Detecting a Route Pattern using JTAPI

Similar Messages

• Route Pattern CSV File Removes "0" from Called Party Prefix Digits Field

  I want to upload over 350 route patterns using BAT Tool in CUCM 9.1. All patterns must have their Called Party Prefix Digits (Outgoing Calls) Field containing 10 numbers with the number "0" at the begining. The Problem is the CSV file removes the leading "0" form the digits. I tried to make the cell type in Excel as "Text" and it worked and the "0" is kept normally, but when I save and close the file then open it again, the cell is defaulted to "General" type and the "0" is disappeared again! Changing the CSV file format to any other one and uploading it to CUCM system generates an error stating that the file format is not supported.
  Attached is a sample entry of the CSV file. I want to preserve the whole number "0541234567" in "PREFIX_DIGITS_CALLED_PARTY" Field.
  Anyone can help me how to upload this big number of route patterns while preserving the number "0" at the begining?

  Make sure you change the csv file when using Excel to "Text" on the cell where the string starts with 0, otherwise Excel assumes this is a number and strips it.
  HTH, please rate all useful posts!
  Chris

• 9@ Route Pattern Matched Issues

  Unfortunately I have to deal with a lot of 9@ route patterns in our deployment.  I understand weird things happen when 9@ is used, but even this one is boggling my mind.  So I was hoping someone could help me understand why it's doing what it's doing.
  I have a CSS with a collection of partitions.   I'll call the 3 I'm interested in the following: One-PT, Two-PT, Three-PT.
  One-PT has a route pattern of 9@ with the Local filter applied going to Gateway 1.
  Two-PT has a route pattern of 9@ with the Local filter applied going to Gateway 2.
  Three-PT has a route pattern of 9.XXXXXXXXXX with no filter applied (those are 10 Xs) going to Gateway 3.
  My phone is assigned to the CSS with these 3 partitions.  When I dial 9 981 xxx xxxx DNA says that 9@ from One-PT is always matched.  If I remove One-PT from the CSS, then 9@ in Two-PT is matched.  Only if I remove those 2 partitions does Three-PT get matched.
  Now, as I said above I understand 9@ can introduce weird routing issues, but I thought that the route pattern with 9 and 10 Xs would be more specific and it would be matched.  Obviously I was wrong, but I'm trying to understand why I was wrong. Is this because the 10 digit number dialed matches the NANP and the Local filter matches a NANP area code?  Thus it's the more exact match?
  Thanks!

  Hi,
  As per the following link
  http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/5_0_4/ccmsys/ccmsys/a03rp.html#wp1050657
  "Using the @ Wildcard Character in Route Patterns
  Using the @ wildcard character in a route pattern provides a single route pattern to match all NANP numbers, and requires additional consideration.
  The number 92578912 matches both of the following route patterns: 9.@ and 9.XXXXXXX. Even though both these route patterns seem to equally match the address, the 9.@ route pattern actually provides the closest match. The @ wildcard character encompasses many different route patterns, and one of those route patterns is [2-9][02-9]XXXXX. Because the number 2578912 more closely matches [2-9][02-9]XXXXX than it does XXXXXXX, the 9.@ route pattern provides the closest match for routing."
  Also, check the following post
  https://supportforums.cisco.com/discussion/10698966/9-route-pattern
  HTH
  Manish

• Who knows how to output some text once labview detects something I want using pattern matching(V​ision assistant)​?

  who knows how to output some text once labview detects something I want using pattern matching(Vision assistant)?
  The text is something like"Yes, this is a coin"
  Thanks!

  I attached a SubVI which I used to place an overlay next to a Pattern, found by a Pattern Match before:
  As you can see, you simply pass the image reference and the Array of Matches to the VI along with the String you want to have as an overlay next to the Match.
  I also modified your VI a bit, but didn't test it. I created an Array of clusters, each elment containing the template path along with the respective text.
  Please note that this is just a hint!
  Christian
  Attachments:
  suggestion.vi ‏146 KB
  Overlay_Txt.vi ‏24 KB

• Can Anyone help to explain why character \ is used in Route pattern.

  Can Anyone help to explain why character \ is used in Route pattern. also if you could explain *11\+1.289201XXXX ?

  Well, I think the proper characterization would be that the design is based on a loose interpretation of RegEx. For instance, the asterisk "*" is typically used as the directive for zero or more occurrences of the preceding character. In the UCM dial plan, the * is a valid digit and someone decided to avoid the nastiness of escaping asterisk every time it is needed. On a related point, in standard regex build the "?" is used for a 0 or 1 match. In UCM, the "?" is 0 or more (so, it is like the asterisk in that way).
  That said, I get your point. Someone says "hey, we need wild cards" and the likely place to start pulling examples is RegEx.
  HTH
  -Bill
  (b) http://ucguerrilla.com
  (t) @ucguerrilla
  Please remember to rate helpful responses and identify helpful or correct answers.

• Getting original digits dialed by user, or their Route patterns

  Greets ,
  I am using TAPI to monitor IP phones on my AVVID network so that i can use the data to log the destinations and numbers that system users call.
  i also use the numbers i obtain to get the route pattern that the number matched (so that i can do some kind of billing) , but my problem is when the number matches a route pattern the number that reaches TAPI is affected with the Discard Digits option in the route pattern , for example
  User dials 67272
  matches RP 6.xxxx with Discard Digits set to "PreDot"
  TAPI receives 7272
  is there some kind of way to get the whole number, or at least to get the route pattern that the number matched in TAPI?
  Thank you.

  I know little about TAPI but in JTAPI we have the originaldiallednumber (or thereof) which might be of use. I have never looked at it in terms of translation patterns, however I know that in case of a redirect, that number is the number that was originally called, not the number the call finally goes to.

• Does the route list gets reset when adding route pattern in version 9 of CUCM?

  Hi All,
  I created a new route pattern in call manager version 9 and then associated it to an existing route list. But when I was trying to save the route pattern. I was prompted with the message saying " Any updates to this Route Pattern automatically resets the associated gateway or Route List"
  I was not able to see this message on CUCM version 8.6 however on CUCM version 9 it is there.
  Does that mean that the route list/gateway will be reset and the existing calls will be dropped?
  Or is it a bug?
  A response will be greatly appreciated.
  Thanks

  Hi Farhad,
  It does pop up when we modify the Route Pattern in CUCM 8.6 too.
  If you asociate the GW/Trunk directly to Route Pattern, yes, it will reset them and calls will be interrupted. To avoid that, we need to associate the Route List to Route Patterns.
  //Suresh
  Please rate all the useful posts.

• How do I add a route pattern to CUCM 7.1

  I am currently using CUCM7.1 and need to  add the route pattern 9911 to dial out to emergency dispatch.  I do not want the capability of dialing 9 for an outside line for all users, just when I a calling 911 emergency.  We recently changed to dialing a # for an outside line due to excessive 911 hangup calls.  I tried adding 9911 to the route pattern list but I am missing something.  I received the message stating could not complete call as dialed. Thank you, Cindy

  Are you sure the phone has a CSS that allows you to dial 9911??
  HTH
  java
  If this helps, please rate
  www.cisco.com/go/pdihelpdesk

• Route Pattern/Filter Issues

  Hello - I had a question that I was hoping someone could help me with. I recently had an issue on CallManager 4.1.3sr6a. I have 10 sites, each using their own set of 6 9.@ route patterns for outgoing calls. Although the patterns are distinct, they all use the same route filters. Today, all of the sites began matching on the route pattern with the seven digit filter rather than matching on the long distance filter when a 91XXXXXXXXXX number was dialed (we tested with a number of numbers in different area codes). I wasn't able to input more digits after the 7th and DNA confirmed that it matched on the seven digit filter. The filters are as follows:
  Long Distance =(AREA-CODE EXISTS AND LONG-DISTANCE-DIRECT-DIAL EXISTS)
  SevenDigit = (LOCAL-AREA-CODE DOES-NOT-EXIST AND INTERNATIONAL-DIRECT-DIAL DOES-NOT-EXIST AND AREA-CODE DOES-NOT-EXIST AND SERVICE DOES-NOT-EXIST).
  I was able to resolve the issue by going to each site, removing the long distance 9.@ pattern and simply readding it (no changes were made to configuration).
  It was like it just stopped seeing all patterns using the long distance filter.
  I'm wondering if anyone is aware of a bug that may have caused this.
  Thanks very much!

  For detailed descriptions and examples, refer to the Understanding Route Pattern Wildcards and Special Characters section of Understanding Route Plans.
  http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/admin/3_0_9/p1rtundr.html

• Route pattern to SIP trunk problem

  Hello, I have a 2801 router that has been configured with CME and a working SIP connection to my local ISP.
  Tested with calls via CME so I know for sure that the SIP config and dial plan is fine on this gateway.
  Next I wanted to try out CUCM so I set up a CUCM 8.6 box that is connected to the 2801 router to use as it's SIP gateway.
  The only change I made to the gateway router config was to alter the "ip option 150" address so that the phones go to CUCM for their configs etc (which they do with no problems).
  Then I set up a SIP trunk in CUCM along with a route pattern which is to use the SIP trunk within the Gateway/Route list option.
  But when I make a call that matches this route pattern all I get is the intermittent beep message from the phone. I cannot route calls succesfully through it.
  I have checked network connectivity and all is fine. The IP address I specfied in CUCM for the SIP trunk is simply one of the interfaces on the 2801 router and it is definitley reachable.
  I also activated "debug ccsip all" on the 2801 gateway router but nothing appears. So it seems like the calls are not even reaching the 2801 gateway ?
  Is the problem possibly a conflit between CME on the gateway router and my CUCM ?
  Do I need to disable CME somehow on the gateway first ?  Or am I not doing something correct in the CUCM config ?
  Thank you kindly for any suggestions.
  ps. I have attached a couple of screenshots of my config.

  Hello, thanks for helping.
  I activated "debug voice ccapi inout" as well as "debug ccsip all" on the gateway but nothing showed up.
  Therefore I deduce the call is not even making it to across the SIP trunk into the gateway router ?
  As I am a newbie trying this out for the first time, it is guranteed to be something really simple.
  I have included my running config from the gateway router below..
  One addition I made was to add an incoming dial peer. That is "dial peer 5,  description CUCM SIP trunk".
  I set it up with a destination patter 2... to match my phone config on CUCM which have numbering in the 2000 range.
  Sorry, I got RTMT up and running but could not get any meaningful results from it. I need to learn up on that.
  I did however run a 'dialed number analysis' from CUCM direct and have attached the result. It seems the dialled number "99" is matching the route pattern OK.
  So why is it not then moving down the SIP trunk to my gateway and getting picked up by the incoming dial peer ?
  Thanks if you guys can offer any more help.
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Router
  boot-start-marker
  boot system flash:c2801-ipvoicek9-mz.151-2.T0a.bin
  boot-end-marker
  no aaa new-model
  clock timezone nzst 13 0
  dot11 syslog
  ip source-route
  ip dhcp pool DATA_SCOPE
     network 192.168.200.0 255.255.255.0
     default-router 192.168.200.1
     dns-server 8.8.8.8
  ip dhcp pool VOICE_SCOPE
     network 192.168.100.0 255.255.255.0
     default-router 192.168.100.1
     option 150 ip 192.168.2.115
  ip dhcp pool MGMT_SCOPE
     network 192.168.1.0 255.255.255.0
     default-router 192.168.1.99
  ip cef
  ip name-server 4.2.2.2
  no ipv6 cef
  multilink bundle-name authenticated
  voice class codec 1
  codec preference 1 g711alaw
  codec preference 2 g729r8
  codec preference 3 g711ulaw
  codec preference 4 ilbc
  voice translation-rule 1
  rule 1 /^9/ //
  voice translation-profile Strip9ToGetOut
  translate called 1
  voice-card 0
  crypto pki token default removal timeout 0
  crypto pki trustpoint TP-self-signed-2995340181
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-2995340181
  revocation-check none
  crypto pki certificate chain TP-self-signed-2995340181
  certificate self-signed 01
    3082023E 308201A7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 32393935 33343031 3831301E 170D3733 30363034 31393534
    32305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 39393533
    34303138 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100C34D C8ECBB53 E01373A3 2E286B78 2D23042B 1C8588B1 A7861899 BA1C6860
    AE1D7868 2A59E3BC 54D0A457 8FFDE27F C09104E5 C7A429F3 74CD9DA8 4A980366
    675CC27C CDB94838 821CC05F 2C0AC2BC D882C132 6CAA1FA6 6DA740E4 562428B1
    12B741F1 A50C9246 4CC35EDA DEE1D038 3883BB35 A91ABF8B 483E4160 F5FA4B5A
    9A570203 010001A3 66306430 0F060355 1D130101 FF040530 030101FF 30110603
    551D1104 0A300882 06526F75 74657230 1F060355 1D230418 30168014 72119640
    F3396E1F E4168086 D31D8619 0D8337FF 301D0603 551D0E04 16041472 119640F3
    396E1FE4 168086D3 1D86190D 8337FF30 0D06092A 864886F7 0D010104 05000381
    81003B5A 29DE3A1E C5AB6092 E8D90650 C80752FC 0AAC93FD C5DE3D69 071B08FA
    D4013232 81CA07E7 15F90190 6A3AD6A0 1D05F0F2 13479568 888332A5 F81E2681
    7DA44095 4D11CFB7 CA79579A 8D95DE54 7B00173C E2C50573 A310C8C9 1487FEFC
    CE35B66E 9EF94CFA 8D6D6DCD ADC78132 2709F198 6DF2F0FA D80CC088 D0C4C7D1 080B
        quit
  license udi pid CISCO2801 sn FTX0947W07M
  username xxx privilege 15 password 0 xxx
  interface FastEthernet0/0
  ip address 192.168.3.50 255.255.255.0
  duplex auto
  speed auto
  interface FastEthernet0/1
  no ip address
  duplex auto
  speed auto
  interface FastEthernet0/1.2
  encapsulation dot1Q 2
  ip address 192.168.2.1 255.255.255.0
  interface FastEthernet0/1.99
  encapsulation dot1Q 99
  ip address 192.168.1.99 255.255.255.0
  interface FastEthernet0/1.100
  description voice_VLAN
  encapsulation dot1Q 100
  ip address 192.168.100.1 255.255.255.0
  interface FastEthernet0/1.200
  description data_VLAN
  encapsulation dot1Q 200
  ip address 192.168.200.1 255.255.255.0
  ip forward-protocol nd
  ip http server
  ip http authentication local
  ip http secure-server
  ip route 0.0.0.0 0.0.0.0 192.168.3.1
  logging esm config
  tftp-server flash:/phone/7940-7960/P00307020200.bin alias P00307020200.bin
  tftp-server flash:/phone/7940-7960/P00307020200.loads alias P00307020200.loads
  tftp-server flash:/phone/7940-7960/P00307020200.sb2 alias P00307020200.sb2
  tftp-server flash:/phone/7940-7960/P00307020200.sbn alias P00307020200.sbn
  control-plane
  mgcp fax t38 ecm
  dial-peer voice 1 voip
  description local_7_Digit_Calling
  translation-profile outgoing Strip9ToGetOut
  destination-pattern 9[2-9]......
  session protocol sipv2
  session target ipv4:203.184.16.2
  voice-class codec 1 
  dial-peer voice 2 voip
  description international_calling
  translation-profile outgoing Strip9ToGetOut
  destination-pattern 900T
  session protocol sipv2
  session target ipv4:203.184.16.2
  voice-class codec 1 
  dial-peer voice 3 voip
  description national_calling
  translation-profile outgoing Strip9ToGetOut
  destination-pattern 90[34679].......
  session protocol sipv2
  session target ipv4:203.184.16.2
  voice-class codec 1 
  dial-peer voice 4 voip
  translation-profile outgoing Strip9ToGetOut
  destination-pattern 90[34679].......
  dial-peer voice 5 voip
  description CUCM SIP trunk
  destination-pattern 2...
  session protocol sipv2
  session target ipv4:192.168.2.115
  voice-class codec 1 
  sip-ua
  authentication username xxxxxxxxxx password xxxxxxxx
  060
  telephony-service
  max-ephones 10
  max-dn 20
  ip source-address 192.168.1.99 port 2000
  load 7960-7940 P00307020200
  max-conferences 4 gain -6
  transfer-system full-consult
  create cnf-files version-stamp Jan 01 2002 00:00:00
  ephone-dn  1  dual-line
  number 1000
  name Lydia Francis
  ephone-dn  2  dual-line
  number 1001
  name Leah Francis
  ephone-dn  3  dual-line
  number 1002
  n
  ephone-dn  4  dual-line
  number 1003
  ephone  1
  mac-address C80A.A970.01DE
  type CIPC
  button  2:2
  ephone  2
  mac-address 000C.3070.8705
  button  1:1 2:15
  ephone  3
  mac-address 000C.8546.5954
  button  1:3 2:15
  line con 0
  logging synchronous
  line aux 0
  line vty 0 4
  privilege level 15
  login local
  transport input telnet ssh
  scheduler allocate 20000 1000
  ntp server 195.43.74.123
  end

• CUCM to CVP calls. CTI-RP vs Route Pattern

  CVP 9 or above
  CUCM 9 or above
  Requirement:
  1. Consultive Warm Transfer - The agents to be able to transfer calls to a a different department by dialing an internal number and wait in the queue until answered.
  2. Internal - Back-office people to dial internal IT-Helpdesk or HR
  I see the above call flows as same, i.e. a Call Originating from CUCM to CVP .... correct me please?
  I have tested both and they both work exactly the same way, i.e. using a CTI-RP associated to PGUSER, ICM answers it sends correlation id to CUCM and CUCM sends this to CVP ...AND... using a simple route patters instead point to CUCM-CVP SIP trunk. Functionally they behave same way - ICM/CVP answers and queues call until answered.
  But the documentation confuses me, below snippet from CVP Config Guide
  "... Calls Originated by Unified CM
  Internal Help Desk calls: For these calls, the Unified Communication Manager (CM) phone user calls a CTI Route Point
  Consultative Warm Transfer: For these calls, a Unified CM agent places the caller on hold and dials in to Unified ICME to reach a second agent .... "
  And then on the same doc, there a Note
  (*1) Note For warm transfers, the call from Agent 1 to Agent 2 does not typically use a SIP Trunk, but you must configure the CTI Route Point for that dialed number on the Unified CM server and associate that number with your peripheral gateway user (PGUSER)
  (*2) And then again on the same doc under 'Unified ICME Warm Consult Transfer/Conference to Unified CVP' chapter/section it mentiones doing this using a Route Patter 'Create a route pattern and assign the route list to the route pattern'
  So the confusion is
  1. Why treat these call flows as Internal and Warm Transfer - they are calls from CUCM to CVP for the same end result - queue the call and transfer to an agent?
  2. Route pattern or CTI-RP, what diff it makes? They both behave the same way, so is there a diff from reporting point of view that a call to CTI-RP are treated as Transferred rather than new calls or what?
  3. Also if you compare (*1) & (*2) above, they both talk about Warm Transfer and *1 says 'must use CTI-RP' and *2 says use a Route Pattern?
  Please assist.
  Thanks & Regards,
  Kartik

  Kartik,
  The Route Pattern that is mentioned is used for connecting a call leg through CVP to a local VXML Gateway for media playback. The CTI Route Point is entirely different from the Route Pattern/Route List setup. Here's the basic call flow:
  Internal caller dials DN
  DN hits CTI RP in CUCM. CTI RP sends call to ICM.
  ICM matches DN to Call Type to Script, executes Script.
  At some point, Script has either Send To VRU or a Run Ext. Script node.
  ICM sends CUCM Network VRU label back to CUCM.
  CUCM routes label using Route Pattern and Route List. The CSS of the internal caller determines how this is modified, i.e. which prefix digits to add for determining VXML gateway to route to.
  Call is sent to CVP through SIP trunk
  CVP receives call, tells ICM it has the call.
  CVP starts new call leg to VXML gateway with digit string to match bootstrap dial-peer.
  VXML Gateway receives call, initiates bootstrap TCL and VXML magic.
  Yes, this is basically the same call flow for a fresh internal call to a queue, or an internal warm transfer to a queue. The CTI Route Point is needed in both cases. The Route Pattern/Route List combo is needed in both cases.
  When you start looking at reporting, yes of course the two call scenarios are different. One is a transfer, the other isn't. The transferred call will have a more complex call history if you look at it in the TCDR.
  From the standpoint of call legs, you will use less legs if you do a direct (one-step) transfer instead of a warm transfer. It is also simpler to maintain the call context in that case. In a warm transfer scenario, the agent is putting a caller on hold, then starting a new call, and joining the two calls together. The new call is coming from the agent, not the original caller. In a direct transfer, CVP just takes back the original call, potentially does more queuing, then sends the original caller to a new agent target.
  -Jameson

• Design RG in Route Pattern

  I  would like to set that all calls to a specific destination, were commuted to a Gateway A, and if  all lines are busy, these calls are switched by Gateway B.
  I have this configuration:
  Actual RP:
  Route Pattern* : 9199.XXXXXX      Partition: Outgoing Call      Gateway or Route List: 10.201.30.250
  New Configuration (In mind....)
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway A
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway B
  IP Address Gateway A: 10.201.30.250
  IP Address Gateway B: 172.17.20.10
  I had thought to create a Route Group List with the two Rotuers (GW 10.201.30.250 and 172.17.20.10),  but the actual configuration of the Route Patterns in the Call Manager,  is using the Gateways in the configuration of Router Pattern (in the  configuration RGL are not set).
  How I can configure this requeriments whitout RGL?
  Whit this configuration:
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway A
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway B
  If the lines in the GatewayA are busy the call is switched to the Gateway B? Or this is achieved only by setting RGL?
  ****Cisco Call Manager version: 4.2
  Thanks

  Hello,
  Q/ New Configuration (In mind....)
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway A
  Route Pattern* : 919953.XXXX      Partition: Outgoing Call      Gateway or Route List: Gateway B
  A/ You can not have two identical route patterns on the same partition.
  Q/ I had thought to create a Route Group List with the two Rotuers (GW 10.201.30.250 and 172.17.20.10),  but the actual configuration of the Route Patterns in the Call Manager,  is using the Gateways in the configuration of Router Pattern (in the  configuration RGL are not set).
  A/ If you want redundancy in CallManager, then you need route group and route list. If you can not add your routers to a route group is because they're already associated with route pattern(s). First, dissociate them from all route patterns, then create the route group and finally the route list. Now you can associate your route pattern(s) to the new route list. Final configuration should look similar to:
  Route Group Name: My_Route_Group
                               Current members: 10.201.30.250
                                                          172.17.20.10
  Route List: My_Route_List
                                Selected Groups: My_Route_Group
  Route Pattern: 9199.XXXXXX      Partition: Outgoing Call      Gateway or Route List: My_Route_List
  Route Pattern: whatever            Partition: Outgoing Call      Gateway or Route List: My_Route_List
  etc
  Q/ If the lines in the GatewayA are busy the call is switched to the Gateway B? Or this is achieved only by setting RGL?
  A/ If your gateways are H.323, there's a way to achieve redundancy without involving CallManager. This is done with redundant dialpeers. I do not recommend it because that will not achieve the highest possible redundancy for your calls. For example, if gateway A is down, calls would never be routed to router B. However, if you configure a route list then CallManager will be able to route your calls to gateway B without problem.
  Hope it helps, please rate if it does.
  Good luck!.
  Kind regards,
  - Adrian.

• What is the best malwear detection and protection for use on a Mac?

  What is the best malwear detection and protection for use on a Mac?

  Mac users often ask whether they should install "anti-virus" software. The answer usually given on ASC is "no." The answer is right, but it may give the wrong impression that there is no threat from what are loosely called "viruses." There  is a threat, and you need to educate yourself about it.
  1. This is a comment on what you should—and should not—do to protect yourself from malicious software ("malware") that circulates on the Internet and gets onto a computer as an unintended consequence of the user's actions. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the computer, or who has been able to log in to it remotely. That threat is in a different category, and there's no easy way to defend against it.
  The comment is long because the issue is complex. The key points are in sections 5, 6, and 10.
  OS X now implements three layers of built-in protection specifically against malware, not counting runtime protections such as execute disable, sandboxing, system library randomization, and address space layout randomization that may also guard against other kinds of exploits.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user. Internally Apple calls it "XProtect."
  The malware recognition database used by XProtect is automatically updated; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  ☞ It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets.
  ☞ It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  As new versions of OS X are released, it's not clear whether Apple will indefinitely continue to maintain the XProtect database of older versions such as 10.6. The security of obsolete system versions may eventually be degraded. Security updates to the code of obsolete systems will stop being released at some point, and that may leave them open to other kinds of attack besides malware.
  3. Starting with OS X 10.7.5, there has been a second layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't necessarily been tested by Apple, but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. That may not mean much if the developer lives in a country with a weak legal system (see below.)
  Gatekeeper doesn't depend on a database of known malware. It has, however, the same limitations as XProtect, and in addition the following:
  ☞ It can easily be disabled or overridden by the user.
  ☞ A malware attacker could get control of a code-signing certificate under false pretenses, or could simply ignore the consequences of distributing codesigned malware.
  ☞ An App Store developer could find a way to bypass Apple's oversight, or the oversight could fail due to human error.
  Apple has so far failed to revoke the codesigning certificates of some known abusers, thereby diluting the value of Gatekeeper and the Developer ID program. These failures don't involve App Store products, however.
  For the reasons given, App Store products, and—to a lesser extent—other applications recognized by Gatekeeper as signed, are safer than others, but they can't be considered absolutely safe. "Sandboxed" applications may prompt for access to private data, such as your contacts, or for access to the network. Think before granting that access. Sandbox security is based on user input. Never click through any request for authorization without thinking.
  4. Starting with OS X 10.8.3, a third layer of protection has been added: a "Malware Removal Tool" (MRT). MRT runs automatically in the background when you update the OS. It checks for, and removes, malware that may have evaded the other protections via a Java exploit (see below.) MRT also runs when you install or update the Apple-supplied Java runtime (but not the Oracle runtime.) Like XProtect, MRT is effective against known threats, but not against unknown ones. It notifies you if it finds malware, but otherwise there's no user interface to MRT.
  5. The built-in security features of OS X reduce the risk of malware attack, but they are not, and never will be, complete protection. Malware is foremost a problem of human behavior, and no technological fix alone is going to solve it. Trusting software to protect you will only make you more vulnerable.
  The best defense is always going to be your own intelligence. With the possible exception of Java exploits, all known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "Trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and Internet criminals. If you're better informed than they think you are, you'll win. That means, in practice, that you always stay within a safe harbor of computing practices. How do you know when you're leaving the safe harbor? Below are some warning signs of danger.
  Software from an untrustworthy source
  ☞ Software of any kind is distributed via BitTorrent, or Usenet, or on a website that also distributes pirated music or movies.
  ☞ Software with a corporate brand, such as Adobe Flash Player, doesn't come directly from the developer’s website. Do not trust an alert from any website to update Flash, or your browser, or any other software.
  ☞ Rogue websites such as Softonic, Soft32, and CNET Download distribute free applications that have been packaged in a superfluous "installer."
  ☞ The software is advertised by means of spam or intrusive web ads. Any ad, on any site, that includes a direct link to a download should be ignored.
  Software that is plainly illegal or does something illegal
  ☞ High-priced commercial software such as Photoshop is "cracked" or "free."
  ☞ An application helps you to infringe copyright, for instance by circumventing the copy protection on commercial software, or saving streamed media for reuse without permission. All "YouTube downloaders" are in this category, though not all are necessarily malicious.
  Conditional or unsolicited offers from strangers
  ☞ A telephone caller or a web page tells you that you have a “virus” and offers to help you remove it. (Some reputable websites did legitimately warn visitors who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  ☞ A web site offers free content such as video or music, but to use it you must install a “codec,” “plug-in,” "player," "downloader," "extractor," or “certificate” that comes from that same site, or an unknown one.
  ☞ You win a prize in a contest you never entered.
  ☞ Someone on a message board such as this one is eager to help you, but only if you download an application of his choosing.
  ☞ A "FREE WI-FI !!!" network advertises itself in a public place such as an airport, but is not provided by the management.
  ☞ Anything online that you would expect to pay for is "free."
  Unexpected events
  ☞ A file is downloaded automatically when you visit a web page, with no other action on your part. Delete any such file without opening it.
  ☞ You open what you think is a document and get an alert that it's "an application downloaded from the Internet." Click Cancel and delete the file. Even if you don't get the alert, you should still delete any file that isn't what you expected it to be.
  ☞ An application does something you don't expect, such as asking for permission to access your contacts, your location, or the Internet for no obvious reason.
  ☞ Software is attached to email that you didn't request, even if it comes (or seems to come) from someone you trust.
  I don't say that leaving the safe harbor just once will necessarily result in disaster, but making a habit of it will weaken your defenses against malware attack. Any of the above scenarios should, at the very least, make you uncomfortable.
  6. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was always a bad idea, and Java's developers have proven themselves incapable of implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style virus affecting OS X. Merely loading a page with malicious Java content could be harmful.
  Fortunately, client-side Java on the Web is obsolete and mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice. Forget about playing games or other non-essential uses of Java.
  Java is not included in OS X 10.7 and later. Discrete Java installers are distributed by Apple and by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it—not JavaScript—in your browsers.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a task on a specific site, enable Java only for that site in Safari. Never enable Java for a public website that carries third-party advertising. Use it only on well-known, login-protected, secure websites without ads. In Safari 6 or later, you'll see a lock icon in the left side of the address bar when visiting a secure site.
  Stay within the safe harbor, and you’ll be as safe from malware as you can practically be. The rest of this comment concerns what you should not do to protect yourself.
  7. Never install any commercial "anti-virus" (AV) or "Internet security" products for the Mac, as they are all worse than useless. If you need to be able to detect Windows malware in your files, use one of the free security apps in the Mac App Store—nothing else.
  Why shouldn't you use commercial AV products?
  ☞ To recognize malware, the software depends on a database of known threats, which is always at least a day out of date. This technique is a proven failure, as a major AV software vendor has admitted. Most attacks are "zero-day"—that is, previously unknown. Recognition-based AV does not defend against such attacks, and the enterprise IT industry is coming to the realization that traditional AV software is worthless.
  ☞ Its design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere. In order to meet that nonexistent threat, commercial AV software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  ☞ By modifying the operating system, the software may also create weaknesses that could be exploited by malware attackers.
  ☞ Most importantly, a false sense of security is dangerous.
  8. An AV product from the App Store, such as "ClamXav," has the same drawback as the commercial suites of being always out of date, but it does not inject low-level code into the operating system. That doesn't mean it's entirely harmless. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  An AV app is not needed, and cannot be relied upon, for protection against OS X malware. It's useful, if at all, only for detecting Windows malware, and even for that use it's not really effective, because new Windows malware is emerging much faster than OS X malware.
  Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else. A malicious attachment in email is usually easy to recognize by the name alone. An actual example:
  London Terror Moovie.avi [124 spaces] Checked By Norton Antivirus.exe
  You don't need software to tell you that's a Windows trojan. Software may be able to tell you which trojan it is, but who cares? In practice, there's no reason to use recognition software unless an organizational policy requires it. Windows malware is so widespread that you should assume it's in every email attachment until proven otherwise. Nevertheless, ClamXav or a similar product from the App Store may serve a purpose if it satisfies an ill-informed network administrator who says you must run some kind of AV application. It's free and it won't handicap the system.
  The ClamXav developer won't try to "upsell" you to a paid version of the product. Other developers may do that. Don't be upsold. For one thing, you should not pay to protect Windows users from the consequences of their choice of computing platform. For another, a paid upgrade from a free app will probably have all the disadvantages mentioned in section 7.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.
  10. As a Mac user, you don't have to live in fear that your computer may be infected every time you install software, read email, or visit a web page. But neither can you assume that you will always be safe from exploitation, no matter what you do. Navigating the Internet is like walking the streets of a big city. It's as safe or as dangerous as you choose to make it. The greatest harm done by security software is precisely its selling point: it makes people feel safe. They may then feel safe enough to take risks from which the software doesn't protect them. Nothing can lessen the need for safe computing practices.

• Matching Route Patterns with standard Local Route group and Specific Route Group

  Hi
  I have a customer with CUCM 8.6 with few branches
  couple of branches in UK and few in Europe and middle east.
  I configured route patterns with Standard local route group, but using their own Voice gateway, everything was working fine until adding the recent branch with matching pattern 
  UK has a mobile pattern with 9.07XXXXXXXXX (11 digits)
  One Branch has a mobile with 9.07XXXXXXXX (10 digits)
  When branch call 907X..(10digit) number there was a delay and I ticked the Urgent priority to process it quicker, but later realized the UK branch cannot dial 907x.. (11Digit) mobile.
  I created Route List for branch and added the 10 digit pattern to that but still the UK cannot call 11 digit. so i believe when you call out it will check the pattern first and the Route-List and Route-Group and gateway play a part.
  Is there a way to get 07 -10digit call out quickly also allowing the 07 -11digit pattern as well ( without changing the T302 timer)
  Really appreciate your support
  thanks
  shameer

  Yes, they key to managing overlapping centralized dial plans is to be really good with patterns, partitions, and CSSs. You can have 3 different 9.0[2-9]XX-[2-9]XX-XXXX patterns and assign them a different partition, and then assign that to the branch CSS. This will only work if each Branch has a different CSS.
  For example:
  9.0[2-9]XX-[2-9]XX-XXXX @ Egypt-PT ->Routes to Local route group of Egypt.
  9.0[2-9]XX-[2-9]XX-XXX @ UK-PT -> Routes to Local route group of UK
  9.0[2-9]XX-[2-9]XX-XXX @ Germany-PT -> Routes to Local Route group of Germany.
  //PT = partition//
  Then have Egypt-CSS that contains 9.0[2-9]XX-[2-9]XX-XXXX @ Egypt-PT. 
  UK-CSS contains 9.0[2-9]XX-[2-9]XX-XXX @ UK-PT
  Germany- CSS contains 9.0[2-9]XX-[2-9]XX-XXX @ UK-PT
  The other patterns will be invisible to your sites because they are in a different partition that is not in their CSS. 2 overlapping patterns in the same PT will cause you to wait for the inter-digit timeout unless you press #.
  Thanks,
  Frank

• Device Weight: Route Pattern Vs IP Phone

  Hi, we are starting the planning for removing two CO class GTD5 switches that route 28,000 DID numbers for the County. The switches are +16 years old and maintenance is expensive. Our Callmanager cluster is designed to replace the existing phone infrastructure (2 CO switches, +60 PBXs, and +20 key systems). Here's a quick overview of our Cluster:
  - Publisher only running database services (MCS7845H2)
  - Two TFTP servers only running TFTP service and MOH streaming (multicast) (MCS7835H)
  - Two subscribers configured as 1-to-1 backup (MCS7845H2)
  - CCM version 4.1(3)sr3b
  We are planning to add the additional six MCS7845H2 subscribers as we need the capacity.
  The first step in our migration is to move all the DID's to new T1/PRI's on a set of six Communication Media Modules (CMM) spread out over four Cat6513 switches.
  Essentially our CCM cluster will be acting as a Tandem switch until we get all the trunks moved off the GTD5 CO switches to the CMMs.
  Unfornutately all of the 28,000 DIDs are pretty much shot gunned all over the County. So, we will have +20,000 route patterns in the beginning. Over time we will also be converting sites to IP Tel and removing the route patterns as we migrate.
  My question: Does a route pattern for one directory number carry the same device weight as an IP phone with the directory number assigned to a line?
  We are thinking it does and if it does, then we need to scale up our CCM cluster for 30,000 devices before we start the migration.
  Thanks in advance for any advice.
  Tom.

  Thanks Greg for taking the time to reply. Our cluster design is following the "Cisco Callmanager Best Practices" book. The Publisher and TFTP servers are not running the Callmanager service. This allows 8 subscribers running the Callmanager service in the Cluster.
  Our research is trying to understand the cost of a route pattern in terms of the dialing forest and the impact on the subscriber's memory and CPU.
  We own two complete prefixes plus another 8,000 DNs from a third prefix. We fortunately do not have an overlapping dialing plan. Each directory number will either be assigned to an IP phone or it will belong to phone on a PBX.
  All directory numbers for IP phones belong to the same partition and we also followed the Best Practices book for our dialing plan and use the line/device CSS design.
  All +80 remote sites connect back to our GTD5 and the GTD5 routes all the numbers to the remote sites.
  We are first migrating all the DID services to our new PRI's handled by the Callmanager cluster. We when start the migration it will be a simple process of a route pattern such as [4-5]XXXX to route the 874-xxxx and 875-xxxx numbers to the GTD5. Then as we disconnect the tie-lines from each remote PBX and re-connect it to the CMM for Callmanager to route, we will need to add all the specific route patterns to route the numbers for the site.
  It would be ideal if we did not have to retire the GTD5 switch. We would follow our 5 to 7 year plan to migrate the entire County to IP Tel and leave the GTD5 in place routing the numbers to the remote PBXs. However, we have been directed by management to decommission the GTD5 switch within 12 months.
  So we are trying to understand the impact to the subscribers when we begin adding 1,000's of route patterns. We are planning to consolidate as many of the route patterns as possible to reduce the number of route patterns. However, we inherited a design that we refer to as "Number-lose-ability", where individual numbers are routed and not blocks of numbers. Over the years of adds, moves, and changes the numbers have been scattered to all the sites. We have very few sites with consecutive numbers.
  Another question that we are trying to answer: what is the cost of a route pattern such as 5555x compared to 10 individual route patterns for the same number range. Again, in terms of memory and CPU on the subscriber doing the digit analysis. We are asking this question because we may have 6 of the 10 numbers going to the same PBX, but the other 4 numbers each going to a different site. To consolidate route patterns we would add the 5555X pattern and the four individual route patterns. What we do not know is how the 5555x is added to the dialing forest. Is it expanded to 10 patterns or just one expression.
  Thanks again for any help,