Learning New Things At Cisco Networkers Live 2010

This week I have been attending the Cisco Networkers Live event in Barcelona. Open Text has a booth focused on the Fax & Document Distribution Group on the Solutions floor and we have had great traffic for the entire show. If you are attending the show, stop by the booth to say hello.

One of the most interesting sessions for me was about coming up with Dial Plans that work. When I cover the comparable feature in Rightfax I do it in one of two ways. Either I go in some detail of a US company and how they can benefit from the feature, or I go into minimal detail about that fictitious company and focus more on the features and options available to you inside dial plans.

This presenter spent 2 hours showing us all of the problems that can come up when you design dial plans for a large company and gave us some strategies for solving those problems. He went deep into the decision process for coming up with a solution when there was significant overlap in digits across the different offices of the company, and emergency services in different countries, and all sorts of other things. What I found most interesting wasn’t the content, but how he presented the content. They were some pretty complicated slides, but I thought they got the message across extremely well.

I think when I get back to Amsterdam on Friday I’ll have to start rethinking how I present that section of the course to cover all the problems I hadn’t thought of before. Plus I learned about an interesting way to get feedback mid-session using a giveaway. And I happened to win it: the incredibly impressive 2010 edition of the Official Cisco Dial Plan Planning Tool Set…Yes, I am still glowing.

Configuring Microsoft Exchange 2010 UM for Inbound Faxing

This week, Joshua Butcher has written up a post on Configuring Exchange 2010 UM for Inbound Faxing up on our sister blog: faxsolutions.wordpress.com. Check it out for a great article and links to two videos on the topic.

There is also a new whitepaper available on faxing from Exchange Server 2010 UM available here.

Are You Showing Your Rightfax Password to Everyone???

One of the questions that sometimes comes up in class is about the security of the network connection between FaxUtil and the Fax Server. Some companies are generally not concerned about securing the connection to the Fax Server since it is inside the firewall and the company’s employees are trusted. Other companies need to know that all communications between every individual and server is completely secured and encrypted.

Open Text Fax Server supports two methods of securing communications from FaxUtil to the Server. You can see both of these when you go into FaxUtil, close the connection, then choose to open a new connection. There is a dropdown for protocol and the two choices are TCP/IP and Secure TCP/IP.

If you choose TCP/IP, which happens to be the default, all communications between the server and the client will be over port 10520 and most of it will be sent in plain text. What does plain text mean? Well if you use a tool to view all the messages that go across the wires, you can see the plain text messages and read them without the need for any special training. Its all right there in the open.

Before you start to panic, much of the traffic over the internet is sent in plain text. You know all those messages you send to friends using MSN Messenger? Plain Text. Oh, you use AOL Messenger? Plain text again. Yahoo Messenger? Yup, plain text. In fact most of your web viewing is done in plain text. The reason why that is often the default with so many network applications is that it is simply more efficient than the alternative.

What is that alternative? Well, there are many choices when you get down to the nitty gritty details, but they are usually out of your hands. The developers of the products you use decided what was the best option. But the communication is basically just encrypted in a way that only the recipient and maybe the sender can understand it.

A couple of paragraphs ago, I mentioned that you could use a tool to see the traffic as it goes over the wires. There are several tools available, including some that cost quite a bit of money. But two of the best are both free: Wireshark and Microsoft’s Network Monitor 3. I use Wireshark a lot, especially when working with Fax over IP. You can get it from http://www.wireshark.org.

When you open up Wireshark and start what is called a trace, you will probably get overwhelmed with information. An easy way to filter this down is to type DCERPC into the filter box at the top. This will configure Wireshark to only show you the RPC messages being sent over your network. To filter it down further to only RPC messages going to and from your computer, type this into that filter textbook: dcerpc && ip.addr==10.9.8.1 (replacing 10.9.8.1 with whatever your IP address is).

I am running Wireshark from the server running the Fax Server. I have FaxUtil running on a different machine. I have one user I created with a password that is not linked to an Active Directory user. So I start up a Wireshark trace and enter my filter text. Now switching over to the FaxUtil PC, I try to start up FaxUtil and enter my credentials. Now back over in Wireshark, here is what I see about 15 lines down from the top.

I logged in as Administrator and the password is thisismypw. But you knew that because you can see that plainly in the trace. Kind of scary, isn’t it?

There are two easy fixes for this. First you can switch over to using Secure TCP/IP from FaxUtil. This will encrypt the messages between the server and the client and use port 10521. Here is the comparable packet after turning on Secure TCP/IP. There is no way I can read that and I am pretty sure you cannot read it either.

So why don’t we encrypt all communications by default? If its so easy to make these communications completely unreadable, surely there must be a reason not to encrypt it all. Well, there is a bit of a reason. It adds a bit of overhead on the network. In a brief test while writing this post, I saw that the overhead was about 20 percent. For some bandwidth deprived networks, 20% overhead may be a bit too much. But if you have the bandwidth and you don’t have users linked from AD, then definitely turn on that feature.

I mentioned there were two ways to configure Rightfax to not send passwords in plain text. The first is Secure TCP/IP. The other is to link your users to Active Directory. This bypasses the need to transmit passwords completely. Instead, we are able to see who you are logged in to your Windows client as. If you were able to log in to Windows, then we make the reasonable assumption that you must be that person. If that person is linked to a specific Rightfax user, then it is that user’s mailbox you will see in FaxUtil. There is no 20% overhead in network bandwitch and no passwords are sent in plain text.

Those are your options for securing communications between FaxUtil and the Fax Server. I hope you found this useful and if you have any other ideas for future post, let me know with a comment to this blog. You can also reach me on Twitter where I am technovangelist.

Synchronizing Multiple Groups of Users into RightFax

I remember a few years ago, a student in New Zealand asked me if I could help them with a bizarre request. They needed to have several groups of users in the organization with different fax settings. Now that’s not all that weird on its own, but they wanted all those settings to apply automatically as soon as a new employee started working at the company. Since then, I received similar questions from students around Asia, Europe and every where else I deliver trainings. It’s a common request and it seems that many people don’t know that what they are asking is a built in feature of RightFax.

The magic of that functionality happens in the module called the Captaris Sync Module.  Its really pretty easy to set up and once initially configured, it just works without much additional involvement. The step that most people don’t realize is possible is that you can create multiple groups of synchronized users.

Before I show you how to set this up, let me show you a portion of my Active Directory. In the screenshot on the left, you can see an organizational unit I created call AllUsers. Within that OU, I have other OUs for It, Marketing, and Sales. Each of those OUs have a couple a users defined. What I want to do is set up synchronization so that the users in each OU get a different cover sheet, general fax number, and other settings.

Back on my RightFax server, I have double-clicked on the Sync Module in my list of services in Enterprise Fax Manager. That brings up the configuration dialog shown here. When you click the Sources & Destinations button, you can enter each place you want to grab users from, and where you want them to go to. At first it seems that this has a bit of unnecessary overhead, since it may seem obvious that you want to bring users from AD to Fax Server. But the fact that you have to specify this allows you to create multiple synchronization groups.

I’ll create two sources and two destinations, entering a name Sales and Marketing for each pair. The result can be seen in the Sync Sources and Destinations window shown on the left. When you create these, you’ll see that you can also create LDAP sources. LDAP, in case you aren’t familiar with it, is an industry standard directory server technology that many companies have implemented. In fact, Active Directory is also an LDAP server, but as with most standards, they look better on paper than in real life. Although it’s a ‘standard’, most LDAP providers don’t actually agree on how to implement the technology. The flavor of LDAP that we are tuned to out of the box is Lotus Notes LDAP, but its easy to tweak that if you are familiar with LDAP.

Once you have your sources defined, you create a mapping that tells the Sync Module which source and destination to use together. I’ll link the two Marketing items together, as well as the two Sales items. Click on Browse to show the different types of mappings we support out of the box. To tweak one of the mappings, you can use a text editor to modify the XSL file. There is an option on that dialog to set your schedule. For this environment, I am choosing Continuously. You should experiment in your environment to see what works best for you. The current synchronization tool is much more efficient than previous versions, but depending on the hardware used, number of users in your AD, and other factors, you may have to limit your schedule a bit. After you add your two pairs of mappings, you’ll see them listed under mappings and you’ll see two new tabs for each pair.

  When I go to the AD – Marketing tab, I can choose which users I want to bring over. I want to make sure I specify that only the Marketing OU is going to be synched. In my AD, I have 2 users per OU, but in a real-world OU, its not unusual to have hundreds or maybe thousands of users in an OU. Lets say that you have 100 users in Marketing. Half of the users are on Exchange 2010, and the other half are Lotus Notes clients. You could have a group called Exchange users, then choose to include that group or exclude it. If you choose to Include or Exclude groups, make sure that the groups have the users as direct members. We won’t see users that are members of sub-groups.

Now switch to the corresponding RF tab, and fill in the Rightfax server to add users to. You also want to an administrator to use to create the new users. On the Users tab under RF-Marketing is where the real magic is configured. When you create users in EFM, they will be created based on the Default user template. But in the sync module, they can be created based on any user you choose. I created a Marketing Default as well as a Sales Default. Each of these default users have different cover sheets defined as well as other settings such as permissions.

Now click OK and within a few seconds, I see new users showing up in EFM. If you go to edit those users, you will find the cover sheet and other settings have all been configured as you expected.

I don’t know of a limit to the number of pairs you can have in this tool but you probably won’t reach it. This can be a very useful tool to use in many different implementations of RightFax and I look forward to hearing about how you are using it at your company.

FXS / FXO FX..huh?

When I first started learning about Voice over IP (VoIP) and Fax over IP (FoIP) I kept on running into the terms FXS and FXO. I would search on Google to learn all I could about these terms but it seemed the more I read the less I understood. As a result I think it might be worthwhile to discuss how these interfaces are used and their relevance to an Open Text Fax Server implementation.

Why should we care about FXS and FXO in the first place? If you have looked at media gateways to install in your VoIP network you know that they will probably have a T1, E1, BRI, FXS, or FXO interface. These interfaces are used to bridge between your IP network and the PSTN. Most of us have heard and dealt with T1, E1, and BRI but may never have heard of FXS, FXO. While you may not have heard of these interfaces we use them every day.

Let’s start with FXS. FXS stands for Foreign eXchange Subscriber and in the simplest sense is the jack on the wall you plug your phone into. When we plug an analog phone into an FXS port we should hear dial tone when we pick up the receiver. That is because we will receive battery. In the case of a media gateway this is where we could add an analog fax machine into our FoIP environment.  I have included a graphic to illustrate an FXS port in a VoIP environment.

So what is FXO? FXO stands for Foreign eXchange Office and is the connection between your device and the telco. If you have a media gateway with FXO ports you would connect these ports to the jack on the wall that is connected to your telephone company. You might also connect the ports to your internal PBX. The FXO ports do not supply battery. We can think of the RJ11 jack on your analog phone or fax machine as an FXO port.  I have included a graphic to illustrate how an FXO port might be utilized in a VoIP environment.

So, how specifically would FXS and FXO ports be utilized in an Open Text Fax Server environment? If you have analog phone lines and wished to utilize FoIP to send and receive your faxes you would purchase a media gateway that has FXO ports. The FXO ports would connect to your telco or PBX. When you sent a fax from the Fax Server it would connect to the media gateway via a SIP or h.323 connection. The gateway would then make a connection to the remote fax machine via the FXO port connected to your telco or PBX and the fax will be transmitted. How the fax is translated from IP packets to an analog signal is a discussion for another blog.

Fax Server Shared Services Module

Have you ever pretended to know a lot about something you only knew a little about? A few years ago a colleague was very excited about a technology called the Shared Services Module slated to ship in the next release of Open Text Fax Server, RightFax Edition. (Back then it was called Captaris RightFax). I got excited too and started telling coworkers. I actually felt pretty smart until someone asked, “Multiple servers using a single database? What does that mean exactly?”

How rude! How dare he ask me to explain what I was pretending to be able to explain. Nobody else bothered to ask. Dho!

I didn’t know how the Shared Services Module worked. I didn’t even know why people might  care about it or buy it. All I knew was that I wasn’t going to talk about it anymore until I had a better handle on it. At least not to that guy.

If you don’t necessarily fully grasp the key Shared Services Module concepts, then I hope to help you understand before you’re asked to explain. To accomplish this, I wrote a blog entry with lots of diagrams. So many pictures, in fact, that it would have taken up way too much space here.

So, this blog entry is now this video.

Feel free to make some suggestions for improving the video. Or ask follow up questions about the Shared Services Module. If I don’t know the answer, I’ll find out for you.

-billb

Are You a Technician or an Engineer?

I have been in the technical support business for almost 12 years now troubleshooting anything from operating systems, to routers, to – well, faxing. During that time, I have worked with a lot of people with various skill sets and I have determined there are basically two types of support professionals: Support Technicians and Support Engineers.

Support Technicians: Typically have a good grasp of the fundamentals, techniques and usage of a project. They are great at finding resources and providing documented solutions to issues that end users, and even administrators, may not have been able to find on their own.

Support Engineers: They are the ones who find solutions to issues that are possibly not documented at all. They must be able to take a product and reverse engineer it to determine what is really happening beneath the hood. Because of this process of dissection and analysis, they are able to develop instincts of how the product works and therefore are able to come up with creative solutions that a technician may never even consider.

Fax Flow Troubleshooting

How well do you know the Open Text Fax Server (RightFax)? The real question is – How well do you want to know it?  If you want to look under the hood and see how the parts work together, but do not have the time to become a programmer – we have the perfect course for you: Fax Flow Troubleshooting.

In the Fax Flow Troubleshooting course, we break down the processing of a faxes into stages so we can follow the faxes all the way through the fax server. We then systematically stop and start services to follow the faxes to see how they are processed and why they were processed the way that they were.

Here is a sample from the Fax Flow Troubleshooting course:

If you want to learn more about the Open Text Fax Server (RightFax) through the process of reverse engineering, but just do not have the time dig in on your own, this course is for you!

Note: The course does have a prerequisite! It is for people who are already at have at least a technician level knowledge of the fax server but want to get a better feel for how it works. For this reason, you must be certified in the Fax Server Fundamentals before you will be permitted to attend this course.

Here are the course schedules: http://www.opentext.com/2/global/services-home/ls-learning-services-home/ls-offering-captaris.htm

Mastery of the fundamental ideas of a field involves not only the grasping of general principles, but also the development of an attitude toward learning and inquiry, toward guessing and hunches, toward the possibility of solving problems on one’s own. ~ Jerome Bruner

A Career Limiting Move?

Seven years ago I was a confident and utterly bored Microsoft jock who was eager to break-free from the world of Microsoft-based computing and explore the wizard-less and GUI-free technologies that occupied the other side of the IT universe. My first step onto the other side was job at Captaris (Now OpenText) where I was hired to provide technical support for a product called RightFax (now known as Fax Server). Many of the products and technologies that RightFax integrated with (e.g., Lotus, Novell, and telephony), were for the most part, new to me and of great personal interest. However, despite my interest and eagerness to learn, I must admit that for a brief time I questioned whether trading the green fields of Microsoft for a seemingly decrepit technology (fax) was a wise career move. I mean, the most of us know that fax is on the fast track to extinction, right?

Endeavor to Persevere

The term facsimile (i.e., fax) is derived from the Latin phrase fac simile, which when loosely translated means to, ‘make a copy’. The advent of fax is traced to the year 1843 when the world’s first fax transmission took place. While the technology and protocols have changed many times since that first fax, its fundamental concept of capturing, encoding, transmitting, and receiving viable copies of documents and data remain and thus make it one of the world’s most popular (and secure) means of document delivery.

Although fax has many benefits, none are perhaps more important than its classification as a legal document. Simply put, signed documents (e.g., mortgage contracts) that are transmitted via fax are considered by most countries to be legally binding whereas documents received via e-mail are typically not. Moreover, fax provides a simple and effective means of achieving compliance with industry standards and regulatory mandates, such as Sarbanes-Oxley (SOX) and the Health Insurance Portability and Accountability Act (HIPAA).

Organizations that typically employ fax to deliver legal, contractual, or otherwise sensitive material include:

• Financial institutions
• Insurance companies
• Health organizations
• Government offices
• Law firms

In the coming months, my colleagues and I will use this blog to elaborate on this and other topics that help make fax an enduring and ever-evolving technology.

Joshua Butcher – Signing In!

Hello all, let me first say that I am excited about this blog site. We have tons of things we want to share with you about these products as well as things that have kept us sane working in the world of corporate software biz. I need to share a little bit about myself so here we go.

I have been working with the company for a little over six years now. I started out providing technical support so I have a pretty good idea what it is like to have to come up with solutions when there is nothing available. Before working at Open Text, I did technical support, and training, for Lucent Technologies as well as with Microsoft (working with Windows 95/98/XP). I am now a senior technical instructor in Tucson, AZ focusing primarily on fax servers and messaging.

I have a Bachelors in Information Technology, a Masters in Education (with an emphasis in instruction and curriculum design) and am currently working on a Masters in English (with an emphasis on professional and technical writing). As you can tell, I value education a lot and getting excited when others do too. That is why I think this blog is so important.

Stay tuned from some blogs from me soon!

Joshua

What happended to traditional classroom Technical Training?

Having survived through the global economic crisis so far, many organizations are still cutting back on operating expenses as I’m sure you can directly relate! One of the first to go was non-essential travel for the non-executive, especially if that travel is related to a technical resource spending non-billable time sitting in a multi-day technical training course. As nice as it is in the fall and winter months to spend a week in the US Southwest or US Southeast, you will most likely have a hard time justifying the travel, hotel, car, meals and training course expenses. I’m sure you’ve done the calculations. If you haven’t, check with your finance group because you can be certain they have.

With that fairly lengthy introduction and if the majority of you (our partners and customers) are faced with this challenge then how do you get the training required to do your job effectively? You still need to gain the knowledge and skills right? Isn’t technical training best delivered in a classroom setting? How can you possibly learn anything unless you can physically be in the same location? All great questions and we are here to help! We have modified our delivery approach over the past 24 months and now offer a couple of great alternatives and delivery methods to supplement traditional classroom training. It’s important to note that we do still offer classroom based courses but only in select regions so it’s important to check the schedule.

1. Virtual Classroom. There are many different names for it; Virtual classroom, Instructor online, Instructor web conference, etc… Bottom line, this is the most effective approach to bring the classroom experience to your browser and phone without the travel and related expenses. The tool we use is a proven and market leading web conference tool that has training functionality built in:

• Interact and ask questions of the Instructor as you would in class
• View the Instructor presentation and demo of a particular product function or lab exercise
• Follow along in the training manual and related materials
• Log on to an actual virtual machine instance of the software for that invaluable hands-on practice
• To access our current schedule of available Instructor delivered courses, including Virtual Classroom, go to http://www.opentext.com/2/global/services-home/ls-learning-services-home/ls-offering-captaris.htm

2. eLearning. Again, many different names; online learning, self-paced, web-based training, etc. This training is available to you on your schedule and at your pace. We manage a growing library of content that includes online courses, video instruction, downloadable materials, interactive simulations and online testing. Again, the benefit here is that it’s available to you now and at no cost!

• To access our eLearning library of courses go to www.opentextlearning.com

We are committed to developing learning content that is relevant for what you need today and delivering it in a way that will make the most impact at the lowest cost! We’re always open to your ideas and feedback and your input is greatly appreciated!

Great Learning!