Asterisk VoIP Security

When I came across a blog on Huffington Post that called Asterisk out on the security of their open source VoIP platform I just had to know, is this true?

So I asked Asterisk (after I said “asked Asterisk” five times fast) and got this detailed response from David Duffet, Director of Worldwide Asterisk Community.

Duffett (@dduffett) explains that protecting your network is a not whole lot unlike fortifying your house against break-ins.

VoIP Supply: Who is the Asterisk VoIP platform designed for?

David Duffet: The Asterisk IP communications engine is for anyone that wants to create a flexible and powerful communications solution. Asterisk configuration is performed through a number of ascii text files, and this is why a number of pre-packaged IP PBX solutions based on Asterisk have become available that allow configuration via a web GUI.

VS: Why open source?

DD: When Mark Spencer (the creator of Asterisk and CTO of Digium) decided to make Asterisk an open source project, he did this in part to liberate the stodgy, closed world of telecoms, but also to allow (and encourage) contributions to Asterisk from people all over the world that are particularly keen to see Asterisk enhanced in specific directions (like conferencing and contact centre applications).

VS: In this blog post on Huffington Post, 6 Keys to a Successful VoIP Implementation, the writer, Jason Volmut (@javolmut), CEO of CPUrx, states that:

“VoIP systems built on the open-source telephone platform Asterisk are routinely subject to hacking attempts, and should be avoided. “

What VoIP security measures can Asterisk take to secure their systems from hackers?

DD: Although there are a number of places within Asterisk that could be configured to enhance security, I would like to make some more general points:

The mention of only Asterisk in point 5, regarding security, is extremely misleading.
To set the scene, PBXs, even before the advent of IP communications, have always been subject to attacks of one sort or another – all the way from people trying to hack into voicemail boxes to full scale toll fraud through PRIs or even analog lines.

*ANY* SIP IP PBX that has an open connection to the internet (i.e., not within a VPN, or not tied down to a specific IP address, or addresses) will be subject to hacking attempts.

" Just like any type of system – it’s all in the implementation. If that is done in a sloppy way, it could lead to trouble." - David Duffett, Asterisk
” Just like any type of system – it’s all in the implementation. If that is done in a sloppy way, it could lead to trouble.”
- David Duffett, Asterisk

Asterisk is certainly the most popular and established open source communications engine in the world, with millions of Asterisk-based IP PBXs out there – but they are by no means particularly prone to issues of this nature. Just like any type of system – it’s all in the implementation. If that is done in a sloppy way, it could lead to trouble.

There is lots of information around on the internet about certain brands of proprietary IP PBXs and potential vulnerabilities, but to focus on the PBX is to miss the main point about securing IP systems – and that is to ensure proper measures are taken at the network level, before thinking of applications running in the network like a PBX or a CRM system.

If you found a robber in your kitchen, you know that he would have broken into your house through the front door, back door or a window. The best thing to do would be to improve the security on the exterior of your house so as not to let the robber in! And so it is with your network… Stop the bad guys getting into your network in the first place!

Anything you can do in a given appliance or application like an IP PBX or a CRM system should be seen as a secondary line of defence.

Due to the power and flexibility of Asterisk, there are actually more things you can do on an Asterisk PBX to detect and prevent any form of compromise than there are on any other PBX solution. Of course, they must be implemented and adjusted by people that know what they are doing.

Michael Graves & Shdow-IMG_5786
Michael Graves, his dog, and 100+ lb. pumpkin. Photo Courtesy: Michael Graves (

Office technology is supposed to make our working lives easier but the overwhelming amount of options makes it difficult just choosing the right device.

So where do you turn and who do you trust when you want to know who’s used this stuff before, what works and what doesn’t, and how much hair will I pull out trying to install this thing?

This is when you seek the guidance of a VoIP blogger like Michael Graves (@mjgraves) who runs the site Graves on SOHO Technology. He tests products geared for the small office / home office (SOHO) user and offers you, the reader, a wealth of detailed product reviews, guides and how-to articles, and great hands-on advice.

Graves explained to us that products under review spend a considerable amount of time in use on his desk before he even thinks about writing about them, so you know you’re getting quality insight. Which is great, but we wanted to know, “Why?” So we asked him a few questions about how it came to be that he created his site with all these great resources and what he thinks about the future of VoIP.

VoIP Supply: Tell us a little bit about who you are and what Graves on SOHO Technology aims to provide for your audience.

Michael Graves: My professional background includes working as a video editor and graphic designer. I also spent a long while on the technology end of the broadcast business for an English company that builds specialty graphics equipment. That work, mostly system integration and technical support, gave me the opportunity to travel extensively, which was great exposure to a variety of corporate IT infrastructures and strategies.

Early in my career I took a bit of time away from television production to write for a magazine. That exercise gave me the confidence that I could go beyond design and layout to actually write content. It was much later that I started the blog as a way to share the experience gained over years of working from my home office.

VS: How did you get started in VoIP?

Michael Graves
“I was one of the earliest people clamoring for an embedded Asterisk appliance. That’s what started me writing about VoIP. “

MG: Working as I did for a UK based firm, with limited US presence, I was based in my home office in Houston. I wasn’t just occasionally working from home as is more commonplace. I was and remain, 100% home office based. That means that I had to come up with my own IT strategies, including telephony. We had four analog phone lines, and watched as the cost went up while their capabilities were flat-lined.

Eventually, I thought that I needed to be able to do more with the funds. That drove me to look at Asterisk in it’s pre-v1.0 days. After some experimentation, I used a small Asterisk installation with some Polycom and snom phones to replace the small Panasonic KSU that was providing our home and office phones.

I was one of the earliest people clamoring for an embedded Asterisk appliance. That’s what started me writing about VoIP. I documented the process of building an Embedded Asterisk server using a Soekris single board PC and the then fledgling Astlinux embedded distribution. I wrote that for Tom’s Hardware (which later became Small Net Builder) late in 2005.

Since I had analog lines I needed FXO interfaces. My experience with early FXO cards was pretty horrible. Even the new Sipura SPA-3000 (I was in the beta program) was less than wonderful. I eventually ported my numbers to an ITSP, putting all of our voice calling over a DSL circuit.

Back then DSL was pretty slow. It took patience to select and tune a router to ensure good voice quality over DSL. The whole process or moving to Asterisk using voice-over-DSL is what drove me to start the blog. I was answering questions in various forums. It seemed like the same handful of questions kept being asked all the time, so I thought I’d carefully write down my experience in a place that I could use as a reference.

VS: What are your favorite things about VoIP, or some of the creative ways you’ve seen people use the technology?

MG: I think it’s wonderful that we can take standards compliant hardware and software to build solutions to real problems. Sometimes it’s driven by saving money, but for me it’s more often driven by the desire to solve a problem in a new and interesting manner.

People have done all kinds of fun and interesting things with VoIP tools. My former employer had to exhibit at a major trade show in Las Vegas every spring. They paid handsomely for the privilege of internet access at the booth in the exhibit hall. Then they paid again to have a voice line dropped into the booth. Then they paid a third time for calling to the UK head office where their team of engineers were busily trying to finish the code that was to be used for the show. It was silly, bit it was the way of the world.

Once they were familiar with what I had done in my home office they asked me to bring a small PC and a couple of SIP phones to the show. We never again had the convention center install the voice circuit. Better yet, we could have multiple simultaneous calls ongoing over the SIP service, including calls from staff in the UK who had a few of their own snom hard phones by then. We had better calls using G.722 based wideband audio, and we paid less. That’s win-win.

Looking to the present-day and forward, I really like that both HDVoice and video are coming into more widespread use. It’s been about to happen for many years, but it’s really picking up momentum now. Even the US mobile carriers are now supporting HDVoice in limited ways.

Graves answers and shares a readers question.
Graves answers and shares a readers question.

VS: What trends are you seeing now and any predictions for the future?

MG: I expect to see growing use of hosted PBXs by small businesses. That’s what I use myself. There’s a chance that Microsoft could step into this space with a new hosted Lync offer.

I don’t think that the desk phone is going away just yet, at least not in the world that I inhabit. I still need to be on the phone even as my desktop reboots.

More use of video. We see it already with Hangouts and various other services. WebRTC has yet to really make a dent into anyone’s business, but it’s a tidal wave that’s going shake things up a lot.

On the other hand, I’m not that enthusiastic about the more costly video conferencing end-points. I think that their days may be numbered. Low-cost end-point psuedo-appliances like Chromebox for Meetings may do well, but it’s too early to tell as yet.

I hope that we see more use of encryption in all aspects of telecom. WebRTC may be a big step forward in that direction.

VS: Writers read a lot. What’s on your reading list; websites you love or books you’d highly recommend?

MG: It was pain making the switch from Google Reader when it was shuttered. These days I meet my morning using Feedly to catch up on the news of the day. While I have a couple hundred feeds collected there, I’d recommend Light Reading, No Jitter and UC Strategies for telecom topics. Also, Dave Michels who also writes at is someone I really admire. Avaya’s Andrew Prokop has some great insights into technical matters at SIP Adventures.

As for books, right now I’m trying to stay focussed on the Certified Specialist of Wine Study Guide. I’ve just completed a class and I’d like to take the test some time in the next month or two. It’s a grueling test, requiring 75% correct to pass. I’m told that only one-in-three people pass on their first attempt. Everyone needs a hobby, right?

There are two books I read that I’d recommend to anyone; “Exploding the Phone: The Untold Story of the Teenagers and Outlaws who Hacked Ma Bell” by Phil Lapsely and “Perfecting Sound Forever: An Aural History of Recorded Music” by Greg Milner. Both are excellent accounts of the lengthy history of something that most people take for granted.

Michael Taylor (center), VoIP Engineer at VoIP Supply Receives Xorcom Certification

We’re proud to announce that VoIP Supply is now a Xorcom Certified Dealer for Complete PBX Solutions.

Thanks to Michael Taylor (pictured above) our VoIP Engineer putting in all the hard work at the Xorcom technical training class.

We’re not sure what was harder for him the three days of in-depth training to learn all the details of Xorcom PBX installation, programming, and troubleshooting or being able to avoid all the distractions of the class location, Las Vegas.

If you’re not familiar with Xorcom the company was founded in 2004 and they focus on business telephony solutions for both VoIP and traditional PSTN. Xorcom products are based on Asterisk®, the open-source communication software used worldwide, for a flexible range of PBX solutions.

Taylor’s hands-on Xorcom training provided him with real-world application knowledge which means we that we not only provide you with the best first-level technical support but we can also help you:

  • Determine your communication needs and suggest the best Xorcom solution based on your line usage, infrastructure, and employee habits.
  • Streamline your phone system implementation process.
  • Ensure optimal phone up-time by securing the phone system.
  • Improve your overall user experience by providing communication efficiency suggestions.

Xorcom CompletePBX systems are pre-configured so they’re ready to use right out-of-the-box and they’ll give your single office/home office (SOHO), small and medium-sized business (SMB), or enterprise level applications lots of flexibility based on call management, Unified Communications (UC), and strong standard features.

Xorcom Case Study

How does a Xorcom PBX work in the real world?

This Chabot Space and Science Center case study is a good example of an application where cost and licensing fees were an issue. The customer was also going to install the solution themselves so they needed an Asterisk® solution that would work right out of the box and make calls straight away:

Extensive research into IP-based systems led Mr. dosRemedios to Asterisk®-based systems and he tried a test system, using trixbox CE and two Grandstream handsets. He liked what he was able to do, and so he looked for a turnkey system using Asterisk® at its core, and came across Xorcom and the Astribank concept. Because Mr. dosRemedios is the sole support for telephony at Chabot, his greatest concern was getting help configuring the system. So he contacted a local Xorcom reseller and soon realized that he could probably do everything himself.

Mr. dosRemedios chose a Xorcom XR2074 PBX with 1 PRI port, 8 FXO ports, and 16 FXS ports; with RAID (dual hard drive for redundancy), Rapid Recovery (for backup and restore
of the entire PBX), Yealink T20P handsets, and some premises cabling to fulfill the requirements. Deployment was performed in-house over a period of five weeks…The PBX installed without a hitch; Mr. dosRemedios connected four landlines to the FXO ports, and a couple of phones to the POE switch and was able to make calls the same day! He’s currently preparing to deploy the remaining 108 phones to run in parallel to the old PBX until the day he can move the PRI over to the Xorcom box.

Download the full case study here.

To find out if a Xorcom PBX solution is right for you, call us at 800-398-8647 and we’d be happy to help.

To learn more about installing an Asterisk®-based Xorcom PBX, here’s how to do in 10 minutes:

Usually in our VoIP Q & A Blog Series, we answer questions about submitted to us through tech support tickets on or via the “Ask The Expert” tab on our product pages.

This time we’re sharing the questions and answers from the Grandstream UCM6100 PBX webinar that was held as part of our Grandstream Learning Series.

These were real questions from the attendees that were answered by Grandstream’s tech support team. We hope that this is a comprehensive guide on how to use a UCM6100 series PBX and what they’re capable of.

Grandstream UCM 6100-banner-voip-supply

Door Phone and Door Station Support

Q: Can it [UCM6100] support door phone, control, attendance systems? E.g. Helios 2N, any others?

A:  Yes, it supports door stations. We have verified this against FXS/FXO devices from Viking Electronics as well as 2N.

Q: Can we use this system to open gates or use in a system gate?

A:  Yes, this system can perform door station functions depending on the device being used. We’ve interoped with Viking Electronic devices.

Q: The scenario would be a system with several video-doorphones + one GXV3140 + UCM6102. While one video-call from a video-doorphone is being attended from the GXV3140, there are other video-calls being received from other doorphones and those video-calls should be put on queue. How many calls can be queued?

A:  This would be handled like any other call. Since it is video, it will now have video codec being negotiated. You can configure the call queue based on your own preference.



Q: Because Asterisk is open source, does Grandstream contribute to this effort?

A:  Yes, we comply with GNU/GPL and provide the source details on our FAQ page.

Video Softphones

Q: Any recommended free video softphones for use?

A:  At the moment, we do not have any free apps listed for video calls. It would be suggested to use a softphone that supports h263, h263+, h264.

IVR Security

Q: Standard set of security protocols to avoid hacking, security issues through IVR?

A:  There are several ways of securing the UCM IVR.

1. Password on outbound route
2. Specify permission/privilege level
3. Disable dial trunk option.

Park BLFs and Shared Line Appearances

Q: Are there plans to add Park BLFs or Shared Line Appearances?

A: On the latest firmware for the UCM we support BLF for parking lot. Shared line appearance has already been requested and is taken into consideration for the future release.


Q: Is there a way to install A2Billing?

A: The UCM is a locked down asterisk system so you cannot instlal any applications onto the appliance. however, a later firmware release will support API and allow users to pull caller data for billing programs.

Zero Config

Q: Does the endpoint manager support other vendor phones for configuration and Key defs?

A: No. The UCM can only zero-config Grandstream products at the moment.


Grandstream UCM6102
Grandstream UCM6102

BroadSoft Softswitch

Q: Is the UCM6102 certified to work on BroadSoft softswitch?

A: At the moment, it is stil under certifcation and has not been fully supported. Working in progress.

Voicemail to Email and Remote Voicemail Access

Q: Are we able to listen and delete voicemail directly from Outlook so the voicemail is also deleted in the UCM?

A: No. Voicemail sent to your email needs to be removed from the PBX. It does not sync up with your email. This has been requested for future consideration.

Q: How do you listen to your voice messages remotely, from a phone not registered to the UCM?

A: You can dial into the UCM via IVR, then dial an option for a dummy extension(not registered) and have that dummy extension undconditional forward to your voice mail system *98

Call Monitoring and Recording

Q: Calls Monitor Feature?

A: This has already been requested and is being implemented for a future release. However, we do have an option to record calls.

Q: Can we direct the recordings to external storage?

A: This is done automatcally when a USB/SD is connected to the UCM.

Service Providers Tested

Q: What providers have been successfully tested with this?

A: 3NG, Nexvortex, Callcentric, Clearfly, vitelity, Phonepower.

google voice_logo

Google Voice Support

Q: Can google voice be integrated on the UCM?

A: No, this is not supported unless it uses SIP signalling.

G.729 Codec

Q: Any license fees to use G.729 codec?

A: No licensing fee for G.729, we have a license for the max number of concurrent calls on the UCM.

Grandstream HT704 Adapter
Grandstream HT704 Adapter

How to Add Additional Analog Phones

Q: How to add FXS phones if i need more analogue phones?

A: All UCM models come with 2 FXS ports. You can add more by using an ATA or FXS gateway like the HT700 series or GXW400x/4200 series.

LAN Ports for Failover

Q: Are the 2 LAN ports in UCM6104 – for a failover mode – i can use 2 separate internet connections? or is there another purpose to the 2 LAN ports?

A: Exactly, this is used for failover purposes.

Demo Programs and Training

Q: If we want to be more familiar with the product do you have some DEMO programs?

A: We do provide UCM trainig events. You can visit this page for all the upcoming events:

Need More Lines

Q: What I can do if i need more than 16 lines?

A: You can peer an FXO gateway to the UCM. We provide FXO gateways to extend this. Here’s the link to the guide.

T1 or DSL Support

Q: Can we use a T1 or DSL Service?

A: T1/E1 is not supported on the UCM61xx series. However, we are coming out with a UCM65xx series that will support such services.

CounterPath Bria Desktop Client
CounterPath Bria Desktop Client

Desktop Clients

Q: What kind of desktop clients are you supporting? And on what OS?

A: We support either Linux/Mac/Windows. Any soft client that is SIP compliant works with our UCM. E.g CounterPath Bria.

Concurrent Video Calls

Q: Max concurrent video-calls supported?

A: This is anywhere between 6-10 calls.


Q: Does the UCM6100 series use a disk or SSD for storage?

A: Internal flash storage.

Q: Does the USB port of UCM6104 suport a passport drive (which doesn’t have its own power)?

A: That should be fine. I have used a Buffalo 1TB drive without power and was just fine.

System Recovery

Q: I have read that asterisk-based systems have known lock-up issues that typically have to be resolved by a system reboot. How has that been dealt with for this solution?

A: Our system recovers itself during these moments and provide core dump files that can be analyzed by our developers for root cause.

Stay Tuned

Check back next time  for more VoIP Q & A.

Thanks for your questions!

Newest Digium cards currently not compatible with latest version of Switchvox

The TE133 and TE134 are the most recent single span telephony card solution from Digium, and VoIP Supply gives you a first look at the Asterisk company’s cards.

What is it?

The Digium 1TE133F PCI-e and Digium 1TE134F PCI are new telephony cards for seamless PTSN connectivity to VoIP. These single span cards use state of the art technology to increase overall consistent phone quality and system performance, including features such as toll-bypass adjuncts for legacy TDX PBXs, SIP trunk interface for legacy TDM systems and small call center ACDs with T1/E1 trunks.

Digium te134

From these single T1 digital telephony cards, you can expect:

  • Up to 24 (T1/J1) or 30 (E1) simultaneous calls
  • Selectable T1, E1 or J1 Mode / Half-Length, Half-Height, Digital Card
  • PCI-Express (TE133)
  • PCI (TE134)
  • One (1) RJ48 Interface Port
  • Protocol support includes: ISDN PRI, Robbed-Bit, CAS
  • Built-in 128ms Octasic DSP hardware echo cancellation
  • 5 year warranty
  • Risk-free ESP guarantee

Digium TE133 and TE134 cards are designed to support T1/E1/PRI environments and industry standard telephony protocols, mainly Primary Rate ISDN protocol families for voice in North America and Euro standards. Octasic DSP hardware echo cancellation is built directly into the cards which removes the task of echo cancellation from the system’s CPU card, improving efficiency in your VoIP system.

As these cards are created by the makers of Asterisk, you can feel confident about 100% interoperability, straight from the source. Digium wants you to feel comfortable with your purchase, so even though we all know you’ll love it, Digium offers a no-risk ESP guarantee that if qualifying Digium products don’t perform 100% as designed, Digium will refund the product. That’s confidence.

Who is it for?

The TE133 and TE134 are designed for Asterisk and it’s open source drivers, so basically, anyone with an existing legacy system looking to upgrade to VoIP. Digium cards have been tested with major server hardware platforms like Dell, HP and IBM, as well as hardware platforms with chipsets like AMD, Intel, VIA and Nvidia. Being designed by Asterisk, Digium cards are compatible with all version of Asterisk using the DAHDI driver framework. Asterisk and DAHDI are available for free from the website.


Digium 1TE133F MSRP $730.00
Digium 1TE134F MSRP $730.00


The Digium TE133 and TE134 are now shipping from VoIP Supply. For more information on the 1TE133F and 1TE134F, call the VoIP experts at 1.800.398.8647 or email sales at

Polycom Asterisk

Most or our readers are likely familiar with Asterisk Open Source PBX, but for those of you who aren’t, Polycom has recently put together an easy to follow technical bulletin on using their SoundPoint IP Phones with Asterisk.

This document covers all the basics of integrating Polycom IP phones with your Asterisk PBX. Key topics covered in this bulletin include:

As you may have noticed, has recently discontinued sales of the Trixbox Appliance. We will continue to fully support existing Trixbox Appliance customers, but we are focusing our efforts on the PhoneBochs Asterisk Appliance as our recommended hardware solution for users of Asterisk, Trixbox, 3CX and other SIP based communications platforms.

Some of you may be familiar with PhoneBochs, but for those of you who are not, I have put together a basic feature comparison between the Trixbox Appliance and the PhoneBochs Asterisk Appliance. The PhoneBochs Asterisk Appliance offers true “telco grade” build quality and performance and is a suitable server hardware platform for Asterisk/Trixbox installations of all sizes.

Continue reading

In a move that I interpret as Cisco beginning to view the “open source” telephony market as a viable opportunity, Cisco today released a new application note on how to configure the new Cisco SPA8800 4FXS+4FXO SIP Gateway with Asterisk.  The document is entitled Configuring SPA8800 with Asterisk, and is intended to help position the Cisco SPA8800 an a cost-effective PSTN gateway for Asterisk deployments, as well as adding additional FXS ports.

Yep, you read that right….an application note, produced by Cisco, specifically for Asterisk users… exciting first I believe.

This application note includes configuration guidance for the Cisco SPA8800, Asterisk sip.conf, and Asterisk extensions.conf files. A troubleshooting section complete with sample traces showing registration and call flows is also included.

You can download the PDF configuration guide for free here.

The Cisco SPA8800 is currently available to purchase at

Do you already own a Nokia “E” Series mobile phone, or are you considering purchasing one? The Nokia “E” series phones, although not inexpensive, offer the flexibility of both GSM and WiFi/SIP calling, and can be integrated with most SIP based IP PBX platforms. For the purpose of this article, we chose a Nokia E51 and configured it to leverage any open WiFi connection to register with our Switchvox IP PBX.

These instructions apply to and of the Nokia “E” series dual mode GSM/WiFi mobile phones.

NOTE: The SIP registration instructions below assume you have already setup your WLAN settings on the phone, and will use WiFI to communicate to your SIP server. It is always suggested to have the AP on the same network as the IP PBX and to place a certain level of security.

1. First, power on the Nokia “E” series phone by holding down the power button located on the top of the phone. Continue reading

Fresh off their announcement of revamped, comprehensive support package offerings for open source Asterisk, Digium today has released Fax for Asterisk .

HUNTSVILLE, Ala.—April 6, 2009—Digium®, Inc., the Asterisk® Company, today announced Fax For Asterisk, a complete, cost-effective platform for the development of fax solutions. The offering provides Asterisk users and integrators a suite of user-friendly applications and a licensed version of the industry-leading fax modem software from Commetrex. To meet the demanding requirements of business users, Fax For Asterisk provides reliable faxing across the Internet and public switched telephone network (PSTN).

Asterisk is the most widely used open source telephony platform. The software is available free of charge and has been downloaded millions of times for use by individual developers and systems integrators creating custom telephony solutions for businesses. Asterisk is also available as the professional-grade and commercially supported Asterisk Business Edition.

“Asterisk users, developers and integrators now have a toolkit allowing them to integrate fax with their phone systems,” said Bill Miller, vice president of product management at Digium. “With Fax For Asterisk, Digium offers a reliable and fully supported fax solution.”

Fax For Asterisk interoperates with standards-compliant fax machines connected to Asterisk 1.4 and 1.6 on x86 Linux systems. It provides low-speed PSTN faxing via DAHDI-compatible telephony interface cards as well as VoIP faxing to T.38-compatible SIP end points and service providers. Fax For Asterisk operates at speeds up to 14.4kbps and supports V.17, V.27 and V.29 fax modems.

Fax For Asterisk is available free of charge from the Digium webstore at for one concurrent fax session. Multi-session licenses are available for a one-time fee of $38.50 per channel. Fax For Asterisk is available immediately. Fax capabilities for Digium’s Switchvox IP PBX were announced in February of this year and are based on this solution. For more details, visit

Fax solutions for Asterisk are not new (Hylafax, SpanDSP, etc) but direct support from Digium for faxing is, and this plugs another hole in open source Asterisk making it an even more compelling option that has the Shoretel’s of the world looking in their rearview mirror.