TPx Blog

Managed OTT (over the top)

Reliable network connectivity is consistently at the top of the list of requirements for any IT professional. More and more companies are moving to hosted unified communications and other cloud services, and the performance of those services is highly dependent on the speed and quality of the Internet connection. There are many connectivity options out there, but the one that businesses are increasingly turning to is Over the Top (OTT).

What is OTT?

In an OTT set up, a business contracts for Internet services with their choice of provider, which is often the Internet connection they already had.  Then, they use a separate provider to deliver their cloud services over that broadband connection.  This is similar to “cutting the cord” for your home entertainment, where you use your existing cable provider for Internet access, then stream your movies or TV shows from an app instead of watching the cable provider’s content.

OTT provides you the flexibility of choosing your own Internet Service Provider (ISP) to meet your unique business requirements. It allows you to have more control over your network configuration and reduce costs, which can be especially beneficial for small to mid-sized businesses.

The QoS Quandary

Although OTT is a flexible and cost-effective solution, it may also come with some challenges that your business should be prepared to address.

If your voice service provider can’t control your Internet connection, it is unable to control the Quality of Service (QoS). QoS criteria give priority to specific types of network traffic (such as voice or video), specific applications, or even types of users (such as employees vs. guests). Using an OTT connection means your voice provider can’t guarantee QoS for voice traffic, which may hinder the real-time communication of a phone call. This can cause jitter and latency, both of which can impact audio quality:

Wouldn’t it be great if you could use an OTT connection but still prioritize the voice traffic? You can…

OTT with Managed SD-WAN for Better Broadband

Software-Defined Wide Area Networking (SD-WAN) enables businesses to build high-performance WANs using relatively low-cost and commercially available broadband Internet links.   For example, a business with a remote office may have to spend thousands of dollars in construction charges to get fiber to their location.  Instead, that business can use the existing cable Internet service from their existing ISP without fear of quality issues.  The SD-WAN network makes the most of these links by providing businesses with end-to-end application performance and availability.

Managed SD-WAN is a powerful solution for companies who use their own broadband.   SD-WAN manages your connection and ensures your voice and video have the right amount of bandwidth, without compromising QoS or continuity.   Let’s take a look at some key features:

A growing number of personal and business apps are eating through bandwidth at an unprecedented rate.  Protecting voice and video communications needs to be a priority, but it can present a major challenge for most network administrators.   Voice is the lifeline of any business and needs to have 100% availability and quality.  SD-WAN offers a simple, elegant solution that allocates network resources for all business-essential applications while also ensuring that your voice and video communications get the highest priority – and it does it all on the connection of your choice.


About the Author

Matt Mair is a Senior Solutions Marketing Manager at TPx.   His role includes marketing and communications for Managed SD-WAN, Unified Communications, and TPx Complete – an industry-first bundle of essential business services. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.


latency, jitter, and packet loss in plain English

If you’ve read your managed service provider’s SLA (service level agreement) and wondered if you need an advanced degree in engineering to understand it all, don’t worry – you are not alone. Read on to get a plain English definition of these terms, and you’ll be speaking like a networking geek in no time!

Let’s take a look at three important network performance metrics, and learn why they matter to the successful deployment of your VoIP or unified communications service.


Latency is the time it takes a data packet to travel from point-to-point on the network. Each step your traffic takes through the network will add to its latency. Latency higher than 150 milliseconds (ms) will cause unnatural delays in an audio conversation. On a video call, high latency could create a disconnect between the audio and the video (which I like to call the “badly dubbed movie” effect). If latency becomes too high, you could experience periods of no audio or video at all.


You may know jitter as that feeling you get when you drink too much coffee – if so, you might want to consider switching to decaf. The jitter we’re talking about here is an inconsistent arrival of packets between two endpoints. Jitter of more than 20 ms will cause delays in packet arrival which, like high latency, will result in delays in your audio or video.

Packet Loss

Packet loss happens when a packet does not arrive, arrives out of order, or arrives too late. Lost packets don’t go into a “packet lost and found,” though – they’re just discarded. Packet loss over a network will cause choppy, poor-quality audio and video. The good news is that you’d have to have a pretty high level of packet loss for the service to degrade to that state. Even if you lost 3% of all VoIP packets coming in, your audio quality would still be better than what you’d hear on a cell phone.

By the way, the Bandwidth Speed Test on the TPx website will measure the latency (ping) and jitter of your current Internet connection, in addition to your download and upload speeds. Remember, though, that a test like this one is just a snapshot of a moment in time. Try running the test several times, particularly during the times of day when you know your network is busy, and you’ll get a better picture of your network’s VoIP readiness.

Are there any other strange networking terms that have you stumped? If so, just let us know – we’re always happy to help.

A network firewall is the first line of defense to protect your organization’s data, network, and critical assets from outside intruders and threats.  But in everyday terms, what does it really mean and why is it important to your business?

Think of your house as your business network.  The walkway from the street to the front door is your data connection (bandwidth) to the Internet, making your front door the connection to the world.  In networking, we call this “front door” the WAN interface.

There used to be a time when we left our front doors unlocked or even left wide open.  We didn’t get too many visitors, so we would just open and close the front door to let them in or deny their entry.  Unfortunately, those days are over.  If we leave our front door open, there will be unwanted visitors.  On a typical network, there can be tens of thousands of visitors every second.  In the networking world, these visitors are called packets.  We certainly don’t want all these packets coming in and out of our network without knowing what they are, but we can’t be opening and closing the door that often.

So what do we do?  We get a very fast security guard to stand at that front door, and we tell him who and what to let in and what to block.  That security guard is the firewall.  Without that security guard/firewall there, we are letting in pretty much any visitor, and some of those visitors will be criminals who are coming to rob us.

On a basic level, the security guard can look at where a visitor comes from.  If they come from our local book club, we are going to let them in. If it’s a salesperson, we won’t even open the door.  One way a firewall does this is by looking at the source IP. If it’s an IP for Google, we will probably let it in. If it’s an IP from the Dark Web, we won’t allow it.

We might let visitors in the front door at home, but that doesn’t necessarily mean we give them access to the entire house.  We’ll let them use the guest bedroom and bathroom, but our master bedroom and bathroom are off limits.  A firewall typically accomplishes this by looking at port numbers.  You want to access my web server on port 80?  Yup, go ahead… but you aren’t going to get to see my FTP server on port 21. And we might decide that only certain IPs can access the web server.  This helps to block unsolicited traffic into our network.

When you browse the Internet, you are basically shouting out from your window into the street (Internet) and saying “Hey, I want to see the brochure about ABC Widgets.”  So your browser connects to, and that company starts sending you information (in the form of web traffic and packets) back to you.  We need to make sure we are letting that traffic in. A firewall does that because it knows who you called out to and lets them back in.

Everything we’ve talked about so far describes the old type of firewall.  Now we have what’s called a Next Generation Firewall (NGFW).  The problem with the old firewall is that the criminals knew they could get into a house, but not necessarily into the master bedroom where the safe full of valuables was hiding.  So they started hiding saws and lock picks in their pockets or in the boxes they were carrying into the house.  Once inside the house, they might go to the guest bathroom because we said they could go there.  But once inside the guest bathroom, they unload the saw to cut a hole in the wall which leads into the master bedroom, where they use the pick to unlock the jewelry drawer.  These saws and picks are the viruses, malware, crypto lockers, and other cybersecurity threats that you hear so much about.

The NGFW tells the security guard, “Hey, make sure you look at what is in these guests’ pockets and the boxes they might bring in” – meaning data, attachments, and files. That means the firewall is no longer just looking at where the packets come from and where they are going. The NGFW is looking at the information contained in the packet, so we can try to identify if there is anything malicious and block it if necessary.  These new firewalls also tend to keep very good records of who and what is going through the front door.  That walkway to the front door (bandwidth) is only so big, so we want to know who is inviting in all those Netflix streaming packets that are congesting the walkway and maxing out the bandwidth.

Now that you know what a network firewall is and what it does, learn about the costs associated with security breaches – and then you will understand why having perimeter security with a firewall is so important.

Interested in protecting your business with a Next Gen Firewall?  Request a free, no-obligation consultation with TPx’s security specialists today.


About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.


Imagine this: You are the head of your company’s sales department. It’s 8:55 AM, and in five minutes you need to give a presentation to your CEO on last month’s sales figures. But as you download the files off your company’s server in the “cloud,” the progress bar remains stuck at 20%. You’ve got a 20 Mbps Metro Ethernet connection, but your computer is reporting a measly 1.3 MBps transfer rate. THAT’S IT! You’re going to be late and it’s your IT guy’s fault for choosing TPx as your Internet service provider. Hold on, don’t drop the “people’s elbow” on your IT guy just yet….

First, your computer is reporting your transfer rate to you in Megabytes-Per-Second (MBps) while your blameless carrier TPx is providing you bandwidth in Megabits-Per-Second (Mbps). To get Megabits from Megabytes you have to multiply your results by 8, so your actual transfer rate is 10.4 Mbps.

Well that is just fine, however 10.4 Mbps isn’t 20 Mbps. That is true – but unbeknownst to you, that guy from Marketing is streaming Gangnam Style for the 20th time that morning, which is consuming another 5 Mbps over your connection. So now you’re up to 15.4 Mbps. What’s happening to the last 4.6 Mbps?

Now it is time for the technical stuff…

  1. Overhead (consisting of IP headers, error correction bits, and time stamps) consumes approximately 7% of your bandwidth.
  2. Your maximum transfer rate is determined by the slowest link between your computer and the endpoint you are downloading from. That means the bottleneck could be somewhere out on the Internet, and therefore outside of your carrier’s network/control.
  3. Most data transfers utilize TCP (transmission control protocol), which is designed for the reliable transmission of data, so it requires the receiver to send an acknowledgment to the sender. These acknowledgments will take up some of your bandwidth over the connection, and the ability of your computer to process these acknowledgments will affect your results.

The above considerations also apply to bandwidth speed test results. You will likely never see your entire port speed (in this case, 20 Mbps) when doing a bandwidth speed test.

I hope this has demystified bandwidth usage and saved your IT guy from unnecessary physical injury.

About the Author

Adam Czarkowski is a Director of Service Delivery for TPx Communications. His team manages the installation of TPx’s hosted communications and data services products. Adam has held a number of management roles in technical support and operations over his 17 years in the technology industry.