SIP School
HomeNews & EventsSIPNOC 2018 OverviewSIPNOC 2017 Conference Schedule

SIPNOC 2017 Conference Schedule

This is an archived page that lists the Final Agenda for SIPNOC 2017. For more information about SIPNOC 2018, please visit the SIPNOC 2018 event webpage. If you have additional questions about the event, including registration and sponsorship opportunities, please contact Marc Robins at

Tuesday, November 28

8:00am-9:00am: BREAKFAST (Belmont Ballroom III and IV)

9:00am-5:00pm: SIPNOC 2017 “Wireshark for VoIP Ninjas” Training Workshop (located in Belmont Ballroom I and II)

The SIP Forum will once again offer specialized training at SIPNOC 2017 presented by the expert trainers of ECG, this year focused on learning the numerous tips and tricks of Wireshark – available to all SIPNOC 2017 “All-Access” attendees at no additional cost!

This special workshop is scheduled for Tuesday, November 28, 2017, and is designed to offer SIPNOC 2017 attendees relevant training on the SIP protocol, as well as provide insights and considerations related to a variety of technical implementations. Ultimately, the goal of these special training workshops is to help ensure that SIPNOC 2017 attendees get the most out of the technical presentations that follow over the course of the conference.

In contrast to video training and online courses available elsewhere, during the training at SIPNOC 2017 you’ll be working with experienced trainers and experts who build, improve, and debug VoIP systems every day.

The “Wireshark for VoIP Ninjas” workshop will equip you with the core and advanced skills you need to diagnose and solve the thorniest problems using the popular, open-source tool Wireshark. The course prepares to you to install and configure Wireshark to maximize your effectiveness for VoIP, creating captures, locating calls and associated media, analyzing QoS for audio and video problems, and using Wireshark’s analytics tools to find trouble spots in a busy SIP/IMS VoIP network.

This Wireshark workshop will also include:

  • Installing and Customizing Wireshark for effective VoIP Analysis
  • Understanding SIP, RTP, Fax, and T.38 DTMF
  • Finding a specific call, SIP transaction, or dialog
  • Matching a SIP call with its matching audio and video
  • Finding SIP error codes
  • Analyzing audio/video quality, and QoS marking
  • Identifying healthy RTP (SSRC, Mark, ptime, Payload Type)
  • Identifying SIP problems with SIP, NAT, DNS, routing
  • Interpreting RTP streams to identify network engineering problems
  • Finding SIP problems with I/O Graph Analysis
  • Extracting an individual VoIP phone call to a separate file
  • Removing duplicate packets
  • Introduction to tshark for Command-Line VoIP Analysis
  • Big-Data Analysis of SIP and media with tshark
  • Building a packet-capture solution for a carrier or enterprise network
  • Wireshark compared with other tools, including Empirix, HOMER, VoIPMonitor, OCOM, RADCOM, and Tektronix

An added bonus: All wireshark training workshop participants will receive a training manual with detailed notes and diagrams covering the Training topics.

12:30pm-1:45pm: LUNCH (Belmont III and IV)

7:00pm-10:00pm: SIPNOC 2017 Attendee Welcome Reception (includes dinner) in Belmont Foyer and Ballroom III and IV.

Wednesday, November 29

7:45am-8:45am: Breakfast (Belmont III and IV).

8:45am: General Session (Belmont Ballroom I and II).

8:45am-9:00am: Welcome, Introduction and Housekeeping. Richard Shockey, SIP Forum Board Chair, and Marc Robins, SIP Forum President and SIPNOC Program Chair.

9:00am-9:45am: Special SIPNOC 2017 Keynote Featuring New FCC Chief Technology Officer Dr. Eric Burger.

The FCC’s Chief Technology Officer serves as an advisor to the Chairman and as the senior technology expert in the agency.  The position is housed within the FCC’s Office of Strategic Planning and Policy Analysis.  Dr. Burger replaces Dr. Henning Schulzrinne, who returned to Columbia University.

Prior to joining the Commission, Dr. Burger served as director of the Security and Software Engineering Research Center in Washington, DC.  The center helps propose solutions to network problems like robocalling, rural call completion, accessibility of communications for Americans with hearing and speech impairments, reducing the cost of deploying and operating communications networks, and ensuring communication network security and stability.  He holds patents in telecommunications and is an expert in standards for telecommunications, network, and Internet technologies.

Dr. Burger has also held senior engineering and technology positions in various telecommunications companies and served as a technology consultant to others. He is also the Former Chairman of the SIP Forum, and he has taught computer science at Georgetown University, George Mason University, and The George Washington University.  He holds a Ph.D. in computer science from Illinois Institute of Technology, an MBA from Katholieke Universiteit Leuven in Belgium, and bachelor’s degree from Massachusetts Institute of Technology.

9:45am-10:15am: Screaming Frogs and Crawling Bots. Presented by Jon Chleboun, Member of Technical Staff, ECG.

“UserAgent: Screaming Frog SEO Spider/8.1”
“GET /dms/VVX500/user0004f28f67e3.cfg”
“GET /dms/VVX500/user0004f28f67e4.cfg”
“GET /dms/VVX500/user0004f28f67e5.cfg”

This is all that is necessary for anyone on the planet to be a major thorn in your side.
Crawling for poorly-secured device configuration files (and the SIP passwords that they contain) has become a major challenge to VoIP network admins, and one of the tougher VoIP fraud vectors to close.
Client certificate authentication offers a much more robust alternative to usernames and passwords. While it offers many advantages in security, and building it greenfield is straighforward, there are a myriad of operational challenges associated with migrating from unsecured files to client certification secured files.

10:15am-11:15am: Panel Discussion: Securing the VoIP Infrastructure. Moderator: Robert Kinder, Director, Product Development, Cox Communications, and SIP Forum Director. Panelists include Patrick Gardner, CTO, BlueAlly; Ruibing Hao, Comcast; Amitava Mukherjee, CEO, RedShift Networks; and Jon Chleboun, Member of Technical Staff, ECG.

11:15am-11:30am: Refreshment Break (Belmont Foyer).

11:30am-12:00pm: SIP Network Cyber Attacks Update. Presented by Amitava Mukherjee, CEO, RedShift Networks.

During 2016, RedShift Networks saw more than 14M attacks from SIP Global Botnets from around the world targeting global carriers. Carriers are continuing to migrate Fixed Line, Mobile, Cable and Peering networks to VoIP using the SIP protocol.  This has exposed their network to new threats and attacks from hackers, perpetrators and SIP Botnets that are constantly looking for new attack surfaces to carry out security attacks, DoS/DDoS SPIT, Identity spoofing, RoboCalls/TDoS attacks, and fraud.

SIP is now the most active vector of Cyber Attacks in Carrier networks, outpacing other common protocols like HTTP, SMPT and others protocols. Carrier’s need to become more aware of these emerging threats, the impact they may have on their business and implement stronger voice cyber security measures imposing multi-layer network defenses like that of network security postures for Data Networks.

In this talk, Amitava will speak about the increase of cyber security activity in the VoIP/SIP realm in the last year and at a technical level, highlighting specific use case examples of breaches that have been identified at different carriers around the world using a cloud analytics system with global sensors.

12:00pm-12:30pm: Let Us Not Talk Falsely Now, the Hour is Getting Late! Presented by Tom Soroka, Director Fraud Mitigation, Bandwidth.

This presentation will give an overview of several types of fraudulent traffic that traverse today’s SIP-based communications networks. The presentation will also look at what service providers can do today to help prevent and mitigate such traffic while waiting for industry-sanctioned solutions.

12:30pm-1:00pm: Private vs. Public Peering: Exploring Use Cases for Both. Presented by Ben Hedges, CEO, LINX-America.

LINX (The London Internet Exchange) is the largest member-owned Internet exchange in the world with more than 800 networks exchanging traffic across their six peering LANs including London and Ashburn, VA.

With a membership that includes hundreds of telcos, ISPs, VoIP providers and CLECs we have a unique insight into how networks use peering in different ways depending on their requirements.

The talk will focus on peering in general rather than at LINX specifically and will explore aspects such as:

  • Benefits of private peering for ITSPs (Internet Telephony Service Providers)
  • Benefits of public peering for ITSPs
  • Drawbacks of private interconnect (Cost)
  • Drawbacks of public peering (threat of DDOS attack)

1:00pm-2:15pm: LUNCH (Belmont III and IV)

2:15pm-3:45pm: SIPNOC 2017 Super-Session: Spotlight on STIR and the SHAKEN Framework. Moderator: Richard Shockey, SIP Forum Chairman and Principal, Shockey Consulting. Presenters include Chris Wendt, Principal Architect, Comcast, and SIP Forum Director; Mary Barnes, Senior Industry Relations Advisor, iconectiv and SIP Forum Director (an additional presentation by Mary Barnes); and Jim McEachern, Senior Technology Consultant, ATIS.

This special Super-session, comprised of presentations and panel discussions, will examine in detail the work and milestones of the the Network to Network Interface (NNI) Joint Task Force, a cooperative effort between the Alliance for Telecommunications Industry Solutions (ATIS) and the SIP Forum. With currently more than 150 participants, the Task Force has been meeting regularly for the past three years to define specifications to support SIP-based Service Provider to Service Provider IP Interconnection. The Task Force is comprised of telecommunications technical experts representing a range of telephony service providers and suppliers, both large and small, which serve both consumers and businesses.

To address unwanted and illegal Robocalls, ATIS and the SIP Forum have been working to develop standards to verify and authenticate caller identification for calls carried over an Internet Protocol (IP) network using the Session Initiation Protocol (SIP). The ATIS and SIP Forum SHAKEN Call Authentication Framework consists of a three-phase approach to solving the issue of caller identification, using a digital certificate scheme to “verify and authenticate caller identification for calls carried over an Internet Protocol (IP) network.”

In mid-July, the SIP Forum announced that the United States Federal Communications Commission voted 3-0 to approve an official Notice of Inquiry (WC Docket No. 17-97) seeking industry comment on the SHAKEN Call Authentication Framework.

Phase 1 consists of the development of the SHAKEN framework, based on the protocols developed by the IETF’s STIR working group (the STIR framework), and describes the operations necessary for making an authenticated telephone call using the SHAKEN framework.

Phase 2 consists of the development of a “Governance Model and Certificate Management for the Trust Anchor,” describing the way in which entities will be granted the trust necessary to vouch for call authenticity, and the organizational structures needed to manage this process. Specifically, this work introduces a governance model and defines X.509 certificate management procedures. Certificate management provides mechanisms for validation of a certificate and verification of the associated digital signature, allowing for the identification of illegitimate use of national telecommunications infrastructure.

Phase 3 consists of the development of a “Call Validation Display Framework” that will recommend how to display SHAKEN/STIR information to consumers.

3:45pm-4:00pm: Refreshment Break (Belmont Foyer).

4:00pm-4:30pm: ATIS NNI/Robocalling Test Bed Report: Presented by Ken Politz, Product Management Director, Neustar and Gary Richenaker, Principal Solutions Architect, iconectiv, and SIP Forum Director.

This session provides an overview of the ATIS Testbeds Focus Group (TFG) which identifies and supports testing initiatives to validate solutions in the all-IP migration.  Each of the key initiatives of the TFG will be summarized by one of the co-chairs followed by a more detailed presentation, given by Neustar, on the ATIS Robocalling (STIR/SHAKEN) Testbed.  Come hear an overview of this virtual industry caller authentication testbed, sponsored by ATIS and operated by Neustar.  Further, a status of testing will be provided and generalized results to date revealed.  Lastly, the session will walk through the simple steps for participating if your company is interested.

4:30pm-5:00pm: Software Defined WAN (How I learned to Stop Worrying and Love the Last Mile). Presented by David Hiers, Network Engineer, CDK.

CDK’s hosted IP telephony services have traditionally relied on expensive, QOS-enabled T1 circuits. However, our customers are increasingly expressing a desire to replace expensive, low-bandwidth, reliable WAN links with inexpensive, high-bandwidth, less reliable Internet links.
This presentation describes how CDK uses SDWAN technology to mitigate the risks of generic Internet services while maintaining or improving the quality of our VOIP service.

5:00pm-5:30pm: Voice Network Syndication and Multi-Tenant Architecture. Presented by Satish Sampangiramiah, Senior Principal Architect, Comcast.

How about Telephony service providers hosting other service providers on their network ?
Hosted solutions have been pretty common in the IT industry. But hosting telephony services for other providers is a relatively newer concept.
Comcast is currently in a joint technical trial with multiple service providers hosting our network for those providers to leverage our hosted network to provide service to their subscribers.
How has COMCAST designed the entire architecture to treat each tenant/provider separately? How is COMCAST going to route these calls differently and uniquely for each provider?
This presentation details the COMCAST multi-tenant solution, including access network solutions as well as detailed routing designs that allows COMCAST to route calls from each tenant uniquely.

7:00pm-10:00pm: SIPNOC 2017 Beer and Gear Networking Reception and Attendee Dinner in Belmont Foyer and Ballroom III and IV.

7:30pm-8:30pm: BoF Time

8:30pm-9:30pm: BoF Time

Thursday, November 30

8:00am-9:00am: Breakfast (Belmont III and IV)

9:00am: Day 2 General Session Begins in Belmont Ballroom I and II.

9:00am-9:30am: Evolution of IoT and the Role of VoLTE over Various Access Technologies (LTE, LTE-M). Presented by Manpreet Singh, Director Signaling and IP Architecture and Innovations Engineering, iBasis.

Currently, IoT ( internet of things ) is the new buzzword in the industry where the the day to day devices have the ability to send and receive and act on it.
Some of the most common use cases are in connected cars for telematics and in-car WiFi, connected traffic signals, connected water meters, etc. While these are very data centric applications, voice still plays a big role in enabling some of these services. These connected devices uses mobile network packet switch backbone for data and voice support. LTE and LTE-M are some of the transport networks where these devices sit on. Newer IoT devices have special chip set to support LTE-M network especially battery usage is a big deal.

Voice on connected devices is pretty much supported by Volte (SIP over IMS using Mobile transport backbone):

  • Local breakout is used for voice where possible in case of roaming IoT devices
  • S8/HR is used when there no LBO model is supported
  • Devices have the full SIP stack supporting voice

Companies like AT&T, Verizon have already demonstrated this and chipset vendors are already supporting this.

In this presentation we will discuss the the background of IoT, use cases for data, transport networks where these services run, use of E-SIM and also support for Voice via VoLTE.

9:30am-10:00am: An Overview of SIPconnect 2.0. Presented by Andrew Hutton, Distinguished Expert, ATOS, and SIP Forum Director.

The SIP Forum reached an important milestone by formally ratifying Version 2.0 of the SIPconnect Technical Recommendation on November 28, 2016, with the unanimous approval of the SIP Forum Board of Directors.

The SIPconnect 2.0 Technical Recommendation is a profile of the Session Initiation Protocol (SIP) and related media aspects that enables direct connectivity between a SIP-enabled Service Provider Network and a SIP-enabled Enterprise Network. It specifies the minimal set of IETF and ITU-T standards that must be supported, provides precise guidance in the areas where the standards leave multiple implementation options, and specifies a minimal set of capabilities that should be supported by the Service Provider and Enterprise Networks.

This presentation will step SIPNOC 2017 attendees through the ratified Recommendation, examining the ways in which SIPconnect 2.0 effectively extends SIPconnect 1.1. Where SIPconnect 1.0, and 1.1 focused primarily on basic network registration, identity/privacy management, call originations, call terminations, and advanced services, the 2.0 version adds additional guidance on Security, Emergency Calling, and IPv6.

Where appropriate, recommendations from SIPconnect 1.1 have been left unchanged, although some modifications to prior recommendations have been made based on experience and feedback gathered through adoption of SIPconnect 1.1 in the industry.

10:00am-10:30am: SIPconnect Certification Testing Program Update. Presented by Robert Kinder, Director, Product Development, Cox Communications, and SIP Forum Director; Tim Carlin, Project Leader, UNH-IOL; and Marc Robins, President and Managing Director, SIP Forum.

This session will provide an overview of the recently launched SIPconnect 1.1 Certification Testing Program by the SIP Forum and the UNH-IOL. In addition, the session will provide a step-by-step review of the process prospective participating companies will encounter when they sign up for the program.

10:30am-10:45am: Refreshment Break (Belmont Foyer)

10:45am-11:15pm: SIPconnect 3.0 and the Impact of the SHAKEN Call Authentication Framework on the Enterprise. Presented by Richard Shockey, SIP Forum Chair and Principal, Shockey Consulting.

11:15am-11:45am: Measuring Quality is One Thing, Trusting Our Measurements is Another. Presented by Russ Penar, Principal Service Engineer, Microsoft.

Measuring voice quality and mapping that to a user’s experience is hard; just getting consensus on what metrics to use and the corresponding thresholds can end friendships. Once you’re ready to measure, and away from the homogeny of a laboratory or single vendor ecosystem, you start finding false positives and unexpected circumstances making the quality measurements non-actionable for support teams and customers. Should you have known this was coming?

This presentation provides cases studies from a journey towards getting telemetry ‘right’ for VoIP services when end to end path traverses more than one service/operator network, RTP/RTCP aren’t uniformly handled across providers, media testing/scoring system hiccups are common (e.g. POLQA reference audio with silence periods traversing networks with comfort noise enabled), proprietary metrics are in play, and so on.

The presentation also surfaces debate points on how to ‘best’ monitor service (media) quality; e.g. Transcoding at the edge cleans up metrics with more granular control and reduced surface area, however it also degrades the end user experience by introducing latency.

The content is meant to help others plan for these pitfalls and generate conversation on some of the debate points surfaced.

11:45am-12:15pm: National Number Portability (NNP): The Effects on Call Routing. Presented by Richard Shockey, SIP Forum Chairman and Principal, Shockey Consulting; and Gary Richenaker, Principal Solutions Architect, iconectiv, and SIP Forum Director.

Individuals and businesses value their telephone numbers and the ability to keep them – whether changing service providers, moving from one neighborhood to another, or relocating across the country. The FCC is going to issue a Notice of Proposed Rulemaking (Notice) and Notice of Inquiry (NOI) on how best to move toward complete nationwide number portability (NNP) to promote competition between all service providers and to encourage the efficient routing of calls throughout the network. The FCC wants to remove the Commission’s “N-1” requirement to allow carriers flexibility in conducting number portability database queries to promote NNP and efficient network routing and also to eliminate the Commission’s dialing parity requirement as it applies to interexchange service to remove barriers to NNP and better reflect the competitive realities of today’s marketplace.

Decisions reached on these issues will have significant impacts not only to call routing but also on non-routing issues including the issue that porting TNs out-of-state raises questions of regulatory and service provider responsibilities, liabilities, and numbering resource management.

This session will explore the current status of FCC activities, industry efforts to address the routing issues as well as a discussion on different proposed approaches for implementing Nationwide Number Portability (NNP) and their impacts.

12:15pm-1:30pm: LUNCH (Belmont III and IV).

1:30pm-2:00pm: Why Do SIP Calls Still Fail? Presented by Gernot Scheichl, VP of Support and Services, Edgewater Networks, and SIP Forum Director.

This talk will go into the SIP issues experienced in the field and examine what service providers should do to avoid them.

Real world SIP signaling examples as well as solutions to resolve and avoid the following problems will be explored:

  • Device setup issues (networking-related)
  • NAT / FWs, etc.
  • SIP device registration issues
  • SIP Call setup issues
  • SIP session time-outs
  • Code issues
  • HMR issues
  • SIP mid call issues
  • Call disconnects after 30 seconds – why?
  • User errors
  • Takes too long after number is punched in before call sets up
  • Wrong “auto” digit manipulation – e.g. to dial long distance, do I need a 1 or not?
  • What is this “+” sign for? When do I run into this issue? (mainly a SIP trunking issues)
  • SIP provider Errors
  • What tools should I use to avoid these issues?

2:00pm-2:45pm: Determining Root Cause of Voice Defects Using Different Measurement Techniques For MOS. Presented by Richard Jobson, President, Teraquant Corporation.

In a recent survey of consumers calling contact centers, * 79% said they experienced technical problems. A significant proportion experienced voice quality problems and 68% of those said it was bad enough for them to hang up. Nearly half of consumers that experienced voice quality problems felt that poor voice quality was a sign that companies didn’t really care.

Voice quality problems impact user experience, impair productivity and cause lost customers and agent churn. High definition voice when received clearly, on the other hand, enhances understanding, recognition and increases productivity. Voice quality problems have many different root causes. These include problems relating to the multimedia codec itself, the implementation of the codec on the endpoint/VoIP phone, wireless transmission problems, packet loss and jitter on the IP network itself, and problems with transcoding if used in the network path.

This presentation will equip the attendee with listening skills to shortlist potential causes of speech defects in audio recordings and also the methodology to drill down on root cause. The paper discusses standard measurement techniques [such as ‘E’ model/R Factor; PESQ and POLQA] leading to an estimate or close correlation to the subjective Mean Opinion Score [MOS].

Live audible speech files will be replayed to illustrate each category of defect and the root cause demonstrated. examples will include one-way audio; Echo; Tunnel Voice; Choppy Voice; Clipped Voice (caused by voice activation detection/VAD issues); Synthetic Voice; Underwater Voice; choked Voice caused by starved CPU & RAM on a softphone or Starved DSP resources on SBC doing transcoding and a loss of codec synchronization producing, loud squawks.

Although these audio emanations may provoke uncontrollable chuckles when heard in a test environment, they cause significant customer dissatisfaction in operations. Attendees will be empowered to flush out all such problems in their network, troubleshooting to root cause so that such problems never happen again.

* Ref: Professor Morris Pentel, chairman at Customer Experience Foundation.

2:45pm-3:30pm: An Enterprise and DHS Perspective on Voice Security. Presented by Dr. Ann Cox, Program Manager, DHS Science and Technology (S&T) Cyber Security Division (CSD); and Mark Collier, CTO, SecureLogix Corporation.

This session will provide an overview of voice security issues encountered by enterprise and government organizations. The Department of Homeland Security (DHS) Science and Technology (S&T) Cyber Security Division (CSD) is investing in research into addressing voice security issues, such as Telephony Denial of Service (TDoS) and calling number spoofing. TDoS is a flood of inbound calls, typically into a public-facing contact center, which prevents legitimate customers from receiving service. TDoS is becoming more common and like other voice attacks, made more difficult to address due to calling number spoofing.

DHS is working with SecureLogix to address this issue. SecureLogix is enhancing their existing solutions, to address more complex forms of TDoS. The approach includes an ability to analyze call data in real-time and determine if calls are legitimate or malicious. This is work is focused on high capacity environments such as the largest bank contact centers in the county, as well as NG911, which has unique requirements.

DHS is also investing in addressing the calling number spoofing (and lack of authentication issue). Calling number spoofing makes all inbound voice attacks more difficult to address, including TDoS, robocalls, impersonations scams, and financial fraud. SecureLogix is addressing this issue by building a cloud-based spoofing/authentication server, which uses a variety of techniques to determine if the calling number for a call is spoofed or authentic. This server uses a number of proprietary techniques, use of proprietary information from service providers, Do-Not-Originate (DNO) concepts, and use of STIR/SHAKEN in the future.

DHS and SecureLogix are validating the research through formal pilot deployments at Greater Harris County (Houston) 911 and Palm Beach County 911. We are also executing a pilot with a very large bank. The goal of these pilots is to validate our approach for TDoS mitigation and tailor it to the specific requirements of these environments.

3:30pm-4:00pm: Capstone and Conclusion to SIPNOC 2017.