and my own understanding and an easy admin interface.
I made an official pitch to have our company migrate to Zoom Phone, got a quote, and we signed the contract.
I will be working on migrating our company over to Zoom Phone office-by-office this year starting now. This is a very exciting project for me and will provide updates as I go.
Wednesday, April 6, 2022
CompTIA Security+ Certification - Part 3 (I passed!)
- Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
- Monitor and secure hybrid environments, including cloud, mobile, and IoT
- Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
- Identify, analyze, and respond to security events and incidents
Other than my experience, I relied primarily on Professor Messer's video content. I watched all of his videos over the last 6 months or so.
Dion 1: 83%, Dion 2: 79%, Dion 3: 80%, Dion 4: 78%
- I did it at a testing center to avoid the complications of testing at home.
- I skipped the Performance-Based Questions at the beginning and came back to them after the multiple-choice questions.
- There were definitely questions that I had no idea for that even after going back for review still had no clue, so I just made the best guess
- I had about 30 minutes left on the clock after reviewing everything and submitting
- I was a little anxious that I might fail, but overall felt confident
https://www.credly.com/badges/45c6eeb1-3751-4089-b0dd-46fd499d347f/public_url
(Link to Professor Messer's website: https://www.professormesser.com/)
Tuesday, February 15, 2022
Sophos Threat Response Certified Admin
I participated in the Sophos Threat Hunting Academy - Season 3, which had 5 1 hour sessions of Sophos and threat hunting training. Here is the schedule and topics:
They showed how to use the Sophos Central Live Discover feature and run queries against the machines and the stored data in Sophos Central.
They discussed other tools available in the cybersecurity industry, and also how to get training in cybersecurity using tools like "Hack The Box" and "Try Hack Me".
Overall it was very educational and was a great free resource, especially for existing Sophos Central customers.
At the end of the course, there was an exam where I passed and was given the title of "Sophos Threat Response Certified Admin".
See the certificate here: Sophos Threat Response Certificate
Here is a link to the community page to learn more:
https://community.sophos.com/intercept-x-endpoint/b/threat-hunting-academy
Tuesday, December 28, 2021
CompTIA Security+ Certification - Part 2
Tuesday, February 25, 2020
CompTIA Security+ Certification - Part 1
I took the practice exam and I got a 90% and the passing requirement was 85%!
I was surprised by this result, and have determined that I am going to study up for this exam and take it. My goal is within the next month or so.
I am primarily responsible for many of our cyber security efforts where I work (second to my manager), and I think this would be a good fit for my role.
I will report my progress through new posts.
Monday, February 10, 2020
CHI-NOG 10
Snippet from CHI-NOG's website about what it is:
CHI-NOG is the first and the only Chicago based Network Operators Groups. The group was started by network engineers and network architects to create a community, to learn from each other and meet others. We get away from our keyboards and screens to meet in person every year bringing in speakers from all over the US to learn and have a beer with them. CHI-NOG is vendor neutral so we aren’t trying to sell you anything, but you do get a pretty awesome t-shirt each year for attending.
I have attended each since CHI-NOG 07 and have always loved it. The venue is great, the speakers are great, and I always learn a lot. The vendor hall afterwards is usually small and intimate, so you can ask all the questions you want. The vendors are normally pretty laid back instead of being super sales-y.
You can find past presentation videos on YouTube here: https://www.youtube.com/user/chicagonog/videos
Here is some info on CHI-NOG 10 this year:
Venue: Holiday Inn Chicago Mart Plaza River North Hotel
Address: 350 W Mart Center Dr, Chicago, IL 60654
Date: 28 May 2020
Start: 8:00 AM
Social: 6:00 PM – 8:00 PM
More information on CHI-NOG 10: http://chinog.org/chi-nog-10/
Hope to see you there!