ISI CDR Managed Services Call Detail Record Collection from Avaya Media Servers
With Avaya’s VoIP switches, the traditional method of collecting call detail records from a PBX through a serial data port is no longer used. The IP network interface has replaced the serial data port as the method of connectivity for CDR collection. As a result, ISI and buffer box manufacturers have developed support for a new method of collecting CDR from Avaya equipment like the S8700 and S8300 Media Servers.
Avaya’s Reliable Session Protocol provides the means by which an intelligent TCP/IP connection is established between the Media Server and a compatible CDR collection device over the corporate LAN or an isolated network segment often referred to as the CLAN. Through this proprietary Reliable Session Protocol, the Media Server senses the presence of the CDR collection device at a designated IP address and passes raw call detail records to the device on a real-time basis. Reliable Session Protocol ensures that CDR is buffered in the Media Server in the event of any loss of connectivity or unavailability of the collection device. To assist in detection and resolution of such outages, loss of connectivity is reported as a Media Server maintenance alarm. When connectivity is restored, a CDR session is re-established and the flow of current and any buffered CDR is resumed.
Local CDR Collection
In such applications, ISI will typically provide Reliable Session Protocol equipped buffer box hardware as the on-site CDR collection device. Unlike legacy buffer box applications, these devices interface with the Avaya Media Server using Reliable Session Protocol over the IP network. Like legacy buffer box applications, a device is required at each site, storing CDR received from the Media Server on a real-time basis until it can be transmitted to the ISI data center for processing, reporting and long term storage. ISI-provided on-site buffer box hardware is owned, maintained and, when necessary, upgraded or replaced by ISI to eliminate customer expense associated with purchase of buffer box hardware.
Secure CDR Transport
ISI utilizes secure FTP to transmit raw CDR from the on-site buffer box to the ISI data center for processing. When installed, the buffer box is connected to the customer’s local network and must be granted network access rights to allow it to initiate SFTP sessions through the corporate firewall to an ISI-hosted FTP via the public Internet or a virtual private network connection. On a regularly scheduled basis, typically once each hour, the buffer box will establish a connection to the designated ISI SFTP server, issue the assigned User ID / password and transfer stored CDR to the ISI data center. This “inside” initiated PUSH session is preferred over the alternative “outside” initiated polling session, as it is less likely to challenge corporate network security guidelines. If desired, a customer-maintained proxy server may be used to redirect SFTP sessions to the ISI SFTP server, thereby providing additional security. As SFTP transmits data in an encrypted format, this transport protocol is inherently safe for use in transport of corporate CDR over the public Internet. If desired by the customer, additional security may be gained by establishing a VPN connection between the customer network and ISI’s data center network.
ISI Process Management
After successful implementation, ISI technicians monitor polling results daily to ensure rapid detection and resolution of any problems threatening the timely and reliable collection of call detail records. This includes Media Server based difficulties such as interrupted data flow, incorrect data format or incorrect time and date information, as well as buffer box based problems.
Remote ISI Access to the CDR Collection Device
During the installation process, it is necessary for an ISI technician to remotely access the buffer box for configuration and testing. Buffer box programming is done through a password protected web browser user interface requiring some type of temporary inbound access to the buffer box IP address for ISI technicians. ISI supports two methods of remote access in an effort work with varied corporate network security policies.
- WebEx remote control session initiated through a host PC or laptop on the customer network – A host on the local network establishes a WebEx session with the ISI technician and opens up a web browser connection to the buffer box. Control is then given to the ISI technician for configuration and testing while the host monitors activities. This approach requires session initiation by an authorized local network user and provides for supervision of ISI activities if desired.
- Established direct web browser access rights for authorized ISI technicians – An ISI technician is allowed to initiate a web browser session as needed through the customer firewall to the buffer box device. This requires coordination with customer network security to open up a “pinhole” in corporate firewall rules to allow such sessions and may require issuance of a secure token or creation of a VPN tunnel between the ISI data center network and the customer network to address security concerns. This approach does not require session initiation by an authorized local network user and does not provides for supervision of ISI activities.
After initial service activation, ISI technicians will have no need to remotely access the on-site buffer box on a regular basis, however, remote access may be required from time to time for periodic account maintenance - the buffer box may require reconfiguration, firmware updates or troubleshooting. Thus, it is advisable to establish a preferred methodology and procedure for ISI remote access up front to facilitate a smooth response when remote access is needed.
Remote access is used only for ISI access to the on-site buffer box hardware user interface – remote access to the Avaya Media Server or any other device on the customer’s network is not required, is not allowed and is not possible through a remote web session to the buffer box.