Real-time Communications Security and SDN

Size: px
Start display at page:

Download "Real-time Communications Security and SDN"

Transcription

1 Real-time Communications Security and SDN 2016 [Type here]

2 Securing the new generation of communications applications, those delivering real-time services including voice, video and Instant Messaging, is a challenge. Enterprises and service providers working with network infrastructures and cyber security policies designed for data driven applications are experiencing this challenge. To add to this, new technologies, Network Function Virtualisation (NFV) and Software Defined Networking (SDN) are now deployed to support the ever growing bandwidth requirements. Will adding these new technologies to networks already struggling to secure the current generation of applications push the goal of an effective cyber security even further away, or can these technologies bolster security for Unified Communication services? The Evolution of Real-Time Communications (VoIP, UC, IOT) For the last 15 or more years, real-time communication services, voice and video calls plus Instant Messaging (IM), have undergone a rapid and dramatic evolution. This evolution started when PBX vendors realised that adopting IP networking as a basis for their core products gave them the ability to enhance their products and to deliver new features more quickly. This triggered the appearance of a range of IP-PBX products using IP networking to connect handsets to the PBX operating within the same location. At this stage telephony services were still provided via ISDN connections, so the benefits stopped at the enterprise network boundary. The next evolutionary step was the introduction of SIP trunks, using IP networking to deliver a company s phone service. This enabled a greater range of services to be delivered at a lower cost. A new set of service providers emerged, Internet Telephony Service Providers, whose agility enabled them to introduce new Voice over IP (VoIP) services and to win business that traditionally would have gone to the incumbent telco. The evolutionary process did not stop there. VoIP services have now matured into Unified Communication (UC) services combining a range of applications into a single integrated communication service. While communications services have developed, the necessary parallel development of security services has not. A significant percentage of operational VoIP and UC systems are operating with a security model that was appropriate when telephony services were provided by national telecom carriers using private networks. Today, VoIP and UC services operate over IP networks including the public Internet. The trust models of the Internet and traditional telecom networks are radically different. The inevitable result is that VoIP and UC networks with their feature applications are under constant attack. A significant number of systems are falling victim to these attacks. The results include expensive call fraud attacks, service loss, leakage of confidential information and failure to meet legal data protection and compliance requirements. Page 2 of 9

3 If the risk of fraudulent calls racking up tens of thousands of dollars in charges is not a board level problem, then the potential fines imposed by data protection authorities for a security breach certainly are. There have been some attempts to address the VoIP and UC security challenge. In the early millennium a new product category emerged. This was the Session Border Controller (SBC). Although SBC s were at the time a good effort, they owe too much to the telecom security model based around SS7 infrastructure and not enough to the Internet security model. As evidence of this, UM Labs has audited a number of VoIP and UC deployments running wellknown brands of SBC and has found that the security provided, fails on a number of accounts, falling short of the level necessary to operate safely in an IP network. Observed problems include: SBCs providing no effective security other than a simple source IP address check which a $50 router can offer. SBCs, Application Gateways, Proxy Gateways are all failing to implement layered security, deployed there is no interaction between the levels of network, application or content, so that even the basic source IP address controls could be circumvented. SBCs allowing remote users to connect to an enterprise IP-PBX and make calls without positively identifying and authenticating the user. SBCs failing to detect and block a call fraud attack. SBCs unable to provide an encryption services to protect the confidentiality of calls and as a consequence failing to meet legal requirements for compliance. The Need for a Paradigm Shift UM Labs was founded to develop new technologies for securing real-time communications (incl. VoIP and UC systems). It quickly became apparent that the evolutionary approach that had driven the development of UC applications, would not deliver an effective solution. What was needed was a paradigm shift, a new approach to securing VoIP and UC applications. This approach had to recognise the impact of the Internet security model on real-time communications. The architectural approach adopted by UM Labs was based on many years of experience in designing and building IP security products for data applications, but recognising the constraints imposed by the real-time nature of VoIP and UC. Page 3 of 9

4 It was also apparent that an effective security platform has had to operate within a changing network environment. Data centre technology was moving away from racks full of dedicated hardware and embracing virtualisation. This triggered the need to manage service operation within the virtualised environment. Software Defined Networking (SDN) became the solution to this problem. To quote Techtarget: Software-defined networking (SDN) is an umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible as the virtualized server and storage infrastructure of the modern data centre. The goal of SDN is to allow network engineers and administrators to respond quickly to changing business requirements. SDN which in turn enables Network Function Virtualisation (NFV) was conceived to enable networks to meet the ever growing demand for more bandwidth. VoIP and UC services providers and enterprises deploying these services clearly need the benefits of SDN. To build an effective set of security controls for VoIP and UC applications, UM Labs have adopted a software architecture able to deliver the level of security needed, and for a set of applications which have evolved from a telecom orientated service, operating safely within the Internet trust model. The same architecture is aligned to the SDN deployment model. Page 4 of 9

5 UM Labs Architecture The UM Labs real-time communications security platform is built on a layered architecture. The foundation is a hardened operating system configured to run on all popular virtualisation hosts and cloud services. This foundation provides an environment for a set of multi-level security controls. The security platform is controlled by a management layer, which provides a set of management interfaces. The foundation layer and the management layer combine to enable the platform to operate within a SDN environment. SDN Interfaces Management Layer Content Security Layer Application Security Layer Network Security Layer Hardened Operating System UM Labs Platform Host Cloud Secure Foundation A secure foundation is essential for any security system. The UM Labs platform is built on a hardened Linux operating system using design principles derived from building generic IP firewalls and application security systems. These design principles conform to the security constraints needed to meet the Common Criteria EAL4 level of security certification. The Common Criteria scheme is an international security certification scheme. In the USA the Common Criteria scheme is administered by NIAP, a joint venture between the NSA and NIST. EAL4 certification is applicable in those circumstances where developers or users require a moderate to high level of independently assured security. Page 5 of 9

6 The platform s underlying operating system is configured to enable deployment on all popular visualisation host operating system and cloud services. The platform takes advantage of supporting services provided by the host environment, obtaining essential operating parameter such as network interface configuration details from that environment. Layered Security The security threats facing real-time communications (VoIP and UC systems) are multi-levelled. Securing those systems requires multi-levelled security technology. Network level security addresses the IP level threats faced buy all IP connected applications and systems. The need for IP Network security for data application is well established. There is a whole industry devoted to developing data firewalls to protect against threats at this level. VoIP and UC applications run on the same IP networks as data applications and therefore need the same protection. The security threats at the IP Network level include: Denial of Service attacks (Dos) and distributed DoS attacks. Flooding attacks Malformed packet attacks Port scanning and service enumeration attacks DoS attacks, attacks designed to disrupt a network service, are a growing problem. Businesses with an Internet presence are a common target where the attack can be motivated by a political protest or for financial gain. The obvious question is: if firewalls are designed to protect data applications from DoS attacks, can they do the same for real-time communication (VoIP and UC) applications? The answer is no, because the protocols used for VoIP and UC are not firewall friendly. Configuring a firewall to handle SIP and the related protocol used to handle audio and video streams in calls, the Realtime Transport Protocol (RTP), means opening up a large port range. This reduces the firewall's security to a level where a competent firewall administrator would not want to apply the necessary configuration. The only effective way to implement the necessary IP security controls is as part of a comprehensive real-time communication (VoIP and UC) security product. Page 6 of 9

7 Application level security controls threats aimed directly at the VoIP, Video, IM (UC) protocols and applications. The complexity of these protocols means that there is a long list of potential threats. These threats can be combated only by implementing a range of security controls directed at the application level. In UC terms this means targeting security controls at the protocol messages responsible for functions such as tracking the status of connecting devices and managing calls. The security threats at the application level include: Denial of Service attacks (Dos) and distributed DoS attacks. Flooding attacks Malformed message attacks Directory harvesting attacks Authentication attacks Call fraud attacks Protocol violation attacks DoS attacks at the application level include flooding attacks, where the targeted system is flooded with requests, and also more subtle attacks where smaller numbers of invalid messages are sent with the aim of disrupting a service. Content level security protects the content delivered by UC applications. This includes voice and video calls, text and other content delivered via Instant Messaging applications and meta content such as presence information indicating the availability status of colleagues. All of these content types are potential attack targets. The most obvious attack is eavesdropping, listening in on voice and video calls or monitoring presence data to gather information on the identity of users. There are also a number of more subtle attacks including: Media injection (replacing or disrupting voice or video streams) Media level denial of service attacks Call Hijacking attacks (taking over one leg of an established call) Page 7 of 9

8 System Management and SDN The system management layer provides multiple interfaces for installing, configuring and monitoring the UM Labs platform. The primary interfaces are a REST API to enable configuration and monitoring of the platform s real-time communication (VOIP, UC) security policy and integrated SDN support to simplify deployment and to strengthen the security controls. The UM Labs real-time communication (VoIP and UC) Security platform is a complete software package including a hardened operating system and the layered security controls needed to protect VoIP and UC application systems and to ensure that those systems operate within current compliance regulations. The platform will run in all popular virtualisation environments and cloud services. Integrated SDN support ensures that instances of the platform may be installed on demand with each instance using SDN functions or specific functions provided by the cloud service hosting the platform to map the network environment and to apply the appropriate configuration. The UM Labs platform extends the use of SDN beyond simple deployment management. The platform functions by detecting security threats and taking the appropriate blocking action. Threat detection and blocking actions are implemented at multiple levels. In many cases the most efficient method of blocking a threat is to implement the blocking action at a lower level that the threat detection. As an example a call-fraud attack can only be detected at the application level, but the most efficient blocking mechanism is to instruct the network security layer to implement the blocking action. The UM Labs platform includes this level of feed-back between threat detection and blocking action at all 3 security levels. SDN enables this feedback to be extended into the cloud. When a threat is detected, the UM Labs platform is able to use SDN technology via protocols such as Openflow to instruct other network components or systems to block the source of the detected threat. The UM Labs security architecture for real-time communication (VoIP and UC) applications using a new design based on IP security principles and implementing layered security controls as a cloud-deployable software platform is a natural fit for SDN. UM Labs maximise the benefits of SDN by taking advantage of the benefits that SDN offers to simplify deployment and by using SDN functions to ensure that other components in the network are configured to supplement the security for all real-time communication (VoIP and UC) applications. Page 8 of 9

9 Independent regulation authorities in Europe that direct service providers have stated clearly, security within the SDN paradigm is a challenge, as all layers, sub-layers and components need to communicate according to strict security policies. Some of the new challenges on protecting SDN relies on the main features of this paradigm: centralization, abstraction and programmability. Efforts and advances are being done in order to improve the trust between third party applications and the controller, a better cross domain connection, implementing correct isolation of traffic and resources and integrating and improving the compatibility of legacy protocols. UM-Labs design follows a bottom-up approach by estimating threats that exploit more traditional network components that will be extrapolated to assumed SDN/NFV levels. UM- Labs by design have implemented a rules based stack to work with SDN and the 7-layer OSi model, because of this, the design is not taking any one-layer design and hoping the virtualisation delivers an integrated approach. Page 9 of 9

GDPR Update and ENISA guidelines

GDPR Update and ENISA guidelines GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure

More information

Ingate SIParator /Firewall SIP Security for the Enterprise

Ingate SIParator /Firewall SIP Security for the Enterprise Ingate SIParator /Firewall SIP Security for the Enterprise Ingate Systems Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?... 3 3

More information

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points WHITE PAPER Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS Starting Points...1 The Four Essentials...2 The Business Case for SIP Trunks...3 To benefit from the latest

More information

White Paper. SIP Trunking: Deployment Considerations at the Network Edge

White Paper. SIP Trunking: Deployment Considerations at the Network Edge SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively recently,

More information

Preparing your network for the next wave of innovation

Preparing your network for the next wave of innovation Preparing your network for the next wave of innovation The future is exciting. Ready? 2 Executive brief For modern businesses, every day brings fresh challenges and opportunities. You must be able to adapt

More information

Security for SIP-based VoIP Communications Solutions

Security for SIP-based VoIP Communications Solutions Tomorrow Starts Today Security for SIP-based VoIP Communications Solutions Enterprises and small to medium-sized businesses (SMBs) are exposed to potentially debilitating cyber attacks and exploitation

More information

Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise

Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise Communications Transformations 2: Steps to Integrate SIP Trunk into the Enterprise The Changing Landscape IP-based unified communications is widely deployed in enterprise networks, both for internal calling

More information

Firewalls for Secure Unified Communications

Firewalls for Secure Unified Communications Firewalls for Secure Unified Communications Positioning Guide 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 12 Firewall protection for call control

More information

IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES

IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES Daitan White Paper IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES Highly Reliable Software Development Services http://www.daitangroup.com Daitan Group 2014 IMS, NFV

More information

Achieving End-to-End Security in the Internet of Things (IoT)

Achieving End-to-End Security in the Internet of Things (IoT) Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of

More information

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY One of the largest concerns of organisations is how to implement and introduce advanced security mechanisms to protect

More information

NGN: Carriers and Vendors Must Take Security Seriously

NGN: Carriers and Vendors Must Take Security Seriously Research Brief NGN: Carriers and Vendors Must Take Security Seriously Abstract: The next-generation network will need to provide security on many levels. A comprehensive set of standards should be in place

More information

Simple and Secure Micro-Segmentation for Internet of Things (IoT)

Simple and Secure Micro-Segmentation for Internet of Things (IoT) Solution Brief Simple and Secure Micro-Segmentation for Internet of Things (IoT) A hardened network architecture for securely connecting any device, anywhere in the world Tempered Networks believes you

More information

Mobile TeleSystems (MTS) Converges Fixed and Mobile Telephony

Mobile TeleSystems (MTS) Converges Fixed and Mobile Telephony Mobile TeleSystems (MTS) Converges Fixed and Mobile Telephony MTS creates new revenue opportunities with new services. EXECUTIVE SUMMARY Mobile TeleSystems (MTS) Industry: Telecommunications BUSINESS CHALLENGE

More information

THE BUSINESS CASE FOR SIP

THE BUSINESS CASE FOR SIP THE BUSINESS CASE FOR SIP TIMES, THEY ARE A CHANGIN Over the past few decades, cultural and technological trends have dramatically transformed the workplace. Today, flexible working is a way of life. Employees

More information

Networking for a smarter data center: Getting it right

Networking for a smarter data center: Getting it right IBM Global Technology Services October 2011 Networking for a smarter data center: Getting it right Planning the network needed for a dynamic infrastructure 2 Networking for a smarter data center: Getting

More information

What the BIG TELECOM companies don t want you to know.

What the BIG TELECOM companies don t want you to know. Whitepaper: The Economic Benefit of a Hosted Office Phone System TM What the BIG TELECOM companies don t want you to know. Freedom is Power What the BIG TELECOM companies don t want you to know. Abstract

More information

NFV and SDN what does it mean to enterprises?

NFV and SDN what does it mean to enterprises? OPINION NFV and SDN what does it mean to enterprises? By Clive Hamilton, VP Network Services, NTT Europe Rethinking the enterprise network The typical enterprise network now comprises hundreds or even

More information

Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide

Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide Application Note 3Com VCX Connect with SIP Trunking - Configuration Guide 28 May 2009 3Com VCX Connect Solution SIP Trunking Table of Contents 1 3COM VCX CONNECT AND INGATE... 1 1.1 SIP TRUNKING SUPPORT...

More information

Why Active Communications and Office 365?

Why Active Communications and Office 365? Why Active Communications and Office 365? Deploying Microsoft Lync Enterprise Voice with Office 365 has never been easier! The world of IT, telephony and communications is changing rapidly. The internet

More information

Cyber Security Audit & Roadmap Business Process and

Cyber Security Audit & Roadmap Business Process and Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,

More information

New Digital Business Models Driving the Softwarization of the Network

New Digital Business Models Driving the Softwarization of the Network New Digital Business Models Driving the Softwarization of the Network Marc Halbfinger January 2018 Here To Serve Headquartered in Hong Kong PCCW consolidated 2016 Revenue: US$4.9 billion HKT 2016 Revenue:

More information

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Top 6 WAF Essentials to Achieve Application Security Efficacy The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and

More information

Security

Security Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from

More information

The Windstream Enterprise Advantage for Banking

The Windstream Enterprise Advantage for Banking The Windstream Enterprise Advantage for Banking Creating trusted banking experiences with secure, cloud-optimized network and communications so you can focus on your customers. Customer centricity is a

More information

Enterprise D/DoS Mitigation Solution offering

Enterprise D/DoS Mitigation Solution offering Enterprise D/DoS Mitigation Solution offering About the Domain TCS Enterprise Security and Risk Management (ESRM) offers full services play in security with integrated security solutions. ESRM s solution

More information

WE SEE YOUR VOICE. SecureLogix We See Your Voice

WE SEE YOUR VOICE. SecureLogix We See Your Voice ETM SYSTEM WE SEE YOUR VOICE We know some important things about your enterprise things that you may not know yourself. We know that you are significantly overpaying for your corporate voice network and

More information

Verizon Software Defined Perimeter (SDP).

Verizon Software Defined Perimeter (SDP). Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.

More information

Modern IP Communication bears risks

Modern IP Communication bears risks Modern IP Communication bears risks How to protect your business telephony from cyber attacks Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure

More information

Vodafone keynote. How smart networks are changing the corporate WAN. Peter Terry Brown Director of Connectivity & UC.

Vodafone keynote. How smart networks are changing the corporate WAN. Peter Terry Brown Director of Connectivity & UC. How smart networks are changing the corporate WAN Vodafone keynote Peter Terry Brown Director of Connectivity & UC 17 October 2017 About Vodafone Enterprise Connectivity & UC IoT Cloud & Security Our vision:

More information

The security challenge in a mobile world

The security challenge in a mobile world The security challenge in a mobile world Contents Executive summary 2 Executive summary 3 Controlling devices and data from the cloud 4 Managing mobile devices - Overview - How it works with MDM - Scenario

More information

Technical Overview. Mitel MiCloud Telepo for Service Providers 4.0. Key Features

Technical Overview. Mitel MiCloud Telepo for Service Providers 4.0. Key Features Technical Overview Mitel MiCloud Telepo for Service Providers 4.0 Key Features For the enterprise market Enable service providers to offer advanced business communication A complete, open and pure software

More information

MITIGATE CYBER ATTACK RISK

MITIGATE CYBER ATTACK RISK SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations

More information

Net-Net Interactive Session Recorder - recording utility for session delivery networks

Net-Net Interactive Session Recorder - recording utility for session delivery networks Net-Net Interactive Session Recorder - recording utility for session delivery networks The need for recording is exploding, recording complexity is escalating Exploding need Compliance financial, legal,

More information

BUILDING the VIRtUAL enterprise

BUILDING the VIRtUAL enterprise BUILDING the VIRTUAL ENTERPRISE A Red Hat WHITEPAPER www.redhat.com As an IT shop or business owner, your ability to meet the fluctuating needs of your business while balancing changing priorities, schedules,

More information

Unified Communications Threat Management (UCTM) Secure Communications and Collaborations

Unified Communications Threat Management (UCTM) Secure Communications and Collaborations Secure Cloud Communication and Collaboration. Overview The emergence of IP Voice, Video, Unified Communication and Collaborations (UC&C) technology and applications are causing a fundamental shift in the

More information

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network 10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity

More information

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video The future of video is in the network We live in a world where more and more video is shifting to IP and mobile.

More information

SIP Trunking & Security. Dan York, CISSP VOIPSA Best Practices Chair

SIP Trunking & Security. Dan York, CISSP VOIPSA Best Practices Chair SIP Trunking & Security Dan York, CISSP VOIPSA Best Practices Chair September 2, 2009 Privacy Availability Compliance Confidence Mobility Cost Avoidance Business Continuity TDM security is relatively

More information

Networking for a dynamic infrastructure: getting it right.

Networking for a dynamic infrastructure: getting it right. IBM Global Technology Services Networking for a dynamic infrastructure: getting it right. A guide for realizing the full potential of virtualization June 2009 Executive summary June 2009 Networking for

More information

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe F5 comprehensive protection against application attacks Jakub Sumpich Territory Manager Eastern Europe j.sumpich@f5.com Evolving Security Threat Landscape cookie tampering Identity Extraction DNS Cache

More information

Can the Network be the New Cloud.

Can the Network be the New Cloud. PEOPLE. PLATFORMS. PARTNERS. PEERING. Can the Network be the New Cloud. MARK DALEY DIRECTOR, DIGITAL STRATEGY EPSILON 1 According to Aryaka's 2017 State of the WAN report, 50% of WAN traffic is now in

More information

Express Monitoring 2019

Express Monitoring 2019 Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities

More information

Next Generation Privilege Identity Management

Next Generation Privilege Identity Management White Paper Next Generation Privilege Identity Management Nowadays enterprise IT teams are focused on adopting and supporting newer devices, applications and platforms to address business needs and keep

More information

Never Drop a Call With TecInfo SIP Proxy White Paper

Never Drop a Call With TecInfo SIP Proxy White Paper Innovative Solutions. Trusted Performance. Intelligently Engineered. Never Drop a Call With TecInfo SIP Proxy White Paper TecInfo SD-WAN product - PowerLink - enables real time traffic like VoIP, video

More information

Cisco 5G Now! Product Announcements. February, 2018

Cisco 5G Now! Product Announcements. February, 2018 Cisco 5G Now! Product Announcements February, 2018 Mobile Cloud Services 2017 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Application Access (%) Displacing Legacy, Mobile

More information

FOR FINANCIAL SERVICES ORGANIZATIONS

FOR FINANCIAL SERVICES ORGANIZATIONS RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly

More information

Dynamic Network Segmentation

Dynamic Network Segmentation Dynamic Network Segmentation Innovative network security protection to stop cyber attacks and meet compliance. 1 Isolate and flexibly segment your networks Introduction As organizational structures and

More information

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their

More information

Why SIP? Time is running out for ISDN. Whitepaper from V1.04

Why SIP? Time is running out for ISDN. Whitepaper from V1.04 Why SIP? Time is running out for ISDN Whitepaper from V1.04 Introduction With less than 9 Years left for Legacy BT ISDN networks, its time to consider SIP for your business. BT is confirming plans to decommission

More information

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial

More information

CLOUD WORKLOAD SECURITY

CLOUD WORKLOAD SECURITY SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly

More information

Deploying Voice Workloads for Skype for Business Online and Server

Deploying Voice Workloads for Skype for Business Online and Server Course Code: M40409 Vendor: Microsoft Course Overview Duration: 5 RRP: POA Deploying Voice Workloads for Skype for Business Online and Server Overview This five-day instructor-led course teaches how to

More information

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION

More information

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP AN IPSWITCH WHITEPAPER The Definitive Guide to Secure FTP The Importance of File Transfer Are you concerned with the security of file transfer processes in your company? According to a survey of IT pros

More information

Accelerate Your Enterprise Private Cloud Initiative

Accelerate Your Enterprise Private Cloud Initiative Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service

More information

Development of IPX: Myth or Reality?

Development of IPX: Myth or Reality? Development of IPX: Myth or Reality? Patrick MeLampy -CTO/Founder Acme Packet Acme Packet 1 Agenda IPX Acme Packet Perspective IPX and LTE/VoLTE Acme Packet Acme Packet Page 2 IPX A Vendor Perspective

More information

Simplify IP Telephony with System i. IBM System i IP Telephony

Simplify IP Telephony with System i. IBM System i IP Telephony Simplify IP Telephony with System i IBM System i IP Telephony Highlights Deploy a complete IP telephony suite on one easy-to-manage system, or even part of a system, shared with other applications Integrate

More information

Security Assessment Checklist

Security Assessment Checklist Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment

More information

Build confidence in the cloud Best practice frameworks for cloud security

Build confidence in the cloud Best practice frameworks for cloud security Build confidence in the cloud Best practice frameworks for cloud security Cloud services are rapidly growing and becoming more of a focus for business. It s predicted that more than $1 trillion in IT spending

More information

CHALLENGES GOVERNANCE INTEGRATION SECURITY

CHALLENGES GOVERNANCE INTEGRATION SECURITY CLOUD SERVICES The adoption and migration to the cloud is rooted in the need for speed and flexibility in creating and managing services. These benefits are often impacted by the difficulty of enterprises

More information

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING WWW.HCLTECH.COM 21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING THE AGE OF DISRUPTION: THE AGE OF CYBER THREATS While the digital era has brought with it significant advances in technology, capabilities

More information

Simple and secure PCI DSS compliance

Simple and secure PCI DSS compliance Simple and secure PCI DSS compliance Get control over PCI audit scope while dramatically improving security posture Decrease IT CapEx and OpEx costs by 25% Reduce PCI compliance time by up to 30% Reduce

More information

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications Enabling and Securing Digital Business in Economy Protect s Serving Business Critical Applications 40 percent of the world s web applications will use an interface Most enterprises today rely on customers

More information

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network

More information

EXTENSIBLE WIDE AREA NETWORKING

EXTENSIBLE WIDE AREA NETWORKING EXTENSIBLE WIDE AREA NETWORKING Leverage Software Defined Networking to deliver flexible network services to branch offices @nuagenetworks Your clients and end users want instant access to their chosen

More information

Net-Net enterprise session border controller playbook

Net-Net enterprise session border controller playbook Net-Net enterprise session border controller playbook The leader in session delivery network solutions Why did we make this guide? To help you solidify your position as a trusted technology advisor to

More information

Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model

Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model 1. Description of Services. 1.1 SIP SBC with Field Trial Endpoint Deployment Verizon will assist

More information

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE The demand for cloud infrastructure is rapidly increasing, the world of information is becoming application and

More information

SDN and NFV as expressions of a systemic trend «integrating» Cloud, Networks and Terminals

SDN and NFV as expressions of a systemic trend «integrating» Cloud, Networks and Terminals SDN and NFV as expressions of a systemic trend «integrating» Cloud, Networks and Terminals Antonio Manzalini, Chair of the IEEE SDN initiative Bobby Wong, Program Director SDN-NFV Standardization Committee

More information

Deploying Voice Workloads for Skype for Business Online and Server 2015

Deploying Voice Workloads for Skype for Business Online and Server 2015 Deploying Voice Workloads for Skype for Business Online and Server 2015 40409; 5 Days, Instructor-led Course Description This five-day instructor-led course teaches how to design, plan, and deploy the

More information

Security by Default: Enabling Transformation Through Cyber Resilience

Security by Default: Enabling Transformation Through Cyber Resilience Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,

More information

Delivering the Full Potential of SIP

Delivering the Full Potential of SIP Delivering the Full Potential of SIP Todd A. Abbott Sonus, EVP Strategy & Go-to-Market UC Summit April 29, 2013 sonus.net Entering into the Age of the Customer Sources of Dominance AGE OF MANUFACTURING

More information

5 common concerns about moving to SIP...

5 common concerns about moving to SIP... 5 common concerns about moving to SIP... 5 common concerns about moving to SIP... When first considering a new technology for your business, there are any number of variables you need to consider. SIP

More information

DIMETRA X CORE DATA SHEET DIMETRA X CORE

DIMETRA X CORE DATA SHEET DIMETRA X CORE DIMETRA X CORE FOR GOVERNMENT ORGANISATIONS, PUBLIC SAFETY AGENCIES AND LARGE ENTERPRISES, MOBILE BROADBAND IS ON THE WAY. AND WHILE YOU DON T KNOW WHEN THAT CHANGE IS COMING YOU CAN BE READY FOR IT WITH

More information

Innovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief

Innovative Solutions. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Solutions. Technology Brief Innovative. Trusted Performance. Intelligently Engineered. Comparison of SD WAN Technology Brief Comparison of SD WAN SD-WAN Overview By the end of 2019, 30% of enterprises will use SD-WAN products in

More information

The office for the anywhere worker!!! Your LCB SOFTPHONE: A powerful new take on the all-in-one for a more immersive experience.

The office for the anywhere worker!!! Your LCB SOFTPHONE: A powerful new take on the all-in-one for a more immersive experience. The office for the anywhere worker!!! Your LCB SOFTPHONE: A powerful new take on the all-in-one for a more immersive experience. LCB SOFTPHONE FOR SALESFORCE Combine real-time communications and tracking

More information

Chapter 5. Security Components and Considerations.

Chapter 5. Security Components and Considerations. Chapter 5. Security Components and Considerations. Technology Brief Virtualization and Cloud Security Virtualization concept is taking major portion in current Data Center environments in order to reduce

More information

How to Create, Deploy, & Operate Secure IoT Applications

How to Create, Deploy, & Operate Secure IoT Applications How to Create, Deploy, & Operate Secure IoT Applications TELIT WHITEPAPER INTRODUCTION As IoT deployments accelerate, an area of growing concern is security. The likelihood of billions of additional connections

More information

6 KEY SECURITY REQUIREMENTS

6 KEY SECURITY REQUIREMENTS KEY SECURITY REQUIREMENTS for Next Generation Mobile Networks A Prevention-Oriented Approach to in Evolving Mobile Network Ecosystems A Prevention-Oriented Approach to in Evolving Mobile Network Ecosystems

More information

Continuously Discover and Eliminate Security Risk in Production Apps

Continuously Discover and Eliminate Security Risk in Production Apps White Paper Security Continuously Discover and Eliminate Security Risk in Production Apps Table of Contents page Continuously Discover and Eliminate Security Risk in Production Apps... 1 Continuous Application

More information

Systems Engineering for Software-Defined Network Virtualisation. John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra

Systems Engineering for Software-Defined Network Virtualisation. John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra Systems Engineering for Software-Defined Network Virtualisation John Risson, Solutions Engineering Manager IP and Transport Engineering, Telstra Agenda Motivation Case Studies Opportunities and Challenges

More information

Delivering Complex Enterprise Applications via Hybrid Clouds

Delivering Complex Enterprise Applications via Hybrid Clouds Whitepaper Delivering Complex Enterprise Applications via Hybrid Clouds As enterprises and industries shake off the effects of the last recession, the focus of IT organizations has shifted from one marked

More information

HOSTED VOIP Your guide to next-generation telephony

HOSTED VOIP Your guide to next-generation telephony HOSTED VOIP Your guide to next-generation telephony Introduction Voice over Internet Protocol (VoIP) is the technology that allows us to make telephone calls using the internet. Also known as IP Telephony,

More information

Reducing Skype for Business Costs via Proactive Management Using management tools cuts SfB operational costs by more than half

Reducing Skype for Business Costs via Proactive Management Using management tools cuts SfB operational costs by more than half Fall fssdfd 2Q 17 Reducing Skype for Business Costs via Proactive Management Using management tools cuts SfB operational costs by more than half Skype for Business (SfB) implementations are on the rise,

More information

Application Note. Microsoft OCS 2007 Configuration Guide

Application Note. Microsoft OCS 2007 Configuration Guide Application Note Microsoft OCS 2007 Configuration Guide 15 October 2009 Microsoft OCS 2007 Configuration Guide Table of Contents 1 MICROSOFT OCS 2007 AND INGATE... 1 1.1 SIP TRUNKING SUPPORT... 2 2 INGATE

More information

NETWORKING 3.0. Network Only Provably Cryptographically Identifiable Devices INSTANT OVERLAY NETWORKING. Remarkably Simple

NETWORKING 3.0. Network Only Provably Cryptographically Identifiable Devices INSTANT OVERLAY NETWORKING. Remarkably Simple NETWORKING 3.0 Network Only Provably Cryptographically Identifiable Devices INSTANT OVERLAY NETWORKING Highly Available Remarkably Simple Radically Secure IP complexity is holding your business back As

More information

Patton Electronics Co Rickenbacker Drive, Gaithersburg, MD 20879, USA tel: fax:

Patton Electronics Co Rickenbacker Drive, Gaithersburg, MD 20879, USA tel: fax: Patton Electronics Co. www.patton.com 7622 Rickenbacker Drive, Gaithersburg, MD 20879, USA tel: +1 301-975-1000 fax: +1 301-869-9293 2012 Inalp Networks AG, Niederwangen, Switzerland All Rights Reserved.

More information

10 Reasons to Choose AudioCodes Enterprise SBC

10 Reasons to Choose AudioCodes Enterprise SBC 10 Reasons to Choose AudioCodes Enterprise SBC Introduction The use of Enterprise Session Border Controllers (SBC) has become mainstream due to the adoption of SIP, according to a March 2016 IHS Research

More information

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice

More information

SESSION BORDER CONTROLLERS

SESSION BORDER CONTROLLERS SESSION BORDER CONTROLLERS Architected for distributed signaling & media Integrated, co-located and distributed options Flexible hardware/software deployment models Designed to sustain high SIP message

More information

ESSENTIAL RECIPES FOR THE DIGITAL JOURNEY OF ENTERPRISES

ESSENTIAL RECIPES FOR THE DIGITAL JOURNEY OF ENTERPRISES DIRK KRAFZIG MANAS DEB MARTIN FRICK DIGITAL COOKBOOK ESSENTIAL RECIPES FOR THE DIGITAL JOURNEY OF ENTERPRISES For more details visit: https://digital-cookbook.com/ GRAPHIC DESIGN BY KNUT JUNKER AND DIETMAR

More information

Secure Telephony Enabled Middle-box (STEM)

Secure Telephony Enabled Middle-box (STEM) Report on Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen 04/14/2003 Dr. Mark Stamp - SJSU - CS 265 - Spring 2003 Table of Content 1. Introduction 1 2. IP Telephony Overview.. 1 2.1 Major Components

More information

The Telephony Denial of Service (TDoS) Threat

The Telephony Denial of Service (TDoS) Threat The Telephony Denial of Service (TDoS) Threat An Analysis of the TDoS Threat in Voice Network Security A Whitepaper From SecureLogix Corporation Telephony Denial-of-Service (TDoS) and The Public Voice

More information

SBC Site Survey Questionnaire Forms

SBC Site Survey Questionnaire Forms SBC Site Survey Questionnaire Forms For Design and Deployment of AudioCodes Mediant SBC Product Line This document is intended for the persons responsible for the design and deployment of AudioCodes SBC

More information

Cisco Webex Cloud Connected Audio

Cisco Webex Cloud Connected Audio White Paper Cisco Webex Cloud Connected Audio Take full advantage of your existing IP telephony infrastructure to help enable a Webex integrated conferencing experience Introduction Cisco Webex Cloud Connected

More information

Unified Communications Networks Security and Platforms

Unified Communications Networks Security and Platforms Unified Communications Networks Security and Platforms About Program Who May Apply? Learning Environment Program Overview Program Architecture Partnership with Industry Index Who is Who? 2 Index Introduction

More information

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization May 2014 Prepared by: Zeus Kerravala The Top Five Reasons to Deploy Software-Defined Networks and Network Functions

More information

8 Must Have. Features for Risk-Based Vulnerability Management and More

8 Must Have. Features for Risk-Based Vulnerability Management and More 8 Must Have Features for Risk-Based Vulnerability Management and More Introduction Historically, vulnerability management (VM) has been defined as the practice of identifying security vulnerabilities in

More information

About Your SIP Service Solution

About Your SIP Service Solution whitepaper 5 Key Questions to Ask About Your SIP Service Solution By Gaetan Brichet, COO, Voxbone Voxbone US LLC - San Francisco Office 535 Voxbone Mission US St San 535 Mission Francisco, St CA San 94105

More information