<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Please see responses below.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" style="border-collapse:collapse">
<tbody>
<tr style="height:123.1pt">
<td width="66" valign="top" style="width:49.7pt;padding:0in 0in 0in 0in;height:123.1pt">
<p class="MsoNormal"><span style="color:#1F497D"><img width="65" height="150" style="width:.677in;height:1.5625in" id="RCC.png" src="cid:image001.png@01D35175.4602F9E0" alt="https://www.redlandscc.edu/RCC.png"></span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#7F0000"><o:p></o:p></span></p>
</td>
<td valign="top" style="padding:0in 0in 0in 3.75pt;height:123.1pt">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#7F0000">Curtis R. Brabham, Jr.</span></b><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#7F0000"><br>
</span><span style="font-size:8.0pt;font-family:"Verdana",sans-serif;color:#7F0000">Chief Technology Officer<br>
Campus & Information Security<br>
Redlands Community College<br>
<a href="https://www.redlandscc.edu/"><span style="color:#7F0000">https://www.redlandscc.edu/</span></a><br>
<a href="mailto:Curtis.Brabham@redlandscc.edu"><span style="color:#7F0000">Curtis.Brabham@redlandscc.edu</span></a><br>
Office: 405.422.1449<br>
Fax: 405.422.1449<br>
1300 South Country Club Road<br>
El Reno, OK 73036-5304</span><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#7F0000"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> CoIT-Security [mailto:coit-security-bounces@lists.onenet.net]
<b>On Behalf Of </b>CoIT Security<br>
<b>Sent:</b> Friday, October 27, 2017 10:07 AM<br>
<b>To:</b> COIT Security (coit-security@lists.onenet.net) <coit-security@lists.onenet.net><br>
<b>Subject:</b> [CoIT-Security] Phone Sysstem<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Fellow IT Colleagues,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Cameron University (Lawton, OK) is seeking options to replace an aging PBX system with an IP-PBX / VOIP phone system, many things have change in the phone system world since we last considered this. If you could help us by completing
the survey questions below, that will be very helpful to us in making our decision and also letting us know what other educational facilities are using. If you have any questions, or would like to speak to me directly, my contact information is below the
survey. Thank you very much for your time! <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><b>What make/model of phone system are you currently using?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Redlands implemented a ShoreTel system in Fall 2009. We have a variety of phone models: IP115, IP230, IP565, IP655.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Note: ShoreTel was recently purchased by Mitel. I am undecided on whether or not this is good or bad. We did look at Mitel years ago when we were evaluating systems. Their product was really good from
a user standpoint, but not very friendly from an administrative standpoint. The management server would only run on Linux (not a big deal for most, but wasn’t something we wanted to entertain at the time), and most changes/programming required command-line
input. I’m sure a lot has changed in the 8-9 years since we last looked at their first-hand product.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>Is the phone system on-site or hosted?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Our system is on-premises. ShoreTel does offer a hosted solution, or a hybrid. Our on-premises setup does include the use of hardware-based VOIP switches. However, ShoreTel now offers a both a VMware and
Hyper-V virtual appliance option for the voice switches. The management server (also used for voicemail) can also be virtualized. For voice switches we have:<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">2 x ShoreTel ShoreGear 220-T1’s<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">1 x ShoreTel ShoreGear 120 (at a remote location)<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">2 x ShoreTel ShoreGear 90’s<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">1 x ShoreTel ShoreGear 90 (at a remote location)<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">3 x ShoreTel ShoreGear 24A’s<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">The number in the model is how many IP phones that switch will support. If you configure an analog extension off consume five IP phone ports (excluding on the 24A’s). One of the 220T1’s is configured for
the PRI. The PRI is also configured on the other 220T1 so we can quickly move the incoming link over in the case of hardware failure on the primary. Each 220T1 can still support 100 IP phones with the PRI configured. The 24A’s will each support 24 analog
ports and do not support any IP phones. The system automatically assigns IP phones to a switch based on site, IP address mapping, and available switch capacity.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>Is the phone system IP / VOIP based?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Yes.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>How many phones are in use or what is the capacity of the phone system?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">We have approximately 275-300 phones in use. The capacity depends on the voice switches implemented and licenses purchased.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>How many fax lines are in use?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">We have three 24-port analog voice switches (converts VOIP to analog). Three were required when we originally purchased the system due to the number of fax machines, credit card machines, and other analog
devices we had at the time. Only one of the analog switches is currently used for analog lines now. One is kept in operation for testing and as a backup, and the third is configured for conference ports. We only use eight lines for faxing as we have implemented
a MultiTech fax server for all inbound/outbound faxing. We have approximately 25 or so dedicated fax extensions, all routed through the fax server. Any extension can be configured as a fax line. For example, my office number is configured on the fax server
to route incoming faxes to my email as PDF attachments. By default, any incoming call determined to be a fax is routed to the fax server regardless of the extension. The system determines this by “listening” for the initial negotiation beeps and transferring
the call to the fax designated fax line(s). The fax server is configured to route incoming faxes to a default email if a route is not defined for the extension. This ensures no faxes are missed. An extension can be configured so the re-route does not occur.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#1F497D"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Outbound faxes are sent via email to the fax server using a specifically crafted email address format. The content of the fax is attached as a PDF to the email, and the body of the email is used in the notes
section on the cover sheet. The fax server will automatically retry on busy signals, and will deliver a successful or failed report to the sender.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>If using IP / VOIP, how are fax lines being handled?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Through a MultiTech analog fax server. MultiTech (and other companies) do offer SIP-based fax servers.</span><span style="color:#1F497D"><o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>What vendor / provider helped with the implementation / maintenance of the phone system?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Peak Uptime. They assisted on the determination of what was required to replace our Nortel PBX, configuration of the management server, installation of the voice switches, and deployment of the phones. Our
purchase was done through the <a href="https://www.peppm.org/state/Oklahoma.htm">
PEPPM contract</a>, which I believe offers better pricing than the state contract. The state contract was not in place when our purchase was completed.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>How were phones deployed when the phone system was installed (third party, internal, etc.)?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">We deployed all 275-300 phones in a single day. This was a joint effort between Redlands IT and Peak Uptime staff.</span><o:p></o:p></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>Are you satisfied with the system you currently have?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Yes.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#1F497D"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b>How easy is it to manage and how is it managed?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Day-to-day management is very easy. We can have a new technician trained on creating a new extension within a matter of minutes. The management interface is all web driven.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>What department manages day-to-day operations of the phone system?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">IT<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><o:p> </o:p></b></p>
<p class="MsoNormal"><b>Are SIP trunks being used for external phone system connectivity?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Not currently. Currently we have an incoming T1 that is converted to a PRI. Future plans will change this to incoming SIP trunks, but those will still be converted over to a PRI for connectivity into our
ShoreTel system. This is due to the voice switch the incoming lines connect to (a ShoreTel 220T1). We are not looking to replace system hardware with the provider change over.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>How much support is needed for the phone system and are support contracts used?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">Support contracts are maintained and used. The system has been very stable for us, and we have not had to rely on the support vendor for very many issues. However, for the issues that we have had to contact
them for, the issues were resolved very quickly. ShoreTel annual maintenance costs are 10% of the original purchase cost. We do not carry maintenance on the phones.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#C00000"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b>What security concerns did you have with your phone system?<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">None at this time. They offer a VPN concentrator for phones outside of the system. Some phone models include a VPN client that can connect to the system through their concentrator. We didn’t find the VPN
concentrator to be necessary as we don’t have any phones that aren’t directly connected to our network either on campus, or through an MPLS/VPLS link. We also have an SSL VPN with support for all major smartphones. This method can be used with the ShoreTel
mobile app. Voicemail is configured by default to forward to the individual’s mailbox as an attachment. You can also dial into the system to check voicemail.<o:p></o:p></span></b></p>
<p class="MsoNormal"><b><span style="color:#1F497D"><o:p> </o:p></span></b></p>
<p class="MsoNormal"><b> <o:p></o:p></b></p>
<p class="MsoNormal"><b>Any other comments -<o:p></o:p></b></p>
<p class="MsoNormal"><b><span style="color:#C00000">We also have the system configured to alert key personnel by text message in the event 911 is dialed from any extension on campus. The text message provides the extension 911 was dialed from, so we have a
reasonable expectation of where the call was placed from and can respond very quickly. The one caveat is that a user can log their extension into any phone on campus if they are temporarily operating out of a different office. This doesn’t happen very often,
and hasn’t caused any problems yet.</span><o:p></o:p></b></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:12.0pt">Richard Colavito<o:p></o:p></span></b></p>
<p class="MsoNormal">Network Administrator<o:p></o:p></p>
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:#FFC000">Cameron University<o:p></o:p></span></b></p>
<p class="MsoNormal">2800 West Gore Blvd.<o:p></o:p></p>
<p class="MsoNormal">CETES 102C<o:p></o:p></p>
<p class="MsoNormal">Lawton, OK 73505<o:p></o:p></p>
<p class="MsoNormal">580-581-5974<o:p></o:p></p>
<p class="MsoNormal"><a href="mailto:rcolavit@cameron.edu">rcolavit@cameron.edu</a><o:p></o:p></p>
<p class="MsoNormal"><a href="http://www.cameron.edu/">www.cameron.edu</a><o:p></o:p></p>
<p class="MsoNormal"><img border="0" width="209" height="26" style="width:2.177in;height:.2708in" id="Picture_x0020_1" src="cid:image002.png@01D35175.4602F9E0" alt="Cameron University Logo"><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Confidentiality Notice:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This e-mail, including all attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information as defined under FERPA. Any unauthorized review, use, disclosure or distribution is prohibited
unless specifically provided under the Oklahoma Public Records Act. If you are not the intended recipient, please contact the sender and destroy all copies of this message.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p> </p>
<div style="font-family: Arial; color: #7F0000; font-size: 10pt; border-top: 2px #DCB439 solid; border-bottom: 2px #DCB439 solid; padding: 5px; text-align: justify; width: 95%; margin: 0px auto 0px auto;">
Redlands Community College provides a learner-centered environment committed to academic excellence strengthened through service and civic engagement.
</div>
<br>
<div style="font-family: Arial; color:#7F0000; font-size : 10pt; border-top: 2px #7F0000 solid; border-bottom: 2px #7F0000 solid; padding: 5px; text-align: justify; width: 95%; margin: 0px auto 0px auto;">
<strong>**CONFIDENTIALITY**</strong> - This e-mail (including any attachments) may contain confidential, proprietary, and/or privileged information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you
should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system. Any unauthorized disclosure or use of this
information is prohibited. Information contained herein may be subject to the Privacy Act of 1974, Family Educational Rights and Privacy Act of 1974 (FERPA), and/or the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
</div>
</body>
</html>