4- OmniPCX Office Internet solution




OmniPCX Office Internet solution


-    OmniPCX Office Internet components                                                   4-2

Shared internet access


-      LAN interfaces                                                                                        4-3

-      WAN interfaces                                                                                       4-3

-      ISDN internet connection                                                                        4-3

-      ADSL and Leased Line internet connection                                            4-4

-      Remarks and recommendations                                                             4-4



-      Built-in Certified firewall                                                                        4-5

Access and usage control


-      Protocol authorization                                                                            4-6

-      Access restriction                                                                                    4-6

-      Built-in Proxy server                                                                               4-6

Optimized internet access


-      Built-in Cache server                                                                              4-7

Integrated e-mail server


-    OmniPCX Office e-mail server                                                               4-8

-    Flexible configuration                                                                            4-8

-    Embedded features                                                                                4-9

-    Unified messaging solution                                                                   4-10



-    Internet VPN                                                                                          4-11

-    Remote access                                                                                        4-11

-    LAN to LAN networking                                                                         4-12


OmniPCX Office Internet solution



Based on the all-in-one concept, Alcatel OmniPCX Office offers a professional internet solution for small to medium sized businesses including all the necessary features, services and applications.


Alcatel OmniPCX Office provides:

·         Shared internet access for all users on the LAN : allows all employees on the LAN to access simultaneously the Internet using a single account and a single connection

·         Security mechanisms for internet access and network /data protection : OmniPCX Office embeds a certified firewall to protect company information and it supports also standard internet authentication protocols.

·         Access and usage control thanks to its embedded proxy server which defines user access rights and provides detailed statistics on internet and application usage.

·         High speed optimized internet access using ISDN connection, ADSL(1) or Leased Line(1) and web cache service which reduces information access and optimizes connection time

·         Extended communication capabilities with an integrated fully featured e-mail application

·         Virtual Private Networking which allows remote access for home workers and for multi site networking using the internet network with secured standard protocols.

·         A unique and simple web based management tool for easy installation and management of internet features, services and applications.

(1) Release 1.1


OmniPCX Office internet components



Shared Internet access


OmniPCX Office allows multiple users connected on the LAN (Ethernet) to access the Internet using one single access and connection . It allows the users to access  the Internet services and applications such as WEB, E-mail or E-commerce via a single ISDN line, and ADSL(1) modem or a leased line(1) providing high speed access with a single IP address.

The internet access is performed by sharing WAN ISDN resources (ISDN B-channels) or by connecting and external ADSL modem or Router. Using one single connection for many users the resources and the traffic is optimized and consequently the costs decrease.

For example the ISDN B channels are shared between the voice and the data applications. 











·         Access monitoring

WAN channels activity and bandwidth usage for the internet traffic can be monitored

using a graphical real time traffic indicator


LAN Interface 

PC to OmniPCX Office are connected using Ethernet 10BT/100BT standard link that allows connection to any standard 10/100BT HUB or switch port. For small configuration PC can be directly connected to the OmniPCX Office Ethernet 10/100 LAN switch board.


WAN interfaces

OmniPCX Office supports various Internet connection :

·         ISDN , DSL(1) , Leased Line(1)


ISDN internet connection

OmniPCX Office uses the shared B-channels resources on the ISDN PBX trunks to access the Internet. It supports multiple interface protocols according to the traffic level needed.

·         Static 64 Kbps : delivering static bandwidth on 1B channel. (PPP : Point-to-Point-Protocol)

·         Static 128 Kbps : delivering static bandwidth on 2B channels. B-Channels are aggregated providing high speed internet access. (MPPP : Multi-link Point-to-Point-Protocol).

·         Bandwidth on demand from 64 up to 128 Kbps :  bandwidth allocation is performed dynamically according to the traffic analysis (monitoring the inbound and outbound stream) and the second B channel is added or removed. It is based on a Multi-link PPP (MPPP) protocol.

NB : In addition to ISDN connection, OmniPCX Office will soon provide support for DSL or Leased Lines connections by means of external DSL modem or external router.


(1)  release 1.1


Shared Internet access

ISDN connectivity

OmniPCX Office supports multiple access modes.

·         Dial-up with demand dial : The link is only established when needed and is automatically released if there is no traffic. For example, the line is established when a user on the LAN

wants to access an Internet service (browsing the WEB) or when a application server wants to reach another server over the Internet (sending e-mail). After a pre defined period of time without traffic the connection is closed.

·         ID-channel ISDN Call-back : The link is established on behalf of the ISP while preventing the ISP to be charged. ID-channel Call-back uses the ISDN D-channel to request the call-back

from the OmniPCX Office system. This does not require that a call on the ISDN B-channels is first established before call-back can be requested thus ISP side is not charged. It is used for VPN based remote access

·         Permanent connection : the link between OmniPCX Office and the ISP is permanently established avoiding the establishment of the line before access. 


ADSL and Leased Lines internet connection (release 1.1)

In addition to ISDN connection, OmniPCX Office supports DSL or Leased Line connection for internet access by means of external ADSL modem or external router providing up to 2Mbps connection. The connection between the system and the external modem or router is done by means of a second Ethernet plug. This configuration allows OmniPCX Office to be independent from the material used which an be part of an operator or and ISP offer.

Internet access using one of these two modes provides permanent connection.

In ADSL mode OmniPCX Office supports PPPoE connection protocols and PPTP with Alcatel modems.


Remarks and Recommendations :

Although the number of declared internet users is unlimited, recommendations have to be made according to 3 majors elements :

- The available bandwidth for the internet access

- The number of simultaneous users connected to the Internet

- The type of application used by the users (browsing, e-mail, FTP,…)

For instance, with a 128kbps connection, the number of simultaneous connected user should not exceed 20.


J Shared Internet access benefits


·         A cost effective solution allowing multiple computers to share simultaneously a single internet connection and a single communication

·         Eliminate the need of additional trunk and modems to provide individual connection

·         Offers flexible internet access in term of interface (ISDN, ADSL, Leased Lines, access mode (dial up , permanent) and bandwidth (from 64kbps to 2Mbps)

·         Integration of shared WAN resource for voice , data and internet

·         Easy to configure, set up and administrate with a single user friendly web based management tool







OmniPCX Office includes several security mechanisms to protect company network and data from external enemies and secure internet accesses.


Built-in Certified firewall

·         Build-in firewall : OmniPCX Office firewall – which has been certified by the West Coast Labs Checkmark - supports IP packet filtering. The firewall  blocks unwanted traffic at IP level. According to the overall service configuration (E-mail, VPN, proxy,…) the system automatically sets up IP packet filters that inspect network datagrams (IP packets) and decides whether these packets are allowed to pass the filter or not. The decision to let a filter block certain packets is based on several criteria, being checked against the contents of the IP packet and environmental parameters such as source and destination IP addresses, protocols like TCP, UDP, source and destination port numbers associated with TCP or UDP services , ..This allows the private network to be protected against Internet attacks such as : intrusion, denial of services (e.g.: flooding), Port scanning , …. In addition the firewall logs attacks and port scans.


·         Network Address Translation (NAT) : NAT hides Internal IP addresses from the outside world and allows the sharing of a single static or dynamic IP address. This ensures security since each outgoing or incoming request must go through a translation process that offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world.






J  Security benefits


·         Efficient and secured protection for the company private network

·         Centralized secured access

·         Cost effective solution providing integrated security components avoiding external server to be deployed

·         Certified firewall

·         Easy management with a common web based management administration tool



















Access and usage control


Security is also ensured with an additional level of control :

·         Protocols authorization

·         Access restrictions

·         User access control thanks to an embedded proxy server.


Protocol authorization

Protocols allowed to be used are easily selected through the web based management interface:

         - web access (HTTP, HTTPS, Gopher)

         - file transfer (FTP)

         - multimedia

         - news (NNTP, SNEWS)

         - remote connection (telnet, SSH)

         - mail


                                                                                                                           global security settings

Access restriction

·         Date and time access restriction : For each day of the week (Monday to Sunday), the administrator can define date and time access restrictions to limit traffic and control internet access (1 continue period or 2 discontinue period).


Built-in proxy server

OmniPCX Office embeds a proxy server that manages internet access control per user and per application. It also provides comprehensive statistics related to internet usage, visited sites, connection time, etc. 

OmniPCX Office proxy server is based on the proxy/cache linux awarded product “Squid”.


·         User access rights

The proxy server acts as an intermediary between users and the internet for the outgoing traffic. The proxy server manages the user access rights defined with the following parameters :

- Identification : user-id and password,

- rights properties : internet access

·         Black and white lists management

White & Black URL lists define which WEB sites and URL are authorized or forbidden. The list combines explicit URL address and regular expression.

·         Comprehensive statistics on web usage

The system generates statistics about the use of the WEB to monitor the activity. Statistics are defined by user, destination, applications, configurable periodicity.


J  Access and control usage benefits


·         Improve security by controlling internet access by protocol, user access rights, URL restriction, authorized applications

·         Control internet usage with comprehensive statistics

·         Centralized user friendly administration interface

·         Detailed statistics to improve resource management and usage control




Optimized Internet access: web caching



Built-in cache server

OmniPCX Office embeds a cache server which improves performance in web site access and file downloading. Object caching consists of storing internet objects requested by a user as a web page including image, file, text, etc and delivers it immediately to another user without a new internet connection. The information requested is immediately available and then delivered.

The cache management is performed automatically by replacing the oldest information with the most recent one. OmniPCX Office cache server capacity ranges from 300 Mb for the e-Very Small system to 1.5Gb for other systems. (hard disk needed)




J  Cache server benefits


·         Improve information access performances

·         Accelerate information access by immediately delivering information already stored

·         Optimize traffic on the WAN link. If stored in the cache the information is delivered without external connection and at no cost

·         Reduce the costs by reducing connection time




Integrated e-mail server


OmniPCX Office e-mail server

OmniPCX Office is an integrated communication system for enterprises including a fully featured client/server e-mail application based on a state-of-the-art solution developed on a leading internet messaging solution : Sendmail. E-mail is one of the most powerful productivity and communication tools for information exchange inside the company as well as outside with customers or providers. Each user can benefit from a personal e-mail address to communicate with colleagues inside the company and outside with external correspondents.

OmniPCX Office allows standard e-mail services (send/receive/forward, store, copy, personal address book, personal folder, mailing lists, id/password protection).  It is a flexible solution able to take into account the customer’s environment in order to deliver the most suitable e-mail configuration.

OmniPCX Office solution supports e-mail standard protocols :

- POP3 (Post Office Protocol 3) : the most recent version of a standard protocol for receiving e-mail.

- SMTP/ESMTP (Simple Mail Transfer Protocol) : the most widely used protocol for sending e-mails and for e-mail exchange between Internet e-mail servers

- MIME (Multipurpose Internet Mail Extension): standard IETF format for handling non text information in a mail (attachments)


Flexible configurations

OmniPCX Office supports various e-mail configurations. 



OmniPCX Office acts as an e-mail server


POP3 caching

·         E-mail user accounts are managed at ISP site (creation, deletion)

·         E-mails are downloaded from ISP accounts to OmniPCX Office server

·         Scheduled email fetching

·         Supports internal e-mail

·         Supports mailing lists

·         Only user declared at ISP site can receive external e-mails

·         Supports company domain name

·         Supports multi drop POP3 account (release 1.1)

·         Supports ISP multi domain service (release 1.1)

·         Supports user aliases in multi-drop only (release 1.1)


SMTP server












·         E-mail user accounts are managed by OmniPCX Office

·         Supports SMTP relay service .(When the system is not connected, mail is stored by the ISP until the next connection)

·         Requires a static IP address

Without SMTP relay, when the system is not connected e-mails are not delivered and the sender gets an error message

·         Scheduled email fetching

·         Supports internal e-mail

·         Supports mailing lists

·         Supports ETRN

·         Supports company Domain Name (company.com)

·         Supports ISP multi domain service (release 1.1)

·         Support user aliases (release 1.1)


Integrated e-mail server


OmniPCX Office is not the e-mail server


e-mail server existing on the LAN

·         OmniPCX Office e-mail server is not activated (e-mail software key not required). OmniPCX Office acts as an Email server gateway

·         The traffic is routed to existing e-mail server through OmniPCX Office Firewall using the port forwarding feature

·         SMTP relay supported


No e-mail server at customer site

·         OmniPCX provides the internet connection to access ISP e-mail server

·         No internal e-mail

·         The e-mail software key is not required

·         Supports of POP3/SMTP/IMAP4 protocols


OmniPCX Office e-mail is a client/server e-mail architecture supporting the most popular  POP3/SMTP client software (e.g: Microsoft® Outlook™, Lotus Notes®, Netscape Mail, Eudora,...)


·         Alcatel OmniPCX Office e-mail server is a temporary mail storage facility. Mail is downloaded from the system to the end-user PCs. Typically after download, mail is deleted from the system. This option is highly recommended to ensure optimum performance from the system.

·         To optimize connection time, the transfer of the e-mail is performed by a predefined period (e.g: every 30 minutes) or when connection is made (piggyback method).


Embedded features

System features

·         Mailing lists

Mailing lists can be defined on the OmniPCX Office system.  They are used to send an e-mail to multiple users using only one single destination address. Mailing list can includes internal and external addresses.

·         Greetings

A message can be defined and automatically sent to any newly created electronic mail box to give end-users information or instructions the first time they access the e-mail system.

·         Aliases

Several email addresses can be defined for a single user. What ever the email address used, all the mail will be distributed in a single mailbox.


Personal settings

A browser based Graphical User Interface allows end-users to manage some personal settings :  :

·         E-mail forwarding

A per user e-mail forwarding policy can be configured. This allows any e-mail sent to an end-user to be automatically forwarded to one or many addresses. (e.g: out of the Office period)

·         Auto reply

A per user auto reply message can be setup. This can be used when the end-user is on vacation to inform them when the user will be back and who can be contacted during his absence.

·         Account name/password

Each user can define or modify his own account name and password 


System management

In line with the whole Ease of Use concept, the OmniPCX Office e-mail server is Plug and Play. Configuration of the e-mail parameters and the user parameters are performed using a wizard with a limited number of parameters.


·         Disk storage policy and disk capacity

According  to the client configuration, messages can be automatically deleted or kept on the server after download. However, OmniPCX Office is not designed to keep messages permanently rather it is positioned as a temporary storage device (offline mode). Thus it is recommended to configure clients so that messages are deleted after download.



Integrated e-mail server


An e-mail notification is sent to the Administrator when the ratio of free space goes below 70%.

When the ratio of free space goes below 10%, new e-mails are explicitly refused.  

They will be accepted again when the ratio of free space goes above 70%.

This can be achieved if end-users download their E-mails or if stored e-mails are sent to the Internet. Note that in any case, e-mails are never lost.


Unified Messaging solution

Voice mail and e-mail integration

With OmniPCX Office , each user can benefit from an e-mail account and a voice mailbox on the same system. These two applications can be combined at user desktop level to offer access to e-mail and voice mail from a single user interface : Microsoft® Outlook™.

Voice mail can be automatically transferred from the OmniPCX Office system to the end user PC who receive it in his mailbox as an e-mail with an audio file attached (.wav format) .

The voice message is clearly identified with a specific icon and contains the same level of information as the traditional voice mail : name or number, date and time. The user can forward this message, answer by sending back an e-mail, etc.

The user has the choice to store voice messages only on his PC or  keep also the voice messages on the system. Thus the user can consult his voice mail from its PC inside the company and by phone from an external site.


NB : The transfer of the voice mail to the PC is performed using PIMphony visual mailbox feature. PIMphony Pro or PIMphony Team are mandatory on the end user PC to perform the voice mail integration.


Fax integration

Taking advantage of its embedded voice mail server and e-mail server, customer can build a unified messaging solution using the OmniPCX Office internet access capability to integrate the fax service. Using the internet shared access capability the OmniPCX Office is able to support a hosted fax service delivered by an Internet fax Service provider (IFSP) who delivers the fax services  directly using the e-mail application. Outgoing faxes are sent from the e-mail user interface – Microsoft® Outlook™ and incoming faxes can be directly received in the email box as an attachment.

This innovative solution offers several key advantages :

·         easy to implement unified messaging solution base on a single platform

·         cost effective solution due to no additional investment in external server or software.

·         permanently availability of the fax service

·         Same level of service for internal user as well as the remote user, as soon as they can access their e-mail application.

NB : The OmniPCX Office Unified messaging solution requires Microsoft® Outlook™ email client.


J  Integrated email server benefits


·         Fully featured  client/server email application

·         Improve enterprise communication and efficiency

·         No dedicated hardware or software

·         Standard email protocols support 

·         Flexible solution to address  various SME needs

·         Cost effective solution 

·         Easy to set up using web based management tool and wizards

·         Unified messaging solution



Internet VPN

The VPN – Virtual Private Networking - feature allows a remote system to reach the LAN over the Internet by using an economical and secured (encrypted) connection, based on tunneling mechanism with authentication .

The VPN connection is secured because it establishes a “tunnel” through the Internet between the sites with guarantees integrity and confidentiality by encryption.

Connection is economical because it is made up of a local internet connection (POP).

Authentication is required to start a VPN session by using PAP/CHAP mechanism (User ID + password).

OmniPCX Office supports the 2 major VPN protocols :

·         PPTP for user remote access 

·         IPSec for LAN to LAN networking.

Remote access (remote worker)

Alcatel OmniPCX Office VPN solution allows secured remote activities over the Internet. At home or in a hotel, remote workers can dial up the nearest internet Point of Presence (POP) to establish a remote and secure connection to OmniPCX Office via internet using a VPN tunneling. The user can access all the applications he usually uses on the LAN.



·         Compatible with Microsoft PPTP client

·         Works with Windows 95/98/NT/2000 clients

·         Windows VPN clients

·         MS-CHAP-V2 authentication

·         Microsoft Point-to-Point 40 - 128 bits encryption



·         For  e-VS model

10 remote workers maximum can be configured.

Recommendation : The number of simultaneous VPN PPTP connections (remote workers) is 2.

·         For all others models :

Recommendation : The number of simultaneous VPN PPTP connections (remote workers) is 5.




LAN to LAN networking

OmniPCX Office provides a secure LAN to LAN networking solution using Virtual Private Network tunneling over the Internet. Multiple sites can be networked  using the internet as a WAN infrastructure.

OmniPCX Office supports the IETF IPSec/IKE standard protocol which provides a high level of security by authentication and encryption.



·         High level of security with IETF IPSec/IKE

·         Authentication with HMAC-MD5

·         Integrity with 3DES 168 bits encryption

·         ISAKMP/IKE key management

·         Pre-shared keys

·         RSA public/private keys



The number of simultaneous VPN IPSec connections for LAN to LAN access is 2 for M, L, XL, XXL models and 1 for S model.





J  Virtual Private Networking benefits


·         Secure remote connection over the Internet

·         Support of standard VPN protocols : PPTP and IPSec

·         Cost effective remote connection

·         Alternative solution to Remote Access Server for remote connection