Next Genera*on Tex*ng, Video Calling and Network Management October 2012 IPSTA Conference
|
|
- Penelope Turner
- 5 years ago
- Views:
Transcription
1 Next Genera*on Tex*ng, Video ing and Network Management October 2012 IPSTA Conference Copyright Assure911.net, LLC 2012 All Rights Reserved 1
2 Barbara Kemp, Assure911 IIT 911 Task Force Chairperson IIT ICE5 Project Manager CSI Consultant Brian Knueppel, Acme Packet Systems NENA ICE5 Co- chair David Staub, Assure911 IIT Lab Project Mentor Welcome 2
3 Topics Purpose NG Flow NENA ICE5 at IIT RTCL ESInet Security NG System Reliability Network Management Path Forward
4 Purpose Public Safety MigraTon to NG Experience Public Safety Legal Financial Managerial Challenges Maintenance General Overload Event Related Overload
5 NG Flow Full text on
6 ICE 5 Event at IIT RTCL Test Breadboard
7 ICE 5 Event at IIT RTCL 9/12/12 7
8 Security Brian Knueppel Acme Packet Goal: Protect the Next GeneraTon Network against Denial of Service A[acks and Overloads NENA definiton of a Border Control FuncTon (BCF) Product: Session Border Controller (SBC) more than a firewall 8
9 Where are Risks/VulnerabiliTes VoIP protocols and applications Operating system Supporting services Network protocol Physical Toll fraud, fuzzing, message floods, hijacking, eavesdropping, MITM call modification, media injection Buffer overflows, malware, DoS, configuration issues Resource exhaustion, account manipulation, covering tracks UDP/TCP floods, ICMP vectors, fuzzing, D/DoS Physical access compromise, reboot Policies and procedures Weak passwords, abuse of services 9
10 Threat Landscape Threat Example Result Reconnaissance scan Man-in-the-middle Address or port scan used to footprint network topology Attacker intercepts session to impersonate (spoof) caller Targeted denial of service, fraud, theft of service Targeted denial of service, breach of privacy, fraud, theft Eavesdropping Attacker sniffs session Breach of privacy, fraud, theft Session hijacking Session overloads Protocol fuzzing Media injection Attacker compromises valuable information by re-routing call Excessive signaling or media (malicious, non-malicious) Malformed packets, semantically or syntactically incorrect flows Attacker inserts unwanted or corrupt content into messages Breach of privacy, fraud, theft Denial of service Denial of service Denial of service, fraud 10
11 Border Control FuncTon (BCF) A BCF sits between external networks and the ESInet and between the ESInet and agency networks. All traffic from external networks transits a BCF. The BCF comprises several distnct elements pertaining to network edge control and SIP message handling. Border Firewall Access control Protect from malware a[acks Session Border Control PrevenTon DetecTon ReacTon 11
12 Session Border Control (SBC) ProtecTng live global IP communicatons networks FuncTonal element within BCF DOS/DDOS protecton, overload, resource admission control SIP normalizaton Resolve NAT issues Open/close pinholes B2BUA IPV4- IPV6 interworking VPN bridging Transport and encrypton: signaling and/or media QoS marking, priority, reportng detail records Transcoding 12
13 NENA Reference Documents Requirements, standards, procedures, practces Reference NG- SEC AudiTng, and assessing levels of security and risk to NG enttes, assets or elements, and excepton approval / risk acceptance process in the case of non- compliance to these guidelines Network Reference NID InformaTon that will assist in developing the requirements for and/or designing ESInets capable of meetng the requirements of an NG system FuncTonal Elements Reference NENA i Describes the detailed functonal elements and interfaces to those functonal elements 13
14 Secure Text Demo with alert Cellular network origination (SMS) Using test number (not 911) 4G/IMS->i3 ESInet (secured) Event sent in parallel(keyword bomb ) GPS Event Mobile Device Cell / SMS Assure911 IMS 4G/IMS Internet BCF ESInet FE s Text Device Text IIT Posi*on 14
15 Secure Video Demo Android device Over the top 4G/LTE ESInet (secured) 4G/LTE Network IMS Data Internet BCF ESInet FE s Over the top Smart Phone Video, Voice IIT Posi*on 15
16 Secure Video Demo with broadcast Android device Over the top 4G/LTE ESInet (secured) 4G/LTE Network IMS Data Internet Over the top BCF ESInet BCF Web Smart Phone Video, Voice Device with browser 16
17 NG System Reliability TesTng at IIT funded by Assure911 Performed by Joe Cusimano and Kbrom Tewoldu Dual Data Center ConfiguraTon Duplex ESInets: Primary/Master- Standby/Slave Resiliency to and ESRP Failures Including use of IIT UCARP program for IP address resiliency Security: Access Control Performance Under Load
18 IIT RTCL ESInet Test Architecture ConfidenTal Use with permission of CSI only 18 ConfidenTal Use with permission of CSI only
19 IIT RTCL ESInet Test Architecture Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF ESRP LPG LPG ESRP Private ECRF A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 19
20 IIT Lab Testing - Typical SIP Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF ESRP LPG LPG ESRP Private ECRF A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 20
21 Failure Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF ESRP LPG LPG ESRP Private ECRF X A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 21
22 Partial Failure ( s can register to B) Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF ESRP LPG LPG ESRP Private ECRF X A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 22
23 - Layer 1 and Layer 2 Resiliency - UCARP Program running in Background for Test - Remove RJ45 from ESInet Primary System Switches from Primary Master to Backup IP Address Re- Register - IniTate Test and Observe Invite Message in the Wire Shark Trace for conformance ConfidenTal Use with permission of CSI only 23
24 Server Failure - IP address taken over by backup Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF ESRP LPG LPG ESRP Private ECRF X A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 24
25 ESRP Resiliency - Layer 5 SIP Message RouTng Geographic Redundancy - Acme Packet Session Border Controller (SBC) Configured to hunt to Alternate ESInet ESRP on failure - Remove RJ45 from Primary ESRP - IniTate test call and observe Wire Shark Trace - Invite message indicates routng to alternate ESRP - The SBC can be configured to also route invite messages alternately between both ESRPs (Round Robin) ConfidenTal Use with permission of CSI only 25
26 ESRP Failure Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B BCF Acme Packet BCF Acme Packet Private ECRF X ESRP LPG LPG ESRP Private ECRF A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 26
27 Data Center Failure Public ECRF SIP proxy SIP er PSTN er PSTN er SIP er Public ECRF SIP proxy Data Center A Data Center B Private ECRF X BCF Acme Packet ESRP LPG LPG BCF Acme Packet ESRP Private ECRF A E911 B E911 Copyright Assure911.net, LLC 2012 All Rights Reserved 27
28 - Once configured with an IP address only addresses on the list are allowed access - Configure System Access List Using IP Addresses and Laptop LAN Address Netmask Access Session Border Controller Management Port Remove Security: System Access List - Access SBC a 2 nd Tme connecton is refused ConfidenTal Use with permission of CSI only 28
29 Performance - Using the MU to initate multple invites to the ESInet simulate DDoS - Session Border Controller System Control List configured to restrict allowable session invites - Access System Control List and set MU peer IP address Thresholds set for 5 - Observe Wire Shark Traces to view allowed invite messages ConfidenTal Use with permission of CSI only 29
30 Network Management End to End Network Management DemonstraTon for Public Safety
31 NG Systems are multi-provider NG911 Data Center A I3 NG System Access Traffic Router Router I3 ESInet Router Router NG System EMS= Element Management System NG911 Data Center A OSS = OperaTons Support System I3 = Current version of NENA NG SpecificaTon Copyright Assure911.net, LLC 2012 All Rights Reserved SS7= Signaling System 7 CAMA= Centralized AutomaTc Message AccounTng MF = MulT Frequency = Legacy Network Gateway = Public Safety Answering Point SIP = Session IniTaTon Protocol 31
32 Each provider has their own solution for surveillance IP Transport OSS Element Manager Carrier OSS VSP OSS Element Manager NG911 Data Center A I3 NG System Access Traffic Router Router I3 ESInet Router Router NG System EMS= Element Management System NG911 Data Center A OSS = OperaTons Support System I3 = Current version of NENA NG SpecificaTon Copyright Assure911.net, LLC 2012 All Rights Reserved SS7= Signaling System 7 CAMA= Centralized AutomaTc Message AccounTng MF = MulT Frequency = Legacy Network Gateway = Public Safety Answering Point SIP = Session IniTaTon Protocol 32
33 Highly reliable networks are proactively watched end-to-end IP Transport OSS Element Manager Carrier OSS VSP OSS Element Manager NG911 Data Center A I3 NG System Access Traffic Router Router I3 ESInet Router Router NG System EMS= Element Management System NG911 Data Center A OSS = OperaTons Support System I3 = Current version of NENA NG SpecificaTon Copyright Assure911.net, LLC 2012 All Rights Reserved SS7= Signaling System 7 CAMA= Centralized AutomaTc Message AccounTng MF = MulT Frequency = Legacy Network Gateway = Public Safety Answering Point SIP = Session IniTaTon Protocol 33
34 End to End Monitoring Carrier OSS VSP OSS Data Collec*on Client NG FEs Logging Service BCF: Acme Packet EMS= Element Management System OSS = OperaTons Support System I3 = Current version of NENA NG SpecificaTon SS7= Signaling System 7 CAMA= Centralized AutomaTc Message AccounTng MF = MulT Frequency = Legacy Network Gateway = Public Safety Answering Point SIP = Session IniTaTon Protocol ISDN = Integrated Services Digital Network PRI = Primary Rate Interface Copyright Assure911.net, LLC 2012 All Rights Reserved 34
35 Mobile Alerting: Border Control Function Event Reporting (Demo App on Google Play ) Text Message Originates Here GPS Mobile Device Text Device Event Reported to System Mgr IMS 4G/IMS Assure911 Cell / SMS Internet BCF ESInet NG911 FE s Text Session with NG911 Posi*on
36 Mobile Network Management App 36
37 In Network Assurance when you marry the network-wide view with the ability of the BCF to monitor the content stream 37
38 38
39 39
40 40
41 Assure911 TM Patented, End- to- End NG Status System Assure911 is a registered trademark of Network Expert Sojware Systems, Inc. Used with permission. Copyright Assure911.net, LLC 2012 All Rights Reserved 41
NG : Reliability a0er Design
NG 9-1- 1: Reliability a0er Design Design and Reliability Solu2ons for Emergency Services Networks David Staub dbs@assure911.net (860) 620 7735 1 Assure911.net Contracted to design ESInet for CounCes of
More informationIngate SIParator /Firewall SIP Security for the Enterprise
Ingate SIParator /Firewall SIP Security for the Enterprise Ingate Systems Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?... 3 3
More informationAT&T ESInet Customer Presentation
AT&T ESInet Customer Presentation TM The best of today built for tomorrow. Table of Contents Introduction AT&T Emergency Services IP Network (AT&T ESInet TM ) Overview National Emergency Number Association
More informationNG9-1-1 Call Flow. Handout Roundtable April 2, Figure 1- Call Flow Diagram
NG9-1-1 Call Flow Handout Roundtable April 2, 2012 Figure 1- Call Flow Diagram The Standard NG9-1-1 Network has the same Functional Elements (FEs) in each Data Centers for redundancy. The acronyms are
More informationNG9 1 1 Industry Collaboration Event 2 Planning Committee Charter
NG9 1 1 Industry Collaboration Event 2 Planning Committee Charter The Steering Committee for the NG9 1 1 Industry Collaboration Events (ICE) has approved commencement of planning for the second event.
More informationNext Generation Emergency Communications Intelligent Migration
2010 Texas NENA Conference Next Generation Emergency Communications Intelligent Migration A Well-Managed Path from Enhanced 9-1-1 to Integrated Next Generation 9-1-1 Services Mart D. Nelson Consulting
More informationProtecting Against Online Fraud. F5 EMEA Webinar August 2014
Protecting Against Online Fraud F5 EMEA Webinar August 2014 Agenda Fraud threat trends and business challenges Web fraud protection Mobile fraud protection Security operations center Example architecture
More informationDrone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created
Drone - 2 04/12/2018 Threat Model Description Threats Threat Source Risk Status Date Created Mobile Phone: Sensitive Data Leakage Smart Devices Mobile Phone: Session Hijacking Smart Devices Mobile Phone:
More informationReal-time Communications Security and SDN
Real-time Communications Security and SDN 2016 [Type here] Securing the new generation of communications applications, those delivering real-time services including voice, video and Instant Messaging,
More informationModern IP Communication bears risks
Modern IP Communication bears risks How to protect your business telephony from cyber attacks Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure
More informationHP AllianceONE Services zl Module for Avaya Aura Session Border Controller powered by Acme Packet
HP AllianceONE Services zl Module for Avaya Aura Session Border Controller powered by Acme Packet Data sheet Product overview The HP AllianceONE Services zl Module for Avaya Aura Session Border Controller
More informationWHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points
WHITE PAPER Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS Starting Points...1 The Four Essentials...2 The Business Case for SIP Trunks...3 To benefit from the latest
More informationAllstream NGNSIP Security Recommendations
Allstream NGN SIP Trunking Quick Start Guide We are confident that our service will help increase your organization s performance and productivity while keeping a cap on your costs. Summarized below is
More informationSIP security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, , Atlanta, GA (USA)
security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, 29.03.2006, Atlanta, GA (USA) 2006 SWITCH Content and Firewall and NAT Privacy / Encryption SpIT / Authentication Identity General
More informationJay English Director Comm. Center & Services APCO International. 2013; all rights reserved
Jay English Director Comm. Center & 9-1-1 Services APCO International 2013; all rights reserved Topics to Cover NG9-1-1 What it means may vary Technical Basics New Terminology Issues that need to be on
More informationDigital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model
Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model 1. Description of Services. 1.1 SIP SBC with Field Trial Endpoint Deployment Verizon will assist
More informationSecurity for SIP-based VoIP Communications Solutions
Tomorrow Starts Today Security for SIP-based VoIP Communications Solutions Enterprises and small to medium-sized businesses (SMBs) are exposed to potentially debilitating cyber attacks and exploitation
More informationInternet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came
Victoria Ellsworth Dr. Ping Li ICTN 4040 04/11/17 Internet of Things (IoT) Attacks The Internet of Things (IoT) is based off a larger concept; the Internet of Things came from idea of the Internet of Everything.
More informationVoIP Security Threat Analysis
2005/8/2 VoIP Security Threat Analysis Saverio Niccolini, Jürgen Quittek, Marcus Brunner, Martin Stiemerling (NEC, Network Laboratories, Heidelberg) Introduction Security attacks taxonomy Denial of Service
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 642-541 Title : VPN and Security Cisco SAFE Implementation Exam (CSI) Vendors : Cisco
More informationESInet Building Blocks for NG Mark Titus Lead Product Marketing Manager AT&T Public Safety
Mark Titus Lead Product Marketing Manager AT&T Public Safety Agenda Agenda slide Why NG9-1-1 is Important ESInet Functional Benefits Is the time right for ESInet? Summary 2 ESInet Building Blocks for Why
More informationKen Agress, Senior Consultant PlanNet Consulting, LLC.
Elements of a Vulnerability Assessment Ken Agress, Senior Consultant PlanNet Consulting, LLC. Defining a Vulnerability Assessment Agenda Types of Vulnerability Assessments Are You Ready for an Assessment?
More informationBrochure. Dialogic BorderNet Session Border Controller Solutions
Dialogic BorderNet Session Border Controller Solutions Dialogic BorderNet Solutions Supercharge Connections between Networks, Services and Subscribers with Ease and Scale The BorderNet family of session
More informationABC SBC: Secure Peering. FRAFOS GmbH
ABC SBC: Secure Peering FRAFOS GmbH Introduction While an increasing number of operators have already replaced their SS7 based telecommunication core network with a SIP based solution, the interconnection
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationThe leader in session border control. for trusted, first class interactive communications
The leader in session border control for trusted, first class interactive communications VoIP security at the carrier network edge Kevin Mitchell Director, Solutions Marketing kmitchell@acmepacket.com
More informationWhite Paper. SIP Trunking: Deployment Considerations at the Network Edge
SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively recently,
More informationComparative table of the call capacity of KMG 200 MS: Number of SBC calls Maximum TDM channels Total calls Bridge**
LOW DENSITY MEDIA GATEWAY WITH MODULAR INTERFACES AND SBC Main Characteristics Modular, with 1 or 2 internal E1/T1 + 2 external modules * Integrated SBC Option with BNC or RJ45 connectors Up to 60 TDM
More informationFeb 28 Mar, 7 Raleigh, NC
NCC National Coordinating Center for Communications Gerald Jay English, ENP Public Safety Program Manager US Dept. of Homeland Security National Communications & Cybersecurity Information Center (NCCIC)
More informationEmergent Communications NG9-1-1 Software Solutions for Call Routing and PSAP Call Takers April 2017
Emergent Communications NG9-1-1 Software Solutions for Call Routing and PSAP Call Takers April 2017 www.emergentcomm.com Introduction Emergent Communications offers the first totally built from the ground
More informationIngate Firewall & SIParator Product Training. SIP Trunking Focused
Ingate Firewall & SIParator Product Training SIP Trunking Focused Common SIP Applications SIP Trunking Remote Desktop Ingate Product Training Common SIP Applications SIP Trunking A SIP Trunk is a concurrent
More informationFreeSWITCH as a Kickass SBC. Moises Silva Manager, Software Engineering
FreeSWITCH as a Kickass SBC Moises Silva Manager, Software Engineering FreeSWITCH as a Kickass SBC Moises Silva Manager, Software Engineering Moises Silva
More informationCISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
More informationThe Case for Secure Communications
Whitepaper The Case for Secure Communications The tapping of voice communications has occurred virtually as long as electronic communication has been in existence. In the early days of electronic communications,
More informationFlorida 911 Coordinator s Spring 2015 Meeting
NENA i3 and Next Generation 9-1-1 Florida 911 Coordinator s Spring 2015 Meeting May - 2015 Mike Nelson Intrado, Senior Technical Officer Intrado Proprietary Selective Routers were designed In the 70 s
More informationUnified Communications Threat Management (UCTM) Secure Communications and Collaborations
Secure Cloud Communication and Collaboration. Overview The emergence of IP Voice, Video, Unified Communication and Collaborations (UC&C) technology and applications are causing a fundamental shift in the
More informationExam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo
Exam : JK0-015 Title : CompTIA E2C Security+ (2008 Edition) Exam Version : Demo 1.Which of the following logical access control methods would a security administrator need to modify in order to control
More informationH.323-to-H.323 Interworking on CUBE
This chapter describes how to configure and enable features for H.323-to-H.323 connections on CUBE. Configuring H.323-to-H.323 connections on a CUBE opens all ports by default. If CUBE has a public IP
More informationApplication Note. Microsoft OCS 2007 Configuration Guide
Application Note Microsoft OCS 2007 Configuration Guide 15 October 2009 Microsoft OCS 2007 Configuration Guide Table of Contents 1 MICROSOFT OCS 2007 AND INGATE... 1 1.1 SIP TRUNKING SUPPORT... 2 2 INGATE
More informationSecure Telephony Enabled Middle-box (STEM)
Report on Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen 04/14/2003 Dr. Mark Stamp - SJSU - CS 265 - Spring 2003 Table of Content 1. Introduction 1 2. IP Telephony Overview.. 1 2.1 Major Components
More informationARP Inspection and the MAC Address Table for Transparent Firewall Mode
ARP Inspection and the MAC Address Table for Transparent Firewall Mode This chapter describes how to customize the MAC address table and configure ARP Inspection for bridge groups. About ARP Inspection
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationSecure Communications on VoIP Networks
Mediatrix Multi-service Gateways v. 2.0.41.762 2017-12-21 Table of Contents Table of Contents Internet Telephony Network Security 4 Authentication 4 X-509 Certificates 4 Transport Layer Security (TLS)
More informationBank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
More informationNorth Carolina ESInet Conceptual Design document
North Carolina ESInet Conceptual Design document March 2016 Proprietary Notice This NC NG9-1-1 Conceptual Design document, its contents, and appendices are proprietary to the state of North Carolina and
More informationApplication Note 3Com VCX Connect with SIP Trunking - Configuration Guide
Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide 28 May 2009 3Com VCX Connect Solution SIP Trunking Table of Contents 1 3COM VCX CONNECT AND INGATE... 1 1.1 SIP TRUNKING SUPPORT...
More informationHIGH DENSITY MEDIA GATEWAY WITH MODULAR INTERFACES AND SBC. Comparative table for call capacities of the KMG SBC 750:
HIGH DENSITY MEDIA GATEWAY WITH MODULAR INTERFACES AND SBC Main Characteristics Modular composition: 8 telephony modules compatible with E1/T1, FXO, FXS and/or GSM technologies. Integrated SBC: o Up to
More informationNG112 Transition Models - Implementation Activities
EENA NG112 Technical Committee Document NG112 Transition Models Implementation Activities Title: NG112 Transition Models - Implementation Activities Version: 2.0 Revision Date: 15/07/2015 Status of the
More informationInternetwork Expert s CCNA Security Bootcamp. Common Security Threats
Internetwork Expert s CCNA Security Bootcamp Common Security Threats http:// Today s s Network Security Challenge The goal of the network is to provide high availability and easy access to data to meet
More information10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network
10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity
More informationIntrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks
Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial
More informationConducting an IP Telephony Security Assessment
Conducting an IP Telephony Security Assessment Mark D. Collier Chief Technology Officer mark.collier@securelogix.com www.securelogix.com Presentation Outline Ground rules and scope Discovery Security policy
More informationCisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p.
Cisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p. 6 Networking Basics p. 14 Wireless LANs p. 22 Cisco Hardware
More informationNGN: Carriers and Vendors Must Take Security Seriously
Research Brief NGN: Carriers and Vendors Must Take Security Seriously Abstract: The next-generation network will need to provide security on many levels. A comprehensive set of standards should be in place
More informationEmergent Communications Software Solutions for Call Routing and Delivery
Emergent Communications 9-1-1 Software Solutions for Call Routing and Delivery Technical White Paper May 2017 Introduction Emergent Communications offers the first totally built from the ground up NENA
More informationEN-1000 Quick Configuration Guide
Part Number 17655.0000 Version A.5, December 2017 2017 Encore Networks, Inc. All rights reserved. EN-1000 Quick Configuration Guide CAT-1 LTE T he EN-1000 is a high-performance, low-cost VPN router designed
More informationMIVOICE BORDER GATEWAY PLATFORM
MITEL MIVOICE BORDER GATEWAY PLATFORM MiVoice Border Gateway Remote Phone Configuration Guide JANUARY, 2017 RELEASE 9.4 MBG - Remote IP Phone Configuration Guide NOTICE The information contained in this
More informationPracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam
PracticeDump http://www.practicedump.com Free Practice Dumps - Unlimited Free Access of practice exam Exam : SY0-501 Title : CompTIA Security+ Certification Exam Vendor : CompTIA Version : DEMO Get Latest
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More informationAdvanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
More informationWhite Paper Session Border Controllers: Rationalizing the Border of the Network
Session Border Controllers: Rationalizing the Border of the Network To find out more about Dialogic, visit us at: www.dialogic.com Executive Summary: As service providers transform their networks more
More informationTestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified
TestOut Network Pro - English 4.1.x COURSE OUTLINE Modified 2017-07-06 TestOut Network Pro Outline - English 4.1.x Videos: 141 (18:42:14) Demonstrations: 81 (10:38:59) Simulations: 92 Fact Sheets: 145
More informationNext Generation Intelligent Migration SM. A Well-Managed Path from Enhanced to Next Generation Services
Next Generation 9-1-1 Intelligent Migration SM A Well-Managed Path from Enhanced 9-1-1 to Next Generation 9-1-1 Services 1 How Do We Know When We Have Achieved NG9-1-1? From a NENA September, 2008 paper
More informationCCVP CIPT2 Quick Reference
Introduction...3...4 Centralized Call Processing Redundancy...11 CCVP CIPT2 Quick Reference Bandwidth Management and Call Admission Control...17 Applications for Multisite Deployments...21 Security...31
More informationMOBILE THREAT LANDSCAPE. February 2018
MOBILE THREAT LANDSCAPE February 2018 WHERE DO MOBILE THREATS COME FROM? In 2017, mobile applications have been a target of choice for hackers to access and steal data, with 86% of mobile threats coming
More informationTechnical White Paper for NAT Traversal
V300R002 Technical White Paper for NAT Traversal Issue 01 Date 2016-01-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form
More informationNetwork Configuration Guide
Cloud VoIP Network Configuration PURPOSE This document outlines the recommended VoIP configuration settings for customer provided Firewalls and internet bandwidth requirements to support Mitel phones.
More informationWest AT&T TXT Power Service Guide
West AT&T TXT29-1-1 Power Service Guide Table of Contents 1. Introduction... 2 2. Service Features... 2 2.1. Service Overview... 2 3. ITS... 3 3.1. Service Use Cases... 3 3.2. Customer Provided Public
More informationChapter 4. Network Security. Part I
Chapter 4 Network Security Part I CCNA4-1 Chapter 4-1 Introducing Network Security Introduction to Network Security CCNA4-2 Chapter 4-1 Introducing Network Security Why is Network Security important? Rapid
More informationGigabit SSL VPN Security Router
As Internet becomes essential for business, the crucial solution to prevent your Internet connection from failure is to have more than one connection. PLANET is the ideal to help the SMBs increase the
More informationSonus Networks engaged Miercom to evaluate the call handling
Key findings and conclusions: Lab Testing Summary Report September 2010 Report 100914B Product Category: Session Border Controller Vendor Tested: Sonus SBC 5200 successfully registered 256,000 user authenticated
More informationUnderstanding Cisco Unified Communications Security
Cisco Support Community Presents Tech-Talk Series Understanding Cisco Unified Communications Security Akhil Behl Solutions Architect, akbehl@cisco.com Author of Securing Cisco IP Telephony Networks 2010
More informationConfiguring Hosted NAT Traversal for Session Border Controller
Configuring Hosted NAT Traversal for Session Border Controller The Cisco IOS Hosted NAT Traversal for Session Border Controller Phase-1 feature enables a Cisco IOS Network Address Translation (NAT) Session
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Patrick Tague Class #4 Telecom System Security General Vulnerabilities Service interruption vulnerabilities Due to increased capacity offered by high speed communication
More informationPatton Trinity esbc SmartNode with BroadCloud UC & SIP Trunking. May 2018 Document Version 1.0
Patton Trinity esbc SmartNode with BroadCloud UC & SIP Trunking May 2018 Document Version 1.0 Table of Contents 1 About this Guide...3 2 General Information...4 2.1 Patton SmartNode esbc Series Overview...
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationCS System Security 2nd-Half Semester Review
CS 356 - System Security 2nd-Half Semester Review Fall 2013 Final Exam Wednesday, 2 PM to 4 PM you may bring one 8-1/2 x 11 sheet of paper with any notes you would like no cellphones, calculators This
More informationDigital Advisory Services Professional Service Description SIP Centralized IP Trunk with Field Trial Model
Digital Advisory Services Professional Service Description SIP Centralized IP Trunk with Field Trial Model 1. Description of Services. 1.1 SIP Centralized IP Trunk with Field Trial Verizon will assist
More informationThe Telephony Denial of Service (TDoS) Threat
The Telephony Denial of Service (TDoS) Threat An Analysis of the TDoS Threat in Voice Network Security A Whitepaper From SecureLogix Corporation Telephony Denial-of-Service (TDoS) and The Public Voice
More informationWireless LAN Security (RM12/2002)
Information Technology in Education Project Reference Materials Wireless LAN Security (RM12/2002) Infrastructure Division Education Department The Government of HKSAR www.ited.ed.gov.hk December 2002 For
More informationComputer Network Vulnerabilities
Computer Network Vulnerabilities Objectives Explain how routers are used to protect networks Describe firewall technology Describe intrusion detection systems Describe honeypots Routers Routers are like
More informationSession Border Controller
CHAPTER 14 This chapter describes the level of support that Cisco ANA provides for (SBC), as follows: Technology Description, page 14-1 Information Model Objects (IMOs), page 14-2 Vendor-Specific Inventory
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationTestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified
TestOut Network Pro - English 5.0.x COURSE OUTLINE Modified 2018-03-06 TestOut Network Pro Outline - English 5.0.x Videos: 130 (17:10:31) Demonstrations: 78 (8:46:15) Simulations: 88 Fact Sheets: 136 Exams:
More informationAT&T IP Flexible Reach And IP Toll Free Cisco Unified Communication Manager H.323 Configuration Guide. Issue /3/2008
AT&T IP Flexible Reach And IP Toll Free Cisco Unified Communication Manager H.323 Configuration Guide Issue 2.17 3/3/2008 Page 1 of 49 TABLE OF CONTENTS 1 Introduction... 4 2 Special Notes... 4 3 Overview...
More informationSIP as an Enabling Technology
SIP as an Enabling Technology SIP and VoIP Fundamentals Mike Taylor - CTO spscom.com 888.777.7280 Strategic Products and Services / 300 Littleton Road / Parsippany, NJ 07054 Agenda What is SIP? Acceptance
More informationMulti-Layer Security Protection for Signaling Networks
Multi-Layer Security Protection for Signaling Networks All-IP Invites Innovation, but also More Vulnerabilities O R A C L E W H I T E P A P E R J A N U A R Y 2 0 1 6 Table of Contents Introduction 2 Access
More informationE911 Presentation FAQ Pierce County Council Public Safety, Human Service and Budget Committee April 23, 2018
E911 Presentation FAQ Pierce County Council Public Safety, Human Service and Budget Committee April 23, 2018 Q-1 What do all those acronyms stand for? A-1 *See comprehensive glossary at the bottom of this
More informationUse NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454
Use NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454 Document ID: 65122 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Topology
More informationApplication Note Asterisk BE with SIP Trunking - Configuration Guide
Application Note Asterisk BE with SIP Trunking - Configuration Guide 23 January 2009 Asterisk BE SIP Trunking Table of Contents 1 ASTERISK BUSINESS EDITION AND INGATE... 1 1.1 SIP TRUNKING SUPPORT... 2
More informationARP Inspection and the MAC Address Table
This chapter describes how to customize the MAC address table and configure ARP Inspection for bridge groups. About, page 1 Default Settings, page 2 Guidelines for, page 2 Configure ARP Inspection and
More information2. Firewall Management Tools used to monitor and control the Firewall Environment.
Firewall Review Section 1 FIREWALL MANAGEMENT & ADMINISTRATION Common management practices with regard to administering the (company) network should be in accordance with company policies and standards.
More informationSteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)
Internet Communications Made Safe SteelGate Overview SteelGate Overview SteelGate is a high-performance VPN firewall appliance that Prevent Eliminate threats & attacks at the perimeter Stop unauthorized
More informationIndustrial Control System Security white paper
Industrial Control System Security white paper The top 10 threats to automation and process control systems and their countermeasures with INSYS routers Introduction With the advent of M2M (machine to
More informationUnified Communications Manager Express Toll Fraud Prevention
Unified Communications Manager Express Toll Fraud Prevention Document ID: 107626 Contents Introduction Prerequisites Requirements Components Used Conventions Overview Internal vs. External Threats Toll
More informationInformation Technology Enhancing Productivity and Securing Against Cyber Attacks
Information Technology Enhancing Productivity and Securing Against Cyber Attacks AGENDA Brief Overview of PortMiami Enhancing Productivity Using Technology Technology Being Using at the Port Cyber Attacks
More informationSESSION BORDER CONTROLLERS
SESSION BORDER CONTROLLERS Architected for distributed signaling & media Integrated, co-located and distributed options Flexible hardware/software deployment models Designed to sustain high SIP message
More informationR (2) Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing.
R (2) N (5) Oral (3) Total (10) Dated Sign Experiment No: 1 Problem Definition: Implementation of following spoofing assignments using C++ multi-core Programming a) IP Spoofing b) Web spoofing. 1.1 Prerequisite:
More informationUTM. (Unified Threat Manager) Support for signatures from Snort VRT and Emerging Threat.
UTM (Unified Threat Manager) Intrusion Prevention based Snort 2.9. Support for signatures from Snort VRT and Emerging Threat. HTTP/SSL Web Proxy based on Squid 3.1.20 URL Filtering with Internet DB from
More information