Best practices for VoIP disaster recovery

How modern VoIP systems work

Whereas older PBX systems used a technology called circuit switching, VoIP systems convert analog voice signals into data packets for transmission over the internet as well as within the VoIP system infrastructure. At a very general level, the VoIP system is essentially a data switch that primarily handles voice calls.

VoIP user devices look largely the same as a traditional digital desk phone, with multiple buttons for different features and an internal microphone and speaker. Features and capabilities available on a VoIP system are essentially the same as those that have been offered on digital phone systems for decades.

Most VoIP platforms offer specialized capabilities such as interactive voice response, automated attendant and contact center technology. Because VoIP systems can interface with other business systems via internet connectivity, they can add important user interface and experience capabilities.

VoIP-enabled devices connect to the internet with an assigned IP address. Connections are established by the VoIP service provider by transmitting data packets over a packet-switched network through media delivery protocols like Session Initiation Protocol (SIP). When call data packets are delivered to the receiving device, the VoIP phone converts the data packets into an audible voice.

The role of VoIP in disaster recovery

Two key benefits of VoIP technology in a disaster are its ability to enable remote working and fast resource deployment. As long as broadband connectivity is available, VoIP technology can be deployed virtually anywhere. Cloud-based vendors and MSPs that specialize in VoIP can help facilitate rapid deployments in an emergency.

VoIP systems are especially useful for technology disaster recovery and business continuity if the primary switching elements are located somewhere other than the primary business location. This mitigates the risk of losing a premises-based system physically located in a data center or a separate communications room. With the internet as the primary delivery mechanism, the switching infrastructure can be deployed anywhere.

Access to voice communications can be critical during a crisis or disaster event. Most people today have smartphones and various wireless devices readily available, which establishes an important response capability. Access to VoIP phones should also be part of a business's crisis communications strategy, assuming broadband network access is available.

The key is to define a communications strategy for each of the various business units in the company. Deployment of VoIP and wireless phones can be tailored to each business unit and blended so that loss of communications among employees is minimized. Access to dependable communications is also essential when contacting first responders, remote employees, stakeholders, vendors and other essential entities defined in DR plans.

VoIP disaster recovery best practices

Before you invest in VoIP, or if you're already using VoIP, the following tips will help you protect your investment if a disaster occurs. Several scenarios can affect a VoIP system, including cyberattacks and network congestion. When establishing a VoIP protection plan, make sure that you take the following factors into consideration.

Cyberattack

This occurs mainly in the form of DDoS attacks that can disable VoIP systems. Use the same kind of security provisions for VoIP that you would for your data network perimeter, such as firewalls and intrusion detection systems.

Quality of service (QoS)

Voice traffic is different from data traffic in that it's largely random. Data traffic is often more predictable and can be managed effectively. QoS is necessary to be sure that voice traffic is processed in the network the same way it would be in a non-IP environment. QoS issues can be exacerbated during disaster conditions since VoIP requires a constant bit rate and low latency.

From an external perspective, a complete loss of access to the internet means that the VoIP system will be disabled until internet access has been restored. Upon restoration of access to the bandwidth from a customer location to the internet, be sure to monitor VoIP and data traffic carefully to be sure that QoS has been restored.

From an internal perspective, a disruption of an internal data network that supports VoIP traffic means that VoIP will have to wait until that network is restored. While the VoIP system is disabled, mobile phones can be an effective option. In addition to running VoIP traffic on a different subnet than data traffic, you should work closely with your VoIP and network service vendors to address this issue.

Firewalls and network address translation (NAT)

A VoIP environment is a true data network, and these elements might impede call setup and degrade voice quality to unacceptable levels. VoIP firewalls are generally like other firewalls, but they can protect against threats to voice traffic as well as data traffic. Just make sure that the VoIP firewall supports the two most common VoIP protocols, H.323 and SIP. Firewalls should also support NAT.

Network congestion

Congestion can occur if external networks, such as the Public Switched Telephone Network (PSTN) or the internet, experience excessive traffic volumes. This can result from a disaster where major switching centers are damaged and data networks are inundated by extremely high traffic volumes. Check with your network providers to determine how they handle congestion and ask your VoIP vendor for suggestions.

Restricted, poisoned or unavailable DNS or DHCP

DNS resolves IP addresses and Dynamic Host Configuration Protocol (DHCP) issues. Since a VoIP system uses internet protocols, loss of access to DNS and DHCP can affect call setup and user access to VoIP systems. One way to protect these services is to install identity appliances, which increase the speed and reliability of DNS and DHCP using dedicated hardware.

Internet connectivity

Loss of internet access means that your VoIP system will be disabled. One way to address this is to have alternate access arrangements to the internet, either through a diversely routed physical path to the local carrier or satellite-based access. Contact your local carrier and ISPs for suggestions.

PSTN connectivity

Similar to the previous situation, you should consider installing network access to your local telecom service provider that is physically separate from local infrastructure. Options for this include diverse access to a fiber optic ring network, satellite-based access and line-of-sight microwave transmission from your location to a carrier's office. It might be useful to install a cell site on wheels to obtain wireless network access.

Bandwidth provisioning

Assuming that a backup VoIP capability is in place, make sure that sufficient PSTN bandwidth is available to handle the increase in traffic at the alternate site. Organizations might coordinate this with local telecom operators, wide-area network carriers or the VoIP provider.

User provisioning

Make sure that the backup VoIP arrangement is preconfigured with the current user database, which includes their service assignments. This will minimize transition time.

Database protection

The database supporting your VoIP system is critical for disaster recovery. While the database will be available on the system, be sure that your equipment vendor has a current copy and stores backup copies in a secure location.

Location and path diversity

Review external network configuration options to make sure that alternate routes are available to provide path and location diversity. Remember that it can take weeks or possibly months to install new paths after a disaster.

Carrier network disaster plans

Ask your network providers to show you how they plan to recover and restore their networks. Integrate this information into your network recovery plans.

Vendor DR capabilities

Most VoIP equipment vendors have well-defined disaster recovery service options to help minimize system downtime. Service-level agreements (SLAs) are also advisable to make sure that your system can be recovered as soon as possible.

Loss of network synchronization

Data networks require synchronization to a reputable network clocking source. Loss of synchronization, albeit an infrequent occurrence, can totally disable your system. Check with your equipment vendors and network providers to see how they will handle it.

Install equipment in secure areas

Most VoIP systems are a series of specialized servers with modules that handle stations and network connectivity. As they are typically installed in standard 19-inch racks, make sure that backup power and secure storage cabinets are provided. If you have multiple server closets, install VoIP equipment there.

VoIP vulnerabilities to know

In addition to infrastructure vulnerabilities that plague traditional telephony-based systems, VoIP-based systems have several other important risk areas that must be addressed.

Key VoIP risks include the following:

• Loss of internet access. This is an essential requirement.
• Loss of local carrier connectivity to the ISP. Unless the VoIP system uses wireless connections to the service provider, the local telephone company connection is essential.
• Network congestion in both the local network and WAN. If there is too much traffic, call completion might take more time or be unavailable.
• Loss of access to DNS and DHCP. These resources make sure that calls can be completed.
• Damage to the system database. Backup copies of the system database are an important strategy to keep systems operating.
• Loss of network synchronization. VoIP uses digital transmission, so synchronization of traffic to a secure timing source is essential for call completion.
• Loss of power. This can apply to locally deployed systems as well as VoIP service providers and network carriers.
• Disruption to VoIP service provider facilities. Disruption to a service provider's infrastructure can shut down VoIP service.
• Lack of a VoIP backup plan. Collaboration with VoIP vendors and service providers is essential to ensure that vendors can keep their systems operational.

How to incorporate VoIP into a DR plan

Communications and connectivity are two essential parts of the overall strategy when developing a disaster recovery plan. Establish a section in the plan that specifies the steps to take if the VoIP system becomes unavailable. The steps should include contacting the VoIP vendor, followed by the ISP and the local communications carrier. The VoIP vendor and ISP, if they are separate entities, should be enough to establish a help desk ticket and get an estimate of when service can be restored.

Make sure that any VoIP equipment cabinets are located in a secure data center with backup power. Only authorized personnel should have access to this area.

If you have multiple locations, all using VoIP, you can redirect your service to another location. If you have only one location, check with your equipment and network suppliers for their options.

Numerous vendor options are available for VoIP technology. These can include cloud-based vendors offering VoIP or disaster recovery as a service, traditional VoIP hardware vendors, and MSPs that handle VoIP technology.

Here are some key disaster recovery questions to address when selecting a VoIP vendor:

• How does the vendor address a VoIP system failure?
• Does the vendor ensure that copies of the VoIP system and its database are present in all nodes?
• What steps does the vendor take in assessing the outage?
• How does the vendor coordinate with network service providers?
• How does the vendor restore service?
• What inventory of VoIP hardware is available to the vendor?
• What network redirection and rerouting capabilities does the vendor have?
• What DR planning assistance is available from the vendor?
• What is the vendor's policy toward testing DR services for VoIP?
• What is the vendor's position regarding SLAs?
• How does the vendor address end-user training on the system?
• What security measures are used to prevent and mitigate cyberattacks?
• How many VoIP systems has the vendor installed?
• What disasters and service disruptions has the vendor handled for its clients?
• What were the outcomes from these events?

Paul Kirvan, FBCI, CISA, is an independent consultant and technical writer with more than 35 years of experience in business continuity, disaster recovery, resilience, cybersecurity, GRC, telecom and technical writing.