Covergence is the creator of Eclipse, an award-winning series of next-generation session border control solutions. Recently, the company unveiled the Covergence Policy Manager, a policy enforcement solution for real-time applications.

Using Policy Manager, organizations can now build session policy enforcement into applications that include VoIP, video, IM, presence, conferencing, shared workspaces, and other forms of real-time communications. This case study details how one major financial institution leveraged the Covergence Policy Manager to improve communications between customers and the sales force by integrating call control and call policy into its CRM system.

Enterprises and service providers alike are entering a new era of communications-enabled applications (CEA). By integrating business applications with real-time communications, CEA streamlines many business activities and helps companies serve their customers more responsively. The movement to CEA is enabled by two major trends: The growing popularity of Service Oriented Architecture (SOA) for business applications and the widespread adoption of SIP-based real-time communications, including voice, video, and presence. But an additional enabler is needed to make CEA a secure, cost-effective reality: SOA-compliant, policy-based, real-time session management.

Like any IP application, VoIP and other real-time services must be secured, controlled, and managed. However, real-time applications pose a unique challenge in that voice, video, and other real-time media are highly sensitive to the latency, jitter, and packet loss that are common in IP networks. Unlike e-mail or Web browsing, where a few seconds' delay or an occasional resend go unnoticed, a small delay or the loss of a few packets can make an audio or video session unusable. Therefore, real-time session management solutions are designed specifically to execute policy functions without degrading performance or compromising quality.

While CEA and dynamic real-time session management may sound "visionary," enterprises and service are implementing these solutions today. This case study examines how one major financial institution recognized that the efficiency of communications between customers and the sales force could be improved significantly by integrating voice capability and call policy into its CRM system to improve the efficiently of the selling process. Working with Covergence, this company, which operates in a highly regulated environment, was able to reap the benefits of CEA.

The CEA Challenge
There are two challenges that must be addressed to deploy communications-enabled applications successfully. The first is to understand the need for and the role of the session management function. As shown below in Table 1, the session management function must provide comprehensive security to protect against attacks/intrusions and to ensure the confidentiality, integrity, and authenticity of communications. It also must ensure that the organization has complete control over all communications to enable compliance with internal policies or external regulations. It also provides the monitoring and management capability necessary to ensure "toll-quality" service all the time. Finally, the session management function must provide the intelligence so the organization can set routing polices based on cost, quality, class of service, or other business rules. In short the session management function enables the organization to secure, manage, and control all real-time sessions.

After understanding the requirements for session management, the next challenge was to understand how to make it possible for developers to build real-time policy into their applications. For instance, in a contact center environment the session manager would have the information needed to make call routing decisions based on the cost or congestion of a particular route. But the business logic determines where a call should be routed based on the customer's need and the location of the support agent with the correct skill set. In this case the correct route is selected only when session routing policy is influenced by the business logic contained at the application layer.

The answer of course is to ensure that the session manager solution provides a standards-based interface that lets developers exert fine-grained control over session logic from the business logic. Most of today's business applications, whether built for the public Internet or for enterprise intranets, rely on a Web-like model - centrally hosted applications interacting with distributed user devices via the Hypertext Transfer Protocol (HTTP). Moreover, most of these applications are based on a layered SOA.

But to extend the benefits of SOA and Web Services to real-time applications and facilitate the implementation of CEA, a session management layer is needed (see Figure 1). The session management layer combines session border control with application-level security, session routing, and session management to create single point of policy enforcement for real-time applications and services.

Building Real-time Policy into CRM with Web Services
By adding a Web Services interface to the session management layer, developers get the ability to exert dynamic, fine-grained, policy-based control over real-time communications (see Figure 2). For instance, they can specify that certain VoIP calls should follow least-cost routes while others are routed to maximize quality. Acting as a policy gateway, the session management layer also assures compliance with security, regulatory, and business policies. To satisfy Sarbanes-Oxley, for example, the session management layer could log all inter-enterprise instant messages. To control costs, it could block international phone calls by unauthorized users.

With this particular customer, the objective was to improve the sales process by embedding voice call and control into its CRM application. Working with Covergence, the enterprise created a CEA solution that functions as follows:

a,  The broker could come out of a morning meeting briefing with new research or information about certain stocks that he wanted to share with his customers
b.  He could log into the CRM system to pull up all of his customers who are interested in that stock
c.  The broker would then click-to-call them from the CRM system
d.  If his call went to the customer's voice mail the broker could click another button to have a customized voice mail delivered. The broker is then ready to call the next customer
e.  If the customer takes the call the broker could speak with him while all the relevant information about the customer's holdings are displayed from the CRM system

In this use case, the process is optimized because the broker only spends time speaking with customers, not leaving voice mail. Also his conversations with the customer are contextualized because he is looking at all the information he has on both the customer and his recommendations.

With robust session management accessible via familiar SOA component interfaces, the company was able to implement CEA quickly and cost-effectively.

Evolving Web Services to Java Components
Over time it became apparent that certain combinations of Web Services could be grouped together into Java components and that this would make it even easier for developers to embed policy into applications. Components are self-contained, reusable software units that can be customized easily and assembled into composite components.

Moving to a component model provided two key benefits. The first benefit was that the component model made it even easier for developers by insulating them from the policy model expressed in the XML document shown in Figure 2. In Figure 3 we present the new component interface used both to initiate and record a voice call. You can readily see how one line of code (CallControl.makeCall ["sip:ted@abc.com", "sip:bob@def.com",true]) is much easier to understand conceptually than a hundred lines of XML. So components make session management more approachable for developers by shielding them from the internal details of session management.

Another benefit of moving to the component model is the increased extensibility and customization that the model brings to developers. Components use the properties, methods, and events model. Properties can be thought of as an object's attributes (the set of things that describe the object), methods as its actions or what the object can do for you, and events as its response or the code that's executed when a certain situation or event occurs.

Components are dynamic in that they can be readily changed or customized. Through the design mode of a builder tool the developer can modify the properties of the component to customize it. They can also modify its appearance and behavior, define its interaction with other components, and combine it and other components to create a new composite component.

By creating new powerful components that aggregate together some of the more frequently used Web Service calls the company's application programmers don't have to learn the details of session management or debug XML code. They can set dynamic real-time policies by writing a line of Java instead of hundreds lines of XML.

The Result
Ultimately, the institution discovered CEA implementation. Making session management an integral part of the application infrastructure gives business applications dynamic, fine-grained control over real-time communications. Basing session management on the SOA model minimizes the time and cost required to implement CEA. And building in stringent policy enforcement ensures that all real-time activities comply with security, regulatory, and business policies.

As this case study illustrates, by integrating real-time communication with business applications, CEA can boost employee productivity and reduce operating costs simultaneously. It can also make companies more responsive to ever-changing business and customer requirements. The best way to implement CEA is to make real-time session management part of a company's existing SOA/Web Services architecture. By adding a robust session management layer and making it accessible to applications via familiar Web Service protocols or through customizable components companies can leverage their developers' existing skill sets and make a quick, cost-effective transition to CEA.