Consider Gerard Gouillou's position. The general manager and chief information officer of the Federation Internationale de Football Association (FIFA) World Cup Association wanted a network for the 2002 FIFA World Cup finals, being held this month in Japan and Korea, that would give officials, reporters and volunteers instantaneous access to scores, statistics, player comments, real-time coverage of the games and a host of systems to manage games logistics.

The task for Gouillou was daunting--40,000 connections between 20 stadiums, international media centers and headquarters in both Korea and Japan; 10,000 data and communications devices online; 5,000 miles of structured cabling; more than 200 access point routers; 150 separate WAN connections; more than 100 data networking switches; and 25 communications servers with Internet protocol communications.

Not all communications projects are so large, of course. Experio Solutions IT Director Michael Shisko, for example, needed a system to connect 800 employees in 18 offices, after his company had been acquired by Hitachi. Experio Solutions needed to establish new offices across the U.S. with, of course, a new network and a new phone system.

Such challenges face many enterprises upgrading communications networks, integrating with other networks or considering new voice capabilities. How much will a project cost? What will the configuration of PBX, Key and Centrex systems look like as deployment plans are initiated? Should one of the new IP-PBXs be considered?

A growing number of those organizations, such as FIFA, Experio in Dallas and Jackson State University in Jackson, MS, are choosing voice over Internet protocol (VoIP) solutions. Others, like Spokane School District 81 in Washington state, are opting for approaches like time-division multiplexing over IP (TDMoIP) gateways. Whatever the choice, flexibility and cost savings are at the top of the list of requirements.

GIVING SOCCER A BOOT

The converged network that was installed and turned up for the FIFA World Cup tournament marks the first time FIFA has used VoIP at an event. It was also the first time a communications network was required to support simultaneous FIFA World Cup matches in two countries. The network, designed and built by Avaya Inc., Basking Ridge, NJ, is among the world's largest.

The network was installed to handle FIFA World Cup systems for scheduling games and notifying teams, reviewing and accrediting participants, collating and reporting game results, tracking materials inventory, scheduling and confirming accommodations and transportation, and tracking and maintaining security systems.

"From the beginning of the project, every communication connection and computer hookup was a test of the team's expertise," says Gouillou. "Our objective was always to make the 2002 FIFA World Cup a technology benchmark for future world-class sporting events."

Avaya integrated its products and services with several other FIFA World Cup technology sponsors, including Toshiba computers and servers, and Fuji Xerox computer peripherals. NTT and Korea Telecomm provided network services and wide-area connectivity in Japan and Korea, respectively. Calls on the network within Japan will be VoIP, with traffic destined for Korea traveling over a 4.2-Mbps link. On the Korean side, traffic uses frame relay and is converted to the public switched network.

Given that the network had to serve several FIFA venues in two countries with significantly different communication standards and levels of service, connectivity between tournament sites was always a major challenge, says Gouillou. In addition to fiber-optic cabling between most sites and public network fiber rings, the World Cup network includes:

* all cabling in two media centers, one each in Korea and Japan, including the installation of Avaya's SYSTIMAX structured cabling with LazrSPEED and iPatch cable racks, and iPatch system-management software and alarming;

* installation and support of LAN cabling in each of 10 stadiums in Korea and Japan;

* installation of fully redundant Avaya DEFINITY G3 Enterprise Communications Servers to replace other-vendor voice systems in each of 10 stadiums, and in the Korean media center; and

* the provisioning of digital, analog and IP telephones for use around the World Cup site.

PRESS-FRIENDLY NETWORK

At the core of the network, Avaya specified its Enterprise Class Internet Protocol Solutions portfolio of IP telephony and multiservice networking products, applications and services. The systems allow the more than 15,000 reporters covering the events to dial into the FIFA network from anywhere around the game sites, and turn their laptop computers into virtual telephones. The writers are also able to use Avaya IP telephones provided on site to transmit their stories, manage their e-mail and faxes, and simultaneously talk to their editors--all over a single wired or wireless connection.

The solution was designed to break down traditional barriers between IP and circuit-switched communication, delivering a product that provided traditional phone features, while still lowering long-distance expenses.

The 2002 event is the first-ever FIFA World Cup at which reporters can use wireless LAN technology to access the Internet via laptop PCs. Avaya provided wireless LANs in both major media centers, as well as in all FIFA remote headquarters facilities in Seoul and Tokyo. The most unique feature of the network, according to Gouillou, is the voice-over-IP technology for all long-distance calls and many local calls through the WAN.

FIFA also provided all users with IP soft phones or hard phones to connect to the network. The soft phones work through PC software over either a wired or wireless connection. The hard phones operate just like a regular wired desktop phone.

To assure compatibility and reliability of the different systems, virtual private networks (VPNs) were designed to regulate and manage network access. Five VPNs for different user groups within the end-to-end network were installed. Since two countries are hosting the finals, Avaya also installed GigaSPEED cabling and optical fiber, along with its Cajun backbone data switches.

Gouillou also wanted an equally significant level of on-site services. This included deployment, maintenance and management of all data systems for principal applications in both countries. A series of network backbone switches and servers were used, as well as Avaya wireless access point servers and firewalls for security.

During the tournament competition, Avaya is providing network management services from central locations in Japan and Korea. In addition, the company and its business partners are providing all maintenance support.

"The technology challenge has been significant for all of us," Gouillou notes, "but the complexity of the project has also made finding the right solution that much more gratifying. By working closely together, we have designed a network that is meeting virtually every anticipated need."

Different needs, solutions

On the other side of the globe, Experio's Shisko, Jackson State's Michael Robinson and Spokane's Dennis Schweikhardt faced different challenges. Shisko wanted a system that also would allow him to provision what he wanted, where he wanted, without compromise. Robinson, Jackson State director of communications, needed a solution that was highly scalable and easy to manage, which could provide support for remote offices and integration with existing third-party applications. Cost was a major concern for the Spokane school district where Schweikhardt is manager of technology infrastructure, but he still needed a "world-class infrastructure that connected every classroom with fiber-optic cable."

While Shisko wanted feature transparency across all sites and hoteling, as well as extension dialing to make team contact easier, he only had four IT and voice pros, and was looking for the ability to manage all sites from a single location. He would not settle for less than five 9s.

Shisko realized that in order to get 100% feature transparency and extension dialing between all of his locations with a legacy PBX system, he would need expensive high-end systems even for smaller offices. In addition, if he wanted to manage all locations from a single point, that was also an add-on, as was integrated voice mail between locations. The legacy PBX voice system (with gateways) would cost more than $1,000 per user, or about $1.1 million; with recurring costs of about $350,000 per year in management, maintenance and long distance.

Shisko checked out several IP voice providers and settled on Shoreline Communications, which was offering an IP system based on a distributed architecture built specifically for reliability and management. Call control was managed via embedded, peer-to-peer switches; and the architecture was modular, allowing for an easier build out across multiple sites without the typical site-by-site customization.

Feature transparency and extension dialing came with the system without additional charges or installation expenses. Experio could also get the IP voice administrator, and user features and applications without network upgrades or expensive phones.

Shisko's cost per user for Shoreline acquisition and installation came in under $600, or about $480,000. His annual costs are only $118,000, or about 33% of the annual cost of the legacy alternative. Total savings over five years is an estimated $1.8 million.

"You can get to the toll-bypass savings with virtually any legacy PBX gateway system," Shisko says. "It just requires a substantial outlay in time and expense. With Shoreline's systemwide routing configuration capabilities, we can accomplish substantial toll-bypass savings with minimal effort and budget."

For more information from Shoreline Communications: www.rsleads.com/206cn-259

Campus migrates to VoIP

Like many educational institutions, Jackson State University (JSU) had been using Centrex service supplied by the local carrier to connect its users--l,200 faculty and staff, and 2,500 students--on a single dialing plan with basic business phone features. Now, however, JSU--the fourth largest institution of higher learning in Mississippi--is providing VoIP services on its main campus and in three remote Jackson sites.

Although Centrex is a PBX-like service that does not require an investment in a premise-based system, JSU had no control over its voice network. JSU had to go through its Centrex service provider for simple management requests, such as moves, adds and changes (MACs).

Cost was an issue. Monthly, JSU spent $90,000 subscribing to an average of 4,000 lines with basic services. The school was charged incrementally for the basic Centrex features, like call transfer, caller ID, call pick-up and call forwarding.

The university wanted to consolidate its voice and data networks to take advantage of applications it could deploy with an all-IP voice system, and to better manage service and support issues with its limited IT staff. JSU evaluated a starter kit from Alcatel in a working environment before making the final selection.

The solution is comprised of an IP-based voice communication system, a stackable workgroup data switch and 10 desktop telephones. JSU chose Alcatel's OmniPCX 4400 for its feature set and open standards-based platform. The product provided a smooth transition for JSU by interoperating with the existing Centrex service. The solution is highly scalable and easy to manage, while providing support for remote offices and integration with existing third-party applications.

"With this deployment, IT can easily manage the voice traffic on a converged network, easily add new users to the network within a day and even administer MACs for remote sites," says Robinson.

In the past, JSU dormitory students and teaching staff had to pay an added monthly charge to the Centrex provider for such phone services as long-distance calls, voice mail and caller ID.

Using ISI's Infortel for Windows call-accounting software, which is integrated with the Alcatel product, JSU can now log all incoming, internal and outgoing calls. This feature enables JSU to provide users with the services they need, as well as monitor the usage so that users can be billed accordingly for these services.

The VoIP network at JSU is being deployed one building at a time. At the end of last year, 400 Alcatel IP phones were installed while JSU continues to transition from Centrex to Vole Robinson plans to implement quality of service to ensure prioritization of voice traffic once all 3,700 IP phones have been installed.

For more information from Alcatel: www.rsleads.com/206cn-256

An alternative to VoIP

Spokane School District 81 is the state's second largest and the first to install a Gigabit Ethernet network. The network connects 53 Spokane public schools sites at distances of up to 12.5 miles.

The fiber network supports both the voice and data needs of the district, which saves thousands of dollars a month on Centrex and frame relay services by transmitting voice and data over shared media. With the hybrid infrastructure, remote server backup times dropped from two hours to two minutes. Classes of students on computers can simultaneously access a website without undue delays.

VoIP gateways had originally been installed to move voice over the network--but introduced problems like echo, delay and PBX interface issues that slowed implementation and resulted in poor voice quality. Although the initial experience with VoIP was frustrating, the district still saw its potential.

Cost was a major concern. Because of tariff increases, the cost for voice communication alone had increased by $100,000 a year for three years. "We had to integrate our voice communications and our data, because keeping them separate was cost prohibitive," Schweikhardt says.

Capacity needed to be expanded. Some elementary schools, built around 1900, typically had only three front-office phone lines. "With about 650 students on site, you can imagine what a zoo Monday mornings were, with parents calling in and getting busy signals," offers Schweikhardt. "The high schools, which have 1,200 to 1,400 students, were even worse."

The district replaced the VoIP equipment with IPmux TDMoIP gateways from RAD Data Communications, Mahwah, NJ. The IPmux converts T-1 voice and data streams into packets for transmission over IP and Ethernet-based networks.

The IPmux units connect the PBX in each District 81 school to the central PBX for delivery of traditional voice, with centralized voice mail services, over the same IP infrastructure used for data. TDMoIP supports modems and faxes at full speed and H.320 video, ATM, frame relay and ISDN over IP, at less than one-third of the price of VoIP.

"We have costs on a par with what we were paying before," says Schweikhardt, "but with a substantial increase in capacity."

Now, students can take simultaneous Internet "field trips" to sites such as NASA and various art museums. Parental involvement increased because of the readily available opportunity for parent-teacher communication. Teacher-to-teacher communication has also been enhanced. Library performance has improved because of connectivity. A special program for hearing-impaired children facilitated by teleconferencing has been added. The district now has a phone in every classroom and an enhanced 911 emergency services capability that displays the classroom number on the receiving telephone.

For more information from RAD Data Communications: www.rsleads.com/206cn-257

RELATED ARTICLE: Avaya `scores big' through world soccer connection

Last year, Avaya became an official sponsor of the 2002 FIFA World Cup, the FIFA Women's World Cup 2003 and the 2006 FIFA World Cup tournaments. This year, the company also announced a sponsorship and technology agreement with the U.S. Soccer Federation, the governing body for the sport in the U.S.

For the Federation Internationale de Football Association (FIFA), Avaya delivered one of the world's largest voice and data networks for use by officials, referees, journalists, athletes, volunteers and other participants during this summer's games in Korea and Japan. Avaya also will provide the communications infrastructure for a new soccer facility in the U.S., and will manage the installation and ongoing maintenance of the federation's communications network.

Avaya Chairman and CEO Donald Peterson, recently named 2001 "CEO of the Year" for the enterprise market by Frost & Sullivan, led Avaya through its October 2000 launch as a fully independent company, restructured the firm for fiscal stability, invested in key growth areas and led the effort to extend market leadership by building a new, global brand.

Peterson has a B.S. degree in mechanical engineering from Worcester Polytechnic Institute and an MBA from Dartmouth College's Amos Tuck School.

For more information from Avaya: www.rsleads.com/206cn-264

RELATED ARTICLE: Ready for VoIP?

When is an organization ready for VoIP? The best way is with a phased action approach. Here is an organizational readiness checklist to consider:

* Identify and determine business functions and applications to be supported over converged data and voice networks.

* Understand the future goals of the organization, and how networking is likely to support these objectives in terms of technology for data and voice networks.

* Forecast demand and operational costs for current infrastructure, as well as anticipated costs for converged networks.

* Enable data and voice teams to understand the converged networks.

* Determine the organizational investments in terms of people, tools and processes that need to be achieved in order to support a converged network that supports corporate goals.

* Clearly identify the cost savings or cost displacement by adopting a strategy for a converged network; and identify potential risks of not moving toward a converged data and voice environment.

* Establish a clear action plan identifying steps to achieve a fully converged network infrastructure; an accurate network topology; clear documentation on all policy and procedures for the converged network; and clear implementation objectives.

* Understand how actual data infrastructure will react when VoIP calls begin to flow; the optimal system load and capacity mix for both data and VoIP; and the network typology in order to avoid using slow speed links for traffic bursts.

* Map voice network elements in detail (PBXs, number/type of circuits, voice mail and other systems), dialing plans and telephone set features that could impact VoIP service.

* Identify and document any unique voice-calling patterns or anomalies (e.g., outbound telemarketing traffic, inbound help desk calls).

* Conduct baseline tests and document the details of the following: quality of service, throughput, jitter, latency and dropped data; and a readiness assessment every year to review progress and prioritize actions.

* Compare best-in-class solutions, based on functionality, scalability and flexibility.

* Implement a training policy to keep staff current with the latest developments in VoIP and converged networks.

Regardless of the decision to implement VoIP, make sure the solution is flexible, scalable and supports multiple technologies, vendors and services. Implement VoIP only if it is going to add value to the business.

This checklist is provided by Empowered Networks, Toronto, Canada. For more information: www.rsleads.com/206cn-260

RELATED ARTICLE: A VoIP security checklist

VoIP can be implemented securely through a combination of sound security practices and the deployment of voice security technologies fluent in both the circuit-switched/TDM networks and VoIP networks. Security is required, otherwise, expected levels of quality and reliability cannot be maintained. Security requirements represent a challenge due to the inherent issues of securing services on a shared IP network.

Threats are dependent on the enterprise deployment strategy. For campus-level or internal VoIP deployments, the internal threat is not inconsequential. Threats to the existing internal circuit-switched network are significant, due to its connection to the VoIP network. If VoIP is being accepted from an untrusted IP network (e.g., a carrier network), the threats further escalate.

VoIP can suffer from a multitude of vulnerabilities, including, but not limited to: eavesdropping on conversations; denial of service (DoS) on signaling (calls are delayed/fail): DoS on media (calls are unusable); DoS against gateways and TDM trunks; call-signaling attacks against various protocols; attacks against voice mail, unified messaging and presence; toll fraud: end-user/phone call blocking; data tunneling/quality-of-service theft (tunneling data through voice calls); attacks against poor standard implementation; direct access on voice servers: and Trojan horses/root kits/Java malware on IP phones.

Following is a general template for secure migration to VoIP:

* Craft and implement voice security policies and procedures.

* Maintain strong security on all VoIP hosts.

* Harden and maintain patches for operating system on voice servers.

* Prevent any inbound/outbound VoIP for campus VoIP.

* Use existing firewalls/ID systems to highlight attempted attacks; VLANs to separate voice from other traffic; a unified management infrastructure for circuit-switched and VoIP: and authentication to exclude requests from unknown hosts.

* Avoid use of voice on shared Ethernet segments.

* Deploy circuit-switched firewalls to detect attacks from a VoIP site; dedicated VoIP firewalls to prevent attacks; a VoIP-aware firewall/ID system to monitor all untrusted VoIP traffic; dedicated VoIP firewalls/proxies in front of servers/between VLANs; VPN technology to protect voice calls over untrusted networks; and proxies to deflect DoS attacks.

* Consider host-based security for voice servers.

* Examine logs on voice servers; and integrity of files on voice servers.

This checklist is provided by SecureLogix Corp., San Antonio, TX. For more information: www.rsleads.com/206cn-261