Background

I was recently contacted by a friend and asked for a brief write-up on my experiences with Fonality – general pros and cons, and potential security issues, as they are planing on using the Fonality/asterisk combo for a large corporate deployment. I’ve spent a considerable amount of time working with asterisk and VoIP systems in the course of the past 3 years, ranging from small & medium business solutions to call centers, and auto-dialers.

Figure 1: Proposed High-availability Fonality VoIP solution (4 - 8 PRI’s)

Pros

• Cost - The cost of the Open Source based system is minimal compared to a traditional PBX. Numbers range from 50% - 80% cost reduction.

• Ease of implementation - Fonality takes the traditional “phone guy” out of the picture. All of the initial handset configuration is handled prior to receiving any equipment. Once that is out of the way there are no more cryptic codes to manage the handsets. Almost all of the VoIP phones have a ssh and/or web management interface for configuration.

• Time to implement - Compared to a pure asterisk solution, the user interface and management portal are what you’re getting with Fonality. At the core it is pure asterisk, with a great user interface that propagates configuration changes to the servers in very little time.

• Management interface - This is where Fonality has invested a large amount of time and resources. The interface is straightforward and is very easy to get started with. It provides a pleasant alternative to manually navigating the intimidating plethora of asterisk configuration files and runtime options.

• Remote office locations - Adding additional office locations is extremely easy. Phones and server(s) can be pre-configured and drop shipped to the remote office location. Once the equipment arrives, the entire setup can be accomplished by the local Helpdesk / IT support staff and configured from corporate headquarters. The physical implementation is as simple as plugging in the server and phones and making sure the phones and server are on the correct network.

Cons

• File based configuration - The Asterisk realtime external configuration engine is only available when the configuration is stored in a database. Unfortunately, the Fonality system uses file-based configuration which does not leverage the external configuration engine thus requiring the asterisk processes to be reloaded for “some” configuration changes. In order for the system to reload there must be no active calls. This can pose a risk for large implementations requiring high-availability.

• Security - For their remote configuration needs, Fonality systems require a VPN connection to the Fonality network that bypasses most firewalls. This means that if their servers are compromised, then your network is a potential target. Lets jump straight to one of the worst case scenarios :) Depending on how skilled / motivated potential attackers are, they could theoretically record all of your phone calls and use them for any number of nefarious purposes. A majority of these issues can be mitigated by working out a custom VPN solution with Fonality (See external references for more details).

• Lack of API - Managing a large number of extensions from the browser is time- consuming and tedious. Nearly all these tasks have the potential to be automated if Fonality had an external API. The lack of API also creates additional work in managing recurring tasks that should not require an administrator’s intervention, e.g. resetting voicemail password, removal of “expired” employees, etc…

• (Semi) Black Box - Fonality’s management interface provides a limited dashboard for system statistics – aside from that, the details of what is really going on under the hood are unknown. It is, however, possible to set the root password to the Fonality systems – the Fonality folks have their own accounts to manage the system so you won’t be locking them out. They are running a slightly modified CentOS distribution. All the system logs appear in the usual places, and you can access the asterisk console for debugging if needed. It does feel a little dirty crawling around inside their system. I know it’s possible, but don’t know whether it’s condoned by Fonality.

• Configuration Limitations - The Asterisk system has thousands of features and only a subset of these are options that are exposed through the Fonality GUI.

Solutions

• Security - A hardware VPN solution – request the option of a hardware VPN tunnel in your quote. This enables you to retain control of who is on your network. If you’re paranoid, you can open it up on an as needed basis. I don’t know that Fonality will like that much but it’s your network at the end of the day. It’s still not ideal but it’s better than the Linux VPN that Fonality provides.

• Lack of API - Cobble one together that will achieve the minimal functionality desired. This suolution can be “botted” with a few perl / ruby scripts. The downside is “bot” scripts are much harder to maintain than SOAP or other well-defined interfaces.

References

• Marcelo Rodriguez - Fonality is Fine, but Worrisome
• Alec Saunders - Fonality Bitten By A Red Herring
• Chris Lyman - An Open Letter to Marcelo Rodriguez