Bruce Stewart, who's always worth reading, posted a comment to the last post about security and call quality that's very timely -

Matthew Gast (the author of O'Reilly's "T1: A Survival Guide" and "802.11 Wireless Networks: The Definitive Guide") just wrote an interesting post over on our new ETel site that examines the findings of a recent article claiming that doing VoIP over SSL VPN connections actually improves call quality!

Thanks to both Matthew for writing it up and Bruce for not letting me overlook commenting. I'd glanced at this writeup last night myself. You can read Matthew's post Strangely, SSL VPNs can help VoIP call quality by following the link. It raises some interesting questions and points to an article by Joel Snyder at Network World. Joel did some fairly comprehensive testing of SSL VPNs and VoIP, with intriguing results.

In every case, adding an SSL VPN to a VoIP call over a good broadband network improved call quality. So in effect, wrapping a VoIP call in SSL gives it more structure, kind of like the rind of good Brie. What we had not counted on was the huge difference between what VoIP requires (64Kbps) and a typical broadband connection of 500Kbps or more. Because the broadband connection was so fast, TCP was able to repair the impairments without reducing voice quality.

Like most folks whose comments I saw last night, the brie analogy didn't seem really work for me, but the findings are pretty important. Here's a more general excerpt from Joel's article that I think puts the idea in better perspective,

Network managers who wish to use SSL VPN with VoIP services can roll them out in most network scenarios knowing that SSL VPN can clean up an average network connection. For home users who have good-quality broadband, and for most travelers, any of the SSL VPN devices would give a good experience. Because this test focused only on one aspect of SSL VPN remote access, VoIP call quality, our results may not help to significantly differentiate products. Instead, our testing shows that VoIP and SSL VPN can coexist very happily.

What this really demonstrates is that networks are improving. Make no mistake, SSL adds overhead. SSL VPNs add overhead. The SSL wrapper is overhead. But today's networks, for telecommuters, travelers and road warriors, are better than they've ever been. What this means is that the overhead of TCP (three-way handshake and guaranteed delivery), coupled with the overhead of the SSL wrapper have far less impact on data delivery than they did in the past. In the past, that overhead actually degraded delivery and impaired VoIP services. Better networks make that invalid today, and we see benefits from using them in VoIP, hence Joel's statement "SSL VPN can clean up an average network connection."

If you haven't already done so, I recommend you add Bruce, Matthew  (the O'reilly Emerging Telephony blog) and Joel (along with other Network World writers) to your regular reading. These guys know their stuff and always add good insight into how things really work.

Technorati Tags
VoIP
IP Telephony
Voice Over IP
VoIP performances
VoIP SSL